From 8177d1f9328b8cc3da95bfe195cb22183196c963 Mon Sep 17 00:00:00 2001 From: nikhilmulinti-egov Date: Wed, 24 Jan 2024 14:05:21 +0530 Subject: [PATCH 01/76] Delete unused files and directories --- CODEOWNERS | 29 - LICENSE | 202 + README.md | 26 + .../airflow => charts/common}/.helmignore | 0 .../helm/charts => charts}/common/Chart.yaml | 10 +- .../helm/charts => charts}/common/README.md | 0 .../common/templates/_cronjob.yaml | 10 +- charts/common/templates/_deployment.yaml | 52 + charts/common/templates/_helpers.tpl | 46 + charts/common/templates/_ingress.yaml | 21 + charts/common/templates/_service.yaml | 15 + .../common/templates/_servicemonitor.yaml | 0 .../common/templates/_statefulset.yaml | 0 .../common/templates/_vpa.yaml | 2 +- .../helm/charts => charts}/common/values.yaml | 555 +- charts/core-services/Chart.yaml | 18 + .../core-services/audit-service/Chart.yaml | 10 +- .../audit-service/templates/deployment.yaml | 43 + .../audit-service/templates/ingress.yaml | 19 + .../audit-service/templates/service.yaml | 13 + .../core-services/audit-service/values.yaml | 44 +- .../core-services/chatbot-service}/Chart.yaml | 10 +- .../chatbot-service/templates/deployment.yaml | 43 + .../chatbot-service/templates/ingress.yaml | 19 + .../chatbot-service/templates/service.yaml | 13 + .../core-services/chatbot-service/values.yaml | 61 + .../egov-accesscontrol/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-accesscontrol/values.yaml | 0 charts/core-services/values.yaml | 165 + ci-as-code | 1 - deploy-as-code/README.md | 62 - deploy-as-code/egov-deployer/Dockerfile | 41 - deploy-as-code/egov-deployer/cmd/deploy.go | 74 - deploy-as-code/egov-deployer/cmd/root.go | 89 - deploy-as-code/egov-deployer/digit_setup.go | 299 - deploy-as-code/egov-deployer/go.mod | 13 - deploy-as-code/egov-deployer/go.sum | 180 - .../egov-deployer/internal/README.md | 14 - .../internal/app/_your_app_/.keep | 0 .../internal/pkg/_your_private_lib_/.keep | 0 deploy-as-code/egov-deployer/main.go | 22 - deploy-as-code/egov-deployer/pkg/README.md | 58 - .../pkg/cmd/deployer/deployer.go | 365 -- .../egov-deployer/pkg/cmd/deployer/options.go | 11 - deploy-as-code/helm/.sops.yaml | 181 - .../accelerators/pgr-ai-chatbot/Chart.yaml | 26 - .../accelerators/pgr-ai-chatbot/values.yaml | 44 - .../backbone-services/airflow/CHANGELOG.md | 684 -- .../backbone-services/airflow/CONTRIBUTING.md | 90 - .../backbone-services/airflow/Chart.yaml | 19 - .../backbone-services/airflow/README.md | 2134 ------ .../backbone-services/airflow/UPGRADE.md | 1 - .../files/pod_template.kubernetes-helm-yaml | 87 - .../airflow/files/webserver_config.py | 10 - .../airflow/templates/NOTES.txt | 213 - .../airflow/templates/_helpers/common.tpl | 147 - .../airflow/templates/_helpers/pods.tpl | 532 -- .../templates/_helpers/validate-values.tpl | 181 - .../config/configmap-pod-template.yaml | 16 - .../templates/config/secret-config-envs.yaml | 198 - .../templates/config/secret-known-hosts.yaml | 11 - .../config/secret-local-settings.yaml | 11 - .../config/secret-webserver-config.yaml | 15 - .../templates/db-migrations/_helpers/code.tpl | 136 - .../db-migrations-deployment.yaml | 112 - .../db-migrations/db-migrations-job.yaml | 103 - .../db-migrations/db-migrations-secret.yaml | 12 - .../airflow/templates/extra-manifests.yaml | 9 - .../templates/flower/flower-deployment.yaml | 159 - .../flower/flower-ingress-v1beta1.yaml | 49 - .../templates/flower/flower-ingress.yaml | 66 - .../airflow/templates/flower/flower-pdb.yaml | 21 - .../templates/flower/flower-service.yaml | 36 - .../pgbouncer/_helpers/pgbouncer.tpl | 77 - .../pgbouncer/pgbouncer-deployment.yaml | 211 - .../templates/pgbouncer/pgbouncer-pdb.yaml | 21 - .../pgbouncer/pgbouncer-secret-certs.yaml | 19 - .../templates/pgbouncer/pgbouncer-secret.yaml | 13 - .../pgbouncer/pgbouncer-service.yaml | 19 - .../airflow/templates/pvc-dags.yaml | 21 - .../airflow/templates/pvc-logs.yaml | 21 - .../airflow/templates/rbac/airflow-role.yaml | 44 - .../templates/rbac/airflow-rolebinding.yaml | 17 - .../rbac/airflow-serviceaccount.yaml | 13 - .../templates/redis/redis-configmap.yaml | 96 - .../airflow/templates/redis/redis-master.yaml | 107 - .../airflow/templates/redis/redis-secret.yaml | 10 - .../templates/redis/redis-service.yaml | 32 - .../scheduler/scheduler-deployment.yaml | 214 - .../templates/scheduler/scheduler-pdb.yaml | 21 - .../templates/sync/_helpers/global_code.tpl | 130 - .../sync/_helpers/sync_connections.tpl | 219 - .../templates/sync/_helpers/sync_pools.tpl | 134 - .../templates/sync/_helpers/sync_users.tpl | 229 - .../sync/_helpers/sync_variables.tpl | 129 - .../sync/sync-connections-deployment.yaml | 143 - .../templates/sync/sync-connections-job.yaml | 134 - .../sync/sync-connections-secret.yaml | 12 - .../templates/sync/sync-pools-deployment.yaml | 113 - .../templates/sync/sync-pools-job.yaml | 104 - .../templates/sync/sync-pools-secret.yaml | 12 - .../templates/sync/sync-users-deployment.yaml | 143 - .../templates/sync/sync-users-job.yaml | 137 - .../templates/sync/sync-users-secret.yaml | 12 - .../sync/sync-variables-deployment.yaml | 143 - .../templates/sync/sync-variables-job.yaml | 134 - .../templates/sync/sync-variables-secret.yaml | 12 - .../triggerer/triggerer-deployment.yaml | 154 - .../templates/triggerer/triggerer-pdb.yaml | 24 - .../webserver/webserver-deployment.yaml | 151 - .../webserver/webserver-ingress-v1beta1.yaml | 49 - .../webserver/webserver-ingress.yaml | 67 - .../templates/webserver/webserver-pdb.yaml | 21 - .../webserver/webserver-prometheus-rule.yaml | 16 - .../webserver/webserver-service-monitor.yaml | 22 - .../webserver/webserver-service.yaml | 39 - .../airflow/templates/worker/worker-hpa.yaml | 19 - .../airflow/templates/worker/worker-pdb.yaml | 21 - .../templates/worker/worker-service.yaml | 20 - .../templates/worker/worker-statefulset.yaml | 181 - .../backbone-services/airflow/values.yaml | 2172 ------ .../cert-manager/.helmignore | 22 - .../backbone-services/cert-manager/Chart.yaml | 21 - .../cert-manager/crds/cert-manager-crds.yaml | 1426 ---- .../cert-manager/templates/_helpers.tpl | 8 - .../cert-manager/templates/clusterissuer.yaml | 37 - .../cert-manager/templates/clusterrole.yaml | 204 - .../templates/clusterrolebinding.yaml | 104 - .../cert-manager/templates/deployment.yaml | 35 - .../templates/serviceaccount.yaml | 9 - .../cert-manager/values.yaml | 65 - .../cluster-autoscaler/.helmignore | 21 - .../cluster-autoscaler/Chart.yaml | 11 - .../cluster-autoscaler/OWNERS | 4 - .../cluster-autoscaler/README.md | 332 - .../cluster-autoscaler/requirements.lock | 6 - .../cluster-autoscaler/templates/_helpers.tpl | 55 - .../templates/clusterrole.yaml | 147 - .../templates/clusterrolebinding.yaml | 16 - .../templates/deployment.yaml | 214 - .../cluster-autoscaler/templates/pdb.yaml | 14 - .../templates/podsecuritypolicy.yaml | 46 - .../priority-expander-configmap.yaml | 13 - .../cluster-autoscaler/templates/role.yaml | 25 - .../templates/rolebinding.yaml | 16 - .../cluster-autoscaler/templates/secret.yaml | 21 - .../cluster-autoscaler/templates/service.yaml | 2 - .../templates/serviceaccount.yaml | 11 - .../templates/servicemonitor.yaml | 24 - .../cluster-autoscaler/values.yaml | 214 - .../cost-analyzer/Chart.yaml | 11 - .../backbone-services/cost-analyzer/README.md | 68 - .../cost-analyzer/attached-disks.json | 444 -- .../cost-analyzer/cluster-metrics.json | 1682 ----- .../cost-analyzer/cluster-utilization.json | 3196 --------- .../cost-analyzer/deployment-utilization.json | 1386 ---- .../cost-analyzer/label-cost-utilization.json | 1145 ---- .../cost-analyzer/namespace-utilization.json | 1175 ---- .../cost-analyzer/node-utilization.json | 1389 ---- .../cost-analyzer/pod-utilization.json | 950 --- .../cost-analyzer/prom-benchmark.json | 5689 ---------------- .../cost-analyzer/templates/NOTES.txt | 19 - .../cost-analyzer/templates/_helpers.tpl | 238 - .../templates/aws-service-key-secret.yaml | 19 - .../awsstore-deployment-template.yaml | 31 - .../awsstore-service-account-template.yaml | 14 - .../templates/azure-service-key-secret.yaml | 23 - .../azure-storage-config-secret.yaml | 25 - .../cost-analyzer-alerts-configmap.yaml | 10 - ...cost-analyzer-asset-reports-configmap.yaml | 13 - ...nalyzer-cluster-role-binding-template.yaml | 36 - ...alyzer-cluster-role-template-readonly.yaml | 26 - .../cost-analyzer-cluster-role-template.yaml | 118 - .../cost-analyzer-config-map-template.yaml | 33 - .../cost-analyzer-db-pvc-template.yaml | 29 - .../cost-analyzer-deployment-template.yaml | 984 --- ...nalyzer-federator-config-map-template.yaml | 13 - ...analyzer-frontend-config-map-template.yaml | 287 - .../cost-analyzer-ingress-template.yaml | 62 - ...-analyzer-metrics-config-map-template.yaml | 12 - ...zer-network-costs-config-map-template.yaml | 15 - ...zer-network-costs-podmonitor-template.yaml | 31 - ...alyzer-network-costs-service-template.yaml | 31 - .../cost-analyzer-network-costs-template.yaml | 120 - ...cost-analyzer-network-policy-template.yaml | 47 - .../cost-analyzer-network-policy.yaml | 50 - ...ost-analyzer-oidc-config-map-template.yaml | 22 - .../cost-analyzer-pkey-configmap.yaml | 16 - .../cost-analyzer-pricing-configmap.yaml | 137 - ...rometheus-postgres-adapter-deployment.yaml | 57 - ...r-prometheus-postgres-adapter-service.yaml | 20 - ...cost-analyzer-prometheusrule-template.yaml | 21 - .../cost-analyzer-psp-role.template.yaml | 21 - ...ost-analyzer-psp-rolebinding.template.yaml | 19 - .../templates/cost-analyzer-psp.template.yaml | 22 - .../templates/cost-analyzer-pvc-template.yaml | 26 - ...ost-analyzer-saml-config-map-template.yaml | 13 - ...cost-analyzer-saved-reports-configmap.yaml | 12 - .../cost-analyzer-server-configmap.yaml | 72 - ...ost-analyzer-service-account-template.yaml | 13 - .../cost-analyzer-service-template.yaml | 69 - ...cost-analyzer-servicemonitor-template.yaml | 27 - .../external-grafana-config-map-template.yaml | 10 - ...rafana-attached-disk-metrics-template.yaml | 25 - ...na-dashboard-cluster-metrics-template.yaml | 29 - ...ashboard-cluster-utilization-template.yaml | 27 - ...board-deployment-utilization-template.yaml | 27 - ...board-label-cost-utilization-template.yaml | 27 - ...hboard-namespace-utilization-template.yaml | 27 - ...a-dashboard-node-utilization-template.yaml | 27 - ...na-dashboard-pod-utilization-template.yaml | 27 - ...dashboard-prometheus-metrics-template.yaml | 27 - .../grafana-datasource-template.yaml | 56 - .../kubecost-agent-secret-template.yaml | 11 - .../kubecost-cluster-controller-template.yaml | 301 - ...st-cluster-manager-configmap-template.yaml | 13 - .../kubecost-metrics-deployment-template.yaml | 280 - ...cost-metrics-service-monitor-template.yaml | 34 - .../kubecost-metrics-service-template.yaml | 32 - .../kubecost-oidc-secret-template.yaml | 15 - .../kubecost-priority-class-template.yaml | 15 - .../templates/network-costs-psp.template.yaml | 38 - .../network-costs-role.template.yaml | 24 - .../network-costs-rolebinding.template.yaml | 22 - ...network-costs-servicemonitor-template.yaml | 25 - .../cost-analyzer/values-agent.yaml | 82 - .../cost-analyzer/values-amp.yaml | 20 - .../values-eks-cost-monitoring.yaml | 181 - .../cost-analyzer/values-thanos.yaml | 144 - .../values-windows-node-affinity.yaml | 50 - .../cost-analyzer/values.yaml | 869 --- .../charts/backbone-services/efs/Chart.yaml | 21 - .../efs/templates/_helpers.tpl | 8 - .../efs/templates/clusterrole.yaml | 17 - .../efs/templates/clusterrolebinding.yaml | 12 - .../efs/templates/deployment.yaml | 36 - .../backbone-services/efs/templates/role.yaml | 9 - .../efs/templates/rolebinding.yaml | 13 - .../efs/templates/service-account.yaml | 5 - .../efs/templates/storage-class.yaml | 7 - .../charts/backbone-services/efs/values.yaml | 5 - .../elasticsearch/Chart.yaml | 5 - .../elasticsearch-data-infra-v1-values.yaml | 301 - .../elasticsearch-data-v1-values.yaml | 286 - .../elasticsearch-master-infra-v1-values.yaml | 284 - .../elasticsearch-master-v1-values.yaml | 284 - .../elasticsearch/templates/_helpers.tpl | 61 - .../templates/headless-service.yaml | 27 - .../templates/persistentvolume.yaml | 55 - .../templates/poddisruptionbudget.yaml | 12 - .../elasticsearch/templates/service.yaml | 30 - .../elasticsearch/templates/statefulset.yaml | 398 -- .../backbone-services/es-curator/Chart.yaml | 26 - .../es-curator/es-curator-infra-values.yaml | 59 - .../es-curator/templates/_helpers.tpl | 8 - .../es-curator/templates/configmap.yaml | 81 - .../es-curator/templates/cronjob.yaml | 2 - .../backbone-services/fluent-bit/Chart.yaml | 21 - .../fluent-bit/templates/_helpers.tpl | 8 - .../fluent-bit/templates/clusterrole.yaml | 10 - .../templates/clusterrolebinding.yaml | 12 - .../fluent-bit/templates/configmap.yaml | 133 - .../fluent-bit/templates/daemonset.yaml | 53 - .../fluent-bit/templates/serviceaccount.yaml | 5 - .../backbone-services/fluent-bit/values.yaml | 8 - .../backbone-services/goldilocks/.helmignore | 23 - .../backbone-services/goldilocks/Chart.yaml | 19 - .../backbone-services/goldilocks/README.md | 91 - .../goldilocks/README.md.gotmpl | 44 - .../goldilocks/templates/_helpers.tpl | 18 - .../templates/controller-clusterrole.yaml | 38 - .../controller-clusterrolebinding.yaml | 18 - .../templates/controller-deployment.yaml | 63 - .../templates/controller-serviceaccount.yaml | 11 - .../templates/dashboard-clusterrole.yaml | 32 - .../dashboard-clusterrolebinding.yaml | 18 - .../templates/dashboard-deployment.yaml | 73 - .../templates/dashboard-ingress.yaml | 28 - .../templates/dashboard-service.yaml | 25 - .../templates/dashboard-serviceaccount.yaml | 11 - .../templates/vpa-uninstall-hook.yaml | 67 - .../backbone-services/goldilocks/values.yaml | 142 - .../backbone-services/grafana/Chart.yaml | 26 - .../grafana/templates/configmap.yaml | 33 - .../grafana/templates/deployment.yaml | 2 - .../grafana/templates/ingress.yaml | 2 - .../grafana/templates/service.yaml | 2 - .../backbone-services/grafana/values.yaml | 113 - .../backbone-services/jaeger/Chart.yaml | 26 - .../jaeger/templates/_helpers.tpl | 58 - .../jaeger/templates/agent-ds.yaml | 137 - .../jaeger/templates/agent-svc.yaml | 40 - .../jaeger/templates/collector-configmap.yaml | 14 - .../jaeger/templates/collector-deploy.yaml | 163 - .../jaeger/templates/collector-hpa.yaml | 28 - .../jaeger/templates/collector-svc.yaml | 46 - .../jaeger/templates/query-configmap.yaml | 13 - .../jaeger/templates/query-deploy.yaml | 202 - .../jaeger/templates/query-ing.yaml | 2 - .../jaeger/templates/query-svc.yaml | 31 - .../jaeger/templates/spark-cronjob.yaml | 102 - .../backbone-services/jaeger/values.yaml | 393 -- .../backbone-services/jenkins/.helmignore | 22 - .../backbone-services/jenkins/CHANGELOG.md | 1627 ----- .../backbone-services/jenkins/Chart.yaml | 27 - .../charts/backbone-services/jenkins/OWNERS | 14 - .../backbone-services/jenkins/README.md | 714 -- .../jenkins/templates/NOTES.txt | 64 - .../jenkins/templates/_helpers.tpl | 398 -- .../jenkins/templates/config.yaml | 292 - .../jenkins/templates/deprecation.yaml | 356 - .../jenkins/templates/home-pv.yaml | 52 - .../jenkins/templates/home-pvc.yaml | 28 - .../jenkins/templates/jcasc-config.yaml | 31 - .../jenkins/templates/jenkins-agent-svc.yaml | 27 - .../templates/jenkins-backup-cronjob.yaml | 112 - .../templates/jenkins-backup-rbac.yaml | 40 - .../jenkins-master-alerting-rules.yaml | 16 - .../jenkins-master-backendconfig.yaml | 18 - .../templates/jenkins-master-deployment.yaml | 395 -- .../templates/jenkins-master-ingress.yaml | 36 - .../jenkins-master-networkpolicy.yaml | 61 - .../templates/jenkins-master-route.yaml | 28 - .../jenkins-master-servicemonitor.yaml | 30 - .../jenkins/templates/jenkins-master-svc.yaml | 42 - .../jenkins/templates/jobs.yaml | 11 - .../jenkins/templates/rbac.yaml | 113 - .../jenkins/templates/secret-https-jks.yaml | 18 - .../jenkins/templates/secret.yaml | 18 - .../templates/service-account-agent.yaml | 13 - .../jenkins/templates/service-account.yaml | 13 - .../backbone-services/jenkins/values.yaml | 1329 ---- .../kafka-connect-restart-tasks/Chart.yaml | 26 - .../templates/cronjob.yaml | 2 - .../kafka-connect-restart-tasks/values.yaml | 23 - .../kafka-connect/Chart.yaml | 26 - .../kafka-connect-infra-values.yaml | 65 - .../kafka-connect/templates/deployment.yaml | 2 - .../kafka-connect/templates/service.yaml | 2 - .../kafka-connect/values.yaml | 66 - .../backbone-services/kafka-v2/Chart.yaml | 5 - .../kafka-v2/kafka-v2-infra-values.yaml | 121 - .../kafka-v2/templates/_helpers.tpl | 44 - .../kafka-v2/templates/headless-service.yaml | 18 - .../kafka-v2/templates/jmx-configmap.yaml | 44 - .../kafka-v2/templates/persistentvolume.yaml | 55 - .../kafka-v2/templates/service.yaml | 17 - .../kafka-v2/templates/statefulset.yaml | 165 - .../backbone-services/kafka-v2/values.yaml | 121 - .../templates/cronjob.yaml | 2 - .../templates/persistentvolume.yaml | 15 - .../templates/persistentvolumeclaim.yaml | 16 - .../kaniko-cache-warmer/values.yaml | 31 - .../backbone-services/kibana-v1/Chart.yaml | 26 - .../kibana-v1/kibana-infra-v1-values.yaml | 38 - .../kibana-v1/templates/deployment.yaml | 2 - .../kibana-v1/templates/ingress.yaml | 2 - .../kibana-v1/templates/service.yaml | 2 - .../backbone-services/kibana-v1/values.yaml | 38 - .../kube-state-metrics/.helmignore | 21 - .../kube-state-metrics/Chart.yaml | 20 - .../kube-state-metrics/OWNERS | 8 - .../kube-state-metrics/README.md | 79 - .../kube-state-metrics/templates/NOTES.txt | 10 - .../kube-state-metrics/templates/_helpers.tpl | 39 - .../templates/clusterrole.yaml | 177 - .../templates/clusterrolebinding.yaml | 16 - .../templates/deployment.yaml | 187 - .../kube-state-metrics/templates/pdb.yaml | 14 - .../templates/podsecuritypolicy.yaml | 39 - .../templates/psp-clusterrole.yaml | 19 - .../templates/psp-clusterrolebinding.yaml | 16 - .../kube-state-metrics/templates/service.yaml | 32 - .../templates/serviceaccount.yaml | 11 - .../templates/servicemonitor.yaml | 21 - .../templates/stsdiscovery-role.yaml | 24 - .../templates/stsdiscovery-rolebinding.yaml | 17 - .../kube-state-metrics/values.yaml | 148 - .../backbone-services/kuberhealthy/Chart.yaml | 32 - .../backbone-services/kuberhealthy/NOTES.txt | 24 - .../backbone-services/kuberhealthy/README.md | 74 - .../kuberhealthy/crds/khcheck.yaml | 15 - .../kuberhealthy/crds/khstate.yaml | 15 - .../kuberhealthy/templates/_helpers.tpl | 19 - .../kuberhealthy/templates/check-reaper.yaml | 47 - .../kuberhealthy/templates/clusterrole.yaml | 80 - .../templates/clusterrolebinding.yaml | 26 - .../kuberhealthy/templates/configmap.yaml | 37 - .../kuberhealthy/templates/deployment.yaml | 97 - .../templates/khcheck-daemonset.yaml | 85 - .../templates/khcheck-db-connections.yaml | 43 - .../khcheck-db-es-collections-sync.yaml | 50 - .../templates/khcheck-db-es-pgr-sync.yaml | 50 - .../templates/khcheck-db-es-pt-sync.yaml | 50 - .../templates/khcheck-db-es-tl-sync.yaml | 50 - .../kuberhealthy/templates/khcheck-db.yaml | 41 - .../templates/khcheck-deployment.yaml | 101 - .../kuberhealthy/templates/khcheck-dns.yaml | 37 - .../kuberhealthy/templates/khcheck-kafka.yaml | 41 - .../templates/khcheck-pod-restarts.yaml | 40 - .../templates/khcheck-pod-status.yaml | 39 - .../templates/poddisruptionbudget.yaml | 16 - .../kuberhealthy/templates/service.yaml | 32 - .../templates/serviceaccount.yaml | 11 - .../templates/servicemonitor.yaml | 29 - .../kuberhealthy/values.yaml | 143 - .../backbone-services/metabase/.helmignore | 21 - .../backbone-services/metabase/Chart.yaml | 7 - .../backbone-services/metabase/README.md | 136 - .../metabase/templates/_helpers.tpl | 26 - .../metabase/templates/config.yaml | 12 - .../metabase/templates/database-secret.yaml | 23 - .../metabase/templates/deployment.yaml | 168 - .../metabase/templates/ingress.yaml | 27 - .../metabase/templates/service.yaml | 27 - .../metabase/templates/ssl-secret.yaml | 13 - .../backbone-services/metabase/values.yaml | 143 - .../metrics-server/.helmignore | 22 - .../metrics-server/Chart.yaml | 11 - .../metrics-server/README.md | 51 - .../metrics-server/ci/ci-values.yaml | 5 - .../metrics-server/templates/_helpers.tpl | 22 - ...ggregated-metrics-reader-cluster-role.yaml | 16 - .../templates/auth-delegator-crb.yaml | 17 - .../templates/cluster-role.yaml | 32 - .../templates/metric-server-service.yaml | 22 - .../templates/metrics-api-service.yaml | 18 - .../templates/metrics-server-crb.yaml | 19 - .../templates/metrics-server-deployment.yaml | 84 - .../metrics-server-serviceaccount.yaml | 10 - .../metrics-server/templates/pdb.yaml | 20 - .../metrics-server/templates/psp.yaml | 26 - .../templates/role-binding.yaml | 18 - .../metrics-server/values.yaml | 115 - .../backbone-services/minio/.helmignore | 21 - .../charts/backbone-services/minio/Chart.yaml | 15 - .../minio/templates/_helpers.tpl | 116 - .../templates/deployment-standalone.yaml | 147 - .../minio/templates/ingress.yaml | 2 - .../minio/templates/persistentvolume.yaml | 57 - .../minio/templates/pv-standalone.yaml | 51 - .../minio/templates/pvc-standalone.yaml | 21 - .../minio/templates/service.yaml | 23 - .../minio/templates/statefulset.yaml | 171 - .../minio/templates/svc-headless.yaml | 18 - .../backbone-services/minio/values.yaml | 395 -- .../nginx-errors/.helmignore | 23 - .../backbone-services/nginx-errors/Chart.yaml | 6 - .../nginx-errors/templates/NOTES.txt | 21 - .../nginx-errors/templates/_helpers.tpl | 63 - .../nginx-errors/templates/deployment.yaml | 25 - .../nginx-errors/templates/service.yaml | 15 - .../templates/tests/test-connection.yaml | 15 - .../nginx-errors/values.yaml | 44 - .../nginx-ingress/Chart.yaml | 12 - .../backbone-services/nginx-ingress/README.md | 261 - .../nginx-ingress/templates/_helpers.tpl | 86 - .../nginx-ingress/templates/clusterrole.yaml | 59 - .../templates/clusterrolebinding.yaml | 17 - .../templates/controller-configmap.yaml | 20 - .../templates/controller-daemonset.yaml | 218 - .../templates/controller-deployment.yaml | 205 - .../templates/controller-metrics-service.yaml | 43 - .../templates/controller-prometheusrules.yaml | 21 - .../templates/controller-role.yaml | 90 - .../templates/controller-rolebinding.yaml | 18 - .../templates/controller-service.yaml | 85 - .../templates/controller-serviceaccount.yaml | 10 - .../templates/controller-servicemonitor.yaml | 31 - .../templates/custom-headers.yaml | 14 - .../nginx-ingress/values.yaml | 435 -- .../oauth2-proxy/.helmignore | 23 - .../backbone-services/oauth2-proxy/Chart.yaml | 26 - .../oauth2-proxy/templates/configmap.yaml | 9 - .../oauth2-proxy/templates/deployment.yaml | 2 - .../oauth2-proxy/templates/ingress.yaml | 2 - .../oauth2-proxy/templates/service.yaml | 2 - .../oauth2-proxy/values.yaml | 96 - .../backbone-services/pgadmin/Chart.yaml | 26 - .../pgadmin/templates/deployment.yaml | 2 - .../pgadmin/templates/ingress.yaml | 2 - .../pgadmin/templates/service.yaml | 2 - .../backbone-services/pgadmin/values.yaml | 43 - .../backbone-services/playground/Chart.yaml | 26 - .../backbone-services/playground/README.md | 2 - .../playground/templates/deployment.yaml | 2 - .../backbone-services/playground/values.yaml | 13 - .../backbone-services/postgres/Chart.yaml | 27 - .../postgres/templates/deployment.yaml | 2 - .../postgres/templates/pv.yaml | 29 - .../postgres/templates/pvc.yaml | 19 - .../postgres/templates/service.yaml | 2 - .../backbone-services/postgres/values.yaml | 51 - .../prometheus-kafka-exporter/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../templates/servicemonitor.yaml | 2 - .../prometheus-kafka-exporter/values.yaml | 62 - .../prometheus-operator/.helmignore | 26 - .../prometheus-operator/CONTRIBUTING.md | 10 - .../prometheus-operator/Chart.yaml | 22 - .../prometheus-operator/OWNERS | 8 - .../prometheus-operator/README.md | 712 -- .../crds/crd-alertmanager.yaml | 4474 ------------- .../crds/crd-podmonitor.yaml | 262 - .../crds/crd-prometheus.yaml | 5794 ----------------- .../crds/crd-prometheusrules.yaml | 88 - .../crds/crd-servicemonitor.yaml | 460 -- .../crds/crd-thanosrulers.yaml | 3815 ----------- .../prometheus-operator/hack/README.md | 53 - .../hack/minikube/README.md | 3 - .../prometheus-operator/hack/minikube/cmd.sh | 84 - .../hack/minikube/values.yaml | 9 - .../prometheus-operator/hack/requirements.txt | 2 - .../hack/sync_grafana_dashboards.py | 178 - .../hack/sync_prometheus_rules.py | 282 - .../prometheus-operator/requirements.lock | 6 - .../prometheus-operator/requirements.yaml | 11 - .../prometheus-operator/templates/NOTES.txt | 5 - .../templates/_helpers.tpl | 96 - .../templates/alertmanager/alertmanager.yaml | 112 - .../templates/alertmanager/ingress.yaml | 30 - .../alertmanager/ingressperreplica.yaml | 49 - .../alertmanager/podDisruptionBudget.yaml | 21 - .../templates/alertmanager/psp-role.yaml | 21 - .../alertmanager/psp-rolebinding.yaml | 18 - .../templates/alertmanager/psp.yaml | 49 - .../templates/alertmanager/secret.yaml | 28 - .../templates/alertmanager/service.yaml | 52 - .../alertmanager/serviceaccount.yaml | 12 - .../alertmanager/servicemonitor.yaml | 32 - .../alertmanager/serviceperreplica.yaml | 46 - .../alertmanager/templatefiles-configmap.yaml | 11 - .../templates/exporters/core-dns/service.yaml | 24 - .../exporters/core-dns/servicemonitor.yaml | 33 - .../kube-api-server/servicemonitor.yaml | 36 - .../kube-controller-manager/endpoints.yaml | 20 - .../kube-controller-manager/service.yaml | 27 - .../servicemonitor.yaml | 44 - .../templates/exporters/kube-dns/service.yaml | 28 - .../exporters/kube-dns/servicemonitor.yaml | 46 - .../exporters/kube-etcd/endpoints.yaml | 20 - .../exporters/kube-etcd/service.yaml | 27 - .../exporters/kube-etcd/servicemonitor.yaml | 50 - .../exporters/kube-proxy/endpoints.yaml | 20 - .../exporters/kube-proxy/service.yaml | 27 - .../exporters/kube-proxy/servicemonitor.yaml | 38 - .../exporters/kube-scheduler/endpoints.yaml | 20 - .../exporters/kube-scheduler/service.yaml | 27 - .../kube-scheduler/servicemonitor.yaml | 44 - .../kube-state-metrics/serviceMonitor.yaml | 29 - .../exporters/kubelet/servicemonitor.yaml | 90 - .../node-exporter/servicemonitor.yaml | 32 - .../templates/operator/cleanup-crds.yaml | 45 - .../templates/operator/clusterrole.yaml | 77 - .../operator/clusterrolebinding.yaml | 17 - .../templates/operator/crds.yaml | 6 - .../templates/operator/deployment.yaml | 118 - .../templates/operator/psp-clusterrole.yaml | 20 - .../operator/psp-clusterrolebinding.yaml | 17 - .../templates/operator/psp.yaml | 48 - .../templates/operator/service.yaml | 57 - .../templates/operator/serviceaccount.yaml | 12 - .../templates/operator/servicemonitor.yaml | 36 - .../additionalAlertRelabelConfigs.yaml | 16 - .../additionalAlertmanagerConfigs.yaml | 16 - .../prometheus/additionalPrometheusRules.yaml | 40 - .../prometheus/additionalScrapeConfigs.yaml | 16 - .../templates/prometheus/clusterrole.yaml | 36 - .../prometheus/clusterrolebinding.yaml | 18 - .../templates/prometheus/ingress.yaml | 54 - .../prometheus/ingressperreplica.yaml | 49 - .../prometheus/podDisruptionBudget.yaml | 21 - .../templates/prometheus/podmonitors.yaml | 42 - .../templates/prometheus/prometheus.yaml | 245 - .../templates/prometheus/psp-clusterrole.yaml | 20 - .../prometheus/psp-clusterrolebinding.yaml | 18 - .../templates/prometheus/psp.yaml | 52 - .../rules-1.14/alertmanager.rules.yaml | 54 - .../templates/prometheus/rules-1.14/etcd.yaml | 155 - .../prometheus/rules-1.14/general.rules.yaml | 50 - .../prometheus/rules-1.14/k8s.rules.yaml | 121 - .../rules-1.14/kube-apiserver-slos.yaml | 71 - .../rules-1.14/kube-apiserver.rules.yaml | 393 -- .../kube-prometheus-general.rules.yaml | 31 - .../kube-prometheus-node-recording.rules.yaml | 41 - .../rules-1.14/kube-scheduler.rules.yaml | 63 - .../rules-1.14/kube-state-metrics.yaml | 51 - .../prometheus/rules-1.14/kubelet.rules.yaml | 39 - .../rules-1.14/kubernetes-apps.yaml | 205 - .../rules-1.14/kubernetes-resources.yaml | 103 - .../rules-1.14/kubernetes-storage.yaml | 63 - .../kubernetes-system-apiserver.yaml | 100 - .../kubernetes-system-controller-manager.yaml | 37 - .../rules-1.14/kubernetes-system-kubelet.yaml | 84 - .../kubernetes-system-scheduler.yaml | 37 - .../rules-1.14/kubernetes-system.yaml | 47 - .../rules-1.14/node-exporter.rules.yaml | 79 - .../prometheus/rules-1.14/node-exporter.yaml | 202 - .../prometheus/rules-1.14/node-network.yaml | 34 - .../prometheus/rules-1.14/node.rules.yaml | 53 - .../rules-1.14/prometheus-operator.yaml | 43 - .../prometheus/rules-1.14/prometheus.yaml | 202 - .../prometheus/rules/alertmanager.rules.yaml | 54 - .../templates/prometheus/rules/etcd.yaml | 155 - .../prometheus/rules/general.rules.yaml | 50 - .../templates/prometheus/rules/k8s.rules.yaml | 83 - .../rules/kube-apiserver.rules.yaml | 39 - .../kube-prometheus-node-alerting.rules.yaml | 41 - .../kube-prometheus-node-recording.rules.yaml | 41 - .../rules/kube-scheduler.rules.yaml | 63 - .../prometheus/rules/kubernetes-absent.yaml | 129 - .../prometheus/rules/kubernetes-apps.yaml | 161 - .../rules/kubernetes-resources.yaml | 103 - .../prometheus/rules/kubernetes-storage.yaml | 63 - .../prometheus/rules/kubernetes-system.yaml | 145 - .../prometheus/rules/node-network.yaml | 48 - .../templates/prometheus/rules/node-time.yaml | 34 - .../prometheus/rules/node.rules.yaml | 202 - .../prometheus/rules/prometheus-operator.yaml | 43 - .../prometheus/rules/prometheus.rules.yaml | 109 - .../templates/prometheus/service.yaml | 57 - .../templates/prometheus/serviceaccount.yaml | 16 - .../templates/prometheus/servicemonitor.yaml | 41 - .../templates/prometheus/servicemonitors.yaml | 34 - .../prometheus/serviceperreplica.yaml | 46 - .../prometheus-operator/values.yaml | 2024 ------ .../charts/backbone-services/redis/Chart.yaml | 26 - .../redis/templates/deployment.yaml | 2 - .../redis/templates/service.yaml | 2 - .../backbone-services/redis/values.yaml | 16 - .../charts/backbone-services/redoc/Chart.yaml | 26 - .../redoc/templates/deployment.yaml | 2 - .../redoc/templates/ingress.yaml | 2 - .../redoc/templates/service.yaml | 2 - .../backbone-services/redoc/values.yaml | 18 - .../backbone-services/s3-proxy/Chart.yaml | 22 - .../s3-proxy/templates/ingress.yaml | 20 - .../s3-proxy/templates/service.yaml | 14 - .../backbone-services/s3-proxy/values.yaml | 14 - .../spot-termination-handler/Chart.yaml | 9 - .../templates/_helpers.tpl | 16 - .../templates/clusterrole.yaml | 47 - .../templates/clusterrolebinding.yaml | 16 - .../templates/daemonset.yaml | 101 - .../templates/serviceaccount.yaml | 9 - .../spot-termination-handler/values.yaml | 91 - .../backbone-services/superset/.gitignore | 4 - .../backbone-services/superset/.helmignore | 37 - .../backbone-services/superset/Chart.yaml | 30 - .../superset/templates/_helpers.tpl | 85 - .../templates/configmap-superset.yaml | 30 - .../superset/templates/deployment-beat.yaml | 101 - .../superset/templates/deployment-worker.yaml | 121 - .../superset/templates/deployment.yaml | 136 - .../superset/templates/ingress.yaml | 43 - .../superset/templates/init-job.yaml | 93 - .../templates/secret-superset-config.yaml | 38 - .../superset/templates/service.yaml | 39 - .../backbone-services/superset/values.yaml | 459 -- .../charts/backbone-services/vpa/Chart.yaml | 7 - .../charts/backbone-services/vpa/README.md | 110 - .../backbone-services/vpa/README.md.gotmpl | 47 - .../vpa/crds/vpa-v1-crd.yaml | 94 - .../vpa/templates/_helpers.tpl | 23 - .../admission-controller-certgen.yaml | 125 - .../admission-controller-cleanup.yaml | 69 - .../admission-controller-deployment.yaml | 94 - .../templates/admission-controller-pdb.yaml | 14 - .../templates/admission-controller-rbac.yaml | 69 - .../admission-controller-service-account.yaml | 17 - .../admission-controller-service.yaml | 14 - .../vpa/templates/clusterrolebindings.yaml | 112 - .../vpa/templates/clusterroles.yaml | 167 - .../vpa/templates/recommender-deployment.yaml | 84 - .../vpa/templates/recommender-pdb.yaml | 14 - .../recommender-service-account.yaml | 15 - .../vpa/templates/updater-deployment.yaml | 89 - .../vpa/templates/updater-pdb.yaml | 14 - .../templates/updater-service-account.yaml | 15 - .../charts/backbone-services/vpa/values.yaml | 151 - .../backbone-services/zookeeper-v2/Chart.yaml | 8 - .../backbone-services/zookeeper-v2/README.md | 134 - .../zookeeper-v2/templates/_helpers.tpl | 39 - .../templates/headless-service.yaml | 20 - .../zookeeper-v2/templates/jmx-configmap.yaml | 37 - .../templates/persistentvolume.yaml | 55 - .../templates/poddisruptionbudget.yaml | 13 - .../zookeeper-v2/templates/service.yaml | 17 - .../zookeeper-v2/templates/statefulset.yaml | 142 - .../zookeeper-v2/values.yaml | 139 - .../billing-service/Chart.yaml | 26 - .../billing-service/templates/deployment.yaml | 2 - .../billing-service/templates/ingress.yaml | 2 - .../billing-service/templates/service.yaml | 2 - .../billing-service/values.yaml | 152 - .../collection-services/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../collection-services/values.yaml | 136 - .../dashboard-analytics/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../dashboard-analytics/values.yaml | 89 - .../dashboard-ingest/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../dashboard-ingest/templates/ingress.yaml | 2 - .../dashboard-ingest/templates/service.yaml | 2 - .../dashboard-ingest/values.yaml | 93 - .../egf-account-details-consumer/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../egf-account-details-consumer/values.yaml | 29 - .../egf-instrument/Chart.yaml | 26 - .../egf-instrument/templates/deployment.yaml | 2 - .../egf-instrument/templates/ingress.yaml | 2 - .../egf-instrument/templates/service.yaml | 2 - .../egf-instrument/values.yaml | 89 - .../business-services/egf-master/Chart.yaml | 26 - .../egf-master/templates/deployment.yaml | 2 - .../egf-master/templates/ingress.yaml | 2 - .../egf-master/templates/service.yaml | 2 - .../business-services/egf-master/values.yaml | 164 - .../business-services/egf-masters/Chart.yaml | 26 - .../egf-masters/templates/deployment.yaml | 2 - .../egf-masters/templates/service.yaml | 2 - .../business-services/egf-masters/values.yaml | 115 - .../egf-voucher-indexer/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../egf-voucher-indexer/values.yaml | 47 - .../egov-apportion-service/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yml | 2 - .../templates/service.yaml | 2 - .../egov-apportion-service/values.yaml | 58 - .../business-services/egov-edcr/Chart.yaml | 26 - .../egov-edcr/templates/deployment.yaml | 2 - .../egov-edcr/templates/ingress.yaml | 2 - .../templates/override-configmap.yaml | 85 - .../egov-edcr/templates/service.yaml | 2 - .../business-services/egov-edcr/values.yaml | 233 - .../business-services/egov-finance/Chart.yaml | 26 - .../egov-finance/templates/deployment.yaml | 2 - .../egov-finance/templates/ingress.yaml | 2 - .../templates/override-configmap.yaml | 80 - .../egov-finance/templates/service.yaml | 2 - .../egov-finance/values.yaml | 260 - .../business-services/egov-hrms/Chart.yaml | 26 - .../egov-hrms/templates/deployment.yaml | 2 - .../egov-hrms/templates/ingress.yaml | 2 - .../egov-hrms/templates/service.yaml | 2 - .../business-services/egov-hrms/values.yaml | 128 - .../Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../values.yaml | 80 - .../charts/business-services/mysql/Chart.yaml | 26 - .../mysql/templates/deployment.yaml | 2 - .../business-services/mysql/templates/pv.yaml | 51 - .../mysql/templates/pvc.yaml | 21 - .../mysql/templates/service.yaml | 2 - .../business-services/mysql/values.yaml | 114 - .../business-services/wordpress/Chart.yaml | 26 - .../wordpress/templates/deployment.yaml | 2 - .../wordpress/templates/ingress.yaml | 2 - .../wordpress/templates/pv.yaml | 51 - .../wordpress/templates/pvc.yaml | 21 - .../wordpress/templates/service.yaml | 2 - .../business-services/wordpress/values.yaml | 119 - .../helm/charts/cluster-configs/Chart.lock | 6 - .../helm/charts/cluster-configs/Chart.yaml | 21 - .../templates/0-namespaces/0-namespaces.yaml | 11 - .../configmaps/common-configmap.yaml | 17 - .../egov-service-host-comfigmap.yaml | 18 - .../configmaps/egov-user-chatbot.yaml | 12 - .../templates/ingress/nginx-errors.yaml | 25 - .../templates/ingress/root-ingress.yaml | 26 - .../templates/rbac/clusterroles.yaml | 53 - .../rbac/read-clusterrolebinding.yaml | 25 - .../templates/rbac/rolebindings.yaml | 20 - .../templates/secrets/airflow-secret.yaml | 13 - .../secrets/alertmanager-secret.yaml | 12 - .../secrets/case-management-secret.yaml | 12 - .../templates/secrets/chatbot-secret.yaml | 16 - .../templates/secrets/covid-chatbot.yaml | 13 - .../templates/secrets/db-secret.yaml | 20 - .../secrets/egov-azure-filestore-secret.yaml | 14 - .../egov-edcr-bank-gateway-secret-.yaml | 16 - .../egov-edcr-notification-secret.yaml | 16 - .../secrets/egov-enc-service-secret.yaml | 22 - .../secrets/egov-filestore-secret.yaml | 14 - .../secrets/egov-location-secret.yaml | 13 - .../egov-notification-mail-secret.yaml | 14 - .../secrets/egov-notification-sms-secret.yaml | 16 - .../secrets/egov-pg-service-secret.yaml | 31 - .../secrets/egov-si-microservice-secret.yaml | 16 - .../templates/secrets/elasticsearch.yaml | 14 - .../templates/secrets/git-sync-secret.yaml | 19 - ...me-isolation-notification-mail-secret.yaml | 14 - .../secrets/ispirit-ecurfew-secret.yaml | 28 - .../secrets/jenkins-kubeconfigs.yaml | 13 - .../templates/secrets/jenkins-secret.yaml | 25 - .../secrets/kibana-infra-secret.yaml | 12 - .../templates/secrets/kibana-secret.yaml | 13 - .../templates/secrets/minio-secret.yaml | 14 - .../templates/secrets/mysql-secret.yaml | 13 - .../secrets/oauth2-proxy-secret.yaml | 16 - .../templates/secrets/pgadmin-secret.yaml | 16 - .../secrets/pgr-ai-chatbot-secret.yaml | 17 - .../templates/secrets/wordpress-secret.yaml | 13 - .../templates/services/db-endpoints.yaml | 14 - .../templates/services/db-service.yaml | 14 - .../helm/charts/cluster-configs/values.yaml | 156 - deploy-as-code/helm/charts/common/.helmignore | 21 - .../charts/common/templates/_deployment.yaml | 162 - .../helm/charts/common/templates/_helpers.tpl | 26 - .../charts/common/templates/_ingress.yaml | 54 - .../charts/common/templates/_service.yaml | 29 - .../audit-service/templates/deployment.yaml | 2 - .../audit-service/templates/ingress.yaml | 2 - .../audit-service/templates/service.yaml | 2 - .../charts/core-services/chatbot/Chart.yaml | 26 - .../core-services/chatbot/chatbot-values.yaml | 187 - .../home-isolation-chatbot-values.yaml | 263 - .../core-services/chatbot/requirements.lock | 6 - .../chatbot/templates/deployment.yaml | 2 - .../chatbot/templates/ingress.yaml | 2 - .../chatbot/templates/service.yaml | 2 - .../templates/deployment.yaml | 2 - .../egov-accesscontrol/templates/ingress.yaml | 2 - .../egov-accesscontrol/templates/service.yaml | 2 - .../egov-common-masters/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../egov-common-masters/values.yaml | 48 - .../egov-data-uploader/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../egov-data-uploader/templates/ingress.yaml | 2 - .../egov-data-uploader/templates/service.yaml | 2 - .../egov-data-uploader/values.yaml | 76 - .../egov-document-uploader/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../egov-document-uploader/values.yaml | 79 - .../core-services/egov-enc-service/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../egov-enc-service/templates/ingress.yml | 2 - .../egov-enc-service/templates/service.yaml | 2 - .../egov-enc-service/values.yaml | 101 - .../core-services/egov-filestore/Chart.yaml | 26 - .../egov-filestore/templates/deployment.yaml | 2 - .../egov-filestore/templates/ingress.yaml | 18 - .../templates/persistentvolume.yaml | 54 - .../egov-filestore/templates/pvc.yaml | 20 - .../egov-filestore/templates/service.yaml | 2 - .../core-services/egov-filestore/values.yaml | 134 - .../core-services/egov-idgen/Chart.yaml | 26 - .../egov-idgen/templates/deployment.yaml | 2 - .../egov-idgen/templates/ingress.yaml | 2 - .../egov-idgen/templates/service.yaml | 2 - .../core-services/egov-idgen/values.yaml | 55 - .../egov-index-custom-consumer/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../egov-index-custom-consumer/values.yaml | 35 - .../core-services/egov-indexer/Chart.yaml | 26 - .../egov-indexer/templates/deployment.yaml | 2 - .../egov-indexer/templates/ingress.yaml | 2 - .../egov-indexer/templates/service.yaml | 2 - .../core-services/egov-indexer/values.yaml | 77 - .../egov-localization/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../egov-localization/templates/ingress.yaml | 2 - .../egov-localization/templates/service.yaml | 2 - .../egov-localization/values.yaml | 43 - .../core-services/egov-location/Chart.yaml | 26 - .../egov-location/templates/deployment.yaml | 2 - .../egov-location/templates/ingress.yaml | 2 - .../egov-location/templates/service.yaml | 2 - .../core-services/egov-location/values.yaml | 68 - .../egov-mdms-service/Chart.yaml | 26 - .../ispirit-mdms-service-values.yaml | 70 - .../templates/deployment.yaml | 2 - .../egov-mdms-service/templates/ingress.yaml | 2 - .../egov-mdms-service/templates/service.yaml | 2 - .../egov-mdms-service/tenant-a-mdms-data.yaml | 70 - .../egov-mdms-service/tenant-b-mdms-data.yaml | 70 - .../egov-mdms-service/values.yaml | 70 - .../egov-notification-mail/Chart.yaml | 26 - .../home-isolation-email-values.yaml | 56 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../egov-notification-mail/values.yaml | 66 - .../egov-notification-sms/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../egov-notification-sms/values.yaml | 192 - .../charts/core-services/egov-otp/Chart.yaml | 26 - .../egov-otp/templates/deployment.yaml | 2 - .../egov-otp/templates/ingress.yaml | 2 - .../egov-otp/templates/service.yaml | 2 - .../charts/core-services/egov-otp/values.yaml | 41 - .../charts/core-services/egov-pdf/Chart.yaml | 26 - .../egov-pdf/templates/deployment.yaml | 2 - .../egov-pdf/templates/ingress.yaml | 2 - .../egov-pdf/templates/service.yaml | 2 - .../charts/core-services/egov-pdf/values.yaml | 97 - .../core-services/egov-persister/Chart.yaml | 26 - .../egov-persister/templates/deployment.yaml | 2 - .../egov-persister/templates/service.yaml | 2 - .../core-services/egov-persister/values.yaml | 40 - .../core-services/egov-pg-service/Chart.yaml | 26 - .../egov-pg-service/templates/deployment.yaml | 2 - .../egov-pg-service/templates/ingress.yaml | 2 - .../egov-pg-service/templates/service.yaml | 2 - .../core-services/egov-pg-service/values.yaml | 200 - .../core-services/egov-searcher/Chart.yaml | 26 - .../egov-searcher/templates/deployment.yaml | 2 - .../egov-searcher/templates/ingress.yaml | 2 - .../egov-searcher/templates/service.yaml | 2 - .../core-services/egov-searcher/values.yaml | 55 - .../egov-survey-services/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../egov-survey-services/values.yaml | 74 - .../egov-telemetry-kafka-streams/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../egov-telemetry-kafka-streams/values.yaml | 49 - .../egov-url-shortening/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../egov-url-shortening/values.yaml | 79 - .../egov-user-chatbot/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../egov-user-chatbot/templates/service.yaml | 2 - .../egov-user-chatbot/values.yaml | 152 - .../charts/core-services/egov-user/Chart.yaml | 26 - .../egov-user/egov-user-enc-values.yaml | 231 - .../egov-user/egov-user-values.yaml | 171 - .../egov-user/templates/deployment.yaml | 2 - .../egov-user/templates/ingress.yaml | 2 - .../egov-user/templates/service.yaml | 2 - .../core-services/egov-workflow-v2/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../egov-workflow-v2/templates/ingress.yaml | 2 - .../egov-workflow-v2/templates/service.yaml | 2 - .../egov-workflow-v2/values.yaml | 87 - .../core-services/egov-workflow/Chart.yaml | 26 - .../egov-workflow/templates/deployment.yaml | 2 - .../egov-workflow/templates/service.yaml | 2 - .../core-services/egov-workflow/values.yaml | 62 - .../core-services/internal-gateway/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../internal-gateway/templates/role.yaml | 24 - .../templates/rolebinding.yaml | 21 - .../internal-gateway/templates/service.yaml | 2 - .../templates/serviceaccount.yaml | 15 - .../internal-gateway/values.yaml | 66 - .../charts/core-services/mailbot/Chart.yaml | 26 - .../core-services/mailbot/requirements.lock | 6 - .../mailbot/templates/deployment.yaml | 2 - .../mailbot/templates/ingress.yaml | 2 - .../mailbot/templates/service.yaml | 2 - .../charts/core-services/mailbot/values.yaml | 112 - .../charts/core-services/mdms-v2/Chart.yaml | 26 - .../mdms-v2/templates/deployment.yaml | 2 - .../mdms-v2/templates/ingress.yaml | 2 - .../mdms-v2/templates/service.yaml | 2 - .../charts/core-services/mdms-v2/values.yaml | 61 - .../national-dashboard-ingest/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../national-dashboard-ingest/values.yaml | 67 - .../Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../values.yaml | 34 - .../core-services/nlp-engine/Chart.yaml | 26 - .../nlp-engine/templates/deployment.yaml | 2 - .../nlp-engine/templates/ingress.yaml | 2 - .../nlp-engine/templates/service.yaml | 2 - .../core-services/nlp-engine/values.yaml | 30 - .../core-services/pdf-service/Chart.yaml | 29 - .../core-services/pdf-service/statefulset.bkp | 4 - .../pdf-service/templates/deployment.yaml | 2 - .../pdf-service/templates/ingress.yaml | 2 - .../pdf-service/templates/pvc.yaml | 12 - .../pdf-service/templates/service.yaml | 2 - .../core-services/pdf-service/values.yaml | 105 - .../charts/core-services/report/Chart.yaml | 26 - .../report/templates/deployment.yaml | 2 - .../report/templates/ingress.yaml | 2 - .../report/templates/service.yaml | 2 - .../charts/core-services/report/values.yaml | 140 - .../core-services/service-request/Chart.yaml | 26 - .../service-request/templates/deployment.yaml | 2 - .../service-request/templates/ingress.yaml | 2 - .../service-request/templates/service.yaml | 2 - .../core-services/service-request/values.yaml | 68 - .../charts/core-services/telemetry/Chart.yaml | 26 - .../telemetry/templates/deployment.yaml | 2 - .../telemetry/templates/ingress.yaml | 2 - .../telemetry/templates/service.yaml | 2 - .../core-services/telemetry/values.yaml | 41 - .../charts/core-services/user-otp/Chart.yaml | 26 - .../user-otp/templates/deployment.yaml | 2 - .../user-otp/templates/ingress.yaml | 2 - .../user-otp/templates/service.yaml | 2 - .../charts/core-services/user-otp/values.yaml | 61 - .../core-services/xstate-chatbot/Chart.yaml | 26 - .../xstate-chatbot/covid-chatbot-values.yaml | 128 - .../xstate-chatbot/templates/deployment.yaml | 2 - .../xstate-chatbot/templates/ingress.yaml | 2 - .../xstate-chatbot/templates/service.yaml | 2 - .../core-services/xstate-chatbot/values.yaml | 252 - .../core-services/xstate-webchat/Chart.yaml | 26 - .../xstate-webchat/templates/deployment.yaml | 2 - .../xstate-webchat/templates/ingress.yaml | 2 - .../xstate-webchat/templates/service.yaml | 2 - .../core-services/xstate-webchat/values.yaml | 149 - .../helm/charts/core-services/zuul/Chart.yaml | 26 - .../zuul/templates/deployment.yaml | 2 - .../core-services/zuul/templates/role.yaml | 24 - .../zuul/templates/rolebinding.yaml | 21 - .../core-services/zuul/templates/service.yaml | 2 - .../zuul/templates/serviceaccount.yaml | 15 - .../charts/core-services/zuul/values.yaml | 155 - .../helm/charts/frontend/citizen/Chart.yaml | 26 - .../citizen/templates/deployment.yaml | 2 - .../frontend/citizen/templates/ingress.yaml | 2 - .../frontend/citizen/templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../helm/charts/frontend/citizen/values.yaml | 34 - .../charts/frontend/common-screen/Chart.yaml | 26 - .../common-screen/templates/deployment.yaml | 2 - .../common-screen/templates/ingress.yaml | 2 - .../common-screen/templates/service.yaml | 2 - .../charts/frontend/common-screen/values.yaml | 22 - .../helm/charts/frontend/digit-ui/Chart.yaml | 26 - .../digit-ui/templates/deployment.yaml | 2 - .../frontend/digit-ui/templates/ingress.yaml | 2 - .../frontend/digit-ui/templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../helm/charts/frontend/digit-ui/values.yaml | 33 - .../charts/frontend/dss-dashboard/Chart.yaml | 26 - .../dss-dashboard/templates/deployment.yaml | 2 - .../dss-dashboard/templates/ingress.yaml | 2 - .../dss-dashboard/templates/service.yaml | 2 - .../charts/frontend/dss-dashboard/values.yaml | 28 - .../charts/frontend/employee-mcs/Chart.yaml | 26 - .../employee-mcs/templates/deployment.yaml | 2 - .../employee-mcs/templates/ingress.yaml | 2 - .../employee-mcs/templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../charts/frontend/employee-mcs/values.yaml | 40 - .../frontend/employee-tradelicence/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/service.yaml | 2 - .../employee-tradelicence/values.yaml | 30 - .../helm/charts/frontend/employee/Chart.yaml | 26 - .../employee/templates/deployment.yaml | 2 - .../frontend/employee/templates/ingress.yaml | 2 - .../frontend/employee/templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../helm/charts/frontend/employee/values.yaml | 40 - .../helm/charts/frontend/hrms-web/Chart.yaml | 26 - .../hrms-web/templates/deployment.yaml | 2 - .../frontend/hrms-web/templates/service.yaml | 2 - .../helm/charts/frontend/hrms-web/values.yaml | 17 - .../rainmaker-custom-service/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress-open.yaml | 18 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../rainmaker-custom-service/values.yaml | 82 - .../charts/frontend/react-pgr-web/Chart.yaml | 26 - .../react-pgr-web/templates/deployment.yaml | 2 - .../react-pgr-web/templates/service.yaml | 2 - .../charts/frontend/react-pgr-web/values.yaml | 13 - .../helm/charts/frontend/storybook/Chart.yaml | 26 - .../storybook/templates/deployment.yaml | 2 - .../frontend/storybook/templates/ingress.yaml | 2 - .../frontend/storybook/templates/service.yaml | 2 - .../charts/frontend/storybook/values.yaml | 25 - .../helm/charts/frontend/ui-app/Chart.yaml | 26 - .../frontend/ui-app/templates/deployment.yaml | 2 - .../frontend/ui-app/templates/service.yaml | 2 - .../helm/charts/frontend/ui-app/values.yaml | 13 - .../charts/frontend/ui-dashboard/Chart.yaml | 26 - .../ui-dashboard/templates/deployment.yaml | 2 - .../ui-dashboard/templates/ingress.yaml | 2 - .../ui-dashboard/templates/service.yaml | 2 - .../charts/frontend/ui-dashboard/values.yaml | 31 - .../frontend/ui-localisation/Chart.yaml | 26 - .../ui-localisation/templates/deployment.yaml | 2 - .../ui-localisation/templates/ingress.yaml | 2 - .../ui-localisation/templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../frontend/ui-localisation/values.yaml | 23 - .../charts/frontend/ui-uploader/Chart.yaml | 26 - .../ui-uploader/templates/deployment.yaml | 2 - .../ui-uploader/templates/service.yaml | 2 - .../charts/frontend/ui-uploader/values.yaml | 13 - .../charts/frontend/workbench-ui/Chart.yaml | 26 - .../workbench-ui/templates/deployment.yaml | 2 - .../workbench-ui/templates/ingress.yaml | 2 - .../workbench-ui/templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../charts/frontend/workbench-ui/values.yaml | 34 - .../ispirit/approver-dashboard/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../approver-dashboard/templates/ingress.yaml | 2 - .../approver-dashboard/templates/service.yaml | 2 - .../ispirit/approver-dashboard/values.yaml | 32 - .../charts/ispirit/ecurfew-cron/Chart.yaml | 26 - .../ecurfew-cron/templates/deployment.yaml | 2 - .../ecurfew-cron/templates/ingress.yaml | 2 - .../ecurfew-cron/templates/service.yaml | 2 - .../charts/ispirit/ecurfew-cron/values.yaml | 170 - .../helm/charts/ispirit/ecurfew/Chart.yaml | 26 - .../ispirit/ecurfew/templates/deployment.yaml | 2 - .../ispirit/ecurfew/templates/ingress.yaml | 2 - .../ispirit/ecurfew/templates/service.yaml | 2 - .../helm/charts/ispirit/ecurfew/values.yaml | 212 - .../charts/ispirit/epass-chatbot/Chart.yaml | 26 - .../epass-chatbot/templates/deployment.yaml | 2 - .../epass-chatbot/templates/ingress.yaml | 2 - .../epass-chatbot/templates/service.yaml | 2 - .../charts/ispirit/epass-chatbot/values.yaml | 117 - .../helm/charts/ispirit/epasszuul/Chart.yaml | 26 - .../epasszuul/templates/deployment.yaml | 2 - .../ispirit/epasszuul/templates/role.yaml | 24 - .../epasszuul/templates/rolebinding.yaml | 21 - .../ispirit/epasszuul/templates/service.yaml | 2 - .../epasszuul/templates/serviceaccount.yaml | 15 - .../helm/charts/ispirit/epasszuul/values.yaml | 110 - .../ispirit/requester-dashboard/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../ispirit/requester-dashboard/values.yaml | 32 - .../charts/ispirit/trai-gateway/Chart.yaml | 26 - .../trai-gateway/templates/ca-configmap.yaml | 61 - .../trai-gateway/templates/deployment.yaml | 2 - .../trai-gateway/templates/ingress.yaml | 2 - .../trai-gateway/templates/service.yaml | 2 - .../charts/ispirit/trai-gateway/values.yaml | 68 - .../birth-death-services/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../birth-death-services/values.yaml | 122 - .../birth-registration/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../birth-registration/templates/ingress.yaml | 2 - .../birth-registration/templates/service.yaml | 2 - .../birth-registration/values.yaml | 115 - .../bpa-calculator/Chart.yaml | 26 - .../bpa-calculator/templates/deployment.yaml | 2 - .../bpa-calculator/templates/ingress.yaml | 2 - .../bpa-calculator/templates/service.yaml | 2 - .../bpa-calculator/values.yaml | 77 - .../bpa-services/Chart.yaml | 26 - .../bpa-services/templates/deployment.yaml | 2 - .../bpa-services/templates/ingress.yaml | 2 - .../bpa-services/templates/service.yaml | 2 - .../bpa-services/values.yaml | 138 - .../echallan-calculator/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../echallan-calculator/values.yaml | 75 - .../echallan-services/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../echallan-services/templates/ingress.yaml | 2 - .../echallan-services/templates/service.yaml | 2 - .../echallan-services/values.yaml | 131 - .../egov-user-event/Chart.yaml | 26 - .../egov-user-event/templates/deployment.yaml | 2 - .../egov-user-event/templates/ingress.yaml | 2 - .../egov-user-event/templates/service.yaml | 2 - .../egov-user-event/values.yaml | 88 - .../firenoc-calculator/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../firenoc-calculator/templates/ingress.yaml | 2 - .../firenoc-calculator/templates/service.yaml | 2 - .../firenoc-calculator/values.yaml | 97 - .../firenoc-services/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../firenoc-services/templates/ingress.yaml | 2 - .../firenoc-services/templates/service.yaml | 2 - .../firenoc-services/values.yaml | 137 - .../municipal-services/inbox/Chart.yaml | 26 - .../inbox/templates/deployment.yaml | 2 - .../inbox/templates/ingress.yaml | 2 - .../inbox/templates/service.yaml | 2 - .../municipal-services/inbox/values.yaml | 102 - .../land-services/Chart.yaml | 26 - .../land-services/templates/deployment.yaml | 2 - .../land-services/templates/ingress.yaml | 2 - .../land-services/templates/service.yaml | 2 - .../land-services/values.yaml | 113 - .../noc-services/Chart.yaml | 26 - .../noc-services/templates/deployment.yaml | 2 - .../noc-services/templates/ingress.yaml | 2 - .../noc-services/templates/service.yaml | 2 - .../noc-services/values.yaml | 100 - .../pgr-services/Chart.yaml | 26 - .../pgr-services/templates/deployment.yaml | 2 - .../pgr-services/templates/ingress.yaml | 2 - .../pgr-services/templates/service.yaml | 2 - .../pgr-services/values.yaml | 200 - .../property-services/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../property-services/templates/ingress.yaml | 2 - .../property-services/templates/service.yaml | 2 - .../property-services/values.yaml | 179 - .../pt-calculator-v2/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../pt-calculator-v2/templates/ingress.yaml | 2 - .../pt-calculator-v2/templates/service.yaml | 2 - .../pt-calculator-v2/values.yaml | 116 - .../pt-services-v2/Chart.yaml | 26 - .../pt-services-v2/templates/deployment.yaml | 2 - .../pt-services-v2/templates/ingress.yaml | 2 - .../pt-services-v2/templates/service.yaml | 2 - .../pt-services-v2/values.yaml | 131 - .../rainmaker-pgr/Chart.yaml | 26 - .../rainmaker-pgr/templates/deployment.yaml | 2 - .../rainmaker-pgr/templates/ingress.yaml | 2 - .../rainmaker-pgr/templates/service.yaml | 2 - .../rainmaker-pgr/values.yaml | 150 - .../sw-calculator/Chart.yaml | 26 - .../sw-calculator/templates/deployment.yaml | 2 - .../sw-calculator/templates/ingress.yaml | 2 - .../sw-calculator/templates/service.yaml | 2 - .../sw-calculator/values.yaml | 111 - .../municipal-services/sw-services/Chart.yaml | 26 - .../sw-services/templates/deployment.yaml | 2 - .../sw-services/templates/ingress.yaml | 2 - .../sw-services/templates/service.yaml | 2 - .../sw-services/values.yaml | 144 - .../tl-calculator/Chart.yaml | 26 - .../tl-calculator/templates/deployment.yaml | 2 - .../tl-calculator/templates/ingress.yaml | 2 - .../tl-calculator/templates/service.yaml | 2 - .../tl-calculator/values.yaml | 79 - .../municipal-services/tl-services/Chart.yaml | 26 - .../tl-services/templates/deployment.yaml | 2 - .../tl-services/templates/ingress.yaml | 2 - .../tl-services/templates/service.yaml | 2 - .../tl-services/values.yaml | 162 - .../turn-io-adapter/Chart.yaml | 26 - .../turn-io-adapter/templates/deployment.yaml | 2 - .../turn-io-adapter/templates/ingress.yaml | 2 - .../turn-io-adapter/templates/service.yaml | 2 - .../turn-io-adapter/values.yaml | 77 - .../ws-calculator/Chart.yaml | 26 - .../ws-calculator/templates/deployment.yaml | 2 - .../ws-calculator/templates/ingress.yaml | 2 - .../ws-calculator/templates/service.yaml | 2 - .../ws-calculator/values.yaml | 117 - .../municipal-services/ws-services/Chart.yaml | 26 - .../ws-services/templates/deployment.yaml | 2 - .../ws-services/templates/ingress.yaml | 2 - .../ws-services/templates/service.yaml | 2 - .../ws-services/values.yaml | 152 - .../sanitation/fsm-calculator/Chart.yaml | 26 - .../fsm-calculator/templates/deployment.yaml | 2 - .../fsm-calculator/templates/ingress.yaml | 2 - .../fsm-calculator/templates/service.yaml | 2 - .../sanitation/fsm-calculator/values.yaml | 75 - .../helm/charts/sanitation/fsm/Chart.yaml | 26 - .../sanitation/fsm/templates/deployment.yaml | 2 - .../sanitation/fsm/templates/ingress.yaml | 2 - .../sanitation/fsm/templates/service.yaml | 2 - .../helm/charts/sanitation/fsm/values.yaml | 141 - .../sanitation/sanitation-ui/Chart.yaml | 26 - .../sanitation-ui/templates/deployment.yaml | 2 - .../sanitation-ui/templates/ingress.yaml | 2 - .../sanitation-ui/templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../sanitation/sanitation-ui/values.yaml | 34 - .../helm/charts/sanitation/vehicle/Chart.yaml | 26 - .../vehicle/templates/deployment.yaml | 2 - .../sanitation/vehicle/templates/ingress.yaml | 2 - .../sanitation/vehicle/templates/service.yaml | 2 - .../charts/sanitation/vehicle/values.yaml | 99 - .../helm/charts/sanitation/vendor/Chart.yaml | 26 - .../vendor/templates/deployment.yaml | 2 - .../sanitation/vendor/templates/ingress.yaml | 2 - .../sanitation/vendor/templates/service.yaml | 2 - .../helm/charts/sanitation/vendor/values.yaml | 83 - .../ukd-assets/Chart.yaml | 26 - .../ukd-assets/templates/deployment.yaml | 2 - .../ukd-assets/templates/ingress.yaml | 2 - .../ukd-assets/templates/service.yaml | 2 - .../ukd-assets/values.yaml | 24 - .../ukd-custom-service/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../ukd-custom-service/templates/ingress.yaml | 2 - .../ukd-custom-service/templates/service.yaml | 2 - .../ukd-custom-service/values.yaml | 88 - .../utilities/case-management/Chart.yaml | 26 - .../case-management/templates/deployment.yaml | 2 - .../case-management/templates/ingress.yaml | 2 - .../case-management/templates/service.yaml | 2 - .../utilities/case-management/values.yaml | 123 - .../certificate-verification/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../subfilter-injection-configmap.yaml | 11 - .../certificate-verification/values.yaml | 18 - .../utilities/cova-dgr-fetch/Chart.yaml | 26 - .../cova-dgr-fetch/templates/cronjob.yaml | 2 - .../utilities/cova-dgr-fetch/values.yaml | 20 - .../charts/utilities/data-upload/Chart.yaml | 26 - .../data-upload/templates/deployment.yaml | 2 - .../data-upload/templates/ingress.yaml | 2 - .../data-upload/templates/service.yaml | 2 - .../charts/utilities/data-upload/values.yaml | 58 - .../charts/utilities/demo-utility/Chart.yaml | 26 - .../demo-utility/templates/deployment.yaml | 2 - .../demo-utility/templates/ingress.yaml | 2 - .../demo-utility/templates/service.yaml | 2 - .../charts/utilities/demo-utility/values.yaml | 89 - .../utilities/egov-custom-consumer/Chart.yaml | 26 - .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../egov-custom-consumer/values.yaml | 32 - .../egov-weekly-impact-notifier/Chart.yaml | 26 - .../templates/cronjob.yaml | 2 - .../egov-weekly-impact-notifier/values.yaml | 50 - .../charts/utilities/mailbot-cron/Chart.yaml | 26 - .../mailbot-cron/templates/cronjob.yaml | 2 - .../charts/utilities/mailbot-cron/values.yaml | 14 - .../utilities/mdms-read-cronjob/Chart.yaml | 26 - .../mdms-read-cronjob/templates/cronjob.yaml | 2 - .../utilities/mdms-read-cronjob/values.yaml | 29 - .../helm/environments/ci-secrets.yaml | 2395 ------- deploy-as-code/helm/environments/ci.yaml | 283 - deploy-as-code/helm/environments/core.yaml | 698 -- .../helm/environments/dev-secrets.yaml | 126 - deploy-as-code/helm/environments/dev.yaml | 836 --- .../helm/environments/fsm-uat-secrets.yaml | 118 - deploy-as-code/helm/environments/fsm-uat.yaml | 921 --- .../helm/environments/qa-secrets.yaml | 127 - deploy-as-code/helm/environments/qa.yaml | 961 --- .../environments/single-instance-secrets.yaml | 109 - .../helm/environments/single-instance.yaml | 816 --- .../helm/environments/staging-secrets.yaml | 127 - deploy-as-code/helm/environments/staging.yaml | 1000 --- .../helm/environments/uat-secrets.yaml | 122 - deploy-as-code/helm/environments/uat.yaml | 1048 --- .../environments/ukd-dev-sdc-secrets.yaml | 78 - .../helm/environments/ukd-dev-sdc.yaml | 736 --- .../helm/environments/ukd-dev-secrets.yaml | 73 - deploy-as-code/helm/environments/ukd-dev.yaml | 544 -- .../environments/ukd-prod-sdc-secrets.yaml | 103 - .../helm/environments/ukd-prod-sdc.yaml | 899 --- .../helm/environments/ukd-prod.yaml | 899 --- .../environments/ukd-sdc-uat-secrets.yaml | 108 - .../helm/environments/ukd-sdc-uat.yaml | 901 --- .../helm/environments/ukd-uat-secrets.yaml | 72 - deploy-as-code/helm/environments/ukd-uat.yaml | 543 -- .../DIGIT/dependancy_chart-digit-v2.0.yaml | 144 - .../DIGIT/dependancy_chart-digit-v2.1.yaml | 144 - .../DIGIT/dependancy_chart-digit-v2.2.yaml | 144 - .../DIGIT/dependancy_chart-digit-v2.6.yaml | 167 - .../DIGIT/dependancy_chart-digit-v2.7.yaml | 174 - .../DIGIT/dependancy_chart-digit-v2.8.yaml | 177 - .../dependency_chart-digit-core-v2.9.yaml | 79 - .../Urban/dependancy_chart-fsm-v2.3.yaml | 147 - .../dependancy_chart-quickstart-v2.4.yaml | 52 - .../Urban/dependancy_chart-urban-v2.0.yaml | 144 - .../Urban/dependancy_chart-urban-v2.1.yaml | 144 - .../Urban/dependancy_chart-urban-v2.2.yaml | 144 - .../Urban/dependancy_chart-urban-v2.3.yaml | 144 - .../Urban/dependancy_chart-urban-v2.4.yaml | 144 - .../iFix/dependancy_chart-ifix-v2.0.yaml | 144 - .../iFix/dependancy_chart-ifix-v2.1.yaml | 144 - .../iFix/dependancy_chart-ifix-v2.2.yaml | 144 - .../dependancy_chart-mgramseva-v1.0.yaml | 146 - .../dependancy_chart-mgramseva-v2.0.yaml | 144 - .../dependancy_chart-mgramseva-v2.1.yaml | 144 - .../dependancy_chart-mgramseva-v2.2.yaml | 144 - deploy-as-code/infra-provisioner/Dockerfile | 44 - deploy-as-code/infra-provisioner/go.mod | 12 - deploy-as-code/infra-provisioner/go.sum | 177 - .../infra-provisioner/infra_setup.go | 512 -- helmfile.yaml | 16 + infra-as-code/ansible/Readme.md | 229 - infra-as-code/ansible/haconfig.cfg | 77 - infra-as-code/terraform/aks-ifix-dev/main.tf | 87 - .../terraform/aks-ifix-dev/outputs.tf | 15 - .../terraform/aks-ifix-dev/variables.tf | 19 - infra-as-code/terraform/demo/main.tf | 92 - infra-as-code/terraform/demo/outputs.tf | 15 - infra-as-code/terraform/demo/variables.tf | 19 - infra-as-code/terraform/dev-eks/main.tf | 176 - infra-as-code/terraform/dev-eks/outputs.tf | 66 - infra-as-code/terraform/dev-eks/providers.tf | 20 - .../terraform/dev-eks/remote-state/main.tf | 27 - .../remote-state/terraform.tfstate.backup | 52 - infra-as-code/terraform/dev-eks/variables.tf | 46 - infra-as-code/terraform/dev/main.tf | 90 - infra-as-code/terraform/dev/outputs.tf | 15 - infra-as-code/terraform/dev/terraform.tfstate | 516 -- infra-as-code/terraform/dev/variables.tf | 19 - infra-as-code/terraform/egov-cicd/main.tf | 126 - infra-as-code/terraform/egov-cicd/outputs.tf | 50 - .../terraform/egov-cicd/providers.tf | 20 - .../terraform/egov-cicd/remote-state/main.tf | 27 - .../terraform/egov-cicd/variables.tf | 46 - infra-as-code/terraform/fsm-eks/main.tf | 161 - infra-as-code/terraform/fsm-eks/outputs.tf | 63 - infra-as-code/terraform/fsm-eks/providers.tf | 20 - .../terraform/fsm-eks/remote-state/main.tf | 27 - infra-as-code/terraform/fsm-eks/variables.tf | 45 - infra-as-code/terraform/mGramSeva-dev/main.tf | 160 - .../terraform/mGramSeva-dev/outputs.tf | 62 - .../terraform/mGramSeva-dev/providers.tf | 20 - .../mGramSeva-dev/remote-state/main.tf | 27 - .../terraform/mGramSeva-dev/variables.tf | 45 - .../terraform/modules/db/aws/main.tf | 34 - .../terraform/modules/db/aws/outputs.tf | 4 - .../terraform/modules/db/aws/variables.tf | 12 - .../terraform/modules/db/azure/main.tf | 31 - .../terraform/modules/db/azure/variables.tf | 12 - .../terraform/modules/db/gke/main.tf | 54 - .../terraform/modules/db/gke/outputs.tf | 17 - .../terraform/modules/db/gke/variables.tf | 60 - .../kubernetes/aws/eks-cluster/main.tf | 59 - .../kubernetes/aws/eks-cluster/outputs.tf | 44 - .../kubernetes/aws/eks-cluster/variables.tf | 16 - .../modules/kubernetes/aws/network/main.tf | 244 - .../modules/kubernetes/aws/network/outputs.tf | 23 - .../kubernetes/aws/network/variables.tf | 10 - .../modules/kubernetes/aws/workers/main.tf | 141 - .../modules/kubernetes/aws/workers/outputs.tf | 22 - .../kubernetes/aws/workers/variables.tf | 23 - .../modules/kubernetes/azure/main.tf | 35 - .../modules/kubernetes/azure/output.tf | 35 - .../modules/kubernetes/azure/variables.tf | 10 - .../terraform/modules/kubernetes/gke/main.tf | 64 - .../modules/kubernetes/gke/outputs.tf | 20 - .../modules/kubernetes/gke/variables.tf | 35 - .../modules/kubernetes/oci/network/main.tf | 222 - .../modules/kubernetes/oci/network/output.tf | 14 - .../kubernetes/oci/network/variables.tf | 5 - .../kubernetes/oci/oke-cluster/main.tf | 68 - .../kubernetes/oci/oke-cluster/variables.tf | 10 - .../terraform/modules/node-pool/aws/main.tf | 125 - .../terraform/modules/node-pool/aws/output.tf | 4 - .../modules/node-pool/aws/variable.tf | 23 - .../terraform/modules/node-pool/azure/main.tf | 22 - .../modules/node-pool/azure/output.tf | 4 - .../modules/node-pool/azure/variable.tf | 4 - .../terraform/modules/storage/aws/main.tf | 12 - .../terraform/modules/storage/aws/outputs.tf | 7 - .../modules/storage/aws/variables.tf | 11 - .../terraform/modules/storage/azure/main.tf | 13 - .../modules/storage/azure/outputs.tf | 3 - .../modules/storage/azure/variables.tf | 7 - .../terraform/modules/storage/gke/main.tf | 10 - .../terraform/modules/storage/gke/outputs.tf | 0 .../modules/storage/gke/variables.tf | 6 - .../terraform/modules/storage/oci/main.tf | 10 - .../modules/storage/oci/variables.tf | 5 - .../modules/storage/openstack/main.tf | 10 - .../modules/storage/openstack/outputs.tf | 3 - .../modules/storage/openstack/variables.tf | 4 - infra-as-code/terraform/node-pool/main.tf | 142 - infra-as-code/terraform/node-pool/outputs.tf | 4 - .../terraform/node-pool/variables.tf | 20 - .../terraform/qa-eks/.terraform.lock.hcl | 116 - infra-as-code/terraform/qa-eks/main.tf | 160 - infra-as-code/terraform/qa-eks/outputs.tf | 62 - infra-as-code/terraform/qa-eks/providers.tf | 20 - .../qa-eks/remote-state/.terraform.lock.hcl | 20 - .../terraform/qa-eks/remote-state/main.tf | 27 - infra-as-code/terraform/qa-eks/variables.tf | 45 - infra-as-code/terraform/qa/main.tf | 160 - infra-as-code/terraform/qa/outputs.tf | 62 - infra-as-code/terraform/qa/providers.tf | 20 - .../terraform/qa/remote-state/main.tf | 27 - infra-as-code/terraform/qa/variables.tf | 43 - infra-as-code/terraform/sample-eks-ng/main.tf | 175 - .../terraform/sample-eks-ng/outputs.tf | 62 - .../terraform/sample-eks-ng/providers.tf | 20 - .../sample-eks-ng/remote-state/main.tf | 27 - .../terraform/sample-eks-ng/variables.tf | 46 - infra-as-code/terraform/sample-gke/main.tf | 75 - infra-as-code/terraform/sample-gke/outputs.tf | 0 .../terraform/sample-gke/variables.tf | 53 - infra-as-code/terraform/sample-oci/main.tf | 61 - infra-as-code/terraform/sample-oci/outputs.tf | 11 - .../terraform/sample-oci/variables.tf | 74 - .../terraform/spin/.terraform.lock.hcl | 117 - infra-as-code/terraform/spin/main.tf | 126 - infra-as-code/terraform/spin/outputs.tf | 50 - infra-as-code/terraform/spin/providers.tf | 20 - .../spin/remote-state/.terraform.lock.hcl | 20 - .../terraform/spin/remote-state/main.tf | 27 - infra-as-code/terraform/spin/variables.tf | 46 - infra-as-code/terraform/staging/main.tf | 160 - infra-as-code/terraform/staging/outputs.tf | 62 - infra-as-code/terraform/staging/providers.tf | 20 - .../terraform/staging/remote-state/main.tf | 27 - .../remote-state/terraform.tfstate.backup | 55 - infra-as-code/terraform/staging/variables.tf | 45 - 1527 files changed, 1081 insertions(+), 126881 deletions(-) delete mode 100644 CODEOWNERS create mode 100644 LICENSE create mode 100644 README.md rename {deploy-as-code/helm/charts/backbone-services/airflow => charts/common}/.helmignore (100%) rename {deploy-as-code/helm/charts => charts}/common/Chart.yaml (82%) mode change 100755 => 100644 rename {deploy-as-code/helm/charts => charts}/common/README.md (100%) mode change 100755 => 100644 rename {deploy-as-code/helm/charts => charts}/common/templates/_cronjob.yaml (89%) create mode 100644 charts/common/templates/_deployment.yaml create mode 100644 charts/common/templates/_helpers.tpl create mode 100644 charts/common/templates/_ingress.yaml create mode 100644 charts/common/templates/_service.yaml rename {deploy-as-code/helm/charts => charts}/common/templates/_servicemonitor.yaml (100%) rename {deploy-as-code/helm/charts => charts}/common/templates/_statefulset.yaml (100%) rename {deploy-as-code/helm/charts => charts}/common/templates/_vpa.yaml (97%) rename {deploy-as-code/helm/charts => charts}/common/values.yaml (88%) mode change 100755 => 100644 create mode 100644 charts/core-services/Chart.yaml rename {deploy-as-code/helm/charts => charts}/core-services/audit-service/Chart.yaml (89%) create mode 100644 charts/core-services/audit-service/templates/deployment.yaml create mode 100644 charts/core-services/audit-service/templates/ingress.yaml create mode 100644 charts/core-services/audit-service/templates/service.yaml rename {deploy-as-code/helm/charts => charts}/core-services/audit-service/values.yaml (55%) rename {deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer => charts/core-services/chatbot-service}/Chart.yaml (89%) create mode 100644 charts/core-services/chatbot-service/templates/deployment.yaml create mode 100644 charts/core-services/chatbot-service/templates/ingress.yaml create mode 100644 charts/core-services/chatbot-service/templates/service.yaml create mode 100644 charts/core-services/chatbot-service/values.yaml rename {deploy-as-code/helm/charts => charts}/core-services/egov-accesscontrol/Chart.yaml (100%) rename {deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot => charts/core-services/egov-accesscontrol}/templates/deployment.yaml (100%) rename {deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot => charts/core-services/egov-accesscontrol}/templates/ingress.yaml (100%) rename {deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot => charts/core-services/egov-accesscontrol}/templates/service.yaml (100%) rename {deploy-as-code/helm/charts => charts}/core-services/egov-accesscontrol/values.yaml (100%) create mode 100644 charts/core-services/values.yaml delete mode 160000 ci-as-code delete mode 100644 deploy-as-code/README.md delete mode 100644 deploy-as-code/egov-deployer/Dockerfile delete mode 100644 deploy-as-code/egov-deployer/cmd/deploy.go delete mode 100644 deploy-as-code/egov-deployer/cmd/root.go delete mode 100644 deploy-as-code/egov-deployer/digit_setup.go delete mode 100644 deploy-as-code/egov-deployer/go.mod delete mode 100644 deploy-as-code/egov-deployer/go.sum delete mode 100644 deploy-as-code/egov-deployer/internal/README.md delete mode 100644 deploy-as-code/egov-deployer/internal/app/_your_app_/.keep delete mode 100644 deploy-as-code/egov-deployer/internal/pkg/_your_private_lib_/.keep delete mode 100644 deploy-as-code/egov-deployer/main.go delete mode 100644 deploy-as-code/egov-deployer/pkg/README.md delete mode 100644 deploy-as-code/egov-deployer/pkg/cmd/deployer/deployer.go delete mode 100644 deploy-as-code/egov-deployer/pkg/cmd/deployer/options.go delete mode 100644 deploy-as-code/helm/.sops.yaml delete mode 100644 deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/CHANGELOG.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/CONTRIBUTING.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/UPGRADE.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/files/pod_template.kubernetes-helm-yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/files/webserver_config.py delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/NOTES.txt delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/common.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/pods.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/validate-values.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/config/configmap-pod-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-config-envs.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-known-hosts.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-local-settings.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-webserver-config.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/_helpers/code.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-job.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/extra-manifests.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress-v1beta1.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/_helpers/pgbouncer.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret-certs.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-dags.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-logs.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-master.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/global_code.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_connections.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_pools.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_users.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_variables.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-job.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-job.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-job.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-job.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress-v1beta1.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-prometheus-rule.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service-monitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-hpa.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-statefulset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/airflow/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/attached-disks.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-metrics.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-utilization.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/deployment-utilization.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/label-cost-utilization.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/namespace-utilization.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/node-utilization.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/pod-utilization.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/prom-benchmark.json delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/NOTES.txt delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/aws-service-key-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-deployment-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-service-account-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-service-key-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-storage-config-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-alerts-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-asset-reports-configmap.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-binding-template.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template-readonly.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-config-map-template.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-db-pvc-template.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-deployment-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-federator-config-map-template.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-frontend-config-map-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-ingress-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-metrics-config-map-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-config-map-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-podmonitor-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-service-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-oidc-config-map-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pkey-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pricing-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheusrule-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-role.template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-rolebinding.template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp.template.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pvc-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saml-config-map-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saved-reports-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-server-configmap.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-account-template.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-servicemonitor-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/external-grafana-config-map-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-attached-disk-metrics-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-metrics-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-utilization-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-deployment-utilization-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-label-cost-utilization-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-namespace-utilization-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-node-utilization-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-pod-utilization-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-prometheus-metrics-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-datasource-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-agent-secret-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-controller-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-manager-configmap-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-deployment-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-monitor-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-oidc-secret-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-priority-class-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-psp.template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-role.template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-rolebinding.template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-servicemonitor-template.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-agent.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-amp.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-eks-cost-monitoring.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-thanos.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-windows-node-affinity.yaml delete mode 100755 deploy-as-code/helm/charts/backbone-services/cost-analyzer/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/service-account.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/templates/storage-class.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/efs/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/fluent-bit/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/README.md.gotmpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/controller-clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/controller-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/controller-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/controller-serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/dashboard-clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/dashboard-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/dashboard-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/dashboard-ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/dashboard-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/dashboard-serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/templates/vpa-uninstall-hook.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/goldilocks/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/grafana/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/grafana/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/grafana/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jaeger/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/OWNERS delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/jmx-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-v2/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kibana-v1/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/templates/config.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/templates/database-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/templates/ssl-secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metabase/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/.helmignore delete mode 100755 deploy-as-code/helm/charts/backbone-services/metrics-server/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/ci/ci-values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/aggregated-metrics-reader-cluster-role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/auth-delegator-crb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/cluster-role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/metric-server-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/metrics-api-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/metrics-server-crb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/metrics-server-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/metrics-server-serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/psp.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/templates/role-binding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/metrics-server/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/minio/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-errors/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/playground/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/playground/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/playground/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/postgres/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/postgres/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/postgres/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redis/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redis/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redis/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redoc/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redoc/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/redoc/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/s3-proxy/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/.gitignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/.helmignore delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/configmap-superset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/deployment-beat.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/deployment-worker.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/init-job.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/secret-superset-config.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/superset/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/README.md.gotmpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/crds/vpa-v1-crd.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/admission-controller-certgen.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/admission-controller-cleanup.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/admission-controller-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/admission-controller-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/admission-controller-rbac.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/admission-controller-service-account.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/admission-controller-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/clusterrolebindings.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/clusterroles.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/recommender-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/recommender-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/recommender-service-account.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/updater-deployment.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/updater-pdb.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/templates/updater-service-account.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/vpa/values.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/README.md delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/jmx-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/billing-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/billing-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/billing-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/collection-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/collection-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/collection-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/dashboard-ingest/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-instrument/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-instrument/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-master/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-master/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-master/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-masters/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-masters/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-masters/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-apportion-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-edcr/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-edcr/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-finance/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-finance/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-finance/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-hrms/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/mysql/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/mysql/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/mysql/templates/pv.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/mysql/templates/pvc.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/mysql/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/mysql/values.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/wordpress/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/wordpress/templates/pv.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/wordpress/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/business-services/wordpress/values.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/Chart.lock delete mode 100644 deploy-as-code/helm/charts/cluster-configs/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/airflow-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-azure-filestore-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/elasticsearch.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/pgr-ai-chatbot-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml delete mode 100644 deploy-as-code/helm/charts/cluster-configs/values.yaml delete mode 100755 deploy-as-code/helm/charts/common/.helmignore delete mode 100755 deploy-as-code/helm/charts/common/templates/_deployment.yaml delete mode 100755 deploy-as-code/helm/charts/common/templates/_helpers.tpl delete mode 100755 deploy-as-code/helm/charts/common/templates/_ingress.yaml delete mode 100755 deploy-as-code/helm/charts/common/templates/_service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/requirements.lock delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-idgen/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-indexer/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-localization/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-localization/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-localization/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-location/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-location/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-location/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-otp/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-otp/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-otp/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pdf/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-persister/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-persister/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-persister/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-searcher/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-survey-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-survey-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-survey-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-survey-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-survey-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mailbot/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mailbot/requirements.lock delete mode 100644 deploy-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mailbot/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mailbot/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/nlp-engine/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/statefulset.bkp delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/templates/pvc.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/report/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/report/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/report/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/report/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/report/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/service-request/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/service-request/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/service-request/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/service-request/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/service-request/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/telemetry/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/telemetry/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/telemetry/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/user-otp/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/user-otp/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/user-otp/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-webchat/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-webchat/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-webchat/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-webchat/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-webchat/values.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/citizen/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/citizen/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/citizen/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/citizen/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/citizen/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/common-screen/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/common-screen/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/common-screen/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/digit-ui/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/digit-ui/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/digit-ui/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/dss-dashboard/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-mcs/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-mcs/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee-tradelicence/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/employee/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/hrms-web/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/hrms-web/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/hrms-web/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/react-pgr-web/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/storybook/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/storybook/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/storybook/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/storybook/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/storybook/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-app/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-app/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-app/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-dashboard/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-localisation/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-localisation/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-uploader/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/ui-uploader/values.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/values.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/approver-dashboard/values.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/ecurfew/values.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epass-chatbot/values.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epasszuul/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/epasszuul/values.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/requester-dashboard/values.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ispirit/trai-gateway/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-death-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-death-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-death-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-death-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-death-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-registration/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-registration/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-registration/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-registration/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/birth-registration/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/land-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/land-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/land-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/noc-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/property-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/property-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/fsm/values.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/values.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vendor/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vendor/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vendor/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vendor/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/sanitation/vendor/values.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/case-management/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/case-management/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/case-management/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/case-management/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/case-management/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/certificate-verification/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/certificate-verification/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/certificate-verification/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/certificate-verification/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/certificate-verification/templates/subfilter-injection-configmap.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/certificate-verification/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/data-upload/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/data-upload/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/data-upload/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/demo-utility/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/demo-utility/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/demo-utility/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/demo-utility/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/demo-utility/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/mailbot-cron/values.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/mdms-read-cronjob/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/mdms-read-cronjob/templates/cronjob.yaml delete mode 100644 deploy-as-code/helm/charts/utilities/mdms-read-cronjob/values.yaml delete mode 100644 deploy-as-code/helm/environments/ci-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ci.yaml delete mode 100644 deploy-as-code/helm/environments/core.yaml delete mode 100644 deploy-as-code/helm/environments/dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/dev.yaml delete mode 100644 deploy-as-code/helm/environments/fsm-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/fsm-uat.yaml delete mode 100644 deploy-as-code/helm/environments/qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/qa.yaml delete mode 100644 deploy-as-code/helm/environments/single-instance-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/single-instance.yaml delete mode 100644 deploy-as-code/helm/environments/staging-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/staging.yaml delete mode 100644 deploy-as-code/helm/environments/uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/uat.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev-sdc-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev-sdc.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-prod-sdc-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-prod-sdc.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-prod.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-sdc-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-sdc-uat.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-uat.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.8.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependency_chart-digit-core-v2.9.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/Urban/dependancy_chart-fsm-v2.3.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/Urban/dependancy_chart-quickstart-v2.4.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/Urban/dependancy_chart-urban-v2.0.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/Urban/dependancy_chart-urban-v2.1.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/Urban/dependancy_chart-urban-v2.2.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/Urban/dependancy_chart-urban-v2.3.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/Urban/dependancy_chart-urban-v2.4.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-ifix-v2.0.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-ifix-v2.1.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-ifix-v2.2.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/mgramseva/dependancy_chart-mgramseva-v1.0.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/mgramseva/dependancy_chart-mgramseva-v2.0.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/mgramseva/dependancy_chart-mgramseva-v2.1.yaml delete mode 100644 deploy-as-code/helm/product-release-charts/mgramseva/dependancy_chart-mgramseva-v2.2.yaml delete mode 100644 deploy-as-code/infra-provisioner/Dockerfile delete mode 100644 deploy-as-code/infra-provisioner/go.mod delete mode 100644 deploy-as-code/infra-provisioner/go.sum delete mode 100644 deploy-as-code/infra-provisioner/infra_setup.go create mode 100644 helmfile.yaml delete mode 100644 infra-as-code/ansible/Readme.md delete mode 100644 infra-as-code/ansible/haconfig.cfg delete mode 100644 infra-as-code/terraform/aks-ifix-dev/main.tf delete mode 100644 infra-as-code/terraform/aks-ifix-dev/outputs.tf delete mode 100644 infra-as-code/terraform/aks-ifix-dev/variables.tf delete mode 100644 infra-as-code/terraform/demo/main.tf delete mode 100644 infra-as-code/terraform/demo/outputs.tf delete mode 100644 infra-as-code/terraform/demo/variables.tf delete mode 100644 infra-as-code/terraform/dev-eks/main.tf delete mode 100644 infra-as-code/terraform/dev-eks/outputs.tf delete mode 100644 infra-as-code/terraform/dev-eks/providers.tf delete mode 100644 infra-as-code/terraform/dev-eks/remote-state/main.tf delete mode 100644 infra-as-code/terraform/dev-eks/remote-state/terraform.tfstate.backup delete mode 100644 infra-as-code/terraform/dev-eks/variables.tf delete mode 100644 infra-as-code/terraform/dev/main.tf delete mode 100644 infra-as-code/terraform/dev/outputs.tf delete mode 100644 infra-as-code/terraform/dev/terraform.tfstate delete mode 100644 infra-as-code/terraform/dev/variables.tf delete mode 100644 infra-as-code/terraform/egov-cicd/main.tf delete mode 100644 infra-as-code/terraform/egov-cicd/outputs.tf delete mode 100644 infra-as-code/terraform/egov-cicd/providers.tf delete mode 100644 infra-as-code/terraform/egov-cicd/remote-state/main.tf delete mode 100644 infra-as-code/terraform/egov-cicd/variables.tf delete mode 100644 infra-as-code/terraform/fsm-eks/main.tf delete mode 100644 infra-as-code/terraform/fsm-eks/outputs.tf delete mode 100644 infra-as-code/terraform/fsm-eks/providers.tf delete mode 100644 infra-as-code/terraform/fsm-eks/remote-state/main.tf delete mode 100644 infra-as-code/terraform/fsm-eks/variables.tf delete mode 100644 infra-as-code/terraform/mGramSeva-dev/main.tf delete mode 100644 infra-as-code/terraform/mGramSeva-dev/outputs.tf delete mode 100644 infra-as-code/terraform/mGramSeva-dev/providers.tf delete mode 100644 infra-as-code/terraform/mGramSeva-dev/remote-state/main.tf delete mode 100644 infra-as-code/terraform/mGramSeva-dev/variables.tf delete mode 100644 infra-as-code/terraform/modules/db/aws/main.tf delete mode 100644 infra-as-code/terraform/modules/db/aws/outputs.tf delete mode 100644 infra-as-code/terraform/modules/db/aws/variables.tf delete mode 100644 infra-as-code/terraform/modules/db/azure/main.tf delete mode 100644 infra-as-code/terraform/modules/db/azure/variables.tf delete mode 100644 infra-as-code/terraform/modules/db/gke/main.tf delete mode 100644 infra-as-code/terraform/modules/db/gke/outputs.tf delete mode 100644 infra-as-code/terraform/modules/db/gke/variables.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/eks-cluster/main.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/eks-cluster/outputs.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/eks-cluster/variables.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/network/main.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/network/outputs.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/network/variables.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/workers/main.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/workers/outputs.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/aws/workers/variables.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/azure/main.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/azure/output.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/azure/variables.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/gke/main.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/gke/outputs.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/gke/variables.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/oci/network/main.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/oci/network/output.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/oci/network/variables.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/oci/oke-cluster/main.tf delete mode 100644 infra-as-code/terraform/modules/kubernetes/oci/oke-cluster/variables.tf delete mode 100644 infra-as-code/terraform/modules/node-pool/aws/main.tf delete mode 100644 infra-as-code/terraform/modules/node-pool/aws/output.tf delete mode 100644 infra-as-code/terraform/modules/node-pool/aws/variable.tf delete mode 100644 infra-as-code/terraform/modules/node-pool/azure/main.tf delete mode 100644 infra-as-code/terraform/modules/node-pool/azure/output.tf delete mode 100644 infra-as-code/terraform/modules/node-pool/azure/variable.tf delete mode 100644 infra-as-code/terraform/modules/storage/aws/main.tf delete mode 100644 infra-as-code/terraform/modules/storage/aws/outputs.tf delete mode 100644 infra-as-code/terraform/modules/storage/aws/variables.tf delete mode 100644 infra-as-code/terraform/modules/storage/azure/main.tf delete mode 100644 infra-as-code/terraform/modules/storage/azure/outputs.tf delete mode 100644 infra-as-code/terraform/modules/storage/azure/variables.tf delete mode 100644 infra-as-code/terraform/modules/storage/gke/main.tf delete mode 100644 infra-as-code/terraform/modules/storage/gke/outputs.tf delete mode 100644 infra-as-code/terraform/modules/storage/gke/variables.tf delete mode 100644 infra-as-code/terraform/modules/storage/oci/main.tf delete mode 100644 infra-as-code/terraform/modules/storage/oci/variables.tf delete mode 100644 infra-as-code/terraform/modules/storage/openstack/main.tf delete mode 100644 infra-as-code/terraform/modules/storage/openstack/outputs.tf delete mode 100644 infra-as-code/terraform/modules/storage/openstack/variables.tf delete mode 100644 infra-as-code/terraform/node-pool/main.tf delete mode 100644 infra-as-code/terraform/node-pool/outputs.tf delete mode 100644 infra-as-code/terraform/node-pool/variables.tf delete mode 100644 infra-as-code/terraform/qa-eks/.terraform.lock.hcl delete mode 100644 infra-as-code/terraform/qa-eks/main.tf delete mode 100644 infra-as-code/terraform/qa-eks/outputs.tf delete mode 100644 infra-as-code/terraform/qa-eks/providers.tf delete mode 100644 infra-as-code/terraform/qa-eks/remote-state/.terraform.lock.hcl delete mode 100644 infra-as-code/terraform/qa-eks/remote-state/main.tf delete mode 100644 infra-as-code/terraform/qa-eks/variables.tf delete mode 100644 infra-as-code/terraform/qa/main.tf delete mode 100644 infra-as-code/terraform/qa/outputs.tf delete mode 100644 infra-as-code/terraform/qa/providers.tf delete mode 100644 infra-as-code/terraform/qa/remote-state/main.tf delete mode 100644 infra-as-code/terraform/qa/variables.tf delete mode 100644 infra-as-code/terraform/sample-eks-ng/main.tf delete mode 100644 infra-as-code/terraform/sample-eks-ng/outputs.tf delete mode 100644 infra-as-code/terraform/sample-eks-ng/providers.tf delete mode 100644 infra-as-code/terraform/sample-eks-ng/remote-state/main.tf delete mode 100644 infra-as-code/terraform/sample-eks-ng/variables.tf delete mode 100644 infra-as-code/terraform/sample-gke/main.tf delete mode 100644 infra-as-code/terraform/sample-gke/outputs.tf delete mode 100644 infra-as-code/terraform/sample-gke/variables.tf delete mode 100644 infra-as-code/terraform/sample-oci/main.tf delete mode 100644 infra-as-code/terraform/sample-oci/outputs.tf delete mode 100644 infra-as-code/terraform/sample-oci/variables.tf delete mode 100644 infra-as-code/terraform/spin/.terraform.lock.hcl delete mode 100644 infra-as-code/terraform/spin/main.tf delete mode 100644 infra-as-code/terraform/spin/outputs.tf delete mode 100644 infra-as-code/terraform/spin/providers.tf delete mode 100644 infra-as-code/terraform/spin/remote-state/.terraform.lock.hcl delete mode 100644 infra-as-code/terraform/spin/remote-state/main.tf delete mode 100644 infra-as-code/terraform/spin/variables.tf delete mode 100644 infra-as-code/terraform/staging/main.tf delete mode 100644 infra-as-code/terraform/staging/outputs.tf delete mode 100644 infra-as-code/terraform/staging/providers.tf delete mode 100644 infra-as-code/terraform/staging/remote-state/main.tf delete mode 100644 infra-as-code/terraform/staging/remote-state/terraform.tfstate.backup delete mode 100644 infra-as-code/terraform/staging/variables.tf diff --git a/CODEOWNERS b/CODEOWNERS deleted file mode 100644 index 2763d9c9bc..0000000000 --- a/CODEOWNERS +++ /dev/null @@ -1,29 +0,0 @@ -ci-as-code/* @gajendran-egov -deploy-as-code/helm/.sops.yaml @gajendran-egov -deploy-as-code/egov-deployer/* @gajendran-egov - -##Internal Env#### -deploy-as-code/helm/environments/qa.yaml @sathishp-eGov @Kavi-egov -deploy-as-code/helm/environments/uat.yaml @sathishp-eGov @Kavi-egov @jagankumar-egov -deploy-as-code/helm/environments/staging.yaml @sathishp-eGov @pradeepkumarcm-egov -deploy-as-code/helm/environments/dev.yaml @sathishp-eGov Kavi-egov - -deploy-as-code/helm/environments/qa-secrets.yaml @gajendran-egov -deploy-as-code/helm/environments/uat-secrets.yaml @gajendran-egov -deploy-as-code/helm/environments/staging-secrets.yaml @gajendran-egov @pradeepkumarcm-egov -deploy-as-code/helm/environments/dev-secrets.yaml @gajendran-egov - -##UKD ENV##### -deploy-as-code/helm/environments/ukd-*.yaml @elzanmathew-eGov @pradeepkumarcm-egov - -##PB Env####### -deploy-as-code/helm/environments/pb-*.yaml @pradeepkumarcm-eGov @elzanmathew-eGov - -##Bihar Env##### -deploy-as-code/helm/environments/bihar-*.yaml @pradeepkumarcm-egov @elzanmathew-eGov - -##UP Env### -deploy-as-code/helm/environments/up-*.yaml @subhash-eGov @elzanmathew-eGov - -##NUGP Env## -deploy-as-code/helm/environments/nugp-*.yaml @elzanmathew-eGov @pradeepkumarcm-egov diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000000..393b7a33b5 --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright The Helm Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/README.md b/README.md new file mode 100644 index 0000000000..4f975ded77 --- /dev/null +++ b/README.md @@ -0,0 +1,26 @@ +# digit + +# Digit Community Kubernetes Helm Charts + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) + +The code is provided as-is with no warranties. + +## Usage + +[Helm](https://helm.sh) must be installed to use the charts. +Please refer to Helm's [documentation](https://helm.sh/docs/) to get started. + +Once Helm is set up properly, add the repo as follows: + +```console +helm repo add digit https://naresh-egov.github.io/digit/ +``` + +You can then run `helm search repo digit` to see the charts. + + +## License + + +[Apache 2.0 License](https://github.com/naresh-egov/digit/blob/main/LICENSE). diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/.helmignore b/charts/common/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/airflow/.helmignore rename to charts/common/.helmignore diff --git a/deploy-as-code/helm/charts/common/Chart.yaml b/charts/common/Chart.yaml old mode 100755 new mode 100644 similarity index 82% rename from deploy-as-code/helm/charts/common/Chart.yaml rename to charts/common/Chart.yaml index b3ba1e723b..defd884701 --- a/deploy-as-code/helm/charts/common/Chart.yaml +++ b/charts/common/Chart.yaml @@ -1,5 +1,5 @@ -apiVersion: v1 -description: base chartbuilding components and helpers -name: common -version: 0.0.5 -appVersion: 0.0.5 \ No newline at end of file +apiVersion: v1 +description: base chartbuilding components and helpers +name: common +version: 0.0.5 +appVersion: 0.0.5 diff --git a/deploy-as-code/helm/charts/common/README.md b/charts/common/README.md old mode 100755 new mode 100644 similarity index 100% rename from deploy-as-code/helm/charts/common/README.md rename to charts/common/README.md diff --git a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml b/charts/common/templates/_cronjob.yaml similarity index 89% rename from deploy-as-code/helm/charts/common/templates/_cronjob.yaml rename to charts/common/templates/_cronjob.yaml index 642303937e..68fe931b3c 100644 --- a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml +++ b/charts/common/templates/_cronjob.yaml @@ -1,6 +1,6 @@ {{- define "common.cronjob" -}} {{- if .Capabilities.APIVersions.Has "batch/v1beta1" }} -apiVersion: batch/v1beta1 +apiVersion: batch/v1 {{- else }} apiVersion: batch/v2alpha1 {{- end }} @@ -35,13 +35,9 @@ spec: - name: {{ template "common.name" . }} image: {{ template "common.image" (dict "Values" $.Values "repository" .Values.image.repository "tag" .Values.image.tag) }} imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.command }} - command: - {{- toYaml .Values.command | nindent 12 }} - {{- end }} {{- if .Values.args }} args: - {{- toYaml .Values.args | nindent 12 }} + {{- toYaml .Values.args | nindent 12 }} {{- end }} ports: - name: http @@ -62,4 +58,4 @@ spec: {{- tpl .Values.resources . | nindent 14 }} {{- end }} restartPolicy: {{ .Values.cron.restartPolicy }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/common/templates/_deployment.yaml b/charts/common/templates/_deployment.yaml new file mode 100644 index 0000000000..3e306923ed --- /dev/null +++ b/charts/common/templates/_deployment.yaml @@ -0,0 +1,52 @@ +{{- define "common.deployment" -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.name }} + labels: + {{- toYaml .Values.labels | nindent 4 }} +spec: + replicas: {{ .Values.replicas | default 1 | int }} + selector: + matchLabels: + app: {{ .Values.labels.app }} + template: + metadata: + labels: + {{- toYaml .Values.labels | nindent 8 }} + spec: + containers: + - name: {{ .Values.name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + ports: + - containerPort: {{ .Values.containerPort }} + livenessProbe: + httpGet: + path: {{ .Values.healthChecks.livenessProbePath }} + port: {{ .Values.containerPort }} + readinessProbe: + httpGet: + path: {{ .Values.healthChecks.readinessProbePath }} + port: {{ .Values.containerPort }} + env: + {{- if .Values.env }} + {{- range .Values.env }} + - name: {{ .name }} + {{- if .value }} + value: {{ .value | quote }} + {{- else if .valueFrom }} + valueFrom: + {{- if .valueFrom.configMapKeyRef }} + configMapKeyRef: + name: {{ .valueFrom.configMapKeyRef.name | quote }} + key: {{ .valueFrom.configMapKeyRef.key | quote }} + {{- end }} + {{- if .valueFrom.secretKeyRef }} + secretKeyRef: + name: {{ .valueFrom.secretKeyRef.name | quote }} + key: {{ .valueFrom.secretKeyRef.key | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/charts/common/templates/_helpers.tpl b/charts/common/templates/_helpers.tpl new file mode 100644 index 0000000000..8bb97862c8 --- /dev/null +++ b/charts/common/templates/_helpers.tpl @@ -0,0 +1,46 @@ +{{- define "common.name" -}} +{{- default "audit-service" .Values.name -}} +{{- end -}} + +{{- define "common.labels" -}} +app: {{ template "common.name" . }} +{{- if .Values.labels.group }} +group: {{ .Values.labels.group }} +{{- end }} +{{- range $key, $val := .Values.additionalLabels }} +{{ $key }}: {{ $val | quote }} +{{- end }} +{{- end }} + +{{- define "common.image" -}} +{{- default "audit-service:v1.0.0-24873ba-4" .Values.image -}} +{{- end -}} +// {{- define "common.name" -}} +// {{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} +// {{- printf "envOverrides: %s" $envOverrides | quote -}} +// {{- $baseCommonValues := .Values.common | deepCopy -}} +// {{- printf "baseCommonValues: %s" $baseCommonValues | quote -}} +// {{- $values := dict "Values" (mustMergeOverwrite $baseCommonValues .Values $envOverrides) -}} +// {{- printf "mergedValues: %s" $values | quote -}} +// {{- with mustMergeOverwrite . $values -}} +// {{- default .Chart.Name .Values.name -}} +// {{- end }} +// {{- end }} + +// {{- define "common.labels" -}} +// app: {{ template "common.name" . }} +// {{- if .Values.labels.group }} +// group: {{ .Values.labels.group }} +// {{- end }} +// {{- range $key, $val := .Values.additionalLabels }} +// {{ $key }}: {{ $val | quote }} +// {{- end }} +// {{- end }} + +// {{- define "common.image" -}} +// {{- if contains "/" .repository -}} +// {{- printf "%s:%s" .repository ( required "Tag is mandatory" .tag ) -}} +// {{- else -}} +// {{- printf "%s/%s:%s" $.Values.global.containerRegistry .repository ( required "Tag is mandatory" .tag ) -}} +// {{- end -}} +// {{- end -}} diff --git a/charts/common/templates/_ingress.yaml b/charts/common/templates/_ingress.yaml new file mode 100644 index 0000000000..2e79f34238 --- /dev/null +++ b/charts/common/templates/_ingress.yaml @@ -0,0 +1,21 @@ +{{- if .Values.ingress.enabled -}} +{{- define "common.ingress" -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.name }}-ingress + labels: + {{- toYaml .Values.labels | nindent 4 }} +spec: + rules: + - http: + paths: + - path: /{{ .Values.ingress.context }} + pathType: Prefix + backend: + service: + name: {{ .Values.name }} + port: + number: {{ .Values.service.port }} +{{- end -}} +{{- end -}} diff --git a/charts/common/templates/_service.yaml b/charts/common/templates/_service.yaml new file mode 100644 index 0000000000..51085cdc9b --- /dev/null +++ b/charts/common/templates/_service.yaml @@ -0,0 +1,15 @@ +{{- define "common.service" -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.name }} + labels: + {{- toYaml .Values.labels | nindent 4 }} +spec: + type: {{ .Values.service.type | default "ClusterIP" }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.containerPort }} + selector: + app: {{ .Values.labels.app }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml b/charts/common/templates/_servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml rename to charts/common/templates/_servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/common/templates/_statefulset.yaml b/charts/common/templates/_statefulset.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_statefulset.yaml rename to charts/common/templates/_statefulset.yaml diff --git a/deploy-as-code/helm/charts/common/templates/_vpa.yaml b/charts/common/templates/_vpa.yaml similarity index 97% rename from deploy-as-code/helm/charts/common/templates/_vpa.yaml rename to charts/common/templates/_vpa.yaml index 18343c2364..168e2c9fc2 100644 --- a/deploy-as-code/helm/charts/common/templates/_vpa.yaml +++ b/charts/common/templates/_vpa.yaml @@ -15,4 +15,4 @@ spec: updatePolicy: updateMode: {{ .Values.vpa.updateMode | quote }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/deploy-as-code/helm/charts/common/values.yaml b/charts/common/values.yaml old mode 100755 new mode 100644 similarity index 88% rename from deploy-as-code/helm/charts/common/values.yaml rename to charts/common/values.yaml index 59e0af58e3..a533ee541a --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/charts/common/values.yaml @@ -1,288 +1,267 @@ -# Default values for commons. -# This is a YAML-formatted file. -# Declare name/value pairs to be passed into your templates. -global: - containerRegistry: egovio - -namespace: egov -replicas: 1 -httpPort: 8080 -appType: "" - -ingress: - enabled: false - zuul: false - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/use-regex: "true" - # nginx.ingress.kubernetes.io/limit-rpm: "300" - waf: - enabled: true - annotations: - nginx.ingress.kubernetes.io/lua-resty-waf: "active" - nginx.ingress.kubernetes.io/lua-resty-waf-debug: "true" - nginx.ingress.kubernetes.io/lua-resty-waf-score-threshold: "10" - nginx.ingress.kubernetes.io/lua-resty-waf-allow-unknown-content-types: "true" - nginx.ingress.kubernetes.io/lua-resty-waf-process-multipart-body: "false" - -image: - pullPolicy: IfNotPresent - -affinity: - preferSpreadAcrossAZ: true - -initContainers: - dbMigration: - enabled: false - image: - pullPolicy: IfNotPresent - tag: latest - env: | - - name: "DB_URL" - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - - name: "FLYWAY_USER" - valueFrom: - secretKeyRef: - name: db - key: flyway-username - - name: "FLYWAY_PASSWORD" - valueFrom: - secretKeyRef: - name: db - key: flyway-password - - name: "FLYWAY_LOCATIONS" - valueFrom: - configMapKeyRef: - name: egov-config - key: flyway-locations - - gitSync: - enabled: false - image: - repository: k8s.gcr.io/git-sync - tag: v3.1.1 - pullPolicy: IfNotPresent - env: | - - name: "GIT_SYNC_REPO" - value: "{{ .Values.initContainers.gitSync.repo }}" - - name: "GIT_SYNC_BRANCH" - value: "{{ .Values.initContainers.gitSync.branch }}" - - name: "GIT_SYNC_DEPTH" - value: "1" - - name: "GIT_SYNC_ONE_TIME" - value: "true" - - name: "GIT_SYNC_SSH" - value: "true" - - name: "GIT_SYNC_ROOT" - value: "/work-dir" - -healthChecks: - enabled: false - livenessProbe: | - httpGet: - path: "{{ .Values.healthChecks.livenessProbePath }}" - port: {{ .Values.httpPort }} - initialDelaySeconds: 30 - timeoutSeconds: 3 - periodSeconds: 60 - successThreshold: 1 - failureThreshold: 5 - readinessProbe: | - httpGet: - path: "{{ .Values.healthChecks.readinessProbePath }}" - port: {{ .Values.httpPort }} - initialDelaySeconds: 30 - timeoutSeconds: 3 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 5 - -lifecycle: - preStop: - exec: - command: - - sh - - -c - - "sleep 10" - -memory_limits: "512Mi" -resources: | - {{- if eq .Values.appType "java-spring" -}} - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - {{- end -}} -## Allows specification of additional environment variables -extraEnv: - java: | - - name: SPRING_DATASOURCE_URL - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - - name: FLYWAY_ENABLED - value: "false" - - name: SPRING_FLYWAY_ENABLED - value: "false" - - name: MANAGEMENT_ENDPOINTS_WEB_BASE_PATH - value: "/" - - name: APP_TIMEZONE - valueFrom: - configMapKeyRef: - name: egov-config - key: timezone - - name: FLYWAY_URL - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - - name: SPRING_DATASOURCE_USERNAME - valueFrom: - secretKeyRef: - name: db - key: username - - name: SPRING_DATASOURCE_PASSWORD - valueFrom: - secretKeyRef: - name: db - key: password - - name: SPRING_DATASOURCE_TOMCAT_INITIAL_SIZE - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-datasource-tomcat-initialSize - - name: SERVER_TOMCAT_MAX_THREADS - {{- if index .Values "server-tomcat-max-threads" }} - value: {{ index .Values "server-tomcat-max-threads" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: server-tomcat-max-threads - {{- end }} - - name: SERVER_TOMCAT_MAX_CONNECTIONS - {{- if index .Values "server-tomcat-max-connections" }} - value: {{ index .Values "server-tomcat-max-connections" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: server-tomcat-max-connections - {{- end }} - - name: SPRING_DATASOURCE_TOMCAT_MAX_ACTIVE - {{- if index .Values "spring-datasource-tomcat-max-active" }} - value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-datasource-tomcat-max-active - {{- end }} - - name: SPRING_DATASOURCE_HIKARI_MAXIMUM-POOL-SIZE - {{- if index .Values "spring-datasource-tomcat-max-active" }} - value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-datasource-tomcat-max-active - {{- end }} - - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: SPRING_KAFKA_BOOTSTRAP_SERVERS - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: SPRING_JPA_SHOW_SQL - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-jpa-show-sql - - name: STATE_LEVEL_TENANTID_LENGTH - value: "1" - - name: IS_ENVIRONMENT_CENTRAL_INSTANCE - value: "false" - - name: STATE_SCHEMA_INDEX_POSITION_TENANTID - value: "0" - - name: KAFKA_TOPIC_AUDIT - {{- if index .Values "kafka.topic.audit" }} - value: {{ index .Values "kafka.topic.audit" | quote }} - {{- else }} - value: "enc-user-audit-data" - {{- end }} - - - - - jaeger: | - - name: JAEGER_SERVICE_NAME - value: {{ template "common.name" . }} - - name: JAEGER_SAMPLER_TYPE - value: remote - - name: JAEGER_AGENT_HOST - valueFrom: - fieldRef: - fieldPath: status.hostIP - - name: JAEGER_AGENT_PORT - value: "6831" - - name: JAEGER_SAMPLER_MANAGER_HOST_PORT - value: "$(JAEGER_AGENT_HOST):5778" - - name: TRACER_OPENTRACING_ENABLED - value: "true" -## Additional init containers -extraInitContainers: | - -## Additional sidecar containers -extraContainers: | - -## Add additional volumes and mounts, e. g. for custom themes -extraVolumes: | -extraVolumeMounts: | - -additionalLabels: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - additionalAnnotations: {} - -serviceMonitor: - honorLabels: true - # interval: 2m - -cron: - namespace: egov - concurrencyPolicy: Forbid - restartPolicy: OnFailure - httpPort: 8080 - ## Additional sidecar containers - extraContainers: | - - ## Add additional volumes and mounts - extraVolumes: | - - ## Add additional mounts - extraVolumeMounts: | - -vpa: - enabled: false - updateMode: "Off" +# Default values for commons. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +global: + containerRegistry: egovio + +namespace: egov +replicas: 1 +httpPort: 8080 +appType: "" + +ingress: + enabled: false + zuul: false + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/use-regex: "true" + waf: + enabled: true + annotations: + nginx.ingress.kubernetes.io/lua-resty-waf: "active" + nginx.ingress.kubernetes.io/lua-resty-waf-debug: "true" + nginx.ingress.kubernetes.io/lua-resty-waf-score-threshold: "10" + nginx.ingress.kubernetes.io/lua-resty-waf-allow-unknown-content-types: "true" + nginx.ingress.kubernetes.io/lua-resty-waf-process-multipart-body: "false" + +image: + pullPolicy: IfNotPresent + +affinity: + preferSpreadAcrossAZ: true + +initContainers: + dbMigration: + enabled: false + image: + pullPolicy: IfNotPresent + tag: latest + env: | + - name: "DB_URL" + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + - name: "SCHEMA_TABLE" + value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} + - name: "FLYWAY_USER" + valueFrom: + secretKeyRef: + name: db + key: flyway-username + - name: "FLYWAY_PASSWORD" + valueFrom: + secretKeyRef: + name: db + key: flyway-password + - name: "FLYWAY_LOCATIONS" + valueFrom: + configMapKeyRef: + name: egov-config + key: flyway-locations + + gitSync: + enabled: false + image: + repository: k8s.gcr.io/git-sync + tag: v3.1.1 + pullPolicy: IfNotPresent + env: | + - name: "GIT_SYNC_REPO" + value: "{{ .Values.initContainers.gitSync.repo }}" + - name: "GIT_SYNC_BRANCH" + value: "{{ .Values.initContainers.gitSync.branch }}" + - name: "GIT_SYNC_DEPTH" + value: "1" + - name: "GIT_SYNC_ONE_TIME" + value: "true" + - name: "GIT_SYNC_SSH" + value: "true" + - name: "GIT_SYNC_ROOT" + value: "/work-dir" + +healthChecks: + enabled: false + livenessProbe: | + httpGet: + path: "{{ .Values.healthChecks.livenessProbePath }}" + port: {{ .Values.httpPort }} + initialDelaySeconds: 30 + timeoutSeconds: 3 + periodSeconds: 60 + successThreshold: 1 + failureThreshold: 5 + readinessProbe: | + httpGet: + path: "{{ .Values.healthChecks.readinessProbePath }}" + port: {{ .Values.httpPort }} + initialDelaySeconds: 30 + timeoutSeconds: 3 + periodSeconds: 30 + successThreshold: 1 + failureThreshold: 5 + +lifecycle: + preStop: + exec: + command: + - sh + - -c + - "sleep 10" + +memory_limits: "256Mi" +resources: | + {{- if eq .Values.appType "java-spring" -}} + requests: + memory: {{ .Values.memory_limits | quote }} + limits: + memory: {{ .Values.memory_limits | quote }} + {{- end -}} +## Allows specification of additional environment variables +extraEnv: + java: | + - name: SPRING_DATASOURCE_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + - name: FLYWAY_ENABLED + value: "false" + - name: SPRING_FLYWAY_ENABLED + value: "false" + - name: MANAGEMENT_ENDPOINTS_WEB_BASE_PATH + value: "/" + - name: APP_TIMEZONE + valueFrom: + configMapKeyRef: + name: egov-config + key: timezone + - name: FLYWAY_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + - name: SPRING_DATASOURCE_USERNAME + valueFrom: + secretKeyRef: + name: db + key: username + - name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: db + key: password + - name: SPRING_DATASOURCE_TOMCAT_INITIAL_SIZE + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-datasource-tomcat-initialSize + - name: SERVER_TOMCAT_MAX_THREADS + {{- if index .Values "server-tomcat-max-threads" }} + value: {{ index .Values "server-tomcat-max-threads" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: server-tomcat-max-threads + {{- end }} + - name: SERVER_TOMCAT_MAX_CONNECTIONS + {{- if index .Values "server-tomcat-max-connections" }} + value: {{ index .Values "server-tomcat-max-connections" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: server-tomcat-max-connections + {{- end }} + - name: SPRING_DATASOURCE_TOMCAT_MAX_ACTIVE + {{- if index .Values "spring-datasource-tomcat-max-active" }} + value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-datasource-tomcat-max-active + {{- end }} + - name: SPRING_DATASOURCE_HIKARI_MAXIMUM-POOL-SIZE + {{- if index .Values "spring-datasource-tomcat-max-active" }} + value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-datasource-tomcat-max-active + {{- end }} + - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: SPRING_KAFKA_BOOTSTRAP_SERVERS + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: SPRING_JPA_SHOW_SQL + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-jpa-show-sql + jaeger: | + - name: JAEGER_SERVICE_NAME + value: {{ template "common.name" . }} + - name: JAEGER_SAMPLER_TYPE + value: remote + - name: JAEGER_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: JAEGER_AGENT_PORT + value: "6831" + - name: JAEGER_SAMPLER_MANAGER_HOST_PORT + value: "$(JAEGER_AGENT_HOST):5778" + - name: TRACER_OPENTRACING_ENABLED + value: "true" +## Additional init containers +extraInitContainers: | + +## Additional sidecar containers +extraContainers: | + +## Add additional volumes and mounts, e. g. for custom themes +extraVolumes: | +extraVolumeMounts: | + +additionalLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + additionalAnnotations: {} + +serviceMonitor: + honorLabels: true + # interval: 2m + +cron: + namespace: egov + concurrencyPolicy: Forbid + restartPolicy: OnFailure + httpPort: 8080 + ## Additional sidecar containers + extraContainers: | + + ## Add additional volumes and mounts + extraVolumes: | + + ## Add additional mounts + extraVolumeMounts: | diff --git a/charts/core-services/Chart.yaml b/charts/core-services/Chart.yaml new file mode 100644 index 0000000000..7c43d82c2c --- /dev/null +++ b/charts/core-services/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v2 +description: A Helm Chart to Deploy Digit Core Services +name: core-services +version: 1.0.0 # Update this version as per your release +appVersion: 1.0.0 # Update the app version as per your application's version + +dependencies: + - name: audit-service + version: 0.1.0 + repository: "file://audit-service" + + - name: chatbot + version: 0.1.0 + repository: "file://chatbot" + + - name: common + version: 0.0.5 + repository: "file://../common" diff --git a/deploy-as-code/helm/charts/core-services/audit-service/Chart.yaml b/charts/core-services/audit-service/Chart.yaml similarity index 89% rename from deploy-as-code/helm/charts/core-services/audit-service/Chart.yaml rename to charts/core-services/audit-service/Chart.yaml index c85814354f..9406f4091f 100644 --- a/deploy-as-code/helm/charts/core-services/audit-service/Chart.yaml +++ b/charts/core-services/audit-service/Chart.yaml @@ -1,4 +1,4 @@ -apiVersion: v1 +apiVersion: v2 name: audit-service description: A Helm chart for Kubernetes @@ -20,7 +20,7 @@ version: 0.1.0 # incremented each time you make changes to the application. appVersion: 1.16.0 -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common +# dependencies: +# - name: common +# version: 0.0.5 +# repository: file://../../common diff --git a/charts/core-services/audit-service/templates/deployment.yaml b/charts/core-services/audit-service/templates/deployment.yaml new file mode 100644 index 0000000000..ce8f3cb3e5 --- /dev/null +++ b/charts/core-services/audit-service/templates/deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.labels.app }} + labels: +{{ toYaml .Values.labels | indent 4 }} +spec: + replicas: {{ .Values.replicas | int }} + selector: + matchLabels: + app: {{ .Values.labels.app }} + template: + metadata: + labels: +{{ toYaml .Values.labels | indent 8 }} + spec: + containers: + - name: {{ .Values.labels.app }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + env: +{{- range .Values.env }} + - name: {{ .name }} +{{- if .value }} + value: {{ .value | quote}} +{{- else if .valueFrom }} + valueFrom: +{{ toYaml .valueFrom | indent 16 }} +{{- end }} +{{- end }} + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: {{ .Values.healthChecks.livenessProbePath }} + port: 8080 + readinessProbe: + httpGet: + path: {{ .Values.healthChecks.readinessProbePath }} + port: 8080 + initContainers: + - name: db-migration + image: "{{ .Values.initContainers.dbMigration.image.repository }}" + # Add any specific configurations for the init container here diff --git a/charts/core-services/audit-service/templates/ingress.yaml b/charts/core-services/audit-service/templates/ingress.yaml new file mode 100644 index 0000000000..e08d0cbe93 --- /dev/null +++ b/charts/core-services/audit-service/templates/ingress.yaml @@ -0,0 +1,19 @@ +{{- if .Values.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.labels.app }}-ingress + labels: +{{ toYaml .Values.labels | indent 4 }} +spec: + rules: + - http: + paths: + - path: /{{ .Values.ingress.context }} + pathType: Prefix + backend: + service: + name: {{ .Values.labels.app }} + port: + number: 8080 +{{- end }} diff --git a/charts/core-services/audit-service/templates/service.yaml b/charts/core-services/audit-service/templates/service.yaml new file mode 100644 index 0000000000..c957179ebe --- /dev/null +++ b/charts/core-services/audit-service/templates/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.labels.app }} + labels: +{{ toYaml .Values.labels | indent 4 }} +spec: + type: ClusterIP + ports: + - port: 8080 + targetPort: 8080 + selector: + app: {{ .Values.labels.app }} diff --git a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml b/charts/core-services/audit-service/values.yaml similarity index 55% rename from deploy-as-code/helm/charts/core-services/audit-service/values.yaml rename to charts/core-services/audit-service/values.yaml index 2896483e24..14d51a54b2 100644 --- a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml +++ b/charts/core-services/audit-service/values.yaml @@ -20,6 +20,7 @@ initContainers: # Container Configs image: repository: "audit-service" + tag: "latest" replicas: "1" healthChecks: enabled: true @@ -31,29 +32,30 @@ heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" # Additional Container Envs -env: | +env: - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: audit-service + value: "audit-service" - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer + value: "org.apache.kafka.common.serialization.StringSerializer" - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer + value: "org.springframework.kafka.support.serializer.JsonSerializer" - name: PROCESS_AUDIT_LOGS_KAFKA_TOPIC - value: process-audit-records + value: "process-audit-records" - name: PERSIST_AUDIT_LOGS_KAFKA_TOPIC - value: persist-audit-records - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: SERVER_PORT - value: "8080" - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: EGOV_ENC_SIGN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-enc-service + value: "persist-audit-records" + # - name: JAVA_OPTS + # value: "{{ .Values.heap | quote }}" + # - name: SERVER_PORT + # value: "8080" + # - name: JAVA_ARGS + # value: "{{ .Values.java-args | quote }}" + # - name: SECURITY_BASIC_ENABLED + # value: "false" + # - name: MANAGEMENT_SECURITY_ENABLED + # value: "false" + # - name: EGOV_ENC_SIGN_HOST + # valueFrom: + # configMapKeyRef: + # name: "egov-service-host" + # key: "egov-enc-service" + diff --git a/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml b/charts/core-services/chatbot-service/Chart.yaml similarity index 89% rename from deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml rename to charts/core-services/chatbot-service/Chart.yaml index 9703a6d0bd..428262444e 100644 --- a/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml +++ b/charts/core-services/chatbot-service/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: kaniko-cache-warmer +name: chatbot-service description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. @@ -20,7 +20,7 @@ version: 0.1.0 # incremented each time you make changes to the application. appVersion: 1.16.0 -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common \ No newline at end of file +# dependencies: +# - name: common +# version: 0.0.5 +# repository: file://../../common diff --git a/charts/core-services/chatbot-service/templates/deployment.yaml b/charts/core-services/chatbot-service/templates/deployment.yaml new file mode 100644 index 0000000000..ce8f3cb3e5 --- /dev/null +++ b/charts/core-services/chatbot-service/templates/deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.labels.app }} + labels: +{{ toYaml .Values.labels | indent 4 }} +spec: + replicas: {{ .Values.replicas | int }} + selector: + matchLabels: + app: {{ .Values.labels.app }} + template: + metadata: + labels: +{{ toYaml .Values.labels | indent 8 }} + spec: + containers: + - name: {{ .Values.labels.app }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + env: +{{- range .Values.env }} + - name: {{ .name }} +{{- if .value }} + value: {{ .value | quote}} +{{- else if .valueFrom }} + valueFrom: +{{ toYaml .valueFrom | indent 16 }} +{{- end }} +{{- end }} + ports: + - containerPort: 8080 + livenessProbe: + httpGet: + path: {{ .Values.healthChecks.livenessProbePath }} + port: 8080 + readinessProbe: + httpGet: + path: {{ .Values.healthChecks.readinessProbePath }} + port: 8080 + initContainers: + - name: db-migration + image: "{{ .Values.initContainers.dbMigration.image.repository }}" + # Add any specific configurations for the init container here diff --git a/charts/core-services/chatbot-service/templates/ingress.yaml b/charts/core-services/chatbot-service/templates/ingress.yaml new file mode 100644 index 0000000000..e08d0cbe93 --- /dev/null +++ b/charts/core-services/chatbot-service/templates/ingress.yaml @@ -0,0 +1,19 @@ +{{- if .Values.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Values.labels.app }}-ingress + labels: +{{ toYaml .Values.labels | indent 4 }} +spec: + rules: + - http: + paths: + - path: /{{ .Values.ingress.context }} + pathType: Prefix + backend: + service: + name: {{ .Values.labels.app }} + port: + number: 8080 +{{- end }} diff --git a/charts/core-services/chatbot-service/templates/service.yaml b/charts/core-services/chatbot-service/templates/service.yaml new file mode 100644 index 0000000000..c957179ebe --- /dev/null +++ b/charts/core-services/chatbot-service/templates/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.labels.app }} + labels: +{{ toYaml .Values.labels | indent 4 }} +spec: + type: ClusterIP + ports: + - port: 8080 + targetPort: 8080 + selector: + app: {{ .Values.labels.app }} diff --git a/charts/core-services/chatbot-service/values.yaml b/charts/core-services/chatbot-service/values.yaml new file mode 100644 index 0000000000..7fe764019e --- /dev/null +++ b/charts/core-services/chatbot-service/values.yaml @@ -0,0 +1,61 @@ +# Common Labels +labels: + app: "chatbot-service" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "chatbot-service" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "chatbot_service_schema" + image: + repository: "chatbot-service-db" + +# Container Configs +image: + repository: "chatbot-service" + tag: "latest" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/chatbot-service/health" + readinessProbePath: "/chatbot-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx64m -Xms64m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: "chatbot-service" + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: "org.apache.kafka.common.serialization.StringSerializer" + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: "org.springframework.kafka.support.serializer.JsonSerializer" + - name: PROCESS_chatbot_LOGS_KAFKA_TOPIC + value: "process-chatbot-records" + - name: PERSIST_chatbot_LOGS_KAFKA_TOPIC + value: "persist-chatbot-records" + - name: JAVA_OPTS + value: "{{ .Values.heap | quote }}" + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: "{{ .Values.java-args | quote }}" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_ENC_SIGN_HOST + valueFrom: + configMapKeyRef: + name: "egov-service-host" + key: "egov-enc-service" + diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml b/charts/core-services/egov-accesscontrol/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml rename to charts/core-services/egov-accesscontrol/Chart.yaml diff --git a/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/templates/deployment.yaml b/charts/core-services/egov-accesscontrol/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/templates/deployment.yaml rename to charts/core-services/egov-accesscontrol/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/templates/ingress.yaml b/charts/core-services/egov-accesscontrol/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/templates/ingress.yaml rename to charts/core-services/egov-accesscontrol/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/templates/service.yaml b/charts/core-services/egov-accesscontrol/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/templates/service.yaml rename to charts/core-services/egov-accesscontrol/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml b/charts/core-services/egov-accesscontrol/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml rename to charts/core-services/egov-accesscontrol/values.yaml diff --git a/charts/core-services/values.yaml b/charts/core-services/values.yaml new file mode 100644 index 0000000000..0dc31054e7 --- /dev/null +++ b/charts/core-services/values.yaml @@ -0,0 +1,165 @@ +core-services: + - name: "audit-service" + labels: + app: "audit-service" + group: "rainmaker" + + ingress: + enabled: true + zuul: true + context: "audit-service" + + image: + repository: "audit-service" + replicas: "1" + healthChecks: + enabled: true + livenessProbePath: "/audit-service/health" + readinessProbePath: "/audit-service/health" + appType: "java-spring" + tracing-enabled: true + heap: "-Xmx64m -Xms64m" + java-args: "-Dspring.profiles.active=monitoring" + + env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: audit-service + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: PROCESS_AUDIT_LOGS_KAFKA_TOPIC + value: process-audit-records + - name: PERSIST_AUDIT_LOGS_KAFKA_TOPIC + value: persist-audit-records + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_ENC_SIGN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-enc-service + + - name: "chatbot" + labels: + app: "chatbot" + group: "core" + + ingress: + enabled: true + zuul: true + context: "whatsapp-webhook" + ip-whitelist: "" + + initContainers: + dbMigration: + enabled: true + schemaTable: "egov_chatbot_schema" + image: + repository: "chatbot-db" + + image: + repository: "chatbot" + replicas: "1" + appType: "java-spring" + tracing-enabled: true + heap: "-Xmx192m -Xms192m" + java-args: "" + + env: | + - name: KAFKA_BOOTSTRAP_SERVER + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: EGOV_EXTERNAL_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: USER_SERVICE_CHATBOT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-chatbot + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: MDMS_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: zuul + - name: EGOV_URLSHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortener + - name: LOCATION_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: zuul + - name: LOCALIZATION_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: zuul + - name: FILESTORE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: zuul + - name: PGR_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: zuul + - name: SPRING_FLYWAY_ENABLED + value: "false" + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/whatsapp-webhook" + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: -Xmx256m -Xms256m + - name: JAVA_ARGS + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_CHATBOT_CITIZEN_PASSWRORD + valueFrom: + secretKeyRef: + name: egov-user-chatbot + key: citizen-login-password-otp-fixed-value + - name: VALUEFIRST_USERNAME + valueFrom: + secretKeyRef: + name: chatbot + key: valuefirst-username + - name: VALUEFIRST_PASSWORD + valueFrom: + secretKeyRef: + name: chatbot + key: valuefirst-password + - name: TRACER_OPENTRACING_ENABLED + value: "true" + - name: FLOW_RESET_KEYWORDS + value: "Hi,Hey,Hello,mseva,Start,missedCall" + \ No newline at end of file diff --git a/ci-as-code b/ci-as-code deleted file mode 160000 index 8a8108c1a9..0000000000 --- a/ci-as-code +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 8a8108c1a9626b59125ac548aa1be81aff94ba43 diff --git a/deploy-as-code/README.md b/deploy-as-code/README.md deleted file mode 100644 index 45d2767898..0000000000 --- a/deploy-as-code/README.md +++ /dev/null @@ -1,62 +0,0 @@ - -# Digit Helm Deployment Common Chart - -The common library chart has templates which eases deployment of a service on to Digit with recommended platform defaults which can further be customized to service or environment needs while abstracting the need to know kubernetes manifest syntax. - -This helps us push defaults and changes to most, if not all, services deployed onto Digit. - -## Requirements - -The default values file [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) has defaults for all manifest files, which can be overrides by service values file or environment override file. - -The service template file [_service.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_service.yaml) used for generating a service manifest. - -The ingress template file [_ingress.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_ingress.yaml) used for generating ingress manifest. - -The deployment template file [_deployment.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_deployment.yaml) used for generating a deployment manifest. - -## Values template - -Parameter | Description | Default ---- | --- | --- -`namespace` | Default namespace for the service | `egov` -`replicas` | Number of Pods to be created | `1` -`httpPort` | Default port number for the service | `8080` -`appType` | Application Type to configure defaults for appType, "java-spring" only type with defaults for now. For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) | ` ` -`labels` | Labels for the service, for example,
`app: "egov-mdms-service"`
`group: "core"` | `''` -`ingress.enabled` | To add ingress controller for the service | `false` -`ingress.zuul` | When ingress is enabled, routes the request via Zuul API gateway | `false` -`ingress.context` | When ingress is enabled, exposes the following context path to the internet, example `user` | `` -`ingress.waf.enabled` | When ingress is enabled, Enable Web Application Firewall for the service | `true` -`image.pullPolicy` | To pull a Docker image from Docker repository, By default skip pulling an image if it already exists | `IfNotPresent` -`image.tag` | Docker image tag for the service | `latest` -`affinity.preferSpreadAcrossAZ` | To spread deployment replicas across multiple availability zones in cloud environment | `true` -`initContainers.dbMigration.enabled` | Add Flyway DB migration container for the service, requires schemaTable configuration! | `false` -`initContainers.dbMigration.schemaTable` | Schema table for the flyway db migration, required, if db migration enabled, | `''` -`initContainers.dbMigration.image.pullPolicy` | Pulls the DB migration docker images from Docker repository | `IfNotPresent` -`initContainers.dbMigration.image.tag` | Docker image tag for the initcontainer | `latest` -`initContainers.dbMigration.env` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`env: \|`
        `- name: "FLYWAY_USER"`
            `valueFrom:`
                `secretKeyRef:`
                        `name: db`
                        `key: flyway-username`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`initContainers.gitSync.enabled` | To add a gitSync init container which clones a repository using configured ssh read token | `false` -`initContainers.gitSync.repo` | Git repository to be checked out, required, if gitSync enabled, example, `git@github.com:egovernments/egov-mdms-data` | `''` -`initContainers.gitSync.branch` | Git repository branch to be checked out, required, if gitSync enabled, example, `master` | `''` -`gitSync.image.repository` | Docker image of the gitSync init container | `k8s.gcr.io/git-sync` -`gitSync.image.tag` | Docker image tag of the gitSync init container | `v3.1.1` -`gitSync.image.pullPolicy` | Docker image pull policy for gitSync init container | `IfNotPresent` -`gitSync.env` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`env: \|`
        `- name: "GIT_SYNC_REPO"`
            `value: "{{ .Values.initContainers.gitSync.repo }}"`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`healthChecks.enabled` | To enable/disable healthchecks [Liveness probes and Readiness probes] for a pod | `false` -`healthChecks.livenessProbe` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`livenessProbe: \|`
        `httpGet:`
                `path: "{{ .Values.healthChecks.livenessProbePath }}"`
        `initialDelaySeconds: 60`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`healthChecks.livenessProbe.httpGet.path` | Context path of the service to check the liveness of a pod | `{{ .Values.healthChecks.livenessProbePath }}` -`healthChecks.livenessProbe.httpGet.port` | Port number of the service to check the liveness of a pod | `{{ .Values.httpPort }}` -`healthChecks.readinessProbe` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`readinessProbe: \|`
        `httpGet:`
                `path: "{{ .Values.healthChecks.readinessProbePath }}"`
        `initialDelaySeconds: 60`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`healthChecks.readinessProbe.httpGet.path` | Context path of the service to check the readiness of a pod | `{{ .Values.healthChecks.readinessProbePath }}` -`healthChecks.readinessProbe.httpGet.port` | Port number of the service to check the readiness of a pod | `{{ .Values.httpPort }}` -`lifecycle.preStop.exec.command` | Executes the command in the pod before stopping | `- sh`
`- -c`
`- "sleep 10"` -`memory_limits` | To set the memory limit for the pod | `512Mi` -`resources` | To set the resource limits for the pod. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `resources: \|`
    `{{- if eq .Values.appType "java-spring" -}}`
    `requests:`
        `memory: {{ .Values.memory_limits \| quote }}`
    `limits:`
        `memory: {{ .Values.memory_limits \| quote }}`
    `{{- end -}}` -`extraEnv.java` | Allows the specification of additional environment variables for Java. Passed through the tpl function and thus to be configured a string | `For Eg:`
`java: \|`
        `- name: SPRING_DATASOURCE_URL`
            `valueFrom:`
                `configMapKeyRef:`
                    `name: egov-config`
                    `key: db-url`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`jaeger` | Jaeger API tracing environment variables to send traces to Jaeger Agent. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`jaeger: \|`
        `- name: JAEGER_AGENT_PORT`
            `port: 6831`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`extraVolumes` | To add additional volumes to the service. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`extraVolumes: \|`
    `- name: new-volume`
        `configMap:`
            `name: service-new-volume` -`extraVolumeMounts` | To mount additional volumes to the service in a desired mount path. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`extraVolumeMounts: \|`
    `- mountPath: /opt/service-path/file.conf`
        `configMap:`
            `name: new-volume`
            `subPath: file.conf` -`extraInitContainers` | Additional init containers, e. g. for providing themes, etc. Passed through the `tpl` function and thus to be configured a string | `""` -`extraContainers` | Additional sidecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy. Passed through the `tpl` function and thus to be configured a string | `""` - diff --git a/deploy-as-code/egov-deployer/Dockerfile b/deploy-as-code/egov-deployer/Dockerfile deleted file mode 100644 index f5002d81d6..0000000000 --- a/deploy-as-code/egov-deployer/Dockerfile +++ /dev/null @@ -1,41 +0,0 @@ - -FROM golang:1.13-alpine as build - -ENV GO111MODULE=on -ENV GOCACHE=/tmp - -ARG WORK_DIR -WORKDIR /app - -COPY ${WORK_DIR}/go.mod . -COPY ${WORK_DIR}/go.sum . - -RUN go mod download - -COPY . . - -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build - - -# Create runtime image -FROM alpine:3 - -ARG KUBECTL_VERSION=v1.15.12 -ARG SOPS_VERSION=v3.5.0 -ARG HELM_VERSION=v3.2.1 - -WORKDIR /opt/egov - -RUN addgroup -S egov && adduser -S -G egov egov -COPY --chown=egov:egov --from=build /app/egov-deployer /opt/egov/ - -RUN chmod +x /opt/egov/egov-deployer -RUN wget https://storage.googleapis.com/kubernetes-release/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl \ - && wget https://amazon-eks.s3-us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/aws-iam-authenticator \ - && wget -O sops https://github.com/mozilla/sops/releases/download/$SOPS_VERSION/sops-$SOPS_VERSION.linux \ - && wget -qO- https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar xvz \ - && chmod +x ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm \ - && mv ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm /usr/local/bin \ - && rm -rf ./linux-amd64 && rm -f /var/cache/apk/* - -# USER egov diff --git a/deploy-as-code/egov-deployer/cmd/deploy.go b/deploy-as-code/egov-deployer/cmd/deploy.go deleted file mode 100644 index e3d5f28726..0000000000 --- a/deploy-as-code/egov-deployer/cmd/deploy.go +++ /dev/null @@ -1,74 +0,0 @@ -/* -Copyright © 2019 NAME HERE - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -package cmd - -import ( - "errors" - - "egov-deployer/pkg/cmd/deployer" - - "github.com/spf13/cobra" - "github.com/spf13/viper" -) - -var options deployer.Options - -// deployCmd represents the deploy command -var deployCmd = &cobra.Command{ - Use: "deploy [IMAGES]", - Short: "Deploy a comma separated list of images", - Long: `A longer description that spans multiple lines and likely contains examples -and usage of using your command. For example: - -Cobra is a CLI library for Go that empowers applications. -This application is a tool to generate the needed files -to quickly create a Cobra application.`, - - PreRunE: func(cmd *cobra.Command, args []string) error { - if options.DesiredProduct == "" && len(args) < 1 { - return errors.New("Image Deploy: At least require one image to deploy") - } - - if options.DesiredProduct == "" && len(args) >= 1 { - options.Images = args[0] - } - - return nil - }, - Run: func(cmd *cobra.Command, args []string) { - // fmt.Println("deploy called with images: " + args[0]) - - options.HelmDir = viper.GetString("helm-dir") - deployer.DeployCharts(options) - }, -} - -func init() { - // deployCmd.Flags().StringVarP(&images, "images", "i", "", "Images to be deployed") - - deployCmd.Flags().String("helm-dir", "../helm", "Helm Charts / Configs directory") - viper.BindPFlag("helm-dir", deployCmd.Flags().Lookup("helm-dir")) - - deployCmd.Flags().StringVarP(&options.DesiredProduct, "product", "s", "", "Desired Product stack") - deployCmd.Flags().StringVarP(&options.ProductVersion, "version", "v", "", "Intented product version to be applied") - deployCmd.Flags().StringVarP(&options.Environment, "environment", "e", "", "Environment override to be applied") - deployCmd.Flags().BoolVarP(&options.ClusterConfigs, "cluster-configs", "c", false, "Deploy cluster configs") - deployCmd.Flags().BoolVarP(&options.Print, "print", "p", false, "Print templates to stdout") - // deployCmd.MarkFlagRequired("images") - deployCmd.MarkFlagRequired("environment") - rootCmd.AddCommand(deployCmd) - -} diff --git a/deploy-as-code/egov-deployer/cmd/root.go b/deploy-as-code/egov-deployer/cmd/root.go deleted file mode 100644 index 67bad2acb8..0000000000 --- a/deploy-as-code/egov-deployer/cmd/root.go +++ /dev/null @@ -1,89 +0,0 @@ -/* -Copyright © 2019 NAME HERE - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -package cmd - -import ( - "fmt" - "os" - - "github.com/spf13/cobra" - - homedir "github.com/mitchellh/go-homedir" - "github.com/spf13/viper" -) - -var cfgFile string - -// rootCmd represents the base command when called without any subcommands -var rootCmd = &cobra.Command{ - Use: "egov-deployer", - Short: "A brief description of your application", - Long: `A longer description that spans multiple lines and likely contains -examples and usage of using your application. For example: - -Cobra is a CLI library for Go that empowers applications. -This application is a tool to generate the needed files -to quickly create a Cobra application.`, - // Uncomment the following line if your bare application - // has an action associated with it: - // Run: func(cmd *cobra.Command, args []string) { }, -} - -// Execute adds all child commands to the root command and sets flags appropriately. -// This is called by main.main(). It only needs to happen once to the rootCmd. -func Execute() { - if err := rootCmd.Execute(); err != nil { - fmt.Println(err) - os.Exit(1) - } -} - -func init() { - cobra.OnInitialize(initConfig) - - // Here you will define your flags and configuration settings. - // Cobra supports persistent flags, which, if defined here, - // will be global for your application. - - rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.egov-deployer.yaml)") - -} - -// initConfig reads in config file and ENV variables if set. -func initConfig() { - if cfgFile != "" { - // Use config file from the flag. - viper.SetConfigFile(cfgFile) - } else { - // Find home directory. - home, err := homedir.Dir() - if err != nil { - fmt.Println(err) - os.Exit(1) - } - - // Search config in home directory with name ".egov-deployer" (without extension). - viper.AddConfigPath(home) - viper.SetConfigName(".egov-deployer") - } - - viper.AutomaticEnv() // read in environment variables that match - - // If a config file is found, read it in. - if err := viper.ReadInConfig(); err == nil { - fmt.Println("Using config file:", viper.ConfigFileUsed()) - } -} diff --git a/deploy-as-code/egov-deployer/digit_setup.go b/deploy-as-code/egov-deployer/digit_setup.go deleted file mode 100644 index 64f9ae4ed9..0000000000 --- a/deploy-as-code/egov-deployer/digit_setup.go +++ /dev/null @@ -1,299 +0,0 @@ -package main - -import ( - "bytes" - "container/list" - "errors" - "fmt" - "io" - "io/ioutil" - "log" - "os" - "os/exec" - "strings" - s "strings" - - "github.com/manifoldco/promptui" - "gopkg.in/yaml.v2" -) - -var Reset = "\033[0m" -var Red = "\033[31m" -var Green = "\033[32m" -var Yellow = "\033[33m" -var Blue = "\033[34m" -var Purple = "\033[35m" -var Cyan = "\033[36m" -var Gray = "\033[37m" -var White = "\033[97m" - -//Defining a struct to parse the yaml file -type Digit struct { - Version string `yaml:"version"` - Modules []struct { - Name string `yaml:"name"` - Services []string `yaml:"services"` - Dependencies []string `yaml:"dependencies,omitempty"` - } `yaml:"modules"` -} - -type Set struct { - set map[string]bool -} - -func NewSet() *Set { - return &Set{make(map[string]bool)} -} -func (set *Set) Add(i string) bool { - _, found := set.set[i] - set.set[i] = true - return !found //False if it existed already -} -func (set *Set) Get(i string) bool { - _, found := set.set[i] - return found -} - -func main() { - var versionfiles []string - var envfiles []string - var modules []string - var selectedMod []string - svclist := list.New() - set := NewSet() - var argStr string = "" - - fmt.Println(string(Green), "\n******* Welcome to DIGIT INSTALLATION!!! Please ensure the Pre-requsites before you proceed *********\n") - const sPreReq = "\bPre-requsites (Please Read Carefully):\n\tDIGIT Platform is a combination of multiple microservices that are packaged as docker containers that can be run on any supported infra like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t3. Helm installed on your local, follow this link to install\n\t4. Target Env Deployment config file, refer here for the sample template and fill your env specific values.\n\t5. If you want to use encrypted values instead of plain-text for your sensitive configuration, install sops by using this link.\n\nWell! We are good to get started when all the above pre-requistes are met, if not abort it here (Ctl+c) set-it up, come back and rerun the script." - // Get the Proceedual of the user - fmt.Println(string(Cyan), sPreReq) - //var proceedQuestion string - preReqConfirm := []string{"Yes", "No"} - var proceed string = "" - proceed, _ = sel(preReqConfirm, "Are you good to proceed?") - if proceed == "Yes" { - contextset := setClusterContext() - if contextset { - // Get the versions from the chart and display it to user to select - file, err := os.Open("../helm/product-release-charts/") - if err != nil { - log.Fatalf("failed opening directory: %s", err) - } - defer file.Close() - - prodList, _ := file.Readdirnames(0) // 0 to read all files and folders - for _, name := range prodList { - fmt.Println(name) - } - - var product string = "" - product, _ = sel(prodList, "Which Product would you like to install, Please Select") - if product != "" { - files, err := ioutil.ReadDir("../helm/product-release-charts/" + product) - if err != nil { - log.Fatal(err) - } - - for _, f := range files { - name := f.Name() - versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) - } - var version string = "" - version, _ = sel(versionfiles, "Which version of the product would like to install, Select below") - if version != "" { - argFile := "../helm/product-release-charts/" + product + "/dependancy_chart-" + version + ".yaml" - - // Decode the yaml file and assigning the values to a map - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Reading file =>", argFile, err) - return - } - - // Parse the yaml values - fullChart := Digit{} - err = yaml.Unmarshal(chartFile, &fullChart) - if err != nil { - fmt.Println("\n\tERROR: Parsing => ", argFile, err) - return - } - - // Mapping the images to servicename - var m = make(map[string][]string) - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - if strings.Contains(s.Name, "m_") { - modules = append(modules, s.Name) - } - } - modules = append(modules, "Exit") - result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") - //if err == nil { - for result != "Exit" && err == nil { - selectedMod = append(selectedMod, result) - result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") - } - if selectedMod != nil { - for _, mod := range selectedMod { - getService(fullChart, mod, *set, svclist) - } - for element := svclist.Front(); element != nil; element = element.Next() { - imglist := m[element.Value.(string)] - imglistsize := len(imglist) - for i, service := range imglist { - argStr = argStr + service - if !(element.Next() == nil && i == imglistsize-1) { - argStr = argStr + "," - } - - } - } - - envfilesFromDir, err := ioutil.ReadDir("../helm/environments/") - if err != nil { - log.Fatal(err) - } - for _, envfile := range envfilesFromDir { - filename := envfile.Name() - if !s.Contains(filename, "secrets") { - envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) - } - } - - // Choose the env - var env string = "" - env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") - fmt.Print("") - if env != "" { - var goDeployCmd string - confirm := []string{"Yes", "No"} - - goDeployCmd = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) - - preview, _ := sel(confirm, "Do you want to preview the manifests before the actual Deployment") - if preview == "Yes" { - goDeployCmd = fmt.Sprintf("%s -p", goDeployCmd) - fmt.Println("That's cool... The preview is getting loaded. Please review it and proceed with the deployment") - execCommand(goDeployCmd) - } - - consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") - if consent == "Yes" { - fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - return - } - } - } - } - } - } - } - } - fmt.Println("") - endScript() -} - -func getService(fullChart Digit, service string, set Set, svclist *list.List) { - for _, s := range fullChart.Modules { - if s.Name == service { - if set.Add(service) { - svclist.PushFront(service) //Add services into the list - if s.Dependencies != nil { - for _, deps := range s.Dependencies { - getService(fullChart, deps, set, svclist) - } - } - } - } - } -} - -func execCommand(command string) error { - var err error - parts := strings.Fields(command) - //log.Println("Printing full command part", parts) - // The first part is the command, the rest are the args: - head := parts[0] - args := parts[1:len(parts)] - // Format the command - cmd := exec.Command(head, args...) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } - return err -} - -func setClusterContext() bool { - var contextset bool = false - var kubeconfig string = "" - - validatepath := func(input string) error { - _, err := os.Stat(input) - if os.IsNotExist(err) { - return errors.New("The File does not exist in the given path") - } - return nil - } - - kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of the kubeconfig file") - - if kubeconfig != "" { - getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) - err := execCommand(getcontextcmd) - if err == nil { - context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") - if context != "" { - usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) - err := execCommand(usecontextcmd) - if err == nil { - contextset = true - } - } - } - } - return contextset -} - -func sel(items []string, label string) (string, error) { - var result string - var err error - prompt := promptui.Select{ - Label: label, - Items: items, - Size: 30, - } - _, result, err = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result, err -} - -func enterValue(validate promptui.ValidateFunc, label string) string { - var result string - prompt := promptui.Prompt{ - Label: label, - Validate: validate, - } - result, _ = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result -} - -func endScript() { - fmt.Println("Take your time, You can come back at any time ... Thank You!!!") - return -} diff --git a/deploy-as-code/egov-deployer/go.mod b/deploy-as-code/egov-deployer/go.mod deleted file mode 100644 index 8b408aac4b..0000000000 --- a/deploy-as-code/egov-deployer/go.mod +++ /dev/null @@ -1,13 +0,0 @@ -module egov-deployer - -go 1.13 - -require ( - github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa - github.com/manifoldco/promptui v0.9.0 - github.com/mitchellh/go-homedir v1.1.0 - github.com/spf13/cobra v0.0.5 - github.com/spf13/viper v1.6.1 - gopkg.in/yaml.v2 v2.2.4 - -) diff --git a/deploy-as-code/egov-deployer/go.sum b/deploy-as-code/egov-deployer/go.sum deleted file mode 100644 index 8d41391502..0000000000 --- a/deploy-as-code/egov-deployer/go.sum +++ /dev/null @@ -1,180 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/egovernments/DIGIT-DevOps v0.0.0-20220506120657-78f3ada606fa h1:zsjuenUxEOLN6+mx1ijmho4/XeaF+418aXMF3REmAPU= -github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa h1:VND2LbduzVA83JJd/BnN0+98bT8QRrguYKjvM6a92F0= -github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa/go.mod h1:fP/zOe/hVmXnpKdVOXxQ1JsilpKPtJH6t/j+nk0iRCM= -github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= -github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= -github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2 h1:m8/z1t7/fwjysjQRYbP0RD+bUIF/8tJwPdEZsI83ACI= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= -github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= -github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= -github.com/spf13/viper v1.6.1 h1:VPZzIkznI1YhVMRi6vNFLHSwhnhReBfgTxIPccpfdZk= -github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -google.golang.org/appengine v1.1.0 h1:igQkv0AAhEIvTEpD5LIpAfav2eeVO9HBTjvKHVJPRSs= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/ini.v1 v1.51.0 h1:AQvPpx3LzTDM0AjnIRlVFwFFGC+npRopjZxLJj6gdno= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/deploy-as-code/egov-deployer/internal/README.md b/deploy-as-code/egov-deployer/internal/README.md deleted file mode 100644 index f00d95b5e0..0000000000 --- a/deploy-as-code/egov-deployer/internal/README.md +++ /dev/null @@ -1,14 +0,0 @@ -# `/internal` - -Private application and library code. This is the code you don't want others importing in their applications or libraries. Note that this layout pattern is enforced by the Go compiler itself. See the Go 1.4 [`release notes`](https://golang.org/doc/go1.4#internalpackages) for more details. Note that you are not limited to the top level `internal` directory. You can have more than one `internal` directory at any level of your project tree. - -You can optionally add a bit of extra structure to your internal packages to separate your shared and non-shared internal code. It's not required (especially for smaller projects), but it's nice to have visual clues showing the intended package use. Your actual application code can go in the `/internal/app` directory (e.g., `/internal/app/myapp`) and the code shared by those apps in the `/internal/pkg` directory (e.g., `/internal/pkg/myprivlib`). - -Examples: - -* https://github.com/hashicorp/terraform/tree/master/internal -* https://github.com/influxdata/influxdb/tree/master/internal -* https://github.com/perkeep/perkeep/tree/master/internal -* https://github.com/jaegertracing/jaeger/tree/master/internal -* https://github.com/moby/moby/tree/master/internal -* https://github.com/satellity/satellity/tree/master/internal diff --git a/deploy-as-code/egov-deployer/internal/app/_your_app_/.keep b/deploy-as-code/egov-deployer/internal/app/_your_app_/.keep deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/deploy-as-code/egov-deployer/internal/pkg/_your_private_lib_/.keep b/deploy-as-code/egov-deployer/internal/pkg/_your_private_lib_/.keep deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/deploy-as-code/egov-deployer/main.go b/deploy-as-code/egov-deployer/main.go deleted file mode 100644 index 49c7d4af4b..0000000000 --- a/deploy-as-code/egov-deployer/main.go +++ /dev/null @@ -1,22 +0,0 @@ -/* -Copyright © 2019 NAME HERE - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -package main - -import "egov-deployer/cmd" - -func main() { - cmd.Execute() -} diff --git a/deploy-as-code/egov-deployer/pkg/README.md b/deploy-as-code/egov-deployer/pkg/README.md deleted file mode 100644 index 055207afc5..0000000000 --- a/deploy-as-code/egov-deployer/pkg/README.md +++ /dev/null @@ -1,58 +0,0 @@ -# `/pkg` - -Library code that's ok to use by external applications (e.g., `/pkg/mypubliclib`). Other projects will import these libraries expecting them to work, so think twice before you put something here :-) Note that the `internal` directory is a better way to ensure your private packages are not importable because it's enforced by Go. The `/pkg` directory is still a good way to explicitly communicate that the code in that directory is safe for use by others. The [`I'll take pkg over internal`](https://travisjeffery.com/b/2019/11/i-ll-take-pkg-over-internal/) blog post by Travis Jeffery provides a good overview of the `pkg` and `internal` directories and when it might make sense to use them. - -It's also a way to group Go code in one place when your root directory contains lots of non-Go components and directories making it easier to run various Go tools (as mentioned in these talks: [`Best Practices for Industrial Programming`](https://www.youtube.com/watch?v=PTE4VJIdHPg) from GopherCon EU 2018, [GopherCon 2018: Kat Zien - How Do You Structure Your Go Apps](https://www.youtube.com/watch?v=oL6JBUk6tj0) and [GoLab 2018 - Massimiliano Pippi - Project layout patterns in Go](https://www.youtube.com/watch?v=3gQa1LWwuzk)). - -Note that this is not a universally accepted pattern and for every popular repo that uses it you can find 10 that don't. It's up to you to decide if you want to use this pattern or not. Regardless of whether or not it's a good pattern more people will know what you mean than not. It is a bit confusing for new Go devs, but it's a pretty simple confusion to resolve and that's one of the goals for this project layout repo. - -Ok not to use it if your app project is really small and where an extra level of nesting doesn't add much value (unless you really want to). Think about it when it's getting big enough and your root directory gets pretty busy (especially if you have a lot of non-Go app components). - -Examples: - -* https://github.com/gogs/gogs/tree/master/pkg -* https://github.com/prometheus/prometheus/tree/master/pkg -* https://github.com/jaegertracing/jaeger/tree/master/pkg -* https://github.com/istio/istio/tree/master/pkg -* https://github.com/google/gvisor/tree/master/pkg -* https://github.com/google/syzkaller/tree/master/pkg -* https://github.com/perkeep/perkeep/tree/master/pkg -* https://github.com/minio/minio/tree/master/pkg -* https://github.com/heptio/ark/tree/master/pkg -* https://github.com/argoproj/argo/tree/master/pkg -* https://github.com/heptio/sonobuoy/tree/master/pkg -* https://github.com/helm/helm/tree/master/pkg -* https://github.com/kubernetes/kubernetes/tree/master/pkg -* https://github.com/kubernetes/kops/tree/master/pkg -* https://github.com/moby/moby/tree/master/pkg -* https://github.com/grafana/grafana/tree/master/pkg -* https://github.com/influxdata/influxdb/tree/master/pkg -* https://github.com/cockroachdb/cockroach/tree/master/pkg -* https://github.com/derekparker/delve/tree/master/pkg -* https://github.com/etcd-io/etcd/tree/master/pkg -* https://github.com/oklog/oklog/tree/master/pkg -* https://github.com/flynn/flynn/tree/master/pkg -* https://github.com/jesseduffield/lazygit/tree/master/pkg -* https://github.com/gopasspw/gopass/tree/master/pkg -* https://github.com/sourcegraph/sourcegraph/tree/master/pkg -* https://github.com/sosedoff/pgweb/tree/master/pkg -* https://github.com/GoogleContainerTools/skaffold/tree/master/pkg -* https://github.com/knative/serving/tree/master/pkg -* https://github.com/grafana/loki/tree/master/pkg -* https://github.com/bloomberg/goldpinger/tree/master/pkg -* https://github.com/crossplaneio/crossplane/tree/master/pkg -* https://github.com/Ne0nd0g/merlin/tree/master/pkg -* https://github.com/jenkins-x/jx/tree/master/pkg -* https://github.com/DataDog/datadog-agent/tree/master/pkg -* https://github.com/dapr/dapr/tree/master/pkg -* https://github.com/cortexproject/cortex/tree/master/pkg -* https://github.com/dexidp/dex/tree/master/pkg -* https://github.com/pusher/oauth2_proxy/tree/master/pkg -* https://github.com/pdfcpu/pdfcpu/tree/master/pkg -* https://github.com/weaveworks/kured -* https://github.com/weaveworks/footloose -* https://github.com/weaveworks/ignite -* https://github.com/tmrts/boilr/tree/master/pkg - - - diff --git a/deploy-as-code/egov-deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/egov-deployer/pkg/cmd/deployer/deployer.go deleted file mode 100644 index 09e14cc73c..0000000000 --- a/deploy-as-code/egov-deployer/pkg/cmd/deployer/deployer.go +++ /dev/null @@ -1,365 +0,0 @@ -package deployer - -import ( - "bytes" - "container/list" - "fmt" - "io/ioutil" - "log" - "os" - "os/exec" - "path/filepath" - "strings" - - "gopkg.in/yaml.v2" -) - -//Defining a struct to parse the yaml file -type Chart struct { - Version string `yaml:"version"` - Modules []struct { - Name string `yaml:"name"` - Services []string `yaml:"services"` - Dependencies []string `yaml:"dependencies,omitempty"` - } `yaml:"modules"` -} - -type mSet struct { - set map[string]bool -} - -func createSet() *mSet { - return &mSet{make(map[string]bool)} -} -func (set *mSet) Add(i string) bool { - _, found := set.set[i] - set.set[i] = true - return !found //False if it existed already -} -func (set *mSet) Get(i string) bool { - _, found := set.set[i] - return found -} - -func getServicesList(helmDir string, productName string, version string) string { - var modules []string - svclist := list.New() - mset := createSet() - var argStr string = "" - - argFile := helmDir + "/product-release-charts/" + productName + "/dependancy_chart-" + version + ".yaml" - // Decode the yaml file and assigning the values to a map - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Reading file =>", argFile, err) - return err.Error() - } - - // Parse the yaml values - fullChart := Chart{} - err = yaml.Unmarshal(chartFile, &fullChart) - if err != nil { - fmt.Println("\n\tERROR: Parsing => ", argFile, err) - return err.Error() - } - - // Mapping the images to servicename - var m = make(map[string][]string) - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - if strings.Contains(s.Name, "m_") { - modules = append(modules, s.Name) - } - - } - - if modules != nil { - for _, module := range modules { - getServices(fullChart, module, *mset, svclist) - } - for element := svclist.Front(); element != nil; element = element.Next() { - imglist := m[element.Value.(string)] - imglistsize := len(imglist) - for i, service := range imglist { - argStr = argStr + service - if !(element.Next() == nil && i == imglistsize-1) { - argStr = argStr + "," - } - - } - } - - return argStr - } - - return "" - -} - -func getServices(fullChart Chart, targetModule string, set mSet, svclist *list.List) { - for _, featureModule := range fullChart.Modules { - if featureModule.Name == targetModule { - if set.Add(targetModule) { - svclist.PushFront(targetModule) //Add services into the list - if featureModule.Dependencies != nil { - for _, deps := range featureModule.Dependencies { - getServices(fullChart, deps, set, svclist) - } - } - - } - } - } -} - -// DeployCharts deploys render all charts using helm template and deploy them using kubectl apply --recursive -func DeployCharts(options Options) { - - var serviceList string = "" - helmDir, _ := filepath.Abs(options.HelmDir) - log.Println("Helm Directory - " + helmDir) - - index := buildIndex(helmDir) - envOverrideFile := filepath.FromSlash(fmt.Sprintf(helmDir+"/environments/%s.yaml", options.Environment)) - - if options.ClusterConfigs && !options.Print { - envSecretFile := filepath.FromSlash(fmt.Sprintf(helmDir+"/environments/%s-secrets.yaml", options.Environment)) - deployClusterConfigs(index, helmDir, envOverrideFile, envSecretFile) - } - - if options.DesiredProduct != "" && options.ProductVersion != "" { - serviceList = getServicesList(helmDir, options.DesiredProduct, options.ProductVersion) - } else { - serviceList = options.Images - } - - fmt.Println(serviceList) - - services := strings.Split(serviceList, ",") - for _, service := range services { - - var name, helmTemplate, args = "", "", make([]string, 0, 10) - - log.Printf("------------------------------------ DEPLOYING %s ------------------------------------", service) - repository, tag := getDockerComponents(service) - serviceChartDirectory, ok := index[repository] - - name = repository - args = append(args, fmt.Sprintf("-f %s", envOverrideFile)) - args = append(args, fmt.Sprintf("--set name=%s", name)) - - if ok && serviceChartDirectory != "" { - log.Println(serviceChartDirectory) - } else { - log.Panicln("Service chart not found: " + repository) - } - - if tag == "" { - clusterImage := getImageTagFromCluster(name) - if clusterImage != "" { - _, tag = getDockerComponents(clusterImage) - args = append(args, fmt.Sprintf("--set image.tag=%s", tag)) - args = append(args, fmt.Sprintf("--set initContainers.dbMigration.image.tag=%s", tag)) - log.Printf("Fetched image from cluster, %s:%s", repository, tag) - } - } else { - args = append(args, fmt.Sprintf("--set image.tag=%s", tag)) - args = append(args, fmt.Sprintf("--set initContainers.dbMigration.image.tag=%s", tag)) - } - - altServiceOverrideFile := filepath.FromSlash(fmt.Sprintf(serviceChartDirectory+"/%s-values.yaml", name)) - if _, err := os.Stat(altServiceOverrideFile); err == nil { - args = append(args, fmt.Sprintf("-f %s", altServiceOverrideFile)) - log.Printf("Applying values from %s-values.yaml", name) - } - - helmDepUpdate := "helm dep update" - execCommand(helmDepUpdate, serviceChartDirectory) - - if !options.Print { - tmpDir, err := ioutil.TempDir(os.TempDir(), "helm-") - if err != nil { - log.Panicln("Cannot create temporary directory", err) - } - - deployCrds(serviceChartDirectory) - // Clean up folder after function exists - defer os.RemoveAll(tmpDir) - args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) - - log.Printf("Generating final manifests to directory : %s ", tmpDir) - helmTemplate = fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) - execCommand(helmTemplate, serviceChartDirectory) - - log.Println("Applying manifests to the cluster ") - kubeApplyCmd := "kubectl apply --recursive -f ." - out := execCommand(kubeApplyCmd, tmpDir) - log.Println(out.String()) - - } else { - helmTemplate = fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) - log.Printf("Executing %s", helmTemplate) - out := execCommand(helmTemplate, serviceChartDirectory) - fmt.Println(out.String()) - } - - } - -} - -func deployCrds(serviceChartDirectory string) { - crdsDirectory := serviceChartDirectory + string(os.PathSeparator) + "crds" - if _, err := os.Stat(crdsDirectory); err == nil { - log.Println("CRDS Directory found, applying CRDS!") - applyCrds := fmt.Sprintf("kubectl apply --recursive -f %s", serviceChartDirectory+string(os.PathSeparator)+"crds") - - out := execCommandRaw(applyCrds, serviceChartDirectory, false) - log.Println(out.String()) - } - -} - -func getImageTagFromCluster(service string) (tag string) { - kubectlGetImageCmd := fmt.Sprintf("kubectl get deployments -l app=%s --all-namespaces -o=jsonpath={.items[*].spec.template.spec.containers[:1].image}", service) - - output := execCommandRaw(kubectlGetImageCmd, "", true) - return output.String() - -} - -func deployClusterConfigs(index map[string]string, helmDir string, envOverrideFile string, envSecretFile string) { - - log.Println("------------------------------------ DEPLOYING CLUSTER CONFIGS ------------------------------------") - clusterConfigDir, ok := index["cluster-configs"] - - if ok && clusterConfigDir != "" { - fmt.Println(clusterConfigDir) - } else { - log.Panicln("Cluster configs not found") - } - - var args = make([]string, 0, 10) - - args = append(args, fmt.Sprintf("-f %s", envOverrideFile)) - - tmpDir, err := ioutil.TempDir(os.TempDir(), "helm-") - if err != nil { - log.Panicln("Failed to create temporary directory", err) - } - - tmpDecFile, err := ioutil.TempFile(tmpDir, "helm-dec-") - if err != nil { - log.Panicln("Failed to create temporary file", err) - } - // Clean up folder after function exists - defer os.RemoveAll(tmpDir) - args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) - - if _, err := os.Stat(helmDir + "/.sops.yaml"); os.IsNotExist(err) { - args = append(args, fmt.Sprintf("-f %s", envSecretFile)) - } else { - sopsDecryptCmd := fmt.Sprintf("sops -d --output %s %s", tmpDecFile.Name(), envSecretFile) - execCommand(sopsDecryptCmd, helmDir) - args = append(args, fmt.Sprintf("-f %s", tmpDecFile.Name())) - } - - helmTemplate := fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) - log.Println(helmTemplate) - execCommand(helmTemplate, clusterConfigDir) - - kubeApplyCmd := "kubectl apply --recursive -f ." - out := execCommandRaw(kubeApplyCmd, tmpDir+string(os.PathSeparator)+"cluster-configs"+string(os.PathSeparator)+"templates", false) - log.Println(out.String()) -} - -func getDockerComponents(image string) (repository string, tag string) { - image = strings.Trim(strings.Replace(image, "-db:", ":", 1), " ") - components := strings.Split(image, ":") - - if len(components) == 2 { - tag = components[1] - } - - domainComponents := strings.Split(components[0], "/") - repository = domainComponents[len(domainComponents)-1] - - return -} - -func getServiceChartDirectory(baseDirectory string, service string) (serviceChartDirectory string, err error) { - - err = filepath.Walk(baseDirectory, - func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if info.IsDir() && strings.EqualFold(info.Name(), service) { - serviceChartDirectory = path - } - return nil - }) - - return serviceChartDirectory, err -} - -func buildIndex(chartsDirectory string) (m map[string]string) { - m = make(map[string]string) - filepath.Walk(chartsDirectory, - func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - - if strings.Contains(info.Name(), "values.yaml") { - if strings.EqualFold(info.Name(), "values.yaml") { - addToMap(m, filepath.Base(filepath.Dir(path)), filepath.Dir(path)) - } else { - svc := strings.Replace(info.Name(), "-values.yaml", "", 1) - addToMap(m, svc, filepath.Dir(path)) - } - } - - return nil - }) - - return m - -} - -func addToMap(m map[string]string, k string, v string) { - if _, ok := m[k]; ok { - log.Printf("Duplicate service found %s! This will lead to undesired results, fix it! \n", k) - } - - m[k] = v -} - -func execCommand(command string, commandDirectory string) (out bytes.Buffer) { - return execCommandRaw(command, commandDirectory, false) -} - -func execCommandRaw(command string, commandDirectory string, suppressErrors bool) (out bytes.Buffer) { - var err error - parts := strings.Fields(command) - head := parts[0] - parts = parts[1:len(parts)] - - // fmt.Println(command) - cmd := exec.Command(head, parts...) - var output bytes.Buffer - var stderr bytes.Buffer - cmd.Stdout = &output - cmd.Stderr = &stderr - if commandDirectory != "" { - if _, err := os.Stat(commandDirectory); err == nil { - cmd.Dir = commandDirectory - } else { - log.Panicln("Error applying manifests ", err) - } - } - err = cmd.Run() - if err != nil && !suppressErrors { - log.Panicln(fmt.Sprint(err) + ": " + stderr.String()) - } - return output -} diff --git a/deploy-as-code/egov-deployer/pkg/cmd/deployer/options.go b/deploy-as-code/egov-deployer/pkg/cmd/deployer/options.go deleted file mode 100644 index 0c2bd9092c..0000000000 --- a/deploy-as-code/egov-deployer/pkg/cmd/deployer/options.go +++ /dev/null @@ -1,11 +0,0 @@ -package deployer - -type Options struct { - DesiredProduct string - ProductVersion string - HelmDir string - Images string - Environment string - ClusterConfigs bool - Print bool -} diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml deleted file mode 100644 index 6a7c062f85..0000000000 --- a/deploy-as-code/helm/.sops.yaml +++ /dev/null @@ -1,181 +0,0 @@ -# creation rules are evaluated sequentially, the first match wins -creation_rules: - # upon creation of a file that matches the pattern *dev.yaml, - # KMS set A is used - # eGOV Internal ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/qa\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/playground\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/staging\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # ePASS ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/egov\-demo\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/epass\-prod\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/epass\-uat\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/93761f6b-a115-4ca2-870e-aeb2f66445f0' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/epass\-micro-prod\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/93761f6b-a115-4ca2-870e-aeb2f66445f0' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # CI ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/ci\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # BIHAR ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/bihar\-dev\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/biharUat\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/bihar\-prod\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'AAD898A8752588AAA792BEA9A4E8C1B8BCC1E58D' - - # UKD ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/ukd\-dev\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/ukd\-uat\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/ukd\-sdc\-prod\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/ukd\-sdc\-uat\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'AAD898A8752588AAA792BEA9A4E8C1B8BCC1E58D' - - - path_regex: environments/ukd\-sdc\-dev\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # PB ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/pb\-qa\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-uat\-secrets\.yaml$ # PMIDC-UAT - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-prod\-secrets\.yaml$ #PMIDC-PROD - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-uat-v2\-secrets\.yaml$ #PMIDC-PROD - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-prod-v2\-secrets\.yaml$ #PMIDC-PROD - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - #nugp --------------------------------------------------------------------------- - - path_regex: environments/nugp\-demo\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - #UP --------------------------------------------------------------------------- - - path_regex: environments/up\-dev\-secrets\.yaml$ #UP-DEV - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/up\-uat\-secrets\.yaml$ #up-uat - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/up\-prod\-secrets\.yaml$ #up-prod - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - path_regex: environments/single-instance\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - # pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - # DEFAULT ------------------------------------------------------------------------------------------------------------- # - # Finally, if the rules above have not matched, this one is a - # catchall that will encrypt the file using KMS set C - # The absence of a path_regex means it will match everything - - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - encrypted_regex: '^(secrets)$' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # - path_regex: environments/dev\.yaml$ - # encrypted_regex: '^(secrets)$' - # kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - # pgp: 'C7ED80C79625B40667A6FAD6774DE10645AAD1BB' diff --git a/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/Chart.yaml b/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/Chart.yaml deleted file mode 100644 index 9711e7f86f..0000000000 --- a/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v1 -name: pgr-ai-chatbot -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/values.yaml b/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/values.yaml deleted file mode 100644 index 4e4cfdfe56..0000000000 --- a/deploy-as-code/helm/charts/accelerators/pgr-ai-chatbot/values.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Common Labels -labels: - app: "pgr-ai-chatbot" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: false - context: "pgr-ai-chatbot" - -# Container Configs -image: - repository: "pgr-ai-chatbot" -replicas: "1" -healthChecks: - enabled: false -appType: "python" - -# Additional Container Envs -env: | - - name: OPENAI_API_KEY - valueFrom: - secretKeyRef: - name: pgr-ai-chatbot - key: openai_api_key - - name: TELEGRAM_BOT_TOKEN - valueFrom: - secretKeyRef: - name: pgr-ai-chatbot - key: telegram_bot_token - - name: REDIS_HOST - value: redis.backbone - - name: USERNAME - valueFrom: - secretKeyRef: - name: pgr-ai-chatbot - key: user_name - - name: PASSWORD - valueFrom: - secretKeyRef: - name: pgr-ai-chatbot - key: password - \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/CHANGELOG.md b/deploy-as-code/helm/charts/backbone-services/airflow/CHANGELOG.md deleted file mode 100644 index 788878e1bb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/CHANGELOG.md +++ /dev/null @@ -1,684 +0,0 @@ -# Changelog -All notable changes to this project will be documented in this file. - -This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html) and [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - -## [Unreleased] - TBD - -TBD - -## [8.5.3] - 2022-01-10 - -> 🟥 __Warning__ 🟥 -> -> Update to this version if you are using Kubernetes 1.20+ to prevent the scheduler's liveness probe causing a restart loop (issue:[#484](https://github.com/airflow-helm/charts/issues/484)). -> -> If you currently set `scheduler.livenessProbe.timeoutSeconds` or `pgbouncer.livenessProbe.timeoutSeconds` in your values, ensure you update them to the new default of `60`. - -### Changed -- the default `airflow.image` is now `apache/airflow:2.1.4-python3.8` - - __NOTE:__ this does not affect support for older airflow versions, see the [airflow version support matrix](https://github.com/airflow-helm/charts/tree/main/charts/airflow#airflow-version-support) - -### Fixed -- increase default `timeoutSeconds` for liveness probes ([#496](https://github.com/airflow-helm/charts/pull/496)) -- typo in `GIT_SYNC_MAX_SYNC_FAILURES` environment variable name ([#462](https://github.com/airflow-helm/charts/pull/462)) - -## [8.5.2] - 2021-08-25 - -> 🟥 __Warning__ 🟥 -> -> You must stop URL-encoding special characters in `externalDatabase.user`, the chart will now automatically do this for you.
-> (For example, don't replace `@` with `%40` anymore) - -### Changed -- special characters in `externalDatabase.user` are now automatically url-encoded ([#407](https://github.com/airflow-helm/charts/pull/407)) - - __WARNING:__ you must stop URL-encoding special characters in `externalDatabase.user` - -### Fixed -- self-signed certificates are now only generated for `client_tls_key_file` and `client_tls_cert_file` PgBouncer configs ([#404](https://github.com/airflow-helm/charts/pull/404)) - - __NOTE:__ solves `routines:ssl3_read_bytes:tlsv1 alert unknown ca`, caused by incorrectly trying to verify remote Postgres servers with a self-signed CA `server_tls_ca_file` -- flower pods are now correctly affected by default: nodeSelector, affinity, tolerations ([#405](https://github.com/airflow-helm/charts/pull/405)) - -## [8.5.1] - 2021-08-23 - -### Fixed -- fixed PgBouncer not working if `externalDatabase.database` or `postgresql.postgresqlDatabase` is not `"airflow"` ([#398](https://github.com/airflow-helm/charts/pull/398)) - -## [8.5.0] - 2021-08-19 - -> 🟨 __NOTE__ 🟨 -> -> This is an important upgrade for Postgres users, as it implements [PgBouncer](https://www.pgbouncer.org/) support, which should eliminate Postgres "too many connections" errors. -> -> If you are using `ingress.enabled` and Kubernetes `1.18` or earlier, you MUST set `ingress.apiVersion` to `networking.k8s.io/v1beta1`. -> -> If you are using the `XXXX.securityContext` values, consider using the new global `airflow.defaultSecurityContext` value, so that you don't have to update your values in future. -> -> If you are using the `XXXX.{nodeSelector,affinity,tolerations}` values, consider using the new global `airflow.{defaultNodeSelector,defaultAffinity,defaultTolerations}` values, so that you don't have to update your values in future. - -### Added -- PgBouncer is now supported (and enabled by default), see the new `pgbouncer.*` values ([#341](https://github.com/airflow-helm/charts/pull/341), [#330](https://github.com/airflow-helm/charts/pull/330)) - - __NOTE:__ this should eliminate Postgres "too many connections" errors -- created a new Deployment called `db-migrations` to manage airflow database schema upgrades ([#345](https://github.com/airflow-helm/charts/pull/345)) - - __NOTE:__ to go back to a post-install Job, set `airflow.dbMigrations.runAsJob` to `true` -- added the `airflow.webserverSecretKey` value with default `"THIS IS UNSAFE!"` ([#346](https://github.com/airflow-helm/charts/pull/346)) - - __WARNING:__ you should CHANGE this value for security -- added the `airflow.defaultSecurityContext` value with default `{fsGroup: 0}` ([#367](https://github.com/airflow-helm/charts/pull/367)) - - __NOTE:__ the default of `{fsGroup: 0}` should prevent filesystem permission errors in mounted volumes -- added `airflow.{defaultNodeSelector,defaultAffinity,defaultTolerations}` values ([#372](https://github.com/airflow-helm/charts/pull/372)) -- added `airflow.localSettings.*` values to make specifying `airflow_local_settings.py` easier ([#374](https://github.com/airflow-helm/charts/pull/374)) - -### Changed -- the Kubernetes Ingress now uses `networking.k8s.io/v1` for `apiVersion` by default ([#381](https://github.com/airflow-helm/charts/pull/381)) - - __WARNING:__ if using Kubernetes 1.18 or earlier, you MUST set `ingress.apiVersion` to `networking.k8s.io/v1beta1` - - __WARNING:__ if using Kubernetes 1.22+, you MUST set `ingress.apiVersion` to `networking.k8s.io/v1` (this is default) -- we now include git-sync containers in all Deployments ([#390](https://github.com/airflow-helm/charts/pull/390)) - - __NOTE:__ this allows "airflow plugins" and "python packages" to be stored in the DAGs repo -- we now use the official `/entrypoint` of the airflow container ([#386](https://github.com/airflow-helm/charts/pull/386)) - - __NOTE:__ this should fix OpenShift support -- the default `airflow.image` is now `apache/airflow:2.1.2-python3.8` - - __NOTE:__ this does not affect support for older airflow versions, see the [airflow version support matrix](https://github.com/airflow-helm/charts/tree/main/charts/airflow#airflow-version-support) -- the default `airflow.image.gid` is now `0` ([#388](https://github.com/airflow-helm/charts/pull/388)) -- any `airflow.extraPipPackages` are now installed in snyc Jobs/Deployments ([#354](https://github.com/airflow-helm/charts/pull/354)) -- we now include `airflow.{config,extraEnv}` in the pip-install containers ([#365](https://github.com/airflow-helm/charts/pull/365)) -- we now include `airflow.{config,extraEnv}` in the git-sync containers ([#380](https://github.com/airflow-helm/charts/pull/380)) -- we now include `airflow.extraContainers` in the flower Deployment ([#379](https://github.com/airflow-helm/charts/pull/379)) -- the KubernetesExecutor pod-template now respects the `airflow.image.*` values ([#352](https://github.com/airflow-helm/charts/pull/352)) -- added values validation for `externalDatabase.type` ([#348](https://github.com/airflow-helm/charts/pull/348)) - -### Fixed -- fixed the scheduler livenessProbe command ([#351](https://github.com/airflow-helm/charts/pull/351)) -- made the sync-users deployment close its db connection after each loop ([#320](https://github.com/airflow-helm/charts/pull/320)) -- stopped using `stringData` in Kubernetes Secrets ([#356](https://github.com/airflow-helm/charts/pull/356), [#391](https://github.com/airflow-helm/charts/pull/391)) -- fixed typos in sync/_helpers templates ([#366](https://github.com/airflow-helm/charts/pull/366), [#387](https://github.com/airflow-helm/charts/pull/387)) -- always include `airflow.env` last ([#385](https://github.com/airflow-helm/charts/pull/385)) - -### Removed -- removed the broken `flower.oauthDomains` value ([#383](https://github.com/airflow-helm/charts/pull/383)) - -### Docs -- significant rewrite of the post-install NOTES.txt ([#358](https://github.com/airflow-helm/charts/pull/358)) -- general cleanup of `values.yaml` docstrings ([#389](https://github.com/airflow-helm/charts/pull/389)) - -## [8.4.1] - 2021-07-12 - -> 🟨 __NOTE__ 🟨 -> -> Upgrade to this patch if you use a tool like [argo-cd](https://github.com/argoproj/argo-cd/) which runs `helm template ...` rather than `helm install ...` - -### Fixed -- remove Job dependency on `.Release.Revision` to prevent immutability errors ([#298](https://github.com/airflow-helm/charts/pull/298)) - - __NOTE:__ this is important for tools like argo-cd which never run `helm install ...`, causing `.Release.Revision` to never be incremented - -## [8.4.0] - 2021-07-09 - -### Added -- allow referencing Secrets/ConfigMaps in `airflow.{users,connections,pools,variables}` ([#281](https://github.com/airflow-helm/charts/pull/281)) - - __WARNING:__ the meaning of `airflow.{usersUpdate,connectionsUpdate,poolsUpdate,variablesUpdate}` have changed, - they now configure if a Deployment is created to perpetually sync `airflow.{users,connections,pools,variables}`, - or if a single Job is created on each `helm upgrade ...` - - __Docs:__ - - [How to create airflow users?](https://github.com/airflow-helm/charts/tree/main/charts/airflow#how-to-create-airflow-users) - - [How to create airflow connections?](https://github.com/airflow-helm/charts/tree/main/charts/airflow#how-to-create-airflow-connections) - - [How to create airflow variables?](https://github.com/airflow-helm/charts/tree/main/charts/airflow#how-to-create-airflow-variables) - - [How to create airflow pools?](https://github.com/airflow-helm/charts/tree/main/charts/airflow#how-to-create-airflow-pools) - - __New Values:__ - - `airflow.usersTemplates` - - `airflow.connectionsTemplates` - - `airflow.variablesTemplates` - - `airflow.sync`: - - `airflow.sync.resources` - - `airflow.sync.nodeSelector` - - `airflow.sync.affinity` - - `airflow.sync.tolerations` - - `airflow.sync.securityContext` - - `airflow.sync.podLabels` - - `airflow.sync.annotations` - - `airflow.sync.podAnnotations` - - `airflow.sync.safeToEvict` -- removed the need for `helmWait` value ([#266](https://github.com/airflow-helm/charts/pull/266)) - - __NOTE__: this is great for users of the `--wait` flag with `helm install ...` (which is common in tools like [argo-cd](https://github.com/argoproj/argo-cd/)) - -### Changed -- the default `airflow.image` is now `apache/airflow:2.1.1-python3.8` ([#286](https://github.com/airflow-helm/charts/issues/286)) - - __NOTE:__ this does not affect support for older versions, see the [airflow version support matrix](https://github.com/airflow-helm/charts/tree/main/charts/airflow#airflow-version-support) -- the `Chart.yaml` now explicitly specifies `apiVersion=v2` (requiring helm 3) ([#278](https://github.com/airflow-helm/charts/issues/278)) -- the `requirements.yaml` file was removed in preference of the `v2` dependencies method (specifying in `Chart.yaml`) ([#278](https://github.com/airflow-helm/charts/issues/278)) -- git-sync containers are now deployed in webserver, regardless of `airflow.legacyCommands` ([#288](https://github.com/airflow-helm/charts/pull/288)) - - __NOTE:__ this allows users who store airflow plugins in their git repo to see them in the webserver -- `wait-for-db-migrations` init-containers now work properly when `airflow.legacyCommands=true` ([#271](https://github.com/airflow-helm/charts/pull/271)) - - __NOTE:__ this is important for airflow `1.10.X`, as previously Pods would not actually wait, and so would CrashLoopBackoff until the `upgrade-db` Job had finished -- improve validation of `{logs,dags}.persistence.accessMode` ([#269](https://github.com/airflow-helm/charts/pull/269)) - -### Fixed -- include volumeMounts in init-containers ([#255](https://github.com/airflow-helm/charts/pull/255)) -- add `release` to worker Service selector ([#267](https://github.com/airflow-helm/charts/pull/267)) -- mount `dags-data` with `readOnly=true` if `accessMode=ReadOnlyMany` ([#268](https://github.com/airflow-helm/charts/pull/268)) -- only validate `ingress.{web,flower}.path` if `ingress.enabled=true` ([#270](https://github.com/airflow-helm/charts/pull/270)) -- multiple Schedulers could run if `legacyCommands=true` (due to rollingUpdate) ([#272](https://github.com/airflow-helm/charts/pull/272)) - -## [8.3.2] - 2021-06-30 -### Docs -- added this changelog ([#231](https://github.com/airflow-helm/charts/issues/231)) -- add description to each section of the README ([#162](https://github.com/airflow-helm/charts/issues/162)) -- add airflow <--> chart version support matrix ([#137](https://github.com/airflow-helm/charts/issues/137)) -- improve the README formatting - -## [8.3.1] - 2021-06-29 -### Docs -- fix(example): hpa of gke example doesn't work ([#225](https://github.com/airflow-helm/charts/issues/225)) - -## [8.3.0] - 2021-06-23 -### Added -- Add support for GIT_SYNC_MAX_FAILURES ([#182](https://github.com/airflow-helm/charts/issues/182)) - - `dags.gitSync.maxFailures` - -## [8.2.0] - 2021-06-03 -### Added -- Add redis properties configuration for external redis ([#200](https://github.com/airflow-helm/charts/issues/200)) - - `externalRedis.properties` - -## [8.1.3] - 2021-05-21 -### Docs -- Typo in docs for `airflow.pools` in README.md ([#207](https://github.com/airflow-helm/charts/issues/207)) -- README implies that Helm 2 is supported, but its not ([#184](https://github.com/airflow-helm/charts/issues/184)) - -## [8.1.2] - 2021-05-21 -### Fixed -- run jobs with airflow serviceAccount ([#201](https://github.com/airflow-helm/charts/issues/201)) - -## [8.1.1] - 2021-05-21 -### Docs -- Remove references to workers.celery.instances (which was removed in 8.0.0) ([#202](https://github.com/airflow-helm/charts/issues/202)) - -## [8.1.0] - 2021-05-11 -### Added -- Add `airflow.kubernetesPodTemplate.resources` value ([#175](https://github.com/airflow-helm/charts/issues/175)) - -## [8.0.9] - 2021-04-27 -### Fixed -- make check-db timeout 60s ([#181](https://github.com/airflow-helm/charts/issues/181)) -- move to `pip install --user` ([#168](https://github.com/airflow-helm/charts/issues/168)) ([#169](https://github.com/airflow-helm/charts/issues/169)) - -## [8.0.8] - 2021-04-20 -### Fixed -- don't include git-sync containers in webserver for airflow 2.0 ([#152](https://github.com/airflow-helm/charts/issues/152)) -- ensure dags git repo is cloned before containers start ([#124](https://github.com/airflow-helm/charts/issues/124)) -- introduce timeout for check-db init-container ([#153](https://github.com/airflow-helm/charts/issues/153)) -- only include git-sync init-container in pod_template if enabled ([#158](https://github.com/airflow-helm/charts/issues/158)) - -### Docs -- add docs for `externalDatabase.properties` in README - -## [8.0.7] - 2021-04-16 -### Fixed -- only include `checksum/config-pod-template` annotation for kubernetes_like executors ([#150](https://github.com/airflow-helm/charts/issues/150)) -- give more information in value validation errors ([#150](https://github.com/airflow-helm/charts/issues/150)) -- prevent embedded postgres/redis being enabled at same time as external ([#150](https://github.com/airflow-helm/charts/issues/150)) -- use _helper variable in pod_template envFrom ([#150](https://github.com/airflow-helm/charts/issues/150)) -- include `airflow.podAnnotations` in jobs ([#140](https://github.com/airflow-helm/charts/issues/140)) -- add int64 to validation, so int variables set in bash work ([#136](https://github.com/airflow-helm/charts/issues/136)) -- add missing pod labels to upgrade-db job ([#150](https://github.com/airflow-helm/charts/issues/150)) -- fix validation for wildcard ingress paths ([#144](https://github.com/airflow-helm/charts/issues/144)) -- fix incorrect variable usage for variablesUpdate ([#139](https://github.com/airflow-helm/charts/issues/139)) -- add validation for airflow version compatibility with `airflow.legacyCommands` state ([#150](https://github.com/airflow-helm/charts/issues/150)) -- make `ingress.web/flower.tls.secretName` optional ([#41](https://github.com/airflow-helm/charts/issues/41)) -- fix support for passwords with bash special characters ([#147](https://github.com/airflow-helm/charts/issues/147)) - -### Docs -- fix dockerfile code blocks in README ([#150](https://github.com/airflow-helm/charts/issues/150)) -- fix typo in connections example ([#148](https://github.com/airflow-helm/charts/issues/148)) -- add docs for using non-default airflow versions ([#150](https://github.com/airflow-helm/charts/issues/150)) - -## [8.0.6] - 2021-04-10 -### Fixed -- fix volume definition for logs-data with existing claim ([#128](https://github.com/airflow-helm/charts/issues/128)) - -## [8.0.5] - 2021-04-06 -### Fixed -- extract probe path from AIRFLOW__WEBSERVER__BASE_URL + ingress path validation ([#120](https://github.com/airflow-helm/charts/issues/120)) - -## [8.0.4] - 2021-04-05 -### Fixed -- add "Release" to template context dict ([#121](https://github.com/airflow-helm/charts/issues/121)) - -## [8.0.3] - 2021-04-05 -### Fixed -- fix wrong value for envFrom in pod_template ([#122](https://github.com/airflow-helm/charts/issues/122)) - -## [8.0.2] - 2021-03-28 -### Fixed -- properly fixes the following issues (which were not properly fixed in `8.0.1`): - - extraVolumeMounts and extraVolumes parsing error ([#98](https://github.com/airflow-helm/charts/issues/98)) - - Flower deployment fails with airflow.extraVolumeMounts set ([#101](https://github.com/airflow-helm/charts/issues/101)) -- fixes some bad wording on the airflow.config.AIRFLOW__CORE__DAGS_FOLDER value validation ([#108](https://github.com/airflow-helm/charts/issues/108)) -- addresses an issue with our PYTHONPATH when using `*.extraPipPackages`, which was overriding anything that the user set with `airflow.extraEnv` ([#106](https://github.com/airflow-helm/charts/issues/106)) -- fixes the PYTHONPATH not being set when using `airflow.kubernetesPodTemplate.extraPipPackages` with `pod_template.yaml` ([#108](https://github.com/airflow-helm/charts/issues/108)) - -## [8.0.1] - 2021-03-27 -### Added -- Added new value `helmWait`, which should be enabled when the `--wait` flag is used with `helm install` ([#102](https://github.com/airflow-helm/charts/issues/102)) - - WARNING: to prevent issues like #99 ensure any previous `upgrade-db` jobs are manually removed before install when `helmWait=true` (due to the immutability of Job specs) - -### Fixed -- Flower deployment fails with airflow.extraVolumeMounts set ([#101](https://github.com/airflow-helm/charts/issues/101)) -- `aiflow.extraVolumeMounts` and `airflow.extraVolumes` parsing error ([#98](https://github.com/airflow-helm/charts/issues/98)) -- Validation helper incorrectly requires `workers.enabled=true`([#97](https://github.com/airflow-helm/charts/issues/97)) - -## [8.0.0] - 2021-03-27 - -> 🟥 __Warning__ 🟥 -> -> This is a MAJOR update, meaning there are BREAKING changes -> -> Upgrading Tips: -> - to continue using Airflow `1.10.X`, please set `airflow.legacyCommands=true` -> - you might want to start from a fresh `values.yaml` file -> - before upgrading to airflow `2.X.X` check your [dags are compatible](https://airflow.apache.org/docs/apache-airflow/stable/upgrading-to-2.html#step-5-upgrade-airflow-dags) - -### Added -#### Feature Highlights: -- native support for "KubernetesExecutor", and "CeleryKubernetesExecutor", see the new `airflow.kubernetesPodTemplate.*` values -- native support for "webserver_config.py", see the new `web.webserverConfig.*` values -- native support for [Airflow 2.0's HA scheduler](https://airflow.apache.org/docs/apache-airflow/stable/scheduler.html#running-more-than-one-scheduler), see the new `scheduler.replicas` value -- significantly improved git-sync system by moving to [kubernetes/git-sync](https://github.com/kubernetes/git-sync) -- significantly improved pip installs by moving to an init-container -- added a [guide for integrating airflow with your "Microsoft AD" or "OAUTH"](README.md#how-to-authenticate-airflow-users-with-ldapoauth) -- general cleanup of almost every helm file -- significant docs/README rewrite - -#### Other Features: -- added `airflow.users` to help you create/update airflow web users: - - __WARNING:__ default settings create an admin user (user: __admin__ - password: __admin__), disable by setting `airflow.users` to `[]` -- added `airflow.connections` to help you create/update airflow connections: -- added `airflow.variables` to help you create/update airflow variables: -- added `airflow.pools` to help you create/update airflow pools: -- flower Pods are now affected by `airflow.extraPipPackages`, `airflow.extraVolumeMounts`, `airlfow.extraVolumes` -- you no longer need to set `web.readinessProbe.scheme` or `web.livenessProbe.scheme`, we now only use HTTPS if `AIRFLOW__WEBSERVER__WEB_SERVER_SSL_CERT` and `AIRFLOW__WEBSERVER__WEB_SERVER_SSL_KEY` are set -- airflow db upgrades are now managed with a post "helm upgrade" Job, meaning it only runs once per upgrade (rather than each time the scheduler starts) - -#### VALUES - Added: -
-Expand - -- `airflow.legacyCommands` -- `airflow.image.uid` -- `airflow.image.gid` -- `airflow.users` -- `airflow.usersUpdate` -- `airflow.connections` -- `airflow.connectionsUpdate` -- `airflow.variables` -- `airflow.variablesUpdate` -- `airflow.pools` -- `airflow.poolsUpdate` -- `airflow.kubernetesPodTemplate.stringOverride` -- `airflow.kubernetesPodTemplate.nodeSelector` -- `airflow.kubernetesPodTemplate.affinity` -- `airflow.kubernetesPodTemplate.tolerations` -- `airflow.kubernetesPodTemplate.podAnnotations` -- `airflow.kubernetesPodTemplate.securityContext` -- `airflow.kubernetesPodTemplate.extraPipPackages` -- `airflow.kubernetesPodTemplate.extraVolumeMounts` -- `airflow.kubernetesPodTemplate.extraVolumes` -- `scheduler.replicas` -- `scheduler.livenessProbe.timeoutSeconds` -- `scheduler.extraPipPackages` -- `scheduler.extraVolumeMounts` -- `scheduler.extraVolumes` -- `web.webserverConfig.stringOverride` -- `web.webserverConfig.existingSecret` -- `web.extraVolumeMounts` -- `web.extraVolumes` -- `workers.extraPipPackages` -- `workers.extraVolumeMounts` -- `workers.extraVolumes` -- `flower.readinessProbe.enabled` -- `flower.readinessProbe.initialDelaySeconds` -- `flower.readinessProbe.periodSeconds` -- `flower.readinessProbe.timeoutSeconds` -- `flower.readinessProbe.failureThreshold` -- `flower.livenessProbe.enabled` -- `flower.livenessProbe.initialDelaySeconds` -- `flower.livenessProbe.periodSeconds` -- `flower.livenessProbe.timeoutSeconds` -- `flower.livenessProbe.failureThreshold` -- `flower.extraPipPackages` -- `flower.extraVolumeMounts` -- `flower.extraVolumes` -- `dags.gitSync.enabled` -- `dags.gitSync.image.repository` -- `dags.gitSync.image.tag` -- `dags.gitSync.image.pullPolicy` -- `dags.gitSync.image.uid` -- `dags.gitSync.image.gid` -- `dags.gitSync.resources` -- `dags.gitSync.repo` -- `dags.gitSync.repoSubPath` -- `dags.gitSync.branch` -- `dags.gitSync.revision` -- `dags.gitSync.depth` -- `dags.gitSync.syncWait` -- `dags.gitSync.syncTimeout` -- `dags.gitSync.httpSecret` -- `dags.gitSync.httpSecretUsernameKey` -- `dags.gitSync.httpSecretPasswordKey` -- `dags.gitSync.sshSecret` -- `dags.gitSync.sshSecretKey` -- `dags.gitSync.sshKnownHosts` - -
- -### Changed -- the name of the `dags.persistence` PVC has changed from `HELM_RELEASE` to `HELM_RELEASE-dags`: - - __WARNING:__ you must manually migrate your dags to the new PVC if you had `dags.persistence.enabled = true` (but were not explicitly setting `dags.persistence.existingClaim`) - - __WARNING:__ be sure to download your dags from the `HELM_RELEASE` volume __BEFORE__ doing the upgrade (as helm may delete the old PVC, during the upgrade) - -#### VALUES - Changed Defaults: -
-Expand - -- `rbac.events` = `true` -- `scheduler.livenessProbe.initialDelaySeconds` = `10` -- `web.readinessProbe.enabled` = `true` -- `web.readinessProbe.timeoutSeconds` = `5` -- `web.livenessProbe.periodSeconds` = `10` -- `web.readinessProbe.failureThreshold` = `6` -- `web.livenessProbe.initialDelaySeconds` = `10` -- `web.livenessProbe.timeoutSeconds` = `5` -- `web.livenessProbe.failureThreshold` = `6` -- `scheduler.podDisruptionBudget.enabled` = `false` - -
- -### Removed -- the `XXX.extraConfigmapMounts`, `XXX.secretsDir`, `XXX.secrets`, `XXX.secretsMap` values have been removed, and replaced with `XXX.extraVolumes` and `XXX.extraVolumeMounts`, which use typical Kubernetes volume-mount syntax -- the `dags.installRequirements` value has been removed, please instead use the `XXX.extraPipPackages` values, this change was made for two main reasons: - 1. allowed us to move the pip-install commands into an init-container, which greatly simplifies pod-startup, and removes the need to set any kind of readiness-probe delay in Webserver/Flower Pods - 2. the installRequirements command only ran at Pod start up, meaning you would have to restart all your pods if you updated the `requirements.txt` in your git repo (which isn't very declarative) - -#### VALUES - Removed: -
-Expand - -- `airflow.extraConfigmapMounts` -- `scheduler.initialStartupDelay` -- `scheduler.preinitdb` -- `scheduler.initdb` -- `scheduler.connections` -- `scheduler.refreshConnections` -- `scheduler.existingSecretConnections` -- `scheduler.pools` -- `scheduler.variables` -- `scheduler.secretsDir` -- `scheduler.secrets` -- `scheduler.secretsMap` -- `web.initialStartupDelay` -- `web.minReadySeconds` -- `web.baseUrl` -- `web.serializeDAGs` -- `web.readinessProbe.scheme` -- `web.readinessProbe.successThreshold` -- `web.livenessProbe.scheme` -- `web.livenessProbe.successThreshold` -- `web.secretsDir` -- `web.secrets` -- `web.secretsMap` -- `workers.celery.instances` -- `workers.initialStartupDelay` -- `workers.secretsDir` -- `workers.secrets` -- `workers.secretsMap` -- `flower.initialStartupDelay` -- `flower.minReadySeconds` -- `flower.extraConfigmapMounts` -- `flower.urlPrefix` -- `flower.secretsDir` -- `flower.secrets` -- `flower.secretsMap` -- `dags.doNotPickle` -- `dags.installRequirements` -- `dags.git.url` -- `dags.git.ref` -- `dags.git.secret` -- `dags.git.sshKeyscan` -- `dags.git.privateKeyName` -- `dags.git.repoHost` -- `dags.git.repoPort` -- `dags.git.gitSync.enabled` -- `dags.git.gitSync.resources` -- `dags.git.gitSync.image` -- `dags.git.gitSync.refreshTime` -- `dags.git.gitSync.mountPath` -- `dags.git.gitSync.syncSubPath` -- `dags.initContainer.enabled` -- `dags.initContainer.resources` -- `dags.initContainer.image.repository` -- `dags.initContainer.image.tag` -- `dags.initContainer.image.pullPolicy` -- `dags.initContainer.mountPath` -- `dags.initContainer.syncSubPath` -- `ingress.web.livenessPath` -- `ingress.flower.livenessPath` - -
- -## [7.16.0] - 2020-12-23 -### Added -- scheduler kubernetes secrets ([#48](https://github.com/airflow-helm/charts/issues/48)) - - `scheduler.secretsDir` - - `scheduler.secrets` - - `scheduler.secretsMap` - -## [7.15.0] - 2020-12-15 -### Changed -- We now use `airflow upgradedb || airflow db upgrade` instead of `airflow initdb` with the following values ([#39](https://github.com/airflow-helm/charts/issues/39)) - - `scheduler.initdb` - - `scheduler.preinitdb` -- Changed image `pullPolicy` values defaults ([#39](https://github.com/airflow-helm/charts/issues/39)) - - `dags.git.gitSync.image.pullPolicy = IfNotPresent` - - `dags.initContainer.image.pullPolicy = IfNotPresent` - -### Docs -- Update docs for Dag Storage option 1 ([#33](https://github.com/airflow-helm/charts/issues/33)) - -## [7.14.3] - 2020-11-24 -### Fixed -- fix quoting of "$" in connections ([#18](https://github.com/airflow-helm/charts/issues/18)) - -## [7.14.2] - 2020-11-24 -### Docs -- improve README ([#17](https://github.com/airflow-helm/charts/issues/17)) - -## [7.14.1] - 2020-11-24 -### Fixed -- Allow local development with Skaffold ([#7](https://github.com/airflow-helm/charts/issues/7)) - -## [7.14.0] - 2020-11-05 - -> 🟥 __Warning__ 🟥 -> -> This is the first version after migrating to the new repo:
-> https://github.com/airflow-helm/charts/tree/main/charts/airflow -> -> All versions before `7.14.0` are ONLY available in the legacy repo:
-> https://github.com/helm/charts/tree/master/stable/airflow - -> 🟨 __Note__ 🟨 -> -> There were NO changes from `7.13.2` in this version - -## 7.13.0 - 20XX-XX-XX -### Added -- `flower.oauthDomains` - -## 7.12.0 - 20XX-XX-XX -### Added -- `ingress.web.labels` -- `ingress.flower.labels` -- `ingress.flower.precedingPaths` -- `ingress.flower.succeedingPaths` - -## 7.11.0 - 20XX-XX-XX -### Added -- You can now use an externally created Secret to store airflow connections. (Rather than storing them in plain-text with `scheduler.connections`) - - `scheduler.existingSecretConnections` - -## 7.10.0 - 20XX-XX-XX -### Changed -- We now make use of the _CMD variables for `AIRFLOW__CORE__SQL_ALCHEMY_CONN_CMD`, `AIRFLOW__CELERY__RESULT_BACKEND_CMD`, and `AIRFLOW__CELERY__BROKER_URL_CMD`: - - This fixes the Scheduler liveness probe implemented in `7.8.0` - - This allows using `kubectl exec` to run commands like `airflow create_user` -- Configs passed with `airflow.config` are now passed as-defined in your values.yaml - - This fixes an issue where people had to escape `"` characters in JSON strings - -## 7.9.0 - 20XX-XX-XX -### Changed -- You can now give the airflow ServiceAccount GET/LIST on Event resources - - This is needed for `KubernetesPodOperator(log_events_on_failure=True)` - - To enable, set `rbac.events = true` (Default: `false`) - -## 7.8.0 - 20XX-XX-XX -### Added -- The scheduler now has a liveness probe which will force the pod to restart if it becomes unhealthy for more than some threshold of time (default: 150sec) - - WARNING: this is on by default, but can be disabled with: `scheduler.livenessProbe.enabled` - - `scheduler.livenessProbe.enabled` - - `scheduler.livenessProbe.initialDelaySeconds` - - `scheduler.livenessProbe.periodSeconds` - - `scheduler.livenessProbe.failureThreshold` - -### Changed -- Upgraded to Airflow: 1.10.12 - -## 7.7.0 - 20XX-XX-XX -### Fixed -- `redis.existingSecretKey` in `values.yaml` was corrected to `redis.existingSecretPasswordKey` (to align with [stable/redis](https://github.com/helm/charts/tree/master/stable/redis)) - -## 7.6.0 - 20XX-XX-XX - -> 🟨 __Note__ 🟨 -> -> We now annotate all pods with `cluster-autoscaler.kubernetes.io/safe-to-evict` by default -> -> GKE's cluster-autoscaler will not honor a `gracefulTerminationPeriod` of more than 10min, if your jobs need more than this amount of time to finish, please set `workers.safeToEvict = false` - -### Added -- You can now configure `safe-to-evict` annotations (so that pods with emptyDir Volumes can be evicted by cluster-autoscaler) - - `flower.safeToEvict` - - `scheduler.safeToEvict` - - `web.safeToEvict` - - `workers.safeToEvict` -- You can now create PodDisruptionBudgets for all components: {flower, webserver, worker} - - `flower.podDisruptionBudget.*` - - `web.podDisruptionBudget.*` - - `workers.podDisruptionBudget.*` -- You can now run multiple instances of flower - - `flower.replicas` -- You can now specify minReadySeconds for flower - - `flower.minReadySeconds` - -### Changed -- The chart YAML has been refactored -- Default values of embedded charts (postgres, redis) have been set with `safe-to-evit` annotations: - - `postgresql.master.podAnnotations = {"cluster-autoscaler.kubernetes.io/safe-to-evict": "true"}` - - `redis.master.podAnnotations = {"cluster-autoscaler.kubernetes.io/safe-to-evict": "true"}` - - `redis.slave.podAnnotations = {"cluster-autoscaler.kubernetes.io/safe-to-evict": "true"}` -- The chart now forces the correct INTERNAL ports to be used (NOTE: this will not prevent you changing Service/Ingress ports) - -## 7.5.0 - 20XX-XX-XX -### Added -- Added an ability to setup external database connection properties for TLS or other advanced parameters - - `externalDatabase.properties` - -## 7.4.0 - 20XX-XX-XX -### Added -- `workers.celery.gracefullTerminationPeriod` - - WARNING: if you currently use a high value of `workers.terminationPeriod`, consider lowering it to 60 and setting a high value for `workers.celery.gracefullTerminationPeriod` - -### Changed -- Reduced how likely it is for a celery worker to receive SIGKILL with graceful termination enabled. New celery worker graceful shutdown lifecycle: - 1. prevent worker accepting new tasks - 1. wait AT MOST `workers.celery.gracefullTerminationPeriod` for tasks to finish - 1. send SIGTERM to worker - 1. wait AT MOST `workers.terminationPeriod` for kill to finish - 1. send SIGKILL to worker - -## 7.3.0 - 20XX-XX-XX -### Added -- Added an ability to specify a specific port for Flower when using NodePort service type - - `flower.service.nodePort.http` - -## 7.2.0 - 20XX-XX-XX -### Added -- Fixed Flower's liveness probe when Basic Authentication is enabled for Flower. You can specify a basic auth value via a Kubernetes Secret using the values `flower.basicAuthSecret` and `flower.basicAuthSecretKey`. The secret value will get encoded and included in the liveness probe's header. - -## 7.1.0 - 20XX-XX-XX -### Added -#### Feature Highlights: -- We have dramatically reduced the start time of airflow pods. -- This was mostly achieved by removing arbitrary delays in the start commands for airflow pods. -- If you still want these delays, please set the added `*.initialStartupDelay` to non-zero values. -- We have improved support for when `airflow.executor` is set to `KubernetesExecutor`: - - redis configs/components are no longer deployed - - we now set `AIRFLOW__KUBERNETES__NAMESPACE`, `AIRFLOW__KUBERNETES__WORKER_SERVICE_ACCOUNT_NAME`, and `AIRFLOW__KUBERNETES__ENV_FROM_CONFIGMAP_REF` -- We have fixed an error caused by including a `'` in your redis/postgres/mysql password. -- We have reverted a change in 7.0.0 which prevented the use of airflow docker images with embedded DAGs. - - (Just ensure that `dags.initContainer.enabled` and `git.gitSync.enabled` are `false`) -- The `AIRFLOW__CORE__SQL_ALCHEMY_CONN`, `AIRFLOW__CELERY__RESULT_BACKEND`, and `AIRFLOW__CELERY__BROKER_URL` environment variables are now available if you `kubectl exec ...` into airflow Pods. -- We have improved the script used when `workers.celery.gracefullTermination` is `true`. -- We have fixed an error with pools in `scheduler.pools` not being added to the scheduler. -- We have fixed an error with the `scheduler.preinitdb` container not knowing the database connection string. - -#### New Values: -- `scheduler.initialStartupDelay` -- `workers.initialStartupDelay` -- `flower.initialStartupDelay` -- `web.readinessProbe.enabled` -- `web.livenessProbe.enabled` - -### Changed -- `airflow.fernetKey` - - ~~Is now `""` by default, to enforce that users generate a custom one.~~ - ~~(However, please consider using `airflow.extraEnv` to define it from a pre-created secret)~~ - __(We have undone this change in `7.1.1`, but we still encourage you to set a custom fernetKey!)__ -- `dags.installRequirements` - - Is now `false` by default, as this was an unintended change with the 7.0.0 upgrade. - -## 7.0.0 - 20XX-XX-XX - -> 🟨 __Note__ 🟨 -> -> To read more about versions `7.0.0` and before, please see the legacy repo:
-> https://github.com/helm/charts/tree/master/stable/airflow - -[Unreleased]: https://github.com/airflow-helm/charts/compare/airflow-8.5.2...HEAD -[8.5.3]: https://github.com/airflow-helm/charts/compare/airflow-8.5.2...airflow-8.5.3 -[8.5.2]: https://github.com/airflow-helm/charts/compare/airflow-8.5.1...airflow-8.5.2 -[8.5.1]: https://github.com/airflow-helm/charts/compare/airflow-8.5.0...airflow-8.5.1 -[8.5.0]: https://github.com/airflow-helm/charts/compare/airflow-8.4.1...airflow-8.5.0 -[8.4.1]: https://github.com/airflow-helm/charts/compare/airflow-8.4.0...airflow-8.4.1 -[8.4.0]: https://github.com/airflow-helm/charts/compare/airflow-8.3.2...airflow-8.4.0 -[8.3.2]: https://github.com/airflow-helm/charts/compare/airflow-8.3.1...airflow-8.3.2 -[8.3.1]: https://github.com/airflow-helm/charts/compare/airflow-8.3.0...airflow-8.3.1 -[8.3.0]: https://github.com/airflow-helm/charts/compare/airflow-8.2.0...airflow-8.3.0 -[8.2.0]: https://github.com/airflow-helm/charts/compare/airflow-8.1.3...airflow-8.2.0 -[8.1.3]: https://github.com/airflow-helm/charts/compare/airflow-8.1.2...airflow-8.1.3 -[8.1.2]: https://github.com/airflow-helm/charts/compare/airflow-8.1.1...airflow-8.1.2 -[8.1.1]: https://github.com/airflow-helm/charts/compare/airflow-8.1.0...airflow-8.1.1 -[8.1.0]: https://github.com/airflow-helm/charts/compare/airflow-8.0.9...airflow-8.1.0 -[8.0.9]: https://github.com/airflow-helm/charts/compare/airflow-8.0.8...airflow-8.0.9 -[8.0.8]: https://github.com/airflow-helm/charts/compare/airflow-8.0.7...airflow-8.0.8 -[8.0.7]: https://github.com/airflow-helm/charts/compare/airflow-8.0.6...airflow-8.0.7 -[8.0.6]: https://github.com/airflow-helm/charts/compare/airflow-8.0.5...airflow-8.0.6 -[8.0.5]: https://github.com/airflow-helm/charts/compare/airflow-8.0.4...airflow-8.0.5 -[8.0.4]: https://github.com/airflow-helm/charts/compare/airflow-8.0.3...airflow-8.0.4 -[8.0.3]: https://github.com/airflow-helm/charts/compare/airflow-8.0.2...airflow-8.0.3 -[8.0.2]: https://github.com/airflow-helm/charts/compare/airflow-8.0.1...airflow-8.0.2 -[8.0.1]: https://github.com/airflow-helm/charts/compare/airflow-8.0.0...airflow-8.0.1 -[8.0.0]: https://github.com/airflow-helm/charts/compare/airflow-7.16.0...airflow-8.0.0 -[7.16.0]: https://github.com/airflow-helm/charts/compare/airflow-7.15.0...airflow-7.16.0 -[7.15.0]: https://github.com/airflow-helm/charts/compare/airflow-7.14.3...airflow-7.15.0 -[7.14.3]: https://github.com/airflow-helm/charts/compare/airflow-7.14.2...airflow-7.14.3 -[7.14.2]: https://github.com/airflow-helm/charts/compare/airflow-7.14.1...airflow-7.14.2 -[7.14.1]: https://github.com/airflow-helm/charts/compare/airflow-7.14.0...airflow-7.14.1 -[7.14.0]: https://github.com/airflow-helm/charts/compare/airflow-7.14.0...airflow-7.14.0 \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/CONTRIBUTING.md b/deploy-as-code/helm/charts/backbone-services/airflow/CONTRIBUTING.md deleted file mode 100644 index 4f39b4aecc..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/CONTRIBUTING.md +++ /dev/null @@ -1,90 +0,0 @@ -# Contributing Guidelines - -Contributions are welcome via GitHub pull requests. - -## Sign Your Work - -To certify you agree to the [Developer Certificate of Origin](https://developercertificate.org/) you must sign-off each commit message using `git commit --signoff`, or manually write the following: -```text -This is my commit message - -Signed-off-by: John Smith -``` - -The text of the agreement is: -```text -Developer Certificate of Origin -Version 1.1 - -Copyright (C) 2004, 2006 The Linux Foundation and its contributors. -1 Letterman Drive -Suite D4700 -San Francisco, CA, 94129 - -Everyone is permitted to copy and distribute verbatim copies of this -license document, but changing it is not allowed. - -Developer's Certificate of Origin 1.1 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the best - of my knowledge, is covered under an appropriate open source - license and I have the right under that license to submit that - work with modifications, whether created in whole or in part - by me, under the same open source license (unless I am - permitted to submit under a different license), as indicated - in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including all - personal information I submit with it, including my sign-off) is - maintained indefinitely and may be redistributed consistent with - this project or the open source license(s) involved. -``` - -## Semantic Commit Messages - -All commit messages and PR names must pass the [zeke/semantic-pull-requests](https://github.com/zeke/semantic-pull-requests) check. - -Here are some example semantic commit messages: -- `feat: a new feature` -- `fix: a bug fix` -- `docs: documentation only change` -- `style: fix formatting/white-space/etc` -- `refactor: code change that neither fixes a bug nor adds a feature` -- `test: add or update tests` -- `ci: changes to CI configs` -- `chore: other changes that dont modify code` -- `revert: revert a commit` - -## Documentation - -Most non-patch changes will require documentation updates. - -If you __ADD a value__: -- ensure the value has a descriptive docstring in `values.yaml` -- ensure the value is listed under `Values Reference` in [README.md](README.md#values-reference) - - Note, only directly include the value if it's a top-level value like `airflow.level_1`, otherwise only include `airflow.level_1.*` - -If you __bump the version__: -- add a heading for the new version to [CHANGELOG.md](CHANGELOG.md) (and comparison link, at bottom of file) - -## Linting - -Please ensure `ct lint` from [chart-testing](https://github.com/helm/chart-testing) succeeds. - -## Versioning - -The chart `version` should follow [SemVer](https://semver.org/): -- If you __REMOVE/CHANGE a value__ → bump a MAJOR version -- If you __ADD a value__ → bump a MINOR version -- If you __fix a bug__ → bump a PATCH version diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/Chart.yaml deleted file mode 100644 index 0aef7fc940..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v2 -description: Airflow Helm Chart (User Community) - used to deploy Apache Airflow on Kubernetes -name: airflow -version: 8.5.3 -appVersion: 2.1.4 -icon: https://airflow.apache.org/_images/pin_large.png -home: https://github.com/airflow-helm/charts -maintainers: - - name: thesuperzapper - url: https://github.com/thesuperzapper - - name: gsemet - url: https://github.com/gsemet -sources: - - https://github.com/airflow-helm/charts/tree/main/charts/airflow -keywords: - - airflow - - dag - - workflow - diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/README.md b/deploy-as-code/helm/charts/backbone-services/airflow/README.md deleted file mode 100644 index c24be58dbc..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/README.md +++ /dev/null @@ -1,2134 +0,0 @@ -# Airflow Helm Chart (User Community) - -__Previously known as `stable/airflow`__ - -[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/airflow-helm)](https://artifacthub.io/packages/helm/airflow-helm/airflow) - -## About - -The `Airflow Helm Chart (User Community)` provides a standard way to deploy [Apache Airflow](https://airflow.apache.org/) on Kubernetes with Helm, and is used by thousands of companies for production deployments of Airflow. - -### Goals: - -(1) Ease of Use
-(2) Great Documentation
-(3) Support for older Airflow Versions
-(4) Support for Kubernetes GitOps Tools (like ArgoCD) - -### History: - -The `Airflow Helm Chart (User Community)` is a popular alternative to the official chart released in 2021 inside the `apache/airflow` git repository. -It was created in 2018 and was previously called `stable/airflow` when it lived in the (now end-of-life) [helm/charts](https://github.com/helm/charts/tree/master/stable/airflow) repository. - -### Airflow Version Support: - -Chart Version →
Airflow Version ↓ | `7.X.X` | `8.X.X` | ---- | --- | --- -`1.10.X` | ✅ | ✅️ [1] -`2.0.X`| ❌ | ✅ -`2.1.X`| ❌ | ✅ - -[1] you must set `airflow.legacyCommands = true` to use airflow version `1.10.X` with chart version `8.X.X` - -### Airflow Executor Support: - -Chart Version →
Airflow Executor ↓ | `7.X.X` | `8.X.X` | ---- | --- | --- -`CeleryExecutor` | ✅ | ✅ -`KubernetesExecutor` | ✅️ [1] | ✅ -`CeleryKubernetesExecutor` | ❌ | ✅ - -[1] we encourage you to use chart version `8.X.X`, so you can use the `airflow.kubernetesPodTemplate.*` values (note, requires airflow `1.10.11+`, as it uses [AIRFLOW__KUBERNETES__POD_TEMPLATE_FILE](https://airflow.apache.org/docs/apache-airflow/2.1.0/configurations-ref.html#pod-template-file)) - - -## Quickstart Guide - -### Install: - -__(Step 1) - Add this helm repository:__ -```sh -## add this helm repository & pull updates from it -helm repo add airflow-stable https://airflow-helm.github.io/charts -helm repo update -``` - -__(Step 2) - Install this chart:__ -```sh -## set the release-name & namespace -export AIRFLOW_NAME="airflow-cluster" -export AIRFLOW_NAMESPACE="airflow-cluster" - -## install using helm 3 -helm install \ - $AIRFLOW_NAME \ - airflow-stable/airflow \ - --namespace $AIRFLOW_NAMESPACE \ - --version "8.X.X" \ - --values ./custom-values.yaml - -## wait until the above command returns (may take a while) -``` - -__(Step 3) - Locally expose the airflow webserver:__ -```sh -## port-forward the airflow webserver -kubectl port-forward svc/${AIRFLOW_NAME}-web 8080:8080 --namespace $AIRFLOW_NAMESPACE - -## open your browser to: http://localhost:8080 -## default login: admin/admin -``` - -### Upgrade: - -> __WARNING__: always consult the [CHANGELOG](CHANGELOG.md) before upgrading chart versions - -```yaml -## pull updates from the helm repository -helm repo update - -## apply any new values // upgrade chart version to 8.X.X -helm upgrade \ - $AIRFLOW_NAME \ - airflow-stable/airflow \ - --namespace $AIRFLOW_NAMESPACE \ - --version "8.X.X" \ - --values ./custom-values.yaml -``` - -### Uninstall: - -```yaml -## uninstall the chart -helm uninstall $AIRFLOW_NAME --namespace $AIRFLOW_NAMESPACE -``` - -### Examples: - -To help you create your `custom-values.yaml` file, we provide some examples for common situations: - -- ["Minikube - CeleryExecutor"](examples/minikube/custom-values.yaml) -- ["Google (GKE) - CeleryExecutor"](examples/google-gke/custom-values.yaml) - -### Frequently Asked Questions: - -> __NOTE:__ some values are not discussed in the `FAQ`, you can view the default [values.yaml](values.yaml) file for a full list of values - -Review the FAQ to understand how the chart functions, here are some good starting points: - -- ["How to use a specific version of airflow?"](#how-to-use-a-specific-version-of-airflow) -- ["How to set airflow configs?"](#how-to-set-airflow-configs) -- ["How to create airflow users?"](#how-to-create-airflow-users) -- ["How to authenticate airflow users with LDAP/OAUTH?"](#how-to-authenticate-airflow-users-with-ldapoauth) -- ["How to create airflow connections?"](#how-to-create-airflow-connections) -- ["How to use an external database?"](#how-to-use-an-external-database) -- ["How to persist airflow logs?"](#how-to-persist-airflow-logs) -- ["How to set up an Ingress?"](#how-to-set-up-an-ingress) - -## FAQ - Airflow - -> __Frequently asked questions related to airflow configs__ - -### How to use a specific version of airflow? -
-Expand -
- -There will always be a single default version of airflow shipped with this chart, see `airflow.image.*` in [values.yaml](values.yaml) for the current one, but other versions are supported, please see the [Airflow Version Support](#airflow-version-support) matrix. - -For example, using airflow `2.0.1`, with python `3.6`: -```yaml -airflow: - image: - repository: apache/airflow - tag: 2.0.1-python3.6 -``` - -For example, using airflow `1.10.15`, with python `3.8`: -```yaml -airflow: - # this must be "true" for airflow 1.10 - legacyCommands: true - - image: - repository: apache/airflow - tag: 1.10.15-python3.8 -``` - -
-
- -### How to set airflow configs? -
-Expand -
- -While we don't expose the "airflow.cfg" file directly, you can use [environment variables](https://airflow.apache.org/docs/stable/howto/set-config.html) to set Airflow configs. - -The `airflow.config` value makes this easier, each key-value is mounted as an environment variable on each scheduler/web/worker/flower Pod: -```yaml -airflow: - config: - ## security - AIRFLOW__WEBSERVER__EXPOSE_CONFIG: "False" - - ## dags - AIRFLOW__CORE__LOAD_EXAMPLES: "False" - AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: "30" - - ## email - AIRFLOW__EMAIL__EMAIL_BACKEND: "airflow.utils.email.send_email_smtp" - AIRFLOW__SMTP__SMTP_HOST: "smtpmail.example.com" - AIRFLOW__SMTP__SMTP_MAIL_FROM: "admin@example.com" - AIRFLOW__SMTP__SMTP_PORT: "25" - AIRFLOW__SMTP__SMTP_SSL: "False" - AIRFLOW__SMTP__SMTP_STARTTLS: "False" - - ## domain used in airflow emails - AIRFLOW__WEBSERVER__BASE_URL: "http://airflow.example.com" - - ## ether environment variables - HTTP_PROXY: "http://proxy.example.com:8080" -``` - -If you want to set [cluster policies](https://airflow.apache.org/docs/apache-airflow/stable/concepts/cluster-policies.html) with an `airflow_local_settings.py` file, you can use the `airflow.localSettings.*` values: -```yaml -airflow: - localSettings: - ## the full content of the `airflow_local_settings.py` file (as a string) - stringOverride: | - # use a custom `xcom_sidecar` image for KubernetesPodOperator() - from airflow.kubernetes.pod_generator import PodDefaults - PodDefaults.SIDECAR_CONTAINER.image = "gcr.io/PROJECT-ID/custom-sidecar-image" - - ## the name of a Secret containing a `airflow_local_settings.py` key - ## (if set, this disables `airflow.localSettings.stringOverride`) - #existingSecret: "my-airflow-local-settings" -``` - -
-
- -### How to store DAGs? -
-Expand -
- -

Option 1a - git-sync sidecar (SSH auth)

- -This method uses an SSH git-sync sidecar to sync your git repo into the dag folder every `dags.gitSync.syncWait` seconds. - -Example values defining an SSH git repo: -```yaml -airflow: - config: - AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: 60 - -dags: - gitSync: - enabled: true - repo: "git@github.com:USERNAME/REPOSITORY.git" - branch: "master" - revision: "HEAD" - syncWait: 60 - sshSecret: "airflow-ssh-git-secret" - sshSecretKey: "id_rsa" - - # "known_hosts" verification can be disabled by setting to "" - sshKnownHosts: |- - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== -``` - -You can create the `airflow-ssh-git-secret` Secret using: -```console -kubectl create secret generic \ - airflow-ssh-git-secret \ - --from-file=id_rsa=$HOME/.ssh/id_rsa \ - --namespace my-airflow-namespace -``` - -

Option 1b - git-sync sidecar (HTTP auth)

- -This method uses an HTTP git sidecar to sync your git repo into the dag folder every `dags.gitSync.syncWait` seconds. - -Example values defining an HTTP git repo: -```yaml -airflow: - config: - AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: 60 - -dags: - gitSync: - enabled: true - repo: "https://github.com/USERNAME/REPOSITORY.git" - branch: "master" - revision: "HEAD" - syncWait: 60 - httpSecret: "airflow-http-git-secret" - httpSecretUsernameKey: username - httpSecretPasswordKey: password -``` - -You can create `airflow-http-git-secret` Secret using: -```console -kubectl create secret generic \ - airflow-http-git-secret \ - --from-literal=username=MY_GIT_USERNAME \ - --from-literal=password=MY_GIT_TOKEN \ - --namespace my-airflow-namespace -``` - -

Option 2a - PersistentVolumeClaim (chart-managed)

- -With this method, you store your DAGs in a Kubernetes PersistentVolume, which is mounted to all scheduler/web/worker Pods. -You must configure some external system to ensure this volume has your latest DAGs. -For example, you could use your CI/CD pipeline system to preform a sync as changes are pushed to your DAGs git repo. - -Example values to create a PVC with the `storageClass` called `default` and 1Gi initial `size`: -```yaml -dags: - persistence: - enabled: true - storageClass: default - accessMode: ReadOnlyMany - size: 1Gi -``` - -

Option 2b - PersistentVolumeClaim (existing / user-managed)

- -> 🟨 __Note__ 🟨 -> -> Your `dags.persistence.existingClaim` PVC must support `ReadOnlyMany` or `ReadWriteMany` for `accessMode` - -Example values to use an existing PVC called `my-dags-pvc`: -```yaml -dags: - persistence: - enabled: true - existingClaim: my-dags-pvc - accessMode: ReadOnlyMany -``` - -

Option 3 - embedded into container image

- -> 🟨 __Note__ 🟨 -> -> This chart uses the official [apache/airflow](https://hub.docker.com/r/apache/airflow) images, consult airflow's official [docs about custom images](https://airflow.apache.org/docs/apache-airflow/2.0.1/production-deployment.html#production-container-images) - -This method stores your DAGs inside the container image. - -Example extending `airflow:2.0.1-python3.8` with some dags: -```dockerfile -FROM apache/airflow:2.0.1-python3.8 - -# NOTE: dag path is set with the `dags.path` value -COPY ./my_dag_folder /opt/airflow/dags -``` - -Example values to use `MY_REPO:MY_TAG` container image with the chart: -```yaml -airflow: - image: - repository: MY_REPO - tag: MY_TAG -``` - -
-
- -### How to install extra pip packages? -
-Expand -
- -

Option 1 - use init-containers

- -> 🟥 __Warning__ 🟥 -> -> We strongly advice that you DO NOT TO USE this feature in production, instead please use "Option 2" - -You can use the `airflow.extraPipPackages` value to install pip packages on all Pods, you can also use the more specific `scheduler.extraPipPackages`, `web.extraPipPackages`, `worker.extraPipPackages` and `flower.extraPipPackages`. -Packages defined with the more specific values will take precedence over `airflow.extraPipPackages`, as they are listed at the end of the `pip install ...` command, and pip takes the package version which is __defined last__. - -Example values for installing the `airflow-exporter` package on all scheduler/web/worker/flower Pods: -```yaml -airflow: - extraPipPackages: - - "airflow-exporter~=1.4.1" -``` - -Example values for installing PyTorch on the scheduler/worker Pods only: -```yaml -scheduler: - extraPipPackages: - - "torch~=1.8.0" - -worker: - extraPipPackages: - - "torch~=1.8.0" -``` - -Example values to install pip packages from a private pip `--index-url`: -```yaml -airflow: - config: - ## pip configs can be set with environment variables - PIP_TIMEOUT: 60 - PIP_INDEX_URL: https://:@example.com/packages/simple/ - PIP_TRUSTED_HOST: example.com - - extraPipPackages: - - "my-internal-package==1.0.0" -``` - -

Option 2 - embedded into container image (recommended)

- -This chart uses the official [apache/airflow](https://hub.docker.com/r/apache/airflow) images, consult airflow's official [docs about custom images](https://airflow.apache.org/docs/apache-airflow/2.0.1/production-deployment.html#production-container-images), you can extend the airflow container image with your pip packages. - -For example, extending `airflow:2.0.1-python3.8` with the `torch` package: -```dockerfile -FROM apache/airflow:2.0.1-python3.8 - -# install your pip packages -RUN pip install torch~=1.8.0 -``` - -Example values to use your `MY_REPO:MY_TAG` container image: -```yaml -airflow: - image: - repository: MY_REPO - tag: MY_TAG -``` - -
-
- -### How to create airflow users? -
-Expand -
- -

Option 1 - use plain-text

- -You can use the `airflow.users` value to create airflow users in a declarative way. - -Example values to create `admin` (with "Admin" RBAC role) and `user` (with "User" RBAC role): -```yaml -airflow: - users: - - username: admin - password: admin - role: Admin - email: admin@example.com - firstName: admin - lastName: admin - - username: user - password: user123 - ## TIP: `role` can be a single role or a list of roles - role: - - User - - Viewer - email: user@example.com - firstName: user - lastName: user - - ## if we create a Deployment to perpetually sync `airflow.users` - usersUpdate: true -``` - -

Option 2 - use templates from Secrets/ConfigMaps

- -> 🟨 __Note__ 🟨 -> -> If `airflow.usersUpdate = true`, the users which use `airflow.usersTemplates` will be updated in real-time, allowing tools like [external-secrets](https://github.com/external-secrets/kubernetes-external-secrets) to be used. - -You can use `airflow.usersTemplates` to extract string templates from keys in Secrets or Configmaps. - -Example values to use templates from `Secret/my-secret` and `ConfigMap/my-configmap` in parts of the `admin` user: -```yaml -airflow: - users: - - username: admin - password: ${ADMIN_PASSWORD} - role: Admin - email: ${ADMIN_EMAIL} - firstName: admin - lastName: admin - - ## bash-like templates to be used in `airflow.users` - usersTemplates: - ADMIN_PASSWORD: - kind: secret - name: my-secret - key: password - ADMIN_EMAIL: - kind: configmap - name: my-configmap - key: email - - ## if we create a Deployment to perpetually sync `airflow.users` - usersUpdate: true -``` - -
-
- -### How to authenticate airflow users with LDAP/OAUTH? -
-Expand -
- -> 🟥 __Warning__ 🟥 -> -> If you set up LDAP/OAUTH, you should set `airflow.users = []` (and delete any previously created users) -> -> The version of Flask-Builder installed might not be the latest, see [How to install extra pip packages?](#how-to-install-extra-pip-packages) - -You can use the `web.webserverConfig.*` values to adjust the Flask-Appbuilder `webserver_config.py` file, read [Flask-builder's security docs](https://flask-appbuilder.readthedocs.io/en/latest/security.html) for further reference. - -

Option 1 - use LDAP

- -Example values to integrate with a typical Microsoft Active Directory using `AUTH_LDAP`: -```yaml -web: - # WARNING: for production usage, create your own image with these packages installed rather than using `extraPipPackages` - extraPipPackages: - ## the following configs require Flask-AppBuilder 3.2.0 (or later) - - "Flask-AppBuilder~=3.3.0" - ## the following configs require python-ldap - - "python-ldap~=3.3.1" - - webserverConfig: - stringOverride: |- - from airflow import configuration as conf - from flask_appbuilder.security.manager import AUTH_LDAP - - SQLALCHEMY_DATABASE_URI = conf.get('core', 'SQL_ALCHEMY_CONN') - - AUTH_TYPE = AUTH_LDAP - AUTH_LDAP_SERVER = "ldap://ldap.example.com" - AUTH_LDAP_USE_TLS = False - - # registration configs - AUTH_USER_REGISTRATION = True # allow users who are not already in the FAB DB - AUTH_USER_REGISTRATION_ROLE = "Public" # this role will be given in addition to any AUTH_ROLES_MAPPING - AUTH_LDAP_FIRSTNAME_FIELD = "givenName" - AUTH_LDAP_LASTNAME_FIELD = "sn" - AUTH_LDAP_EMAIL_FIELD = "mail" # if null in LDAP, email is set to: "{username}@email.notfound" - - # bind username (for password validation) - AUTH_LDAP_USERNAME_FORMAT = "uid=%s,ou=users,dc=example,dc=com" # %s is replaced with the provided username - # AUTH_LDAP_APPEND_DOMAIN = "example.com" # bind usernames will look like: {USERNAME}@example.com - - # search configs - AUTH_LDAP_SEARCH = "ou=users,dc=example,dc=com" # the LDAP search base (if non-empty, a search will ALWAYS happen) - AUTH_LDAP_UID_FIELD = "uid" # the username field - - # a mapping from LDAP DN to a list of FAB roles - AUTH_ROLES_MAPPING = { - "cn=airflow_users,ou=groups,dc=example,dc=com": ["User"], - "cn=airflow_admins,ou=groups,dc=example,dc=com": ["Admin"], - } - - # the LDAP user attribute which has their role DNs - AUTH_LDAP_GROUP_FIELD = "memberOf" - - # if we should replace ALL the user's roles each login, or only on registration - AUTH_ROLES_SYNC_AT_LOGIN = True - - # force users to re-auth after 30min of inactivity (to keep roles in sync) - PERMANENT_SESSION_LIFETIME = 1800 -``` - -

Option 2 - use OAUTH

- -Example values to integrate with Okta using `AUTH_OAUTH`: -```yaml -web: - extraPipPackages: - ## the following configs require Flask-AppBuilder 3.2.0 (or later) - - "Flask-AppBuilder~=3.3.0" - ## the following configs require Authlib - - "Authlib~=0.15.3" - - webserverConfig: - stringOverride: |- - from airflow import configuration as conf - from flask_appbuilder.security.manager import AUTH_OAUTH - - SQLALCHEMY_DATABASE_URI = conf.get('core', 'SQL_ALCHEMY_CONN') - - AUTH_TYPE = AUTH_OAUTH - - # registration configs - AUTH_USER_REGISTRATION = True # allow users who are not already in the FAB DB - AUTH_USER_REGISTRATION_ROLE = "Public" # this role will be given in addition to any AUTH_ROLES_MAPPING - - # the list of providers which the user can choose from - OAUTH_PROVIDERS = [ - { - 'name': 'okta', - 'icon': 'fa-circle-o', - 'token_key': 'access_token', - 'remote_app': { - 'client_id': 'OKTA_KEY', - 'client_secret': 'OKTA_SECRET', - 'api_base_url': 'https://OKTA_DOMAIN.okta.com/oauth2/v1/', - 'client_kwargs': { - 'scope': 'openid profile email groups' - }, - 'access_token_url': 'https://OKTA_DOMAIN.okta.com/oauth2/v1/token', - 'authorize_url': 'https://OKTA_DOMAIN.okta.com/oauth2/v1/authorize', - } - } - ] - - # a mapping from the values of `userinfo["role_keys"]` to a list of FAB roles - AUTH_ROLES_MAPPING = { - "FAB_USERS": ["User"], - "FAB_ADMINS": ["Admin"], - } - - # if we should replace ALL the user's roles each login, or only on registration - AUTH_ROLES_SYNC_AT_LOGIN = True - - # force users to re-auth after 30min of inactivity (to keep roles in sync) - PERMANENT_SESSION_LIFETIME = 1800 -``` - -
-
- -### How to set a custom fernet encryption key? -
-Expand -
- -

Option 1 - using the value

- -> 🟥 __Warning__ 🟥 -> -> We strongly recommend that you DO NOT USE the default `airflow.fernetKey` in production. - -You can set the fernet encryption key using the `airflow.fernetKey` value, which sets the `AIRFLOW__CORE__FERNET_KEY` environment variable. - -Example values to define the fernet key with `airflow.fernetKey`: -```yaml -aiflow: - fernetKey: "7T512UXSSmBOkpWimFHIVb8jK6lfmSAvx4mO6Arehnc=" -``` - -

Option 2 - using a secret (recommended)

- -You can set the fernet encryption key from a Kubernetes Secret by referencing it with the `airflow.extraEnv` value. - -Example values to use the `value` key from the existing Secret `airflow-fernet-key`: -```yaml -airflow: - extraEnv: - - name: AIRFLOW__CORE__FERNET_KEY - valueFrom: - secretKeyRef: - name: airflow-fernet-key - key: value -``` - -

Option 3 - using `_CMD` or `_SECRET` configs

- -You can also set the fernet key by specifying either the `AIRFLOW__CORE__FERNET_KEY_CMD` or `AIRFLOW__CORE__FERNET_KEY_SECRET` environment variables. -Read about how the `_CMD` or `_SECRET` configs work in the ["Setting Configuration Options"](https://airflow.apache.org/docs/apache-airflow/stable/howto/set-config.html) section of the Airflow documentation. - -Example values for using `AIRFLOW__CORE__FERNET_KEY_CMD`: - -```yaml -airflow: - ## WARNING: you must set `fernetKey` to "", otherwise it will take precedence - fernetKey: "" - - ## NOTE: this is only an example, if your value lives in a Secret, you probably want to use "Option 2" above - config: - AIRFLOW__CORE__FERNET_KEY_CMD: "cat /opt/airflow/fernet-key/value" - - extraVolumeMounts: - - name: fernet-key - mountPath: /opt/airflow/fernet-key - readOnly: true - - extraVolumes: - - name: fernet-key - secret: - secretName: airflow-fernet-key -``` - -
-
- -### How to set a custom webserver secret_key? -
-Expand -
- -

Option 1 - using the value

- -> 🟥 __Warning__ 🟥 -> -> We strongly recommend that you DO NOT USE the default `airflow.webserverSecretKey` in production. - -You can set the webserver secret_key using the `airflow.webserverSecretKey` value, which sets the `AIRFLOW__WEBSERVER__SECRET_KEY` environment variable. - -Example values to define the secret_key with `airflow.webserverSecretKey`: -```yaml -aiflow: - webserverSecretKey: "THIS IS UNSAFE!" -``` - -

Option 2 - using a secret (recommended)

- -You can set the webserver secret_key from a Kubernetes Secret by referencing it with the `airflow.extraEnv` value. - -Example values to use the `value` key from the existing Secret `airflow-webserver-secret-key`: -```yaml -airflow: - extraEnv: - - name: AIRFLOW__WEBSERVER__SECRET_KEY - valueFrom: - secretKeyRef: - name: airflow-webserver-secret-key - key: value -``` - -

Option 3 - using `_CMD` or `_SECRET` configs

- -You can also set the webserver secret key by specifying either the `AIRFLOW__WEBSERVER__SECRET_KEY_CMD` or `AIRFLOW__WEBSERVER__SECRET_KEY_SECRET` environment variables. -Read about how the `_CMD` or `_SECRET` configs work in the ["Setting Configuration Options"](https://airflow.apache.org/docs/apache-airflow/stable/howto/set-config.html) section of the Airflow documentation. - -Example values for using `AIRFLOW__WEBSERVER__SECRET_KEY_CMD`: - -```yaml -airflow: - ## WARNING: you must set `webserverSecretKey` to "", otherwise it will take precedence - webserverSecretKey: "" - - ## NOTE: this is only an example, if your value lives in a Secret, you probably want to use "Option 2" above - config: - AIRFLOW__WEBSERVER__SECRET_KEY_CMD: "cat /opt/airflow/webserver-secret-key/value" - - extraVolumeMounts: - - name: webserver-secret-key - mountPath: /opt/airflow/webserver-secret-key - readOnly: true - - extraVolumes: - - name: webserver-secret-key - secret: - secretName: airflow-webserver-secret-key -``` - -
-
- -### How to create airflow connections? -
-Expand -
- -

Option 1 - use plain-text

- -You can use the `airflow.connections` value to create airflow [Connections](https://airflow.apache.org/docs/apache-airflow/stable/concepts.html#connections) in a declarative way. - -Example values to create connections called `my_aws`, `my_gcp`, `my_postgres`, and `my_ssh`: -```yaml -airflow: - connections: - ## see docs: https://airflow.apache.org/docs/apache-airflow-providers-amazon/stable/connections/aws.html - - id: my_aws - type: aws - description: my AWS connection - extra: |- - { "aws_access_key_id": "XXXXXXXX", - "aws_secret_access_key": "XXXXXXXX", - "region_name":"eu-central-1" } - ## see docs: https://airflow.apache.org/docs/apache-airflow-providers-google/stable/connections/gcp.html - - id: my_gcp - type: google_cloud_platform - description: my GCP connection - extra: |- - { "extra__google_cloud_platform__keyfile_dict": "XXXXXXXX", - "extra__google_cloud_platform__num_retries: "XXXXXXXX" } - ## see docs: https://airflow.apache.org/docs/apache-airflow-providers-postgres/stable/connections/postgres.html - - id: my_postgres - type: postgres - description: my Postgres connection - host: postgres.example.com - port: 5432 - login: db_user - password: db_pass - schema: my_db - extra: |- - { "sslmode": "allow" } - ## see docs: https://airflow.apache.org/docs/apache-airflow-providers-ssh/stable/connections/ssh.html - - id: my_ssh - type: ssh - description: my SSH connection - host: ssh.example.com - port: 22 - login: ssh_user - password: ssh_pass - extra: |- - { "timeout": "15" } - - ## if we create a Deployment to perpetually sync `airflow.connections` - connectionsUpdate: true -``` - -

Option 2 - use templates from Secrets/ConfigMaps

- -> 🟨 __Note__ 🟨 -> -> If `airflow.connectionsUpdate = true`, the connections which use `airflow.connectionsTemplates` will be updated in real-time, allowing tools like [external-secrets](https://github.com/external-secrets/kubernetes-external-secrets) to be used. - -You can use `airflow.connectionsTemplates` to extract string templates from keys in Secrets or Configmaps. - -Example values to use templates from `Secret/my-secret` and `ConfigMap/my-configmap` in parts of the `my_aws` connection: -```yaml -airflow: - connections: - - id: my_aws - type: aws - description: my AWS connection - extra: |- - { "aws_access_key_id": "${AWS_ACCESS_KEY_ID}", - "aws_secret_access_key": "${AWS_ACCESS_KEY}", - "region_name":"eu-central-1" } - - ## bash-like templates to be used in `airflow.connections` - connectionsTemplates: - AWS_ACCESS_KEY_ID: - kind: configmap - name: my-configmap - key: username - AWS_ACCESS_KEY: - kind: secret - name: my-secret - key: password - - ## if we create a Deployment to perpetually sync `airflow.connections` - connectionsUpdate: true -``` - -
-
- -### How to create airflow variables? -
-Expand -
- -

Option 1 - use plain-text

- -You can use the `airflow.variables` value to create airflow [Variables](https://airflow.apache.org/docs/apache-airflow/stable/concepts.html#variables) in a declarative way. - -Example values to create variables called `var_1`, `var_2`: -```yaml -airflow: - variables: - - key: "var_1" - value: "my_value_1" - - key: "var_2" - value: "my_value_2" - - ## if we create a Deployment to perpetually sync `airflow.variables` - variablesUpdate: true -``` - -

Option 2 - use templates from Secrets/Configmaps

- -> 🟨 __Note__ 🟨 -> -> If `airflow.variablesTemplates = true`, the connections which use `airflow.variablesTemplates` will be updated in real-time, allowing tools like [external-secrets](https://github.com/external-secrets/kubernetes-external-secrets) to be used. - -You can use `airflow.variablesTemplates` to extract string templates from keys in Secrets or Configmaps. - -Example values to use templates from `Secret/my-secret` and `ConfigMap/my-configmap` in the `var_1` and `var_2` variables: -```yaml -airflow: - variables: - - key: "var_1" - value: "${MY_VALUE_1}" - - key: "var_2" - value: "${MY_VALUE_2}" - - ## bash-like templates to be used in `airflow.variables` - variablesTemplates: - MY_VALUE_1: - kind: configmap - name: my-configmap - key: value1 - MY_VALUE_2: - kind: secret - name: my-secret - key: value2 - - ## if we create a Deployment to perpetually sync `airflow.variables` - ## - variablesUpdate: false -``` - -
-
- -### How to create airflow pools? -
-Expand -
- -You can use the `airflow.pools` value to create airflow [Pools](https://airflow.apache.org/docs/apache-airflow/stable/concepts.html#pools) in a declarative way. - -Example values to create pools called `pool_1`, `pool_2`: -```yaml -airflow: - pools: - - name: "pool_1" - description: "example pool with 5 slots" - slots: 5 - - name: "pool_2" - description: "example pool with 10 slots" - slots: 10 - - ## if we create a Deployment to perpetually sync `airflow.pools` - poolsUpdate: true -``` - -
-
- -### How to set up celery worker autoscaling? -
-Expand -
- -> 🟨 __Note__ 🟨 -> -> This method of autoscaling is not ideal. There is not necessarily a link between RAM usage, and the number of pending tasks, meaning you could have a situation where your workers don't scale up despite having pending tasks. - -The Airflow Celery Workers can be scaled using the [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/), to enable autoscaling, you must set `workers.autoscaling.enabled=true`, then provide `workers.autoscaling.maxReplicas`. - -Assume every task a worker executes consumes approximately `200Mi` memory, that means memory is a good metric for utilisation monitoring. -For a worker pod you can calculate it: `WORKER_CONCURRENCY * 200Mi`, so for `10 tasks` a worker will consume `~2Gi` of memory. -In the following config if a worker consumes `80%` of `2Gi` (which will happen if it runs 9-10 tasks at the same time), an autoscaling event will be triggered, and a new worker will be added. -If you have many tasks in a queue, Kubernetes will keep adding workers until maxReplicas reached, in this case `16`. -```yaml -airflow: - config: - AIRFLOW__CELERY__WORKER_CONCURRENCY: 10 - -workers: - # the initial/minimum number of workers - replicas: 2 - - resources: - requests: - memory: "2Gi" - - podDisruptionBudget: - enabled: true - ## prevents losing more than 20% of current worker task slots in a voluntary disruption - maxUnavailable: "20%" - - autoscaling: - enabled: true - maxReplicas: 16 - metrics: - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 - - celery: - ## wait at most 9min for running tasks to complete before SIGTERM - ## WARNING: - ## - some cloud cluster-autoscaler configs will not respect graceful termination - ## longer than 10min, for example, Google Kubernetes Engine (GKE) - gracefullTermination: true - gracefullTerminationPeriod: 540 - - ## how many seconds (after the 9min) to wait before SIGKILL - terminationPeriod: 60 - - logCleanup: - resources: - requests: - ## IMPORTANT! for autoscaling to work with logCleanup - memory: "64Mi" - -dags: - gitSync: - resources: - requests: - ## IMPORTANT! for autoscaling to work with gitSync - memory: "64Mi" -``` - -
-
- -### How to persist airflow logs? -
-Expand -
- -> 🟥 __Warning__ 🟥 -> -> For production, you should persist logs in a production deployment using one of these methods.
-> By default, logs are stored within the container's filesystem, therefore any restart of the pod will wipe your DAG logs. - -

Option 1a - PersistentVolumeClaim (chart-managed)

- -Example values to create a PVC with the cluster-default `storageClass` and 1Gi initial `size`: -```yaml -airflow: - defaultSecurityContext: - ## sets the filesystem owner group of files/folders in mounted volumes - ## this does NOT give root permissions to Pods, only the "root" group - fsGroup: 0 - -scheduler: - logCleanup: - ## scheduler log-cleanup must be disabled if `logs.persistence.enabled` is `true` - enabled: false - -workers: - logCleanup: - ## workers log-cleanup must be disabled if `logs.persistence.enabled` is `true` - enabled: false - -logs: - persistence: - enabled: true - storageClass: "" ## empty string means cluster-default - accessMode: ReadWriteMany - size: 1Gi -``` - -

Option 1b - PersistentVolumeClaim (existing / user-managed)

- -> 🟨 __Note__ 🟨 -> -> Your `logs.persistence.existingClaim` PVC must support `ReadWriteMany` for `accessMode` - -Example values to use an existing PVC called `my-logs-pvc`: - -```yaml -airflow: - defaultSecurityContext: - ## sets the filesystem owner group of files/folders in mounted volumes - ## this does NOT give root permissions to Pods, only the "root" group - fsGroup: 0 - -scheduler: - logCleanup: - ## scheduler log-cleanup must be disabled if `logs.persistence.enabled` is `true` - enabled: false - -workers: - logCleanup: - ## workers log-cleanup must be disabled if `logs.persistence.enabled` is `true` - enabled: false - -logs: - persistence: - enabled: true - existingClaim: my-logs-pvc - accessMode: ReadWriteMany -``` - -

Option 2a - Remote S3 Bucket (recommended on AWS)

- -Example values to use a remote S3 bucket for logging, with an `airflow.connection` called `my_aws` for authorization: -```yaml -airflow: - config: - AIRFLOW__LOGGING__REMOTE_LOGGING: "True" - AIRFLOW__LOGGING__REMOTE_BASE_LOG_FOLDER: "s3://<>/airflow/logs" - AIRFLOW__LOGGING__REMOTE_LOG_CONN_ID: "my_aws" - - connections: - ## see docs: https://airflow.apache.org/docs/apache-airflow-providers-amazon/stable/connections/aws.html - - id: my_aws - type: aws - description: my AWS connection - extra: |- - { "aws_access_key_id": "XXXXXXXX", - "aws_secret_access_key": "XXXXXXXX", - "region_name":"eu-central-1" } -``` - -Example values to use a remote S3 bucket for logging, with [EKS - IAM Roles for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) for authorization: -```yaml -airflow: - config: - AIRFLOW__LOGGING__REMOTE_LOGGING: "True" - AIRFLOW__LOGGING__REMOTE_BASE_LOG_FOLDER: "s3://<>/airflow/logs" - AIRFLOW__LOGGING__REMOTE_LOG_CONN_ID: "aws_default" - -serviceAccount: - annotations: - eks.amazonaws.com/role-arn: "arn:aws:iam::XXXXXXXXXX:role/<>" -``` - -

Option 2b - Remote GCS Bucket (recommended on GCP)

- -Example values to use a remote GCS bucket for logging, with an `airflow.connection` called `my_gcp` for authorization: -```yaml -airflow: - config: - AIRFLOW__LOGGING__REMOTE_LOGGING: "True" - AIRFLOW__LOGGING__REMOTE_BASE_LOG_FOLDER: "gs://<>/airflow/logs" - AIRFLOW__LOGGING__REMOTE_LOG_CONN_ID: "my_gcp" - - connections: - ## see docs: https://airflow.apache.org/docs/apache-airflow-providers-google/stable/connections/gcp.html - - id: my_gcp - type: google_cloud_platform - description: my GCP connection - extra: |- - { "extra__google_cloud_platform__keyfile_dict": "XXXXXXXX", - "extra__google_cloud_platform__num_retries": "5" } -``` - -Example values to use a remote GCS bucket for logging, with [GKE - Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity) for authorization: -```yaml -airflow: - config: - AIRFLOW__LOGGING__REMOTE_LOGGING: "True" - AIRFLOW__LOGGING__REMOTE_BASE_LOG_FOLDER: "gs://<>/airflow/logs" - AIRFLOW__LOGGING__REMOTE_LOG_CONN_ID: "google_cloud_default" - -serviceAccount: - annotations: - iam.gke.io/gcp-service-account: "<>@<>.iam.gserviceaccount.com" -``` - -
-
- -### How to configure the scheduler liveness probe? -
-Expand -
- -

Scheduler "Heartbeat Check"

- -The chart includes a [Kubernetes Liveness Probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) -for each airflow scheduler which regularly queries the Airflow Metadata Database to ensure the scheduler is ["healthy"](https://airflow.apache.org/docs/apache-airflow/stable/logging-monitoring/check-health.html). - -A scheduler is "healthy" if it has had a "heartbeat" in the last `AIRFLOW__SCHEDULER__SCHEDULER_HEALTH_CHECK_THRESHOLD` seconds. -Each scheduler will perform a "heartbeat" every `AIRFLOW__SCHEDULER__SCHEDULER_HEARTBEAT_SEC` seconds by updating the `latest_heartbeat` of its `SchedulerJob` in the Airflow Metadata `jobs` table. - -> 🟥 __Warning__ 🟥 -> -> A scheduler can have a "heartbeat" but be deadlocked such that it's unable to schedule new tasks, -> we provide the `scheduler.livenessProbe.taskCreationCheck.*` values to automatically restart the scheduler in these cases. -> -> https://github.com/apache/airflow/issues/7935 - patched in airflow `2.0.2`
-> https://github.com/apache/airflow/issues/15938 - patched in airflow `2.1.1` - -By default, the chart runs a liveness probe every __30 seconds__ (`periodSeconds`), and will restart a scheduler if __5 probe failures__ (`failureThreshold`) occur in a row. -This means a scheduler must be unhealthy for at least `30 x 5 = 150` seconds before Kubernetes will automatically restart a scheduler Pod. - -Here is an overview of the `scheduler.livenessProbe.*` values: - -```yaml -scheduler: - livenessProbe: - enabled: true - - ## number of seconds to wait after a scheduler container starts before running its first probe - ## NOTE: schedulers take a few seconds to actually start - initialDelaySeconds: 10 - - ## number of seconds to wait between each probe - periodSeconds: 30 - - ## maximum number of seconds that a probe can take before timing out - ## WARNING: if your database is very slow, you may need to increase this value to prevent invalid scheduler restarts - timeoutSeconds: 60 - - ## maximum number of consecutive probe failures, after which the scheduler will be restarted - ## NOTE: a "failure" could be any of: - ## 1. the probe takes more than `timeoutSeconds` - ## 2. the probe detects the scheduler as "unhealthy" - ## 3. the probe "task creation check" fails - failureThreshold: 5 -``` - -

Scheduler "Task Creation Check"

- -The liveness probe can additionally check if the Scheduler is creating new [tasks](https://airflow.apache.org/docs/apache-airflow/stable/concepts/tasks.html) as an indication of its health. -This check works by ensuring that the most recent `LocalTaskJob` had a `start_date` no more than `scheduler.livenessProbe.taskCreationCheck.thresholdSeconds` seconds ago. - -> 🟦 __Tip__ 🟦 -> -> The "Task Creation Check" is currently disabled by default, it can be enabled with `scheduler.livenessProbe.taskCreationCheck.enabled`. - -Here is an overview of the `scheduler.livenessProbe.taskCreationCheck.*` values: - -```yaml -scheduler: - livenessProbe: - enabled: true - ... - - taskCreationCheck: - ## if the task creation check is enabled - enabled: true - - ## the maximum number of seconds since the start_date of the most recent LocalTaskJob - ## WARNING: must be AT LEAST equal to your shortest DAG schedule_interval - ## WARNING: DummyOperator tasks will NOT be seen by this probe - thresholdSeconds: 300 -``` - -You might use the following `canary_dag` DAG definition to run a small task every __300 seconds__ (5 minutes): - -```python -from datetime import datetime, timedelta -from airflow import DAG - -# import using try/except to support both airflow 1 and 2 -try: - from airflow.operators.bash import BashOperator -except ModuleNotFoundError: - from airflow.operators.bash_operator import BashOperator - -dag = DAG( - dag_id="canary_dag", - default_args={ - "owner": "airflow", - }, - schedule_interval="*/5 * * * *", - start_date=datetime(2022, 1, 1), - dagrun_timeout=timedelta(minutes=5), - is_paused_upon_creation=False, - catchup=False, -) - -# WARNING: while `DummyOperator` would use less resources, the check can't see those tasks -# as they don't create LocalTaskJob instances -task = BashOperator( - task_id="canary_task", - bash_command="echo 'Hello World!'", - dag=dag, -) -``` - -
-
- -## FAQ - Databases - -> __Frequently asked questions related to database configs__ - -### How to use the embedded Postgres? -
-Expand -
- -> 🟥 __Warning__ 🟥 -> -> The embedded Postgres is NOT SUITABLE for production, you should follow [How to use an external database?](#how-to-use-an-external-database) - -> 🟨 __Note__ 🟨 -> -> If `pgbouncer.enabled=true` (the default), we will deploy [PgBouncer](https://www.pgbouncer.org/) to pool connections to your external database - -The embedded Postgres database has an insecure username/password by default, you should create secure credentials before using it. - -For example, to create the required Kubernetes Secrets: -```sh -# set postgress password -kubectl create secret generic \ - airflow-postgresql \ - --from-literal=postgresql-password=$(openssl rand -base64 13) \ - --namespace my-airflow-namespace - -# set redis password -kubectl create secret generic \ - airflow-redis \ - --from-literal=redis-password=$(openssl rand -base64 13) \ - --namespace my-airflow-namespace -``` - -Example values to use those secrets: -```yaml -postgresql: - existingSecret: airflow-postgresql - -redis: - existingSecret: airflow-redis -``` - -
-
- -### How to use an external database? -
-Expand -
- -> 🟥 __Warning__ 🟥 -> -> We __STRONGLY RECOMMEND__ that all production deployments of Airflow use an external database (not managed by this chart). - -When compared with the Postgres that is embedded in this chart, an external database comes with many benefits: - -1. The embedded Postgres version is usually very outdated, so is susceptible to critical security bugs -2. The embedded database may not scale to your performance requirements _(NOTE: every airflow task creates database connections)_ -3. An external database will likely achieve higher uptime _(NOTE: no airflow tasks will run if your database is down)_ -4. An external database can be configured with backups and disaster recovery - -Commonly, people use the managed PostgreSQL service from their cloud vendor to provision an external database: - -Cloud Platform | Service Name ---- | --- -Amazon Web Services | [Amazon RDS for PostgreSQL](https://aws.amazon.com/rds/postgresql/) -Microsoft Azure | [Azure Database for PostgreSQL](https://azure.microsoft.com/en-au/services/postgresql/) -Google Cloud | [Cloud SQL for PostgreSQL](https://cloud.google.com/sql/docs/postgres) -Alibaba Cloud | [ApsaraDB RDS for PostgreSQL](https://www.alibabacloud.com/product/apsaradb-for-rds-postgresql) -IBM Cloud | [IBM Cloud® Databases for PostgreSQL](https://cloud.ibm.com/docs/databases-for-postgresql) - -

Option 1 - Postgres

- -> 🟨 __Note__ 🟨 -> -> By default, this chart deploys [PgBouncer](https://www.pgbouncer.org/) to pool db connections and reduce the load from large numbers of airflow tasks. -> -> You may disable PgBouncer by setting `pgbouncer.enabled` to `false`. - -Example values for an external Postgres database, with an existing `airflow_cluster1` database: -```yaml -postgresql: - ## to use the external db, the embedded one must be disabled - enabled: false - -## for full list of PgBouncer configs, see values.yaml -pgbouncer: - enabled: true - - ## WARNING: you must set "scram-sha-256" if using Azure PostgreSQL (single server mode) - authType: md5 - - serverSSL: - ## WARNING: you must set "verify-ca" if using Azure PostgreSQL - mode: prefer - -externalDatabase: - type: postgres - - host: postgres.example.org - port: 5432 - - ## the schema which will contain the airflow tables - database: airflow_cluster1 - - ## (username - option 1) a plain-text helm value - user: my_airflow_user - - ## (username - option 2) a Kubernetes secret in your airflow namespace - #userSecret: "airflow-cluster1-database-credentials" - #userSecretKey: "username" - - ## (password - option 1) a plain-text helm value - password: my_airflow_password - - ## (password - option 2) a Kubernetes secret in your airflow namespace - #passwordSecret: "airflow-cluster1-database-credentials" - #passwordSecretKey: "password" - - ## use this for any extra connection-string settings, e.g. ?sslmode=disable - properties: "" -``` - -

Option 2 - MySQL

- -> 🟨 __Note__ 🟨 -> -> You must set `explicit_defaults_for_timestamp=1` in your MySQL instance, [see here](https://airflow.apache.org/docs/stable/howto/initialize-database.html) - -Example values for an external MySQL database, with an existing `airflow_cluster1` database: -```yaml -postgresql: - ## to use the external db, the embedded one must be disabled - enabled: false - -pgbouncer: - ## pgbouncer is automatically disabled if `externalDatabase.type` is `mysql` - #enabled: false - -externalDatabase: - type: mysql - - host: mysql.example.org - port: 3306 - - ## the database which will contain the airflow tables - database: airflow_cluster1 - - ## (username - option 1) a plain-text helm value - user: my_airflow_user - - ## (username - option 2) a Kubernetes secret in your airflow namespace - #userSecret: "airflow-cluster1-database-credentials" - #userSecretKey: "username" - - ## (password - option 1) a plain-text helm value - password: my_airflow_password - - ## (password - option 2) a Kubernetes secret in your airflow namespace - #passwordSecret: "airflow-cluster1-database-credentials" - #passwordSecretKey: "password" - - ## use this for any extra connection-string settings, e.g. ?useSSL=false - properties: "" -``` - -
-
- -### How to use an external redis? -
-Expand -
- -Example values for an external redis with ssl enabled: -```yaml -redis: - enabled: false - -externalRedis: - host: "example.redis.cache.windows.net" - port: 6380 - - ## the redis database-number that airflow will use - databaseNumber: 1 - - ## (option 1 - password) a plain-text helm value - password: my_airflow_password - - ## (option 2 - password) a Kubernetes secret in your airflow namespace - #passwordSecret: "airflow-cluster1-redis-credentials" - #passwordSecretKey: "password" - - ## use this for any extra connection-string settings - properties: "?ssl_cert_reqs=CERT_OPTIONAL" -``` - -
-
- -## FAQ - Kubernetes - -> __Frequently asked questions related to kubernetes configs__ - -### How to mount ConfigMaps/Secrets as environment variables? -
-Expand -
- -> 🟨 __Note__ 🟨 -> -> This method can be used to pass sensitive configs to Airflow - -You can use the `airflow.extraEnv` value to mount extra environment variables with the same structure as [EnvVar in ContainerSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#envvar-v1-core). - -Example values to use the `value` key from the existing Secret `airflow-fernet-key` to define `AIRFLOW__CORE__FERNET_KEY`: -```yaml -airflow: - extraEnv: - - name: AIRFLOW__CORE__FERNET_KEY - valueFrom: - secretKeyRef: - name: airflow-fernet-key - key: value -``` - -
-
- -### How to mount Secrets/Configmaps as files on workers? -
-Expand -
- -You can use the `workers.extraVolumeMounts` and `workers.extraVolumes` values to mount Secretes as files. - -For example, if the Secret `redshift-creds` already exist, and has keys called `user` and `password`: -```yaml -workers: - extraVolumeMounts: - - name: redshift-creds - mountPath: /opt/airflow/secrets/redshift-creds - readOnly: true - - extraVolumes: - - name: redshift-creds - secret: - secretName: redshift-creds -``` - -You could then read the `/opt/airflow/secrets/redshift-creds` files from within a DAG Python function: -```python -from pathlib import Path -redis_user = Path("/opt/airflow/secrets/redshift-creds/user").read_text().strip() -redis_password = Path("/opt/airflow/secrets/redshift-creds/password").read_text().strip() -``` - -To create the `redshift-creds` Secret, you could use: -```console -kubectl create secret generic \ - redshift-creds \ - --from-literal=user=MY_REDSHIFT_USERNAME \ - --from-literal=password=MY_REDSHIFT_PASSWORD \ - --namespace my-airflow-namespace -``` - -
-
- -### How to set up an Ingress? -
-Expand -
- -The chart provides the `ingress.*` values for deploying a Kubernetes Ingress to allow access to airflow outside the cluster. - -Consider the situation where you already have something hosted at the root of your domain, you might want to place airflow under a URL-prefix: -- http://example.com/airflow/ -- http://example.com/airflow/flower - -In this example, you would set these values, assuming you have an Ingress Controller with an IngressClass named "nginx" deployed: -```yaml -airflow: - config: - AIRFLOW__WEBSERVER__BASE_URL: "http://example.com/airflow/" - AIRFLOW__CELERY__FLOWER_URL_PREFIX: "/airflow/flower" - -ingress: - enabled: true - - ## WARNING: set as "networking.k8s.io/v1beta1" for Kubernetes 1.18 and earlier - apiVersion: networking.k8s.io/v1 - - ## airflow webserver ingress configs - web: - annotations: {} - host: "example.com" - path: "/airflow" - ## WARNING: requires Kubernetes 1.18 or later, use "kubernetes.io/ingress.class" annotation for older versions - ingressClassName: "nginx" - - ## flower ingress configs - flower: - annotations: {} - host: "example.com" - path: "/airflow/flower" - ## WARNING: requires Kubernetes 1.18 or later, use "kubernetes.io/ingress.class" annotation for older versions - ingressClassName: "nginx" -``` - -We expose the `ingress.web.precedingPaths` and `ingress.web.succeedingPaths` values, which are __before__ and __after__ the default path respectively. - -> 🟦 __Tip__ 🟦 -> -> A common use-case is [enabling SSL with the aws-alb-ingress-controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.1/guide/tasks/ssl_redirect/), which needs a redirect path to be hit before the airflow-webserver one - -For example, setting `ingress.web.precedingPaths` for an aws-alb-ingress-controller with SSL: -```yaml -ingress: - web: - precedingPaths: - - path: "/*" - serviceName: "ssl-redirect" - servicePort: "use-annotation" -``` - -
-
- -### How to use Pod affinity, nodeSelector, and tolerations? -
-Expand -
- -If your environment needs to use Pod [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity), [nodeSelector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector), or [tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/), we provide many values that allow fine-grained control over the Pod definitions. - -To set affinity, nodeSelector, and tolerations for all airflow Pods, you can use the `airflow.{defaultNodeSelector,defaultAffinity,defaultTolerations}` values: -```yaml -airflow: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - defaultNodeSelector: {} - # my_node_label_1: value1 - # my_node_label_2: value2 - - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - defaultAffinity: {} - # podAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # - labelSelector: - # matchExpressions: - # - key: security - # operator: In - # values: - # - S1 - # topologyKey: topology.kubernetes.io/zone - # podAntiAffinity: - # preferredDuringSchedulingIgnoredDuringExecution: - # - weight: 100 - # podAffinityTerm: - # labelSelector: - # matchExpressions: - # - key: security - # operator: In - # values: - # - S2 - # topologyKey: topology.kubernetes.io/zone - - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - defaultTolerations: [] - # - key: "key1" - # operator: "Exists" - # effect: "NoSchedule" - # - key: "key2" - # operator: "Exists" - # effect: "NoSchedule" - -## if using the embedded postgres chart, you will also need to define these -postgresql: - master: - nodeSelector: {} - affinity: {} - tolerations: [] - -## if using the embedded redis chart, you will also need to define these -redis: - master: - nodeSelector: {} - affinity: {} - tolerations: [] -``` - -The `airflow.{defaultNodeSelector,defaultAffinity,defaultTolerations}` values are overridden by the per-resource values like `scheduler.{nodeSelector,affinity,tolerations}`: -```yaml -airflow: - ## airflow KubernetesExecutor pod_template - kubernetesPodTemplate: - nodeSelector: {} - affinity: {} - tolerations: [] - - ## sync deployments - sync: - nodeSelector: {} - affinity: {} - tolerations: [] - -## airflow schedulers -scheduler: - nodeSelector: {} - affinity: {} - tolerations: [] - -## airflow webserver -web: - nodeSelector: {} - affinity: {} - tolerations: [] - -## airflow workers -workers: - nodeSelector: {} - affinity: {} - tolerations: [] - -## airflow workers -flower: - nodeSelector: {} - affinity: {} - tolerations: [] -``` - -
-
- -### How to integrate airflow with Prometheus? -
-Expand -
- -To be able to expose Airflow metrics to Prometheus you will need install a plugin, one option is [epoch8/airflow-exporter](https://github.com/epoch8/airflow-exporter) which exports DAG and task metrics from Airflow. - -A [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) is a resource introduced by the [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator), ror more information, see the `serviceMonitor` section of `values.yaml`. - -
-
- -### How to add extra manifests? -
-Expand -
- -You may use the `extraManifests` value to specify a list of extra Kubernetes manifests that will be deployed alongside the chart. - -> 🟦 __Tip__ 🟦 -> -> [Helm templates](https://helm.sh/docs/chart_template_guide/functions_and_pipelines/) within these strings will be rendered - -Example values to create a `Secret` for database credentials: _(__WARNING:__ store custom values securely if used)_ -```yaml -extraManifests: - - | - apiVersion: v1 - kind: Secret - metadata: - name: airflow-postgres-credentials - data: - postgresql-password: {{ `password1` | b64enc | quote }} -``` - -Example values to create a `Deployment` for a [busybox](https://busybox.net/) container: -```yaml -extraManifests: - - | - apiVersion: apps/v1 - kind: Deployment - metadata: - name: {{ include "airflow.fullname" . }}-busybox - labels: - app: {{ include "airflow.labels.app" . }} - component: busybox - chart: {{ include "airflow.labels.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - spec: - replicas: 1 - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: busybox - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ include "airflow.labels.app" . }} - component: busybox - release: {{ .Release.Name }} - spec: - containers: - - name: busybox - image: busybox:1.35 - command: - - "/bin/sh" - - "-c" - args: - - | - ## to break the infinite loop when we receive SIGTERM - trap "exit 0" SIGTERM; - ## keep the container running (so people can `kubectl exec -it` into it) - while true; do - echo "I am alive..."; - sleep 30; - done -``` - -
-
- -## Values Reference - -> __Values provided by this chart (for more info see [values.yaml](values.yaml))__ - -### `airflow.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`airflow.legacyCommands` | if we use legacy 1.10 airflow commands | `false` -`airflow.image.*` | configs for the airflow container image | `` -`airflow.executor` | the airflow executor type to use | `CeleryExecutor` -`airflow.fernetKey` | the fernet encryption key (sets `AIRFLOW__CORE__FERNET_KEY`) | `7T512UXSSmBOkpWimFHIVb8jK6lfmSAvx4mO6Arehnc=` -`airflow.webserverSecretKey` | the secret_key for flask (sets `AIRFLOW__WEBSERVER__SECRET_KEY`) | `THIS IS UNSAFE!` -`airflow.config` | environment variables for airflow configs | `{}` -`airflow.users` | a list of users to create | `` -`airflow.usersTemplates` | bash-like templates to be used in `airflow.users` | `` -`airflow.usersUpdate` | if we create a Deployment to perpetually sync `airflow.users` | `true` -`airflow.connections` | a list airflow connections to create | `` -`airflow.connectionsTemplates` | bash-like templates to be used in `airflow.connections` | `` -`airflow.connectionsUpdate` | if we create a Deployment to perpetually sync `airflow.connections` | `true` -`airflow.variables` | a list airflow variables to create | `` -`airflow.variablesTemplates` | bash-like templates to be used in `airflow.variables` | `` -`airflow.variablesUpdate` | if we create a Deployment to perpetually sync `airflow.variables` | `true` -`airflow.pools` | a list airflow pools to create | `` -`airflow.poolsUpdate` | if we create a Deployment to perpetually sync `airflow.pools` | `true` -`airflow.defaultNodeSelector` | default nodeSelector for airflow Pods (is overridden by pod-specific values) | `{}` -`airflow.defaultAffinity` | default affinity configs for airflow Pods (is overridden by pod-specific values) | `{}` -`airflow.defaultTolerations` | default toleration configs for airflow Pods (is overridden by pod-specific values) | `[]` -`airflow.defaultSecurityContext` | default securityContext configs for Pods (is overridden by pod-specific values) | `{fsGroup: 0}` -`airflow.podAnnotations` | extra annotations for airflow Pods | `{}` -`airflow.extraPipPackages` | extra pip packages to install in airflow Pods | `[]` -`airflow.extraEnv` | extra environment variables for the airflow Pods | `[]` -`airflow.extraContainers` | extra containers for the airflow Pods | `[]` -`airflow.extraVolumeMounts` | extra VolumeMounts for the airflow Pods | `[]` -`airflow.extraVolumes` | extra Volumes for the airflow Pods | `[]` -`airflow.clusterDomain` | kubernetes cluster domain name | `cluster.local` -`airflow.localSettings.*` | airflow_local_settings.py | `` -`airflow.kubernetesPodTemplate.*` | pod_template.yaml | `` -`airflow.dbMigrations.*` | db-migrations Deployment | `` -`airflow.sync.*` | Sync Deployments | `` - -
-
- -### `scheduler.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`scheduler.replicas` | the number of scheduler Pods to run | `1` -`scheduler.resources` | resource requests/limits for the scheduler Pods | `{}` -`scheduler.nodeSelector` | the nodeSelector configs for the scheduler Pods | `{}` -`scheduler.affinity` | the affinity configs for the scheduler Pods | `{}` -`scheduler.tolerations` | the toleration configs for the scheduler Pods | `[]` -`scheduler.securityContext` | the security context for the scheduler Pods | `{}` -`scheduler.labels` | labels for the scheduler Deployment | `{}` -`scheduler.podLabels` | Pod labels for the scheduler Deployment | `{}` -`scheduler.annotations` | annotations for the scheduler Deployment | `{}` -`scheduler.podAnnotations` | Pod annotations for the scheduler Deployment | `{}` -`scheduler.safeToEvict` | if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" | `true` -`scheduler.podDisruptionBudget.*` | configs for the PodDisruptionBudget of the scheduler | `` -`scheduler.logCleanup.*` | configs for the log-cleanup sidecar of the scheduler | `` -`scheduler.numRuns` | the value of the `airflow --num_runs` parameter used to run the airflow scheduler | `-1` -`scheduler.extraPipPackages` | extra pip packages to install in the scheduler Pods | `[]` -`scheduler.extraVolumeMounts` | extra VolumeMounts for the scheduler Pods | `[]` -`scheduler.extraVolumes` | extra Volumes for the scheduler Pods | `[]` -`scheduler.livenessProbe.*` | configs for the scheduler Pods' liveness probe | `` -`scheduler.extraInitContainers` | extra init containers to run in the scheduler Pods | `[]` - -
-
- -### `web.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`web.webserverConfig.*` | configs to generate webserver_config.py | `` -`web.replicas` | the number of web Pods to run | `1` -`web.resources` | resource requests/limits for the airflow web pods | `{}` -`web.nodeSelector` | the number of web Pods to run | `{}` -`web.affinity` | the affinity configs for the web Pods | `{}` -`web.tolerations` | the toleration configs for the web Pods | `[]` -`web.securityContext` | the security context for the web Pods | `{}` -`web.labels` | labels for the web Deployment | `{}` -`web.podLabels` | Pod labels for the web Deployment | `{}` -`web.annotations` | annotations for the web Deployment | `{}` -`web.podAnnotations` | Pod annotations for the web Deployment | `{}` -`web.safeToEvict` | if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" | `true` -`web.podDisruptionBudget.*` | configs for the PodDisruptionBudget of the web Deployment | `` -`web.service.*` | configs for the Service of the web pods | `` -`web.readinessProbe.*` | configs for the web Pods' readiness probe | `` -`web.livenessProbe.*` | configs for the web Pods' liveness probe | `` -`web.extraPipPackages` | extra pip packages to install in the web Pods | `[]` -`web.extraVolumeMounts` | extra VolumeMounts for the web Pods | `[]` -`web.extraVolumes` | extra Volumes for the web Pods | `[]` - -
-
- -### `workers.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`workers.enabled` | if the airflow workers StatefulSet should be deployed | `true` -`workers.replicas` | the number of workers Pods to run | `1` -`workers.resources` | resource requests/limits for the airflow worker Pods | `{}` -`workers.nodeSelector` | the nodeSelector configs for the worker Pods | `{}` -`workers.affinity` | the affinity configs for the worker Pods | `{}` -`workers.tolerations` | the toleration configs for the worker Pods | `[]` -`workers.securityContext` | the security context for the worker Pods | `{}` -`workers.labels` | labels for the worker StatefulSet | `{}` -`workers.podLabels` | Pod labels for the worker StatefulSet | `{}` -`workers.annotations` | annotations for the worker StatefulSet | `{}` -`workers.podAnnotations` | Pod annotations for the worker StatefulSet | `{}` -`workers.safeToEvict` | if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" | `true` -`workers.podDisruptionBudget.*` | configs for the PodDisruptionBudget of the worker StatefulSet | `` -`workers.autoscaling.*` | configs for the HorizontalPodAutoscaler of the worker Pods | `` -`workers.celery.*` | configs for the celery worker Pods | `` -`workers.terminationPeriod` | how many seconds to wait after SIGTERM before SIGKILL of the celery worker | `60` -`workers.logCleanup.*` | configs for the log-cleanup sidecar of the worker Pods | `` -`workers.extraPipPackages` | extra pip packages to install in the worker Pods | `[]` -`workers.extraVolumeMounts` | extra VolumeMounts for the worker Pods | `[]` -`workers.extraVolumes` | extra Volumes for the worker Pods | `[]` - -
-
- -### `flower.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`flower.enabled` | if the Flower UI should be deployed | `true` -`flower.resources` | resource requests/limits for the flower Pods | `{}` -`flower.nodeSelector` | the nodeSelector configs for the flower Pods | `{}` -`flower.affinity` | the affinity configs for the flower Pods | `{}` -`flower.tolerations` | the toleration configs for the flower Pods | `[]` -`flower.securityContext` | the security context for the flower Pods | `{}` -`flower.labels` | labels for the flower Deployment | `{}` -`flower.podLabels` | Pod labels for the flower Deployment | `{}` -`flower.annotations` | annotations for the flower Deployment | `{}` -`flower.podAnnotations` | Pod annotations for the flower Deployment | `{}` -`flower.safeToEvict` | if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" | `true` -`flower.podDisruptionBudget.*` | configs for the PodDisruptionBudget of the flower Deployment | `` -`flower.basicAuthSecret` | the name of a pre-created secret containing the basic authentication value for flower | `""` -`flower.basicAuthSecretKey` | the key within `flower.basicAuthSecret` containing the basic authentication string | `""` -`flower.service.*` | configs for the Service of the flower Pods | `` -`flower.extraPipPackages` | extra pip packages to install in the flower Pod | `[]` -`flower.extraVolumeMounts` | extra VolumeMounts for the flower Pods | `[]` -`flower.extraVolumes` | extra Volumes for the flower Pods | `[]` - -
-
- -### `logs.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`logs.path` | the airflow logs folder | `/opt/airflow/logs` -`logs.persistence.*` | configs for the logs PVC | `` - -
-
- -### `dags.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`dags.path` | the airflow dags folder | `/opt/airflow/dags` -`dags.persistence.*` | configs for the dags PVC | `` -`dags.gitSync.*` | configs for the git-sync sidecar | `` - -
-
- -### `ingress.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`ingress.enabled` | if we should deploy Ingress resources | `false` -`ingress.apiVersion` | the `apiVersion` to use for Ingress resources | `networking.k8s.io/v1` -`ingress.web.*` | configs for the Ingress of the web Service | `` -`ingress.flower.*` | configs for the Ingress of the flower Service | `` - -
-
- -### `rbac.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`rbac.create` | if Kubernetes RBAC resources are created | `true` -`rbac.events` | if the created RBAR role has GET/LIST access to Event resources | `false` - -
-
- -### `serviceAccount.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`serviceAccount.create` | if a Kubernetes ServiceAccount is created | `true` -`serviceAccount.name` | the name of the ServiceAccount | `""` -`serviceAccount.annotations` | annotations for the ServiceAccount | `{}` - -
-
- -### `extraManifests` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`extraManifests` | a list of extra Kubernetes manifests that will be deployed alongside the chart | `[]` - -
-
- -### `pgbouncer.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`pgbouncer.enabled` | if the pgbouncer Deployment is created | `true` -`pgbouncer.image.*` | configs for the pgbouncer container image | `` -`pgbouncer.resources` | resource requests/limits for the pgbouncer Pods | `{}` -`pgbouncer.nodeSelector` | the nodeSelector configs for the pgbouncer Pods | `{}` -`pgbouncer.affinity` | the affinity configs for the pgbouncer Pods | `{}` -`pgbouncer.tolerations` | the toleration configs for the pgbouncer Pods | `[]` -`pgbouncer.securityContext` | the security context for the pgbouncer Pods | `{}` -`pgbouncer.labels` | labels for the pgbouncer Deployment | `{}` -`pgbouncer.podLabels` | Pod labels for the pgbouncer Deployment | `{}` -`pgbouncer.annotations` | annotations for the pgbouncer Deployment | `{}` -`pgbouncer.podAnnotations` | Pod annotations for the pgbouncer Deployment | `{}` -`pgbouncer.safeToEvict` | if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" | `true` -`pgbouncer.podDisruptionBudget.*` | configs for the PodDisruptionBudget of the pgbouncer | `` -`pgbouncer.livenessProbe.*` | configs for the pgbouncer Pods' liveness probe | `` -`pgbouncer.startupProbe.*` | configs for the pgbouncer Pods' startup probe | `` -`pgbouncer.terminationGracePeriodSeconds` | the maximum number of seconds to wait for queries upon pod termination, before force killing | `120` -`pgbouncer.authType` | sets pgbouncer config: `auth_type` | `md5` -`pgbouncer.maxClientConnections` | sets pgbouncer config: `max_client_conn` | `1000` -`pgbouncer.poolSize` | sets pgbouncer config: `default_pool_size` | `20` -`pgbouncer.logDisconnections` | sets pgbouncer config: `log_disconnections` | `0` -`pgbouncer.logConnections` | sets pgbouncer config: `log_connections` | `0` -`pgbouncer.clientSSL.*` | ssl configs for: clients -> pgbouncer | `` -`pgbouncer.serverSSL.*` | ssl configs for: pgbouncer -> postgres | `` - -
-
- -### `postgresql.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`postgresql.enabled` | if the `stable/postgresql` chart is used | `true` -`postgresql.postgresqlDatabase` | the postgres database to use | `airflow` -`postgresql.postgresqlUsername` | the postgres user to create | `postgres` -`postgresql.postgresqlPassword` | the postgres user's password | `airflow` -`postgresql.existingSecret` | the name of a pre-created secret containing the postgres password | `""` -`postgresql.existingSecretKey` | the key within `postgresql.passwordSecret` containing the password string | `postgresql-password` -`postgresql.persistence.*` | configs for the PVC of postgresql | `` -`postgresql.master.*` | configs for the postgres StatefulSet | `` - -
-
- -### `externalDatabase.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`externalDatabase.type` | the type of external database | `postgres` -`externalDatabase.host` | the host of the external database | `localhost` -`externalDatabase.port` | the port of the external database | `5432` -`externalDatabase.database` | the database/scheme to use within the the external database | `airflow` -`externalDatabase.user` | the username for the external database | `airflow` -`externalDatabase.userSecret` | the name of a pre-created secret containing the external database user | `""` -`externalDatabase.userSecretKey` | the key within `externalDatabase.userSecret` containing the user string | `postgresql-user` -`externalDatabase.password` | the password for the external database | `""` -`externalDatabase.passwordSecret` | the name of a pre-created secret containing the external database password | `""` -`externalDatabase.passwordSecretKey` | the key within `externalDatabase.passwordSecret` containing the password string | `postgresql-password` -`externalDatabase.properties` | extra connection-string properties for the external database | `""` - -
-
- -### `redis.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`redis.enabled` | if the `stable/redis` chart is used | `true` -`redis.password` | the redis password | `airflow` -`redis.existingSecret` | the name of a pre-created secret containing the redis password | `""` -`redis.existingSecretPasswordKey` | the key within `redis.existingSecret` containing the password string | `redis-password` -`redis.cluster.*` | configs for redis cluster mode | `` -`redis.master.*` | configs for the redis master StatefulSet | `` -`redis.slave.*` | configs for the redis slave StatefulSet | `` - -
-
- -### `externalRedis.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`externalRedis.host` | the host of the external redis | `localhost` -`externalRedis.port` | the port of the external redis | `6379` -`externalRedis.databaseNumber` | the database number to use within the external redis | `1` -`externalRedis.password` | the password for the external redis | `""` -`externalRedis.passwordSecret` | the name of a pre-created secret containing the external redis password | `""` -`externalRedis.passwordSecretKey` | the key within `externalRedis.passwordSecret` containing the password string | `redis-password` -`externalDatabase.properties` | extra connection-string properties for the external redis | `""` - -
-
- -### `serviceMonitor.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`serviceMonitor.enabled` | if ServiceMonitor resources should be deployed | `false` -`serviceMonitor.selector` | labels for ServiceMonitor, so that Prometheus can select it | `{ prometheus: "kube-prometheus" }` -`serviceMonitor.path` | the ServiceMonitor web endpoint path | `/admin/metrics` -`serviceMonitor.interval` | the ServiceMonitor web endpoint path | `30s` - -
-
- -### `prometheusRule.*` -
-Expand -
- -Parameter | Description | Default ---- | --- | --- -`prometheusRule.enabled` | if the PrometheusRule resources should be deployed | `false` -`prometheusRule.additionalLabels` | labels for PrometheusRule, so that Prometheus can select it | `{}` -`prometheusRule.groups` | alerting rules for Prometheus | `[]` - -
-
\ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/UPGRADE.md b/deploy-as-code/helm/charts/backbone-services/airflow/UPGRADE.md deleted file mode 100644 index 569d8210e6..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/UPGRADE.md +++ /dev/null @@ -1 +0,0 @@ -This file has been replaced by [CHANGELOG.md](CHANGELOG.md) for versions `7.0.0` and later. \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/files/pod_template.kubernetes-helm-yaml b/deploy-as-code/helm/charts/backbone-services/airflow/files/pod_template.kubernetes-helm-yaml deleted file mode 100644 index fff65d0b35..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/files/pod_template.kubernetes-helm-yaml +++ /dev/null @@ -1,87 +0,0 @@ -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.kubernetesPodTemplate.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.kubernetesPodTemplate.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.kubernetesPodTemplate.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.kubernetesPodTemplate.securityContext) }} -{{- $extraPipPackages := .Values.airflow.kubernetesPodTemplate.extraPipPackages }} -{{- $extraVolumeMounts := .Values.airflow.kubernetesPodTemplate.extraVolumeMounts }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumeMounts" $extraVolumeMounts) }} -{{- $extraVolumes := .Values.airflow.kubernetesPodTemplate.extraVolumes }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumes" $extraVolumes) }} -apiVersion: v1 -kind: Pod -metadata: - name: dummy-name - {{- if .Values.airflow.kubernetesPodTemplate.podAnnotations }} - annotations: - {{- toYaml .Values.airflow.kubernetesPodTemplate.podAnnotations | nindent 4 }} - {{- end }} - {{- if .Values.airflow.kubernetesPodTemplate.podLabels }} - labels: - {{- toYaml .Values.airflow.kubernetesPodTemplate.podLabels | nindent 4 }} - {{- end }} -spec: - restartPolicy: Never - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - shareProcessNamespace: {{ .Values.airflow.kubernetesPodTemplate.shareProcessNamespace }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 4 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 4 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 4 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 4 }} - {{- end }} - {{- if or ($extraPipPackages) (.Values.dags.gitSync.enabled) (.Values.airflow.kubernetesPodTemplate.extraInitContainers) }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 4 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 4 }} - {{- end }} - {{- if .Values.airflow.kubernetesPodTemplate.extraInitContainers }} - {{- toYaml .Values.airflow.kubernetesPodTemplate.extraInitContainers | nindent 4 }} - {{- end }} - {{- end }} - containers: - - name: base - {{- include "airflow.image" . | indent 6 }} - envFrom: - {{- include "airflow.envFrom" . | indent 8 }} - env: - ## KubernetesExecutor Pods use LocalExecutor internally - - name: AIRFLOW__CORE__EXECUTOR - value: LocalExecutor - {{- /* NOTE: the FIRST definition of an `env` takes precedence (so we include user-defined `env` LAST) */ -}} - {{- /* NOTE: we set `CONNECTION_CHECK_MAX_COUNT=20` to enable airflow's `/entrypoint` db connection check */ -}} - {{- include "airflow.env" (dict "Release" .Release "Values" .Values "CONNECTION_CHECK_MAX_COUNT" "20") | indent 8 }} - ports: [] - command: [] - args: [] - {{- if .Values.airflow.kubernetesPodTemplate.resources }} - resources: - {{- toYaml .Values.airflow.kubernetesPodTemplate.resources | nindent 8 }} - {{- end }} - {{- if $volumeMounts }} - volumeMounts: - {{- $volumeMounts | indent 8 }} - {{- end }} - {{- if .Values.airflow.kubernetesPodTemplate.extraContainers }} - {{- toYaml .Values.airflow.kubernetesPodTemplate.extraContainers | nindent 4 }} - {{- end }} - {{- if $volumes }} - volumes: - {{- $volumes | indent 4 }} - {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/files/webserver_config.py b/deploy-as-code/helm/charts/backbone-services/airflow/files/webserver_config.py deleted file mode 100644 index 8c92d033c0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/files/webserver_config.py +++ /dev/null @@ -1,10 +0,0 @@ -from flask_appbuilder.security.manager import AUTH_DB - -{{- if .Values.airflow.legacyCommands }} -# only needed for airflow 1.10 -from airflow import configuration as conf -SQLALCHEMY_DATABASE_URI = conf.get("core", "SQL_ALCHEMY_CONN") -{{- end }} - -# use embedded DB for auth -AUTH_TYPE = AUTH_DB \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/airflow/templates/NOTES.txt deleted file mode 100644 index eb31e5268b..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/NOTES.txt +++ /dev/null @@ -1,213 +0,0 @@ -{{- /* if remote_logging has been enabled by the user */ -}} -{{- $remote_logging_enabled := false }} -{{- $remote_logging_envvars := list "AIRFLOW__CORE__REMOTE_LOGGING" "AIRFLOW__LOGGING__REMOTE_LOGGING" }} -{{- range $key, $val := .Values.airflow.config }} - {{- if has $key $remote_logging_envvars }} - {{- $remote_logging_enabled = true }} - {{- end }} -{{- end }} -{{- range $env := .Values.airflow.extraEnv }} - {{- if has $env.name $remote_logging_envvars }} - {{- $remote_logging_enabled = true }} - {{- end }} -{{- end }} - -{{- /* if we show the fernet_key warning */ -}} -{{- $fernet_key_warning := true }} -{{- $fernet_key_envvars := list "AIRFLOW__CORE__FERNET_KEY" "AIRFLOW__CORE__FERNET_KEY_CMD" "AIRFLOW__CORE__FERNET_KEY_SECRET" }} -{{- if not (eq .Values.airflow.fernetKey "7T512UXSSmBOkpWimFHIVb8jK6lfmSAvx4mO6Arehnc=") }} -{{- $fernet_key_warning = false }} -{{- end }} -{{- range $key, $val := .Values.airflow.config }} - {{- if has $key $fernet_key_envvars }} - {{- $fernet_key_warning = false }} - {{- end }} -{{- end }} -{{- range $env := .Values.airflow.extraEnv }} - {{- if has $env.name $fernet_key_envvars }} - {{- $fernet_key_warning = false }} - {{- end }} -{{- end }} - -{{- /* if we show the webserver secret_key warning */ -}} -{{- $web_secret_warning := true }} -{{- $web_secret_envvars := list "AIRFLOW__WEBSERVER__SECRET_KEY" "AIRFLOW__WEBSERVER__SECRET_KEY_CMD" "AIRFLOW__WEBSERVER__SECRET_KEY_SECRET" }} -{{- if not (eq .Values.airflow.webserverSecretKey "THIS IS UNSAFE!") }} -{{- $web_secret_warning = false }} -{{- end }} -{{- range $key, $val := .Values.airflow.config }} - {{- if has $key $web_secret_envvars }} - {{- $web_secret_warning = false }} - {{- end }} -{{- end }} -{{- range $env := .Values.airflow.extraEnv }} - {{- if has $env.name $web_secret_envvars }} - {{- $web_secret_warning = false }} - {{- end }} -{{- end }} - -{{- /* if we show the external database password warning */ -}} -{{- $external_database_password_warning := false }} -{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.passwordSecret) }} - {{- /* don't show a warning if the password is empty */ -}} - {{- if .Values.externalDatabase.password }} - {{- $external_database_password_warning = true }} - {{- end }} -{{- end }} - -{{- /* if we show the external redis password warning */ -}} -{{- $external_redis_password_warning := false }} -{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.passwordSecret) }} - {{- /* don't show a warning if the password is empty */ -}} - {{- if .Values.externalRedis.password }} - {{- $external_redis_password_warning = true }} - {{- end }} -{{- end }} - -{{- /* if we show the extraPipPackages warning */ -}} -{{- $extra_pip_warning := false }} -{{- if .Values.airflow.extraPipPackages }} -{{- $extra_pip_warning = true }} -{{- else if .Values.airflow.kubernetesPodTemplate.extraPipPackages }} -{{- $extra_pip_warning = true }} -{{- else if .Values.scheduler.extraPipPackages }} -{{- $extra_pip_warning = true }} -{{- else if .Values.web.extraPipPackages }} -{{- $extra_pip_warning = true }} -{{- else if .Values.workers.extraPipPackages }} -{{- $extra_pip_warning = true }} -{{- else if .Values.flower.extraPipPackages }} -{{- $extra_pip_warning = true }} -{{- end }} - -{{- /* if we show the embedded postgres warning */ -}} -{{- $embedded_postgres_warning := false }} -{{- if .Values.postgresql.enabled }} -{{- $embedded_postgres_warning = true }} -{{- end }} - -{{- /* if we show the git-sync known_hosts warning */ -}} -{{- $known_host_warning := false }} -{{- if and (.Values.dags.gitSync.enabled) (.Values.dags.gitSync.sshSecret) (not .Values.dags.gitSync.sshKnownHosts) }} -{{- $known_host_warning = true }} -{{- end }} - -{{- /* if we show the scheduler livenessProbe warning */ -}} -{{- $scheduler_livenessProbe_warning := false }} -{{- if not .Values.scheduler.livenessProbe.enabled }} -{{- $scheduler_livenessProbe_warning = true }} -{{- end }} - -{{- /* if we show the scheduler livenessProbe taskCreationCheck warning */ -}} -{{- $scheduler_livenessProbe_taskCreationCheck_warning := false }} -{{- if and (.Values.scheduler.livenessProbe.enabled) (not .Values.scheduler.livenessProbe.taskCreationCheck.enabled) }} -{{- $scheduler_livenessProbe_taskCreationCheck_warning = true }} -{{- end }} - -======================================================================== -Thanks for deploying Apache Airflow with the User-Community Helm Chart! - -==================== - TIPS -==================== -{{- range $user := .Values.airflow.users }} -{{- if and (eq $user.username "admin") (eq $user.password "admin") }} -Default Airflow Webserver login: - * Username: admin - * Password: admin -{{- end }} -{{ end }} - -{{- if and (not .Values.logs.persistence.enabled) (not $remote_logging_enabled) }} -You have NOT set up persistence for worker task logs, do this by: - 1. Using a Kubernetes PVC with `logs.persistence.*` - 2. Using remote logging with `AIRFLOW__LOGGING__REMOTE_LOGGING` -{{ end }} - -{{- if and (not .Values.ingress.enabled) (eq .Values.web.service.type "ClusterIP") }} -It looks like you have NOT exposed the Airflow Webserver, do this by: - 1. Using a Kubernetes Ingress with `ingress.*` - 2. Using a Kubernetes LoadBalancer/NodePort type Service with `web.service.type` -{{ end }} - -{{- if .Values.ingress.enabled }} -Your Kubernetes Ingress endpoint URLs: - * Airflow Webserver: http{{ if .Values.ingress.web.tls.enabled }}s{{ end }}://{{ .Values.ingress.web.host }}{{ .Values.ingress.web.path }}/ -{{- if .Values.flower.enabled }} - * Flower Dashboard: http{{ if .Values.ingress.flower.tls.enabled }}s{{ end }}://{{ .Values.ingress.flower.host }}{{ .Values.ingress.flower.path }}/ -{{- end }} -{{ end }} - -{{- if eq .Values.web.service.type "LoadBalancer" }} -You deployed a "LoadBalancer" type Service for the Airflow Webserver: - * External IP: kubectl get svc/{{ include "airflow.fullname" . }}-web --namespace {{ .Release.Namespace }} -o jsonpath="{.status.loadBalancer.ingress[0].ip}" - * External Port: {{ .Values.web.service.externalPort }} - * NOTE: it may take a few minutes for the External IP to be provisioned by your cloud provider -{{ end }} - -{{- if eq .Values.web.service.type "NodePort" }} -You deployed a "NodePort" type Service for the Airflow Webserver: - * Node IP: kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}" - * Node Port: kubectl get svc/{{ include "airflow.fullname" . }}-web --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" - * NOTE: any Node's external IP will work -{{ end }} - -{{- if true }} -Use these commands to port-forward the Services to your localhost: - * Airflow Webserver: kubectl port-forward svc/{{ include "airflow.fullname" . }}-web 8080:8080 --namespace {{ .Release.Namespace }} -{{- if .Values.flower.enabled }} - * Flower Dashboard: kubectl port-forward svc/{{ include "airflow.fullname" . }}-flower 5555:5555 --namespace {{ .Release.Namespace }} -{{- end }} -{{ end }} - -{{- if or ($fernet_key_warning) ($web_secret_warning) ($extra_pip_warning) ($embedded_postgres_warning) ($known_host_warning) }} -==================== - WARNINGS -==================== -{{- if $fernet_key_warning }} -[CRITICAL] default fernet encryption key value! - * HELP: set a custom value with `airflow.fernetKey` or `AIRFLOW__CORE__FERNET_KEY` -{{ end }} - -{{- if $web_secret_warning }} -[CRITICAL] default webserver secret_key value! - * HELP: set a custom value with `airflow.webserverSecretKey` or `AIRFLOW__WEBSERVER__SECRET_KEY` -{{ end }} - -{{- if $external_database_password_warning }} -[CRITICAL] external database password is set using plain-text value! - * HELP: create a Kubernetes secret with your database password and configure `externalDatabase.passwordSecret` -{{ end }} - -{{- if $external_redis_password_warning }} -[CRITICAL] external redis password is set using plain-text value! - * HELP: create a Kubernetes secret with your redis password and configure `externalRedis.passwordSecret` -{{ end }} - -{{- if $extra_pip_warning }} -[HIGH] using `extraPipPackages` can cause unexpected runtime errors if external PyPi packages change between Pod restarts - * HELP: create a Docker image with your pip packages installed and use it with `airflow.image.*` -{{ end }} - -{{- if $embedded_postgres_warning }} -[HIGH] using the embedded postgres database is NOT suitable for production! - * HELP: use an external postgres/mysql database with `externalDatabase.*` -{{ end }} - -{{- if $known_host_warning }} -[HIGH] git-sync ssh known_hosts verification is disabled! - * HELP: set `dags.gitSync.sshKnownHosts` with the ssh fingerprint of your git host -{{ end }} - -{{- if $scheduler_livenessProbe_warning }} -[MEDIUM] the scheduler liveness probe is disabled, the scheduler may not be restarted if it becomes unhealthy! - * HELP: enable the probe with `scheduler.livenessProbe.enabled` -{{ end }} - -{{- if $scheduler_livenessProbe_taskCreationCheck_warning }} -[MEDIUM] the scheduler "task creation check" is disabled, the scheduler may not be restarted if it deadlocks! - * HELP: configure the check with `scheduler.livenessProbe.taskCreationCheck.*` -{{ end }} - -{{- end }} -======================================================================== \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/common.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/common.tpl deleted file mode 100644 index 01cf09386a..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/common.tpl +++ /dev/null @@ -1,147 +0,0 @@ -{{/* -Construct the base name for all resources in this chart. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "airflow.fullname" -}} -{{- printf "%s" .Values.name -}} -{{- end -}} - -{{/* -Construct the `labels.app` for used by all resources in this chart. -*/}} -{{- define "airflow.labels.app" -}} -{{- printf "%s" .Chart.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Construct the `labels.chart` for used by all resources in this chart. -*/}} -{{- define "airflow.labels.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Construct the name of the airflow ServiceAccount. -*/}} -{{- define "airflow.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} -{{- .Values.serviceAccount.name | default (include "airflow.fullname" .) -}} -{{- else -}} -{{- .Values.serviceAccount.name | default "default" -}} -{{- end -}} -{{- end -}} - -{{/* -A flag indicating if a celery-like executor is selected (empty if false) -*/}} -{{- define "airflow.executor.celery_like" -}} -{{- if or (eq .Values.airflow.executor "CeleryExecutor") (eq .Values.airflow.executor "CeleryKubernetesExecutor") -}} -true -{{- end -}} -{{- end -}} - -{{/* -A flag indicating if a kubernetes-like executor is selected (empty if false) -*/}} -{{- define "airflow.executor.kubernetes_like" -}} -{{- if or (eq .Values.airflow.executor "KubernetesExecutor") (eq .Values.airflow.executor "CeleryKubernetesExecutor") -}} -true -{{- end -}} -{{- end -}} - -{{/* -The scheme (HTTP, HTTPS) used by the webserver -*/}} -{{- define "airflow.web.scheme" -}} -{{- if and (.Values.airflow.config.AIRFLOW__WEBSERVER__WEB_SERVER_SSL_CERT) (.Values.airflow.config.AIRFLOW__WEBSERVER__WEB_SERVER_SSL_KEY) -}} -HTTPS -{{- else -}} -HTTP -{{- end -}} -{{- end -}} - -{{/* -The path containing DAG files -*/}} -{{- define "airflow.dags.path" -}} -{{- if .Values.dags.gitSync.enabled -}} -{{- printf "%s/repo/%s" (.Values.dags.path | trimSuffix "/") (.Values.dags.gitSync.repoSubPath | trimAll "/") -}} -{{- else -}} -{{- printf .Values.dags.path -}} -{{- end -}} -{{- end -}} - -{{/* -If PgBouncer should be used. -*/}} -{{- define "airflow.pgbouncer.should_use" -}} -{{- if .Values.pgbouncer.enabled -}} -{{- if or (.Values.postgresql.enabled) (eq .Values.externalDatabase.type "postgres") -}} -true -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Construct the `postgresql.fullname` of the postgresql sub-chat chart. -Used to discover the Service and Secret name created by the sub-chart. -*/}} -{{- define "airflow.postgresql.fullname" -}} -{{- if .Values.postgresql.fullnameOverride -}} -{{- .Values.postgresql.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default "postgresql" .Values.postgresql.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Construct the `redis.fullname` of the redis sub-chat chart. -Used to discover the master Service and Secret name created by the sub-chart. -*/}} -{{- define "airflow.redis.fullname" -}} -{{- if .Values.redis.fullnameOverride -}} -{{- .Values.redis.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default "redis" .Values.redis.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -If the airflow triggerer should be used. -*/}} -{{- define "airflow.triggerer.should_use" -}} -{{- if .Values.triggerer.enabled -}} -{{- if not .Values.airflow.legacyCommands -}} -{{- if include "airflow.image.version" . -}} -{{- if semverCompare ">=2.2.0" (include "airflow.image.version" .) -}} -true -{{- end -}} -{{- else -}} -true -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -The version of airflow being deployed. -- extracted from the image tag (only for images in airflow's official DockerHub repo) -- always in `XX.XX.XX` format (ignores any pre-release suffixes) -- empty if no version can be extracted -*/}} -{{- define "airflow.image.version" -}} -{{- if eq .Values.airflow.image.repository "apache/airflow" -}} -{{- regexFind `^[0-9]+\.[0-9]+\.[0-9]+` .Values.airflow.image.tag -}} -{{- end -}} -{{- end -}} - diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/pods.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/pods.tpl deleted file mode 100644 index 102384152e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/pods.tpl +++ /dev/null @@ -1,532 +0,0 @@ -{{/* -Define the image configs for airflow containers -*/}} -{{- define "airflow.image" }} -image: {{ .Values.airflow.image.repository }}:{{ .Values.airflow.image.tag }} -imagePullPolicy: {{ .Values.airflow.image.pullPolicy }} -securityContext: - runAsUser: {{ .Values.airflow.image.uid }} - runAsGroup: {{ .Values.airflow.image.gid }} -{{- end }} - -{{/* -Define the command/entrypoint configs for airflow containers -*/}} -{{- define "airflow.command" }} -- "/usr/bin/dumb-init" -- "--" -{{- /* only use `/entrypoint` for airflow 2.0+ (older images dont pass "bash" & "python") */ -}} -{{- if not .Values.airflow.legacyCommands }} -- "/entrypoint" -{{- end }} -{{- end }} - -{{/* -Define the nodeSelector for airflow pods -EXAMPLE USAGE: {{ include "airflow.nodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" $nodeSelector) }} -*/}} -{{- define "airflow.podNodeSelector" }} -{{- .nodeSelector | default .Values.airflow.defaultNodeSelector | toYaml }} -{{- end }} - -{{/* -Define the Affinity for airflow pods -EXAMPLE USAGE: {{ include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" $affinity) }} -*/}} -{{- define "airflow.podAffinity" }} -{{- .affinity | default .Values.airflow.defaultAffinity | toYaml }} -{{- end }} - -{{/* -Define the Tolerations for airflow pods -EXAMPLE USAGE: {{ include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" $tolerations) }} -*/}} -{{- define "airflow.podTolerations" }} -{{- .tolerations | default .Values.airflow.defaultTolerations | toYaml }} -{{- end }} - -{{/* -Define the PodSecurityContext for airflow pods -EXAMPLE USAGE: {{ include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" $securityContext) }} -*/}} -{{- define "airflow.podSecurityContext" }} -{{- .securityContext | default .Values.airflow.defaultSecurityContext | toYaml }} -{{- end }} - -{{/* -Define an init-container which checks the DB status -EXAMPLE USAGE: {{ include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) }} -*/}} -{{- define "airflow.init_container.check_db" }} -- name: check-db - {{- include "airflow.image" . | indent 2 }} - envFrom: - {{- include "airflow.envFrom" . | indent 4 }} - env: - {{- include "airflow.env" . | indent 4 }} - command: - {{- include "airflow.command" . | indent 4 }} - args: - - "bash" - - "-c" - {{- if .Values.airflow.legacyCommands }} - - "exec timeout 60s airflow checkdb" - {{- else }} - - "exec timeout 60s airflow db check" - {{- end }} - {{- if .volumeMounts }} - volumeMounts: - {{- .volumeMounts | indent 4 }} - {{- end }} -{{- end }} - -{{/* -Define an init-container which waits for DB migrations -EXAMPLE USAGE: {{ include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) }} -*/}} -{{- define "airflow.init_container.wait_for_db_migrations" }} -- name: wait-for-db-migrations - {{- include "airflow.image" . | indent 2 }} - envFrom: - {{- include "airflow.envFrom" . | indent 4 }} - env: - {{- include "airflow.env" . | indent 4 }} - command: - {{- include "airflow.command" . | indent 4 }} - args: - {{- if .Values.airflow.legacyCommands }} - - "python" - - "-c" - - | - import logging - import os - import time - - import airflow - from airflow import settings - - # modified from https://github.com/apache/airflow/blob/2.1.0/airflow/utils/db.py#L583-L592 - def _get_alembic_config(): - from alembic.config import Config - - package_dir = os.path.abspath(os.path.dirname(airflow.__file__)) - directory = os.path.join(package_dir, 'migrations') - config = Config(os.path.join(package_dir, 'alembic.ini')) - config.set_main_option('script_location', directory.replace('%', '%%')) - config.set_main_option('sqlalchemy.url', settings.SQL_ALCHEMY_CONN.replace('%', '%%')) - return config - - # copied from https://github.com/apache/airflow/blob/2.1.0/airflow/utils/db.py#L595-L622 - def check_migrations(timeout): - """ - Function to wait for all airflow migrations to complete. - :param timeout: Timeout for the migration in seconds - :return: None - """ - from alembic.runtime.migration import MigrationContext - from alembic.script import ScriptDirectory - - config = _get_alembic_config() - script_ = ScriptDirectory.from_config(config) - with settings.engine.connect() as connection: - context = MigrationContext.configure(connection) - ticker = 0 - while True: - source_heads = set(script_.get_heads()) - db_heads = set(context.get_current_heads()) - if source_heads == db_heads: - break - if ticker >= timeout: - raise TimeoutError( - f"There are still unapplied migrations after {ticker} seconds. " - f"Migration Head(s) in DB: {db_heads} | Migration Head(s) in Source Code: {source_heads}" - ) - ticker += 1 - time.sleep(1) - logging.info('Waiting for migrations... %s second(s)', ticker) - - check_migrations(60) - {{- else }} - - "bash" - - "-c" - - "exec airflow db check-migrations -t 60" - {{- end }} - {{- if .volumeMounts }} - volumeMounts: - {{- .volumeMounts | indent 4 }} - {{- end }} -{{- end }} - -{{/* -Define an init-container which installs a list of pip packages -EXAMPLE USAGE: {{ include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -*/}} -{{- define "airflow.init_container.install_pip_packages" }} -- name: install-pip-packages - {{- include "airflow.image" . | indent 2 }} - envFrom: - {{- include "airflow.envFrom" . | indent 4 }} - env: - {{- include "airflow.env" . | indent 4 }} - command: - {{- include "airflow.command" . | indent 4 }} - args: - - "bash" - - "-c" - - | - unset PYTHONUSERBASE && \ - pip install --user {{ range .extraPipPackages }}{{ . | quote }} {{ end }} && \ - echo "copying '/home/airflow/.local/*' to '/opt/home-airflow-local'..." && \ - cp -r /home/airflow/.local/* /opt/home-airflow-local - volumeMounts: - - name: home-airflow-local - mountPath: /opt/home-airflow-local -{{- end }} - -{{/* -Define a container which regularly syncs a git-repo -EXAMPLE USAGE: {{ include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") }} -*/}} -{{- define "airflow.container.git_sync" }} -{{- if .sync_one_time }} -- name: dags-git-clone -{{- else }} -- name: dags-git-sync -{{- end }} - image: {{ .Values.dags.gitSync.image.repository }}:{{ .Values.dags.gitSync.image.tag }} - imagePullPolicy: {{ .Values.dags.gitSync.image.pullPolicy }} - securityContext: - runAsUser: {{ .Values.dags.gitSync.image.uid }} - runAsGroup: {{ .Values.dags.gitSync.image.gid }} - resources: - {{- toYaml .Values.dags.gitSync.resources | nindent 4 }} - envFrom: - {{- include "airflow.envFrom" . | indent 4 }} - env: - {{- if .sync_one_time }} - - name: GIT_SYNC_ONE_TIME - value: "true" - {{- end }} - - name: GIT_SYNC_ROOT - value: "/dags" - - name: GIT_SYNC_DEST - value: "repo" - - name: GIT_SYNC_REPO - value: {{ .Values.dags.gitSync.repo | quote }} - - name: GIT_SYNC_BRANCH - value: {{ .Values.dags.gitSync.branch | quote }} - - name: GIT_SYNC_REV - value: {{ .Values.dags.gitSync.revision | quote }} - - name: GIT_SYNC_DEPTH - value: {{ .Values.dags.gitSync.depth | quote }} - - name: GIT_SYNC_WAIT - value: {{ .Values.dags.gitSync.syncWait | quote }} - - name: GIT_SYNC_TIMEOUT - value: {{ .Values.dags.gitSync.syncTimeout | quote }} - - name: GIT_SYNC_ADD_USER - value: "true" - - name: GIT_SYNC_MAX_SYNC_FAILURES - value: {{ .Values.dags.gitSync.maxFailures | quote }} - {{- if .Values.dags.gitSync.sshSecret }} - - name: GIT_SYNC_SSH - value: "true" - - name: GIT_SSH_KEY_FILE - value: "/etc/git-secret/id_rsa" - {{- end }} - {{- if .Values.dags.gitSync.sshKnownHosts }} - - name: GIT_KNOWN_HOSTS - value: "true" - - name: GIT_SSH_KNOWN_HOSTS_FILE - value: "/etc/git-secret/known_hosts" - {{- else }} - - name: GIT_KNOWN_HOSTS - value: "false" - {{- end }} - {{- if .Values.dags.gitSync.httpSecret }} - - name: GIT_SYNC_USERNAME - valueFrom: - secretKeyRef: - name: {{ .Values.dags.gitSync.httpSecret }} - key: {{ .Values.dags.gitSync.httpSecretUsernameKey }} - - name: GIT_SYNC_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.dags.gitSync.httpSecret }} - key: {{ .Values.dags.gitSync.httpSecretPasswordKey }} - {{- end }} - {{- /* this has user-defined variables, so must be included BELOW (so the ABOVE `env` take precedence) */ -}} - {{- include "airflow.env" . | indent 4 }} - {{- include "airflow.env.scheduler" . | indent 4 }} - volumeMounts: - - name: dags-data - mountPath: /dags - {{- if .Values.dags.gitSync.sshSecret }} - - name: git-secret - mountPath: /etc/git-secret/id_rsa - readOnly: true - subPath: {{ .Values.dags.gitSync.sshSecretKey }} - {{- end }} - {{- if .Values.dags.gitSync.sshKnownHosts }} - - name: git-known-hosts - mountPath: /etc/git-secret/known_hosts - readOnly: true - subPath: known_hosts - {{- end }} -{{- end }} - -{{/* -Define a container which regularly deletes airflow logs older than a retention period. -EXAMPLE USAGE: {{ include "airflow.container.log_cleanup" (dict "Release" .Release "Values" .Values "resources" $lc_resources "retention_min" $lc_retention_min "interval_sec" $lc_interval_sec) }} -*/}} -{{- define "airflow.container.log_cleanup" }} -- name: log-cleanup - {{- include "airflow.image" . | indent 2 }} - resources: - {{- toYaml .resources | nindent 4 }} - envFrom: - {{- include "airflow.envFrom" . | indent 4 }} - env: - - name: LOG_PATH - value: {{ .Values.logs.path | quote }} - - name: RETENTION_MINUTES - value: {{ .retention_min | quote }} - - name: INTERVAL_SECONDS - value: {{ .interval_sec | quote }} - {{- /* this has user-defined variables, so must be included BELOW (so the ABOVE `env` take precedence) */ -}} - {{- include "airflow.env" . | indent 4 }} - command: - {{- include "airflow.command" . | indent 4 }} - args: - - "bash" - - "-c" - - | - set -euo pipefail - - # break the infinite loop when we receive SIGINT or SIGTERM - trap "exit 0" SIGINT SIGTERM - - while true; do - START_EPOCH=$(date --utc +%s) - echo "[$(date --utc +%FT%T.%3N)] deleting log files older than $RETENTION_MINUTES minutes..." - - # delete all writable files ending in ".log" with modified-time older than $RETENTION_MINUTES - # NOTE: `-printf "."` prints a "." for each deleted file, which we count the bytes of with `wc -c` - DELETED_COUNT=$( - find "$LOG_PATH" \ - -type f \ - -name "*.log" \ - -mmin +"$RETENTION_MINUTES" \ - -writable \ - -delete \ - -printf "." \ - | wc -c - ) - - END_EPOCH=$(date --utc +%s) - LOOP_DURATION=$((END_EPOCH - START_EPOCH)) - echo "[$(date --utc +%FT%T.%3N)] deleted $DELETED_COUNT files in $LOOP_DURATION seconds" - - SECONDS_TO_SLEEP=$((INTERVAL_SECONDS - LOOP_DURATION)) - if (( SECONDS_TO_SLEEP > 0 )); then - echo "[$(date --utc +%FT%T.%3N)] waiting $SECONDS_TO_SLEEP seconds..." - sleep $SECONDS_TO_SLEEP - fi - done - volumeMounts: - - name: logs-data - mountPath: {{ .Values.logs.path }} -{{- end }} - -{{/* -The list of `volumeMounts` for web/scheduler/worker/flower container -EXAMPLE USAGE: {{ include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumeMounts" $extraVolumeMounts) }} -*/}} -{{- define "airflow.volumeMounts" }} -{{- /* airflow_local_settings.py */ -}} -{{- if or (.Values.airflow.localSettings.stringOverride) (.Values.airflow.localSettings.existingSecret) }} -- name: airflow-local-settings - mountPath: /opt/airflow/config/airflow_local_settings.py - subPath: airflow_local_settings.py - readOnly: true -{{- end }} - -{{- /* dags */ -}} -{{- if .Values.dags.persistence.enabled }} -- name: dags-data - mountPath: {{ .Values.dags.path }} - subPath: {{ .Values.dags.persistence.subPath }} - {{- if eq .Values.dags.persistence.accessMode "ReadOnlyMany" }} - readOnly: true - {{- end }} -{{- else if .Values.dags.gitSync.enabled }} -- name: dags-data - mountPath: {{ .Values.dags.path }} -{{- end }} - -{{- /* logs */ -}} -{{- if .Values.logs.persistence.enabled }} -- name: logs-data - mountPath: {{ .Values.logs.path }} - subPath: {{ .Values.logs.persistence.subPath }} -{{- else }} -- name: logs-data - mountPath: {{ .Values.logs.path }} -{{- end }} - -{{- /* pip-packages */ -}} -{{- if .extraPipPackages }} -- name: home-airflow-local - mountPath: /home/airflow/.local -{{- end }} - -{{- /* user-defined (global) */ -}} -{{- if .Values.airflow.extraVolumeMounts }} -{{ toYaml .Values.airflow.extraVolumeMounts }} -{{- end }} - -{{- /* user-defined */ -}} -{{- if .extraVolumeMounts }} -{{ toYaml .extraVolumeMounts }} -{{- end }} -{{- end }} - -{{/* -The list of `volumes` for web/scheduler/worker/flower Pods -EXAMPLE USAGE: {{ include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumes" $extraVolumes) }} -*/}} -{{- define "airflow.volumes" }} -{{- /* airflow_local_settings.py */ -}} -{{- if or (.Values.airflow.localSettings.stringOverride) (.Values.airflow.localSettings.existingSecret) }} -- name: airflow-local-settings - secret: - {{- if .Values.airflow.localSettings.existingSecret }} - secretName: {{ .Values.airflow.localSettings.existingSecret }} - {{- else }} - secretName: {{ include "airflow.fullname" . }}-local-settings - {{- end }} - defaultMode: 0644 -{{- end }} - -{{- /* dags */ -}} -{{- if .Values.dags.persistence.enabled }} -- name: dags-data - persistentVolumeClaim: - {{- if .Values.dags.persistence.existingClaim }} - claimName: {{ .Values.dags.persistence.existingClaim }} - {{- else }} - claimName: {{ printf "%s-dags" (include "airflow.fullname" . | trunc 58) }} - {{- end }} -{{- else if .Values.dags.gitSync.enabled }} -- name: dags-data - emptyDir: {} -{{- end }} - -{{- /* logs */ -}} -{{- if .Values.logs.persistence.enabled }} -- name: logs-data - persistentVolumeClaim: - {{- if .Values.logs.persistence.existingClaim }} - claimName: {{ .Values.logs.persistence.existingClaim }} - {{- else }} - claimName: {{ printf "%s-logs" (include "airflow.fullname" . | trunc 58) }} - {{- end }} -{{- else }} -- name: logs-data - emptyDir: {} -{{- end }} - -{{- /* git-sync */ -}} -{{- if .Values.dags.gitSync.enabled }} -{{- if .Values.dags.gitSync.sshSecret }} -- name: git-secret - secret: - secretName: {{ .Values.dags.gitSync.sshSecret }} - defaultMode: 0644 -{{- end }} -{{- if .Values.dags.gitSync.sshKnownHosts }} -- name: git-known-hosts - secret: - secretName: {{ include "airflow.fullname" . }}-known-hosts - defaultMode: 0644 -{{- end }} -{{- end }} - -{{- /* pip-packages */ -}} -{{- if .extraPipPackages }} -- name: home-airflow-local - emptyDir: {} -{{- end }} - -{{- /* user-defined (global) */ -}} -{{- if .Values.airflow.extraVolumes }} -{{ toYaml .Values.airflow.extraVolumes }} -{{- end }} - -{{- /* user-defined */ -}} -{{- if .extraVolumes }} -{{ toYaml .extraVolumes }} -{{- end }} -{{- end }} - -{{/* -The list of `envFrom` for web/scheduler/worker/flower Pods -*/}} -{{- define "airflow.envFrom" }} -- secretRef: - name: {{ include "airflow.fullname" . }}-config-envs -{{- end }} - -{{- define "airflow.env.scheduler" }} -- name: scheduler_health_check_threshold - value: "240" -- name: orphaned_tasks_check_interval - value: "300" -{{- end }} - - -{{/* -The list of `env` for web/scheduler/worker/flower Pods -EXAMPLE USAGE: {{ include "airflow.env" (dict "Release" .Release "Values" .Values "CONNECTION_CHECK_MAX_COUNT" "0") }} -*/}} -{{- define "airflow.env" }} -- name: DATABASE_USER - valueFrom: - secretKeyRef: - name: airflow - key: db_user -- name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: airflow - key: db_password -- name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: airflow-redis - key: redis-password - -{{- /* disable the `/entrypoint` db connection check */ -}} -{{- if not .Values.airflow.legacyCommands }} -- name: CONNECTION_CHECK_MAX_COUNT - {{- if .CONNECTION_CHECK_MAX_COUNT }} - value: {{ .CONNECTION_CHECK_MAX_COUNT | quote }} - {{- else }} - value: "0" - {{- end }} -{{- end }} - -{{- /* set AIRFLOW__CELERY__FLOWER_BASIC_AUTH */ -}} -{{- if .Values.flower.basicAuthSecret }} -- name: AIRFLOW__CELERY__FLOWER_BASIC_AUTH - valueFrom: - secretKeyRef: - name: {{ .Values.flower.basicAuthSecret }} - key: {{ .Values.flower.basicAuthSecretKey }} -{{- end }} - -{{- /* user-defined environment variables */ -}} -{{- if .Values.airflow.extraEnv }} -{{ toYaml .Values.airflow.extraEnv }} -{{- end }} -{{- end }} - diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/validate-values.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/validate-values.tpl deleted file mode 100644 index 6d76727af5..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/_helpers/validate-values.tpl +++ /dev/null @@ -1,181 +0,0 @@ -{{/* Checks for `.Release.name` */}} -{{- if gt (len .Release.Name) 43 }} - {{ required "The `.Release.name` must be less than 43 characters (due to the 63 character limit for names in Kubernetes)!" nil }} -{{- end }} - -{{/* Checks for `airflow.legacyCommands` */}} -{{- if .Values.airflow.legacyCommands }} - {{- if not (eq "1" (.Values.scheduler.replicas | toString)) }} - {{ required "If `airflow.legacyCommands=true`, then `scheduler.replicas` must be set to `1`!" nil }} - {{- end }} -{{- end }} - -{{/* Checks for `airflow.image` */}} -{{- if eq .Values.airflow.image.repository "apache/airflow" }} - {{- if hasPrefix "1." .Values.airflow.image.tag }} - {{- if not .Values.airflow.legacyCommands }} - {{ required "When using airflow 1.10.X, `airflow.legacyCommands` must be `true`!" nil }} - {{- end }} - {{ end }} - {{- if hasPrefix "2." .Values.airflow.image.tag }} - {{- if .Values.airflow.legacyCommands }} - {{ required "When using airflow 2.X.X, `airflow.legacyCommands` must be `false`!" nil }} - {{- end }} - {{ end }} -{{- end }} - -{{/* Checks for `airflow.executor` */}} -{{- if not (has .Values.airflow.executor (list "CeleryExecutor" "CeleryKubernetesExecutor" "KubernetesExecutor")) }} - {{ required "The `airflow.executor` must be one of: [CeleryExecutor, CeleryKubernetesExecutor, KubernetesExecutor]!" nil }} -{{- end }} -{{- if eq .Values.airflow.executor "CeleryExecutor" }} - {{- if not .Values.workers.enabled }} - {{ required "If `airflow.executor=CeleryExecutor`, then `workers.enabled` should be `true`!" nil }} - {{- end }} -{{- end }} -{{- if eq .Values.airflow.executor "CeleryKubernetesExecutor" }} - {{- if not .Values.workers.enabled }} - {{ required "If `airflow.executor=CeleryKubernetesExecutor`, then `workers.enabled` should be `true`!" nil }} - {{- end }} -{{- end }} -{{- if eq .Values.airflow.executor "KubernetesExecutor" }} - {{- if or (.Values.workers.enabled) (.Values.flower.enabled) (.Values.redis.enabled) }} - {{ required "If `airflow.executor=KubernetesExecutor`, then all of [`workers.enabled`, `flower.enabled`, `redis.enabled`] should be `false`!" nil }} - {{- end }} -{{- end }} - -{{/* Checks for `airflow.config` */}} -{{- if .Values.airflow.config.AIRFLOW__CORE__EXECUTOR }} - {{ required "Don't define `airflow.config.AIRFLOW__CORE__EXECUTOR`, it will be automatically set from `airflow.executor`!" nil }} -{{- end }} -{{- if or .Values.airflow.config.AIRFLOW__CORE__DAGS_FOLDER }} - {{ required "Don't define `airflow.config.AIRFLOW__CORE__DAGS_FOLDER`, it will be automatically set from `dags.path`!" nil }} -{{- end }} -{{- if or (.Values.airflow.config.AIRFLOW__CELERY__BROKER_URL) (.Values.airflow.config.AIRFLOW__CELERY__BROKER_URL_CMD) }} - {{ required "Don't define `airflow.config.AIRFLOW__CELERY__BROKER_URL`, it will be automatically set by the chart!" nil }} -{{- end }} -{{- if or (.Values.airflow.config.AIRFLOW__CELERY__RESULT_BACKEND) (.Values.airflow.config.AIRFLOW__CELERY__RESULT_BACKEND_CMD) }} - {{ required "Don't define `airflow.config.AIRFLOW__CELERY__RESULT_BACKEND`, it will be automatically set by the chart!" nil }} -{{- end }} -{{- if or (.Values.airflow.config.AIRFLOW__CORE__SQL_ALCHEMY_CONN) (.Values.airflow.config.AIRFLOW__CORE__SQL_ALCHEMY_CONN_CMD) }} - {{ required "Don't define `airflow.config.AIRFLOW__CORE__SQL_ALCHEMY_CONN`, it will be automatically set by the chart!" nil }} -{{- end }} - -{{/* Checks for `logs.persistence` */}} -{{- if .Values.logs.persistence.enabled }} - {{- if not (eq .Values.logs.persistence.accessMode "ReadWriteMany") }} - {{ required "The `logs.persistence.accessMode` must be `ReadWriteMany`!" nil }} - {{- end }} - {{- if .Values.scheduler.logCleanup.enabled }} - {{ required "If `logs.persistence.enabled=true`, then `scheduler.logCleanup.enabled` must be disabled!" nil }} - {{- end }} - {{- if .Values.workers.enabled }} - {{- if .Values.workers.logCleanup.enabled }} - {{ required "If `logs.persistence.enabled=true`, then `workers.logCleanup.enabled` must be disabled!" nil }} - {{- end }} - {{- end }} -{{- end }} - -{{/* Checks for `dags.persistence` */}} -{{- if .Values.dags.persistence.enabled }} - {{- if not (has .Values.dags.persistence.accessMode (list "ReadOnlyMany" "ReadWriteMany")) }} - {{ required "The `dags.persistence.accessMode` must be one of: [ReadOnlyMany, ReadWriteMany]!" nil }} - {{- end }} -{{- end }} - -{{/* Checks for `dags.gitSync` */}} -{{- if .Values.dags.gitSync.enabled }} - {{- if .Values.dags.persistence.enabled }} - {{ required "If `dags.gitSync.enabled=true`, then `persistence.enabled` must be disabled!" nil }} - {{- end }} - {{- if not .Values.dags.gitSync.repo }} - {{ required "If `dags.gitSync.enabled=true`, then `dags.gitSync.repo` must be non-empty!" nil }} - {{- end }} - {{- if and (.Values.dags.gitSync.sshSecret) (.Values.dags.gitSync.httpSecret) }} - {{ required "At most, one of `dags.gitSync.sshSecret` and `dags.gitSync.httpSecret` can be defined!" nil }} - {{- end }} - {{- if and (.Values.dags.gitSync.repo | lower | hasPrefix "git@github.com") (not .Values.dags.gitSync.sshSecret) }} - {{ required "You must define `dags.gitSync.sshSecret` when using GitHub with SSH for `dags.gitSync.repo`!" nil }} - {{- end }} -{{- end }} - -{{/* Checks for `ingress` */}} -{{- if .Values.ingress.enabled }} - {{/* Checks for `ingress.apiVersion` */}} - {{- if not (has .Values.ingress.apiVersion (list "networking.k8s.io/v1" "networking.k8s.io/v1beta1")) }} - {{ required "The `ingress.apiVersion` must be one of: [networking.k8s.io/v1, networking.k8s.io/v1beta1]!" nil }} - {{- end }} - - {{/* Checks for `ingress.web.path` */}} - {{- if .Values.ingress.web.path }} - {{- if not (.Values.ingress.web.path | hasPrefix "/") }} - {{ required "The `ingress.web.path` should start with a '/'!" nil }} - {{- end }} - {{- if .Values.ingress.web.path | hasSuffix "/" }} - {{ required "The `ingress.web.path` should NOT include a trailing '/'!" nil }} - {{- end }} - {{- if .Values.airflow.config.AIRFLOW__WEBSERVER__BASE_URL }} - {{- $webUrl := .Values.airflow.config.AIRFLOW__WEBSERVER__BASE_URL | urlParse }} - {{- if not (eq (.Values.ingress.web.path | trimSuffix "/*") (get $webUrl "path")) }} - {{ required (printf "The `ingress.web.path` must be compatable with `airflow.config.AIRFLOW__WEBSERVER__BASE_URL`! (try setting AIRFLOW__WEBSERVER__BASE_URL to 'http://{HOSTNAME}%s', rather than '%s')" (.Values.ingress.web.path | trimSuffix "/*") .Values.airflow.config.AIRFLOW__WEBSERVER__BASE_URL) nil }} - {{- end }} - {{- else }} - {{ required (printf "If `ingress.web.path` is set, then `airflow.config.AIRFLOW__WEBSERVER__BASE_URL` must be set! (try setting AIRFLOW__WEBSERVER__BASE_URL to 'http://{HOSTNAME}%s')" (.Values.ingress.web.path | trimSuffix "/*")) nil }} - {{- end }} - {{- end }} - - {{/* Checks for `ingress.flower.path` */}} - {{- if .Values.ingress.flower.path }} - {{- if not (.Values.ingress.flower.path | hasPrefix "/") }} - {{ required "The `ingress.flower.path` should start with a '/'!" nil }} - {{- end }} - {{- if .Values.ingress.flower.path | hasSuffix "/" }} - {{ required "The `ingress.flower.path` should NOT include a trailing '/'!" nil }} - {{- end }} - {{- if .Values.airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX }} - {{- if not (eq (.Values.ingress.flower.path | trimSuffix "/*") .Values.airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX) }} - {{ required (printf "The `ingress.flower.path` must be compatable with `airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX`! (try setting AIRFLOW__CELERY__FLOWER_URL_PREFIX to '%s', rather than '%s')" (.Values.ingress.flower.path | trimSuffix "/*") .Values.airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX) nil }} - {{- end }} - {{- else }} - {{ required (printf "If `ingress.flower.path` is set, then `airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX` must be set! (try setting AIRFLOW__CELERY__FLOWER_URL_PREFIX to '%s')" (.Values.ingress.flower.path | trimSuffix "/*")) nil }} - {{- end }} - {{- end }} -{{- end }} - -{{/* Checks for `pgbouncer` */}} -{{- if include "airflow.pgbouncer.should_use" . }} - {{- if .Values.pgbouncer.clientSSL.keyFile.existingSecret }} - {{- if not .Values.pgbouncer.clientSSL.certFile.existingSecret }} - {{ required "If `pgbouncer.clientSSL.keyFile.existingSecret` is set, then `pgbouncer.clientSSL.certFile.existingSecret` must also be!" nil }} - {{- end }} - {{- end }} - {{- if .Values.pgbouncer.clientSSL.certFile.existingSecret }} - {{- if not .Values.pgbouncer.clientSSL.keyFile.existingSecret }} - {{ required "If `pgbouncer.clientSSL.certFile.existingSecret` is set, then `pgbouncer.clientSSL.keyFile.existingSecret` must also be!" nil }} - {{- end }} - {{- end }} - {{- if .Values.pgbouncer.serverSSL.keyFile.existingSecret }} - {{- if not .Values.pgbouncer.serverSSL.certFile.existingSecret }} - {{ required "If `pgbouncer.serverSSL.keyFile.existingSecret` is set, then `pgbouncer.serverSSL.certFile.existingSecret` must also be!" nil }} - {{- end }} - {{- end }} - {{- if .Values.pgbouncer.serverSSL.certFile.existingSecret }} - {{- if not .Values.pgbouncer.serverSSL.keyFile.existingSecret }} - {{ required "If `pgbouncer.serverSSL.certFile.existingSecret` is set, then `pgbouncer.serverSSL.keyFile.existingSecret` must also be!" nil }} - {{- end }} - {{- end }} -{{- end }} - -{{/* Checks for `externalDatabase` */}} -{{- if .Values.externalDatabase.host }} - {{/* check if they are using externalDatabase (the default value for `externalDatabase.host` is "localhost") */}} - {{- if not (eq .Values.externalDatabase.host "localhost") }} - {{- if .Values.postgresql.enabled }} - {{ required "If `externalDatabase.host` is set, then `postgresql.enabled` should be `false`!" nil }} - {{- end }} - {{- if not (has .Values.externalDatabase.type (list "mysql" "postgres")) }} - {{ required "The `externalDatabase.type` must be one of: [mysql, postgres]!" nil }} - {{- end }} - {{- end }} -{{- end }} - diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/configmap-pod-template.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/configmap-pod-template.yaml deleted file mode 100644 index b355f6a923..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/configmap-pod-template.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if include "airflow.executor.kubernetes_like" . }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "airflow.fullname" . }}-pod-template - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} -data: - pod_template.yaml: |- - {{- if .Values.airflow.kubernetesPodTemplate.stringOverride }} - {{- .Values.airflow.kubernetesPodTemplate.stringOverride | nindent 4 }} - {{- else }} - {{- tpl (.Files.Get "files/pod_template.kubernetes-helm-yaml") . | nindent 4 }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-config-envs.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-config-envs.yaml deleted file mode 100644 index 0395fbee1c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-config-envs.yaml +++ /dev/null @@ -1,198 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-config-envs - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} -## we must use `data` rather than `stringData` (see: https://github.com/helm/helm/issues/10010) -data: - ## ================ - ## Linux Configs - ## ================ - TZ: {{ "Etc/UTC" | b64enc | quote }} - - ## ================ - ## Database Configs - ## ================ - ## database host/port - {{- if include "airflow.pgbouncer.should_use" . }} - DATABASE_HOST: {{ printf "%s-pgbouncer.%s.svc.%s" (include "airflow.fullname" .) (.Values.namespace) (.Values.airflow.clusterDomain) | b64enc | quote }} - DATABASE_PORT: {{ "6432" | b64enc | quote }} - {{- else if .Values.postgresql.enabled }} - DATABASE_HOST: {{ printf "%s.%s.svc.%s" (include "airflow.postgresql.fullname" .) (.Values.namespace) (.Values.airflow.clusterDomain) | b64enc | quote }} - DATABASE_PORT: {{ "5432" | b64enc | quote }} - {{- else }} - DATABASE_HOST: {{ .Values.externalDatabase.host | b64enc | quote }} - DATABASE_PORT: {{ .Values.externalDatabase.port | toString | b64enc | quote }} - {{- end }} - - ## database configs - {{- if .Values.postgresql.enabled }} - DATABASE_DB: {{ .Values.postgresql.postgresqlDatabase | toString | b64enc | quote }} - {{- else }} - DATABASE_DB: {{ .Values.externalDatabase.database | toString | b64enc | quote }} - DATABASE_PROPERTIES: {{ .Values.externalDatabase.properties | toString | b64enc | quote }} - {{- end }} - - {{- /* in other cases, these variables are set in the "airflow.env" template */ -}} - {{- if not .Values.postgresql.enabled }} - {{- if or (not .Values.externalDatabase.userSecret ) (not .Values.externalDatabase.passwordSecret) }} - - {{- end }} - {{- end }} - - ## bash command which echos the URL encoded value of $DATABASE_USER - DATABASE_USER_CMD: {{ `echo "${DATABASE_USER}" | python3 -c "import urllib.parse; encoded_user = urllib.parse.quote(input()); print(encoded_user)"` | b64enc | quote }} - - ## bash command which echos the URL encoded value of $DATABASE_PASSWORD - DATABASE_PASSWORD_CMD: {{ `echo "${DATABASE_PASSWORD}" | python3 -c "import urllib.parse; encoded_pass = urllib.parse.quote(input()); print(encoded_pass)"` | b64enc | quote }} - - ## bash command which echos the DB connection string in SQLAlchemy format - {{- if .Values.postgresql.enabled }} - DATABASE_SQLALCHEMY_CMD: {{ `echo -n "postgresql+psycopg2://$(eval $DATABASE_USER_CMD):$(eval $DATABASE_PASSWORD_CMD)@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DB}"` | b64enc | quote }} - {{- else if eq "postgres" .Values.externalDatabase.type }} - DATABASE_SQLALCHEMY_CMD: {{ `echo -n "postgresql+psycopg2://$(eval $DATABASE_USER_CMD):$(eval $DATABASE_PASSWORD_CMD)@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DB}${DATABASE_PROPERTIES}"` | b64enc | quote }} - {{- else if eq "mysql" .Values.externalDatabase.type }} - DATABASE_SQLALCHEMY_CMD: {{ `echo -n "mysql+mysqldb://$(eval $DATABASE_USER_CMD):$(eval $DATABASE_PASSWORD_CMD)@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DB}${DATABASE_PROPERTIES}"` | b64enc | quote }} - {{- end }} - - ## bash command which echos the DB connection string in Celery result_backend format - {{- if .Values.postgresql.enabled }} - DATABASE_CELERY_CMD: {{ `echo -n "db+postgresql://$(eval $DATABASE_USER_CMD):$(eval $DATABASE_PASSWORD_CMD)@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DB}"` | b64enc | quote }} - {{- else if eq "postgres" .Values.externalDatabase.type }} - DATABASE_CELERY_CMD: {{ `echo -n "db+postgresql://$(eval $DATABASE_USER_CMD):$(eval $DATABASE_PASSWORD_CMD)@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DB}${DATABASE_PROPERTIES}"` | b64enc | quote }} - {{- else if eq "mysql" .Values.externalDatabase.type }} - DATABASE_CELERY_CMD: {{ `echo -n "db+mysql://$(eval $DATABASE_USER_CMD):$(eval $DATABASE_PASSWORD_CMD)@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DB}${DATABASE_PROPERTIES}"` | b64enc | quote }} - {{- end }} - - ## bash command which echos the DB connection string in `psql` cli format - DATABASE_PSQL_CMD: {{ `echo -n "postgresql://$(eval $DATABASE_USER_CMD):$(eval $DATABASE_PASSWORD_CMD)@${DATABASE_HOST}:${DATABASE_PORT}/${DATABASE_DB}${DATABASE_PROPERTIES}"` | b64enc | quote }} - - ## ================ - ## Redis Configs - ## ================ - {{- if include "airflow.executor.celery_like" . }} - ## connection string components - {{- if .Values.redis.enabled }} - REDIS_HOST: {{ printf "%s-redis-master.%s.svc.%s" (include "airflow.fullname" .) (.Values.namespace) (.Values.airflow.clusterDomain) | b64enc | quote }} - REDIS_PORT: {{ "6379" | b64enc | quote }} - REDIS_DBNUM: {{ "1" | b64enc | quote }} - {{- else }} - REDIS_HOST: {{ .Values.externalRedis.host | toString | b64enc | quote }} - REDIS_PORT: {{ .Values.externalRedis.port | toString | b64enc | quote }} - REDIS_DBNUM: {{ .Values.externalRedis.databaseNumber | toString | b64enc | quote }} - REDIS_PROPERTIES: {{.Values.externalRedis.properties | b64enc | quote }} - {{- end }} - - {{- /* in other cases, these variables are set in the "airflow.env" template */ -}} - {{- if not .Values.redis.enabled }} - {{- if not .Values.externalRedis.passwordSecret }} - - ## credentials (from plain-text helm values) - REDIS_PASSWORD: {{ .Values.externalRedis.password | b64enc | quote }} - {{- end }} - {{- end }} - - ## bash command which echos the URL encoded value of $REDIS_PASSWORD - ## NOTE: if $REDIS_PASSWORD is non-empty, prints `:${REDIS_PASSWORD}@`, else `` - REDIS_PASSWORD_CMD: {{ `echo "${REDIS_PASSWORD}" | python3 -c "import urllib.parse; encoded_pass = urllib.parse.quote(input()); print(f\":{encoded_pass}@\") if len(encoded_pass) > 0 else None"` | b64enc | quote }} - - ## bash command which echos the Redis connection string - REDIS_CONNECTION_CMD: {{ `echo -n "redis://$(eval $REDIS_PASSWORD_CMD)${REDIS_HOST}:${REDIS_PORT}/${REDIS_DBNUM}${REDIS_PROPERTIES}"` | b64enc | quote }} - {{- end }} - - ## ================ - ## Airflow Configs (General) - ## ================ - AIRFLOW__CORE__DAGS_FOLDER: {{ include "airflow.dags.path" . | b64enc | quote }} - AIRFLOW__CORE__EXECUTOR: {{ .Values.airflow.executor | b64enc | quote }} - {{- if .Values.airflow.fernetKey }} - AIRFLOW__CORE__FERNET_KEY: {{ .Values.airflow.fernetKey | b64enc | quote }} - {{- end }} - {{- if .Values.airflow.webserverSecretKey }} - AIRFLOW__WEBSERVER__SECRET_KEY: {{ .Values.airflow.webserverSecretKey | b64enc | quote }} - {{- end }} - AIRFLOW__WEBSERVER__WEB_SERVER_PORT: {{ "8080" | b64enc | quote }} - AIRFLOW__CELERY__FLOWER_PORT: {{ "5555" | b64enc | quote }} - - {{- if and (.Values.dags.gitSync.enabled) (not .Values.airflow.config.AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL) }} - ## refresh the dags folder at the same frequency as git-sync - AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: {{ .Values.dags.gitSync.syncWait | toString | b64enc | quote }} - {{- end }} - - {{- if and (.Values.airflow.legacyCommands) (not .Values.airflow.config.AIRFLOW__WEBSERVER__RBAC) }} - ## default to the RBAC UI when in legacy mode - AIRFLOW__WEBSERVER__RBAC: {{ "true" | b64enc | quote }} - {{- end }} - - ## ================ - ## Airflow Configs (Database) - ## ================ - AIRFLOW__CORE__SQL_ALCHEMY_CONN_CMD: {{ `bash -c 'eval "$DATABASE_SQLALCHEMY_CMD"'` | b64enc | quote }} - ## `core.sql_alchemy_conn` moved to `database.sql_alchemy_conn` in airflow 2.3.0 - AIRFLOW__DATABASE__SQL_ALCHEMY_CONN_CMD: {{ `bash -c 'eval "$DATABASE_SQLALCHEMY_CMD"'` | b64enc | quote }} - - ## ================ - ## Airflow Configs (Triggerer) - ## ================ - {{- if include "airflow.triggerer.should_use" . }} - {{- if not .Values.airflow.config.AIRFLOW__TRIGGERER__DEFAULT_CAPACITY }} - AIRFLOW__TRIGGERER__DEFAULT_CAPACITY: {{ .Values.triggerer.capacity | toString | b64enc | quote }} - {{- end }} - {{- end }} - - ## ================ - ## Airflow Configs (Logging) - ## ================ - {{- if .Values.airflow.legacyCommands }} - AIRFLOW__CORE__BASE_LOG_FOLDER: {{ .Values.logs.path | b64enc | quote }} - AIRFLOW__CORE__DAG_PROCESSOR_MANAGER_LOG_LOCATION: {{ printf "%s/dag_processor_manager/dag_processor_manager.log" .Values.logs.path | b64enc | quote }} - {{- else }} - AIRFLOW__LOGGING__BASE_LOG_FOLDER: {{ .Values.logs.path | b64enc | quote }} - AIRFLOW__LOGGING__DAG_PROCESSOR_MANAGER_LOG_LOCATION: {{ printf "%s/dag_processor_manager/dag_processor_manager.log" .Values.logs.path | b64enc | quote }} - {{- end }} - AIRFLOW__SCHEDULER__CHILD_PROCESS_LOG_DIRECTORY: {{ printf "%s/scheduler" .Values.logs.path | b64enc | quote }} - - ## ================ - ## Airflow Configs (Celery) - ## ================ - {{- if include "airflow.executor.celery_like" . }} - AIRFLOW__CELERY__WORKER_LOG_SERVER_PORT: {{ "8793" | b64enc | quote }} - AIRFLOW__CELERY__BROKER_URL_CMD: {{ `bash -c 'eval "$REDIS_CONNECTION_CMD"'` | b64enc | quote }} - AIRFLOW__CELERY__RESULT_BACKEND_CMD: {{ `bash -c 'eval "$DATABASE_CELERY_CMD"'` | b64enc | quote }} - {{- end }} - - ## ================ - ## Airflow Configs (Kubernetes) - ## ================ - {{- if include "airflow.executor.kubernetes_like" . }} - {{- if not .Values.airflow.config.AIRFLOW__KUBERNETES__NAMESPACE }} - AIRFLOW__KUBERNETES__NAMESPACE: {{ .Release.Namespace | b64enc | quote }} - {{- end }} - {{- if not .Values.airflow.config.AIRFLOW__KUBERNETES__WORKER_CONTAINER_REPOSITORY }} - AIRFLOW__KUBERNETES__WORKER_CONTAINER_REPOSITORY: {{ .Values.airflow.image.repository | b64enc | quote }} - {{- end }} - {{- if not .Values.airflow.config.AIRFLOW__KUBERNETES__WORKER_CONTAINER_TAG }} - AIRFLOW__KUBERNETES__WORKER_CONTAINER_TAG: {{ .Values.airflow.image.tag | b64enc | quote }} - {{- end }} - {{- if not .Values.airflow.config.AIRFLOW__KUBERNETES__POD_TEMPLATE_FILE }} - AIRFLOW__KUBERNETES__POD_TEMPLATE_FILE: {{ "/opt/airflow/pod_templates/pod_template.yaml" | b64enc | quote }} - {{- end }} - - {{- if .Values.airflow.legacyCommands }} - {{- if not .Values.airflow.config.AIRFLOW__KUBERNETES__ENV_FROM_CONFIGMAP_REF }} - AIRFLOW__KUBERNETES__ENV_FROM_SECRET_REF: {{ printf "%s-config" (include "airflow.fullname" .) | b64enc | quote }} - {{- end }} - {{- if (not .Values.airflow.config.AIRFLOW__KUBERNETES__WORKER_SERVICE_ACCOUNT_NAME) }} - AIRFLOW__KUBERNETES__WORKER_SERVICE_ACCOUNT_NAME: {{ include "airflow.serviceAccountName" . | b64enc | quote }} - {{- end }} - {{- end }} - {{- end }} - - ## ================ - ## User Configs - ## ================ - {{- range $k, $v := .Values.airflow.config }} - {{ $k }}: {{ $v | toString | b64enc | quote }} - {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-known-hosts.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-known-hosts.yaml deleted file mode 100644 index 6b614b50a9..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-known-hosts.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if and (.Values.dags.gitSync.enabled) (.Values.dags.gitSync.sshKnownHosts) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-known-hosts - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} -data: - known_hosts: {{ .Values.dags.gitSync.sshKnownHosts | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-local-settings.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-local-settings.yaml deleted file mode 100644 index 01d2e7ccdd..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-local-settings.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if and (.Values.airflow.localSettings.stringOverride) (not .Values.airflow.localSettings.existingSecret) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-local-settings - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} -data: - airflow_local_settings.py: {{ .Values.airflow.localSettings.stringOverride | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-webserver-config.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-webserver-config.yaml deleted file mode 100644 index 7c9f74a72b..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/config/secret-webserver-config.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if not .Values.web.webserverConfig.existingSecret }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-webserver-config - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} -data: - {{- if .Values.web.webserverConfig.stringOverride }} - webserver_config.py: {{ .Values.web.webserverConfig.stringOverride | b64enc | quote }} - {{- else }} - webserver_config.py: {{ tpl (.Files.Get "files/webserver_config.py") . | b64enc | quote }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/_helpers/code.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/_helpers/code.tpl deleted file mode 100644 index 239dff85a0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/_helpers/code.tpl +++ /dev/null @@ -1,136 +0,0 @@ -{{/* -The python script to apply airflow database migrations. -*/}} -{{- define "airflow.db_migrations.db_migrations.py" }} -############# -## Imports ## -############# -import logging -import time -from airflow.utils.db import upgradedb - - -############# -## Configs ## -############# -log = logging.getLogger(__file__) -log.setLevel("INFO") - -# how frequently to check for unapplied migrations -CONF__CHECK_MIGRATIONS_INTERVAL = {{ .Values.airflow.dbMigrations.checkInterval }} - - -############### -## Functions ## -############### -{{- if .Values.airflow.legacyCommands }} -# imports required for the following functions -import os -import airflow -from airflow import settings - -# modified from https://github.com/apache/airflow/blob/2.1.0/airflow/utils/db.py#L583-L592 -def _get_alembic_config(): - from alembic.config import Config - - package_dir = os.path.abspath(os.path.dirname(airflow.__file__)) - directory = os.path.join(package_dir, 'migrations') - config = Config(os.path.join(package_dir, 'alembic.ini')) - config.set_main_option('script_location', directory.replace('%', '%%')) - config.set_main_option('sqlalchemy.url', settings.SQL_ALCHEMY_CONN.replace('%', '%%')) - return config - - -# copied from https://github.com/apache/airflow/blob/2.1.0/airflow/utils/db.py#L595-L622 -def check_migrations(timeout): - """ - Function to wait for all airflow migrations to complete. - :param timeout: Timeout for the migration in seconds - :return: None - """ - from alembic.runtime.migration import MigrationContext - from alembic.script import ScriptDirectory - - config = _get_alembic_config() - script_ = ScriptDirectory.from_config(config) - with settings.engine.connect() as connection: - context = MigrationContext.configure(connection) - ticker = 0 - while True: - source_heads = set(script_.get_heads()) - db_heads = set(context.get_current_heads()) - if source_heads == db_heads: - break - if ticker >= timeout: - raise TimeoutError( - f"There are still unapplied migrations after {ticker} seconds. " - f"Migration Head(s) in DB: {db_heads} | Migration Head(s) in Source Code: {source_heads}" - ) - ticker += 1 - time.sleep(1) - log.info('Waiting for migrations... %s second(s)', ticker) -{{- else }} -from airflow.utils.db import check_migrations -{{- end }} - - -def needs_db_migrations() -> bool: - """ - Return a boolean representing if the database has unapplied migrations. - """ - log_alembic = logging.getLogger("alembic.runtime.migration") - log_alembic_level = log_alembic.level - try: - log_alembic.setLevel("WARN") - check_migrations(1) - log_alembic.setLevel(log_alembic_level) - return False - except TimeoutError: - return True - - -def apply_db_migrations() -> None: - """ - Apply any pending DB migrations. - """ - log.info("-------- START - APPLY DB MIGRATIONS --------") - upgradedb() - log.info("-------- FINISH - APPLY DB MIGRATIONS --------") - - -def main(sync_forever: bool): - # initial check & apply - if needs_db_migrations(): - log.warning("there are unapplied db migrations, triggering apply...") - apply_db_migrations() - else: - log.info("there are no unapplied db migrations, continuing...") - - if sync_forever: - # define variable to track how long since last migrations check - migrations_check_epoch = time.time() - - # main loop - while True: - if (time.time() - migrations_check_epoch) > CONF__CHECK_MIGRATIONS_INTERVAL: - log.debug(f"check interval reached, checking for unapplied db migrations...") - if needs_db_migrations(): - log.warning("there are unapplied db migrations, triggering apply...") - apply_db_migrations() - migrations_check_epoch = time.time() - - # ensure we dont loop too fast - time.sleep(0.5) - - -############## -## Run Main ## -############## -{{- /* if running as a Job, only run the initial check & apply */ -}} -{{- if .Values.airflow.dbMigrations.runAsJob }} -main(sync_forever=False) -{{- else }} -main(sync_forever=True) -{{- end }} - -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-deployment.yaml deleted file mode 100644 index 4bd7ec84ce..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-deployment.yaml +++ /dev/null @@ -1,112 +0,0 @@ -{{- if and (.Values.airflow.dbMigrations.enabled) (not .Values.airflow.dbMigrations.runAsJob) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.dbMigrations.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.dbMigrations.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.dbMigrations.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.dbMigrations.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-db-migrations - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: db-migrations - {{- if .Values.airflow.dbMigrations.labels }} - {{- toYaml .Values.airflow.dbMigrations.labels | nindent 4 }} - {{- end }} - {{- if .Values.airflow.dbMigrations.annotations }} - annotations: - {{- toYaml .Values.airflow.dbMigrations.annotations | nindent 4 }} - {{- end }} -spec: - replicas: 1 - strategy: - ## only 1 replica should run at a time - type: Recreate - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: db-migrations - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.dbMigrations.podAnnotations }} - {{- toYaml .Values.airflow.dbMigrations.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.dbMigrations.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: db-migrations - {{- if .Values.airflow.dbMigrations.podLabels }} - {{- toYaml .Values.airflow.dbMigrations.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: db-migrations - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.dbMigrations.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/db_migrations.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-db-migrations -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-job.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-job.yaml deleted file mode 100644 index 27a96b2595..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-job.yaml +++ /dev/null @@ -1,103 +0,0 @@ -{{- if and (.Values.airflow.dbMigrations.enabled) (.Values.airflow.dbMigrations.runAsJob) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.dbMigrations.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.dbMigrations.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.dbMigrations.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.dbMigrations.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "airflow.fullname" . }}-db-migrations - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: db-migrations - {{- if .Values.airflow.dbMigrations.labels }} - {{- toYaml .Values.airflow.dbMigrations.labels | nindent 4 }} - {{- end }} - annotations: - helm.sh/hook: post-install,post-upgrade - helm.sh/hook-weight: "-100" - helm.sh/hook-delete-policy: before-hook-creation - {{- if .Values.airflow.dbMigrations.annotations }} - {{- toYaml .Values.airflow.dbMigrations.annotations | nindent 4 }} - {{- end }} -spec: - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.dbMigrations.podAnnotations }} - {{- toYaml .Values.airflow.dbMigrations.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.dbMigrations.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: db-migrations - {{- if .Values.airflow.dbMigrations.podLabels }} - {{- toYaml .Values.airflow.dbMigrations.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: OnFailure - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: db-migrations - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.dbMigrations.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/db_migrations.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-db-migrations -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-secret.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-secret.yaml deleted file mode 100644 index 9e6b12fc3f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/db-migrations/db-migrations-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.airflow.dbMigrations.enabled }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-db-migrations - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: db-migrations -data: - db_migrations.py: {{ include "airflow.db_migrations.db_migrations.py" . | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/extra-manifests.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/extra-manifests.yaml deleted file mode 100644 index c338acccf5..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/extra-manifests.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- range $manifest := .Values.extraManifests }} ---- -{{- if typeIs "string" $manifest }} -{{ tpl $manifest $ }} -{{- else }} -{{- /* support non-string manifests for backwards compatibility with previous chart versions */ -}} -{{ tpl (toYaml $manifest) $ }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-deployment.yaml deleted file mode 100644 index a4049aa338..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-deployment.yaml +++ /dev/null @@ -1,159 +0,0 @@ -{{- if .Values.flower.enabled }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.flower.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.flower.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.flower.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.flower.securityContext) }} -{{- $extraPipPackages := concat .Values.airflow.extraPipPackages .Values.flower.extraPipPackages }} -{{- $extraVolumeMounts := .Values.flower.extraVolumeMounts }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumeMounts" $extraVolumeMounts) }} -{{- $extraVolumes := .Values.flower.extraVolumes }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumes" $extraVolumes) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-flower - namespace: {{ .Values.namespace }} - {{- if .Values.flower.annotations }} - annotations: - {{- toYaml .Values.flower.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: flower - {{- if .Values.flower.labels }} - {{- toYaml .Values.flower.labels | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.flower.replicas }} - strategy: - type: RollingUpdate - rollingUpdate: - ## multiple flower pods can safely run concurrently - maxSurge: 25% - maxUnavailable: 0 - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: flower - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.flower.podAnnotations }} - {{- toYaml .Values.flower.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.flower.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: flower - {{- if .Values.flower.podLabels }} - {{- toYaml .Values.flower.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: airflow-flower - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.flower.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - ports: - - name: flower - containerPort: 5555 - protocol: TCP - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "bash" - - "-c" - {{- if .Values.airflow.legacyCommands }} - - "exec airflow flower" - {{- else }} - - "exec airflow celery flower" - {{- end }} - {{- if .Values.flower.readinessProbe.enabled }} - readinessProbe: - initialDelaySeconds: {{ .Values.flower.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.flower.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.flower.readinessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.flower.readinessProbe.failureThreshold }} - exec: - command: - - "bash" - - "-c" - {{- if or (.Values.flower.basicAuthSecret) (.Values.airflow.config.AIRFLOW__CELERY__FLOWER_BASIC_AUTH) }} - - "exec curl --user $AIRFLOW__CELERY__FLOWER_BASIC_AUTH 'http://localhost:5555{{ .Values.airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX }}'" - {{- else }} - - "exec curl 'http://localhost:5555{{ .Values.airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX }}'" - {{- end }} - {{- end }} - {{- if .Values.flower.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.flower.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.flower.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.flower.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.flower.livenessProbe.failureThreshold }} - exec: - command: - - "bash" - - "-c" - {{- if or (.Values.flower.basicAuthSecret) (.Values.airflow.config.AIRFLOW__CELERY__FLOWER_BASIC_AUTH) }} - - "exec curl --user $AIRFLOW__CELERY__FLOWER_BASIC_AUTH 'http://localhost:5555{{ .Values.airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX }}'" - {{- else }} - - "exec curl 'http://localhost:5555{{ .Values.airflow.config.AIRFLOW__CELERY__FLOWER_URL_PREFIX }}'" - {{- end }} - {{- end }} - {{- if $volumeMounts }} - volumeMounts: - {{- $volumeMounts | indent 12 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - {{- if .Values.airflow.extraContainers }} - {{- toYaml .Values.airflow.extraContainers | nindent 8 }} - {{- end }} - {{- if $volumes }} - volumes: - {{- $volumes | indent 8 }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress-v1beta1.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress-v1beta1.yaml deleted file mode 100644 index 8ac66f8ccb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress-v1beta1.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and (.Values.flower.enabled) (.Values.ingress.enabled) (eq .Values.ingress.apiVersion "networking.k8s.io/v1beta1") }} -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: {{ include "airflow.fullname" . }}-flower - namespace: {{ .Values.namespace }} - {{- if .Values.ingress.flower.annotations }} - annotations: - {{- toYaml .Values.ingress.flower.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: flower - {{- if .Values.ingress.flower.labels }} - {{- toYaml .Values.ingress.flower.labels | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.flower.tls.enabled }} - tls: - - hosts: - - {{ .Values.global.domain }} - {{- if .Values.ingress.flower.tls.secretName }} - secretName: {{ .Values.global.domain }}-tls-certs - {{- end }} - {{- end }} - {{- if .Values.ingress.flower.ingressClassName }} - ingressClassName: {{ .Values.ingress.flower.ingressClassName }} - {{- end }} - rules: - - host: {{ .Values.global.domain }} - http: - paths: - {{- range .Values.ingress.flower.precedingPaths }} - - path: {{ .path }} - backend: - serviceName: {{ .serviceName }} - servicePort: {{ .servicePort }} - {{- end }} - - path: {{ .Values.ingress.flower.path }} - backend: - serviceName: {{ include "airflow.fullname" . }}-flower - servicePort: flower - {{- range .Values.ingress.flower.succeedingPaths }} - - path: {{ .path }} - backend: - serviceName: {{ .serviceName }} - servicePort: {{ .servicePort }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress.yaml deleted file mode 100644 index 4811775981..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-ingress.yaml +++ /dev/null @@ -1,66 +0,0 @@ -{{- if and (.Values.flower.enabled) (.Values.ingress.enabled) (eq .Values.ingress.apiVersion "networking.k8s.io/v1") }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ include "airflow.fullname" . }}-flower - namespace: {{ .Values.namespace }} - {{- if .Values.ingress.flower.annotations }} - annotations: - {{- toYaml .Values.ingress.flower.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: flower - {{- if .Values.ingress.flower.labels }} - {{- toYaml .Values.ingress.flower.labels | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.flower.tls.enabled }} - tls: - - hosts: - - {{ .Values.global.domain }} - {{- if .Values.ingress.flower.tls.secretName }} - secretName: {{ .Values.global.domain }}-tls-certs - {{- end }} - {{- end }} - {{- if .Values.ingress.flower.ingressClassName }} - ingressClassName: {{ .Values.ingress.flower.ingressClassName }} - {{- end }} - rules: - - host: {{ .Values.global.domain }} - http: - paths: - {{- range .Values.ingress.flower.precedingPaths }} - - path: {{ .path }} - pathType: ImplementationSpecific - backend: - service: - name: {{ .serviceName }} - port: - {{- if kindIs "string" .servicePort }} - name: {{ .servicePort }} - {{- else }} - number: {{ .servicePort }} - {{- end }} - {{- end }} - - path: {{ .Values.ingress.flower.path }} - pathType: ImplementationSpecific - backend: - service: - name: {{ include "airflow.fullname" . }}-flower - port: - name: flower - {{- range .Values.ingress.flower.succeedingPaths }} - - path: {{ .path }} - pathType: ImplementationSpecific - backend: - service: - name: {{ .serviceName }} - port: - {{- if kindIs "string" .servicePort }} - name: {{ .servicePort }} - {{- else }} - number: {{ .servicePort }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-pdb.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-pdb.yaml deleted file mode 100644 index f4a0047469..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-pdb.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and (.Values.flower.enabled) (.Values.flower.podDisruptionBudget.enabled) }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "airflow.fullname" . }}-flower - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: flower -spec: - {{- if .Values.flower.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.flower.podDisruptionBudget.maxUnavailable }} - {{- end }} - {{- if .Values.flower.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.flower.podDisruptionBudget.minAvailable }} - {{- end }} - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: flower -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-service.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-service.yaml deleted file mode 100644 index e9977ebdc9..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/flower/flower-service.yaml +++ /dev/null @@ -1,36 +0,0 @@ -{{- if .Values.flower.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "airflow.fullname" . }}-flower - namespace: {{ .Values.namespace }} - {{- if .Values.flower.service.annotations }} - annotations: - {{- toYaml .Values.flower.service.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: flower -spec: - type: {{ .Values.flower.service.type }} - selector: - app: {{ include "airflow.labels.app" . }} - component: flower - ports: - - name: flower - protocol: TCP - port: {{ .Values.flower.service.externalPort }} - {{- if and (eq .Values.flower.service.type "NodePort") (.Values.flower.service.nodePort.http) }} - nodePort: {{ .Values.flower.service.nodePort.http }} - {{- end }} - targetPort: 5555 - {{- if eq .Values.flower.service.type "LoadBalancer" }} - {{- if .Values.flower.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.flower.service.loadBalancerIP | quote }} - {{- end }} - {{- if .Values.flower.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- toYaml .Values.flower.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/_helpers/pgbouncer.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/_helpers/pgbouncer.tpl deleted file mode 100644 index 49d1e7a8ae..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/_helpers/pgbouncer.tpl +++ /dev/null @@ -1,77 +0,0 @@ -{{/* -Define the content of the `pgbouncer.ini` config file. -*/}} -{{- define "airflow.pgbouncer.pgbouncer.ini" }} -[databases] -{{- if .Values.postgresql.enabled }} -* = host={{ index .Values "cluster-configs" "configmaps" "egov-config" "data" "db-host" }} port=5432 -{{- else }} -* = host={{ index .Values "cluster-configs" "configmaps" "egov-config" "data" "db-host" }} port={{ .Values.externalDatabase.port }} -{{- end }} - -[pgbouncer] -pool_mode = transaction -max_client_conn = {{ .Values.pgbouncer.maxClientConnections }} -default_pool_size = {{ .Values.pgbouncer.poolSize }} -ignore_startup_parameters = extra_float_digits - -listen_port = 6432 -listen_addr = * - -auth_type = {{ .Values.pgbouncer.authType }} -auth_file = /home/pgbouncer/users.txt - -log_disconnections = {{ .Values.pgbouncer.logDisconnections }} -log_connections = {{ .Values.pgbouncer.logConnections }} - -# locks will never be released when `pool_mode=transaction` (airflow initdb/upgradedb scripts create locks) -server_reset_query = SELECT pg_advisory_unlock_all() -server_reset_query_always = 1 - -## CLIENT TLS SETTINGS ## -client_tls_sslmode = {{ .Values.pgbouncer.clientSSL.mode }} -client_tls_ciphers = {{ .Values.pgbouncer.clientSSL.ciphers }} -{{- if .Values.pgbouncer.clientSSL.caFile.existingSecret }} -client_tls_ca_file = /home/pgbouncer/certs/client-ca.crt -{{- end }} -client_tls_key_file = /home/pgbouncer/certs/client.key -client_tls_cert_file = /home/pgbouncer/certs/client.crt - -## SERVER TLS SETTINGS ## -server_tls_sslmode = {{ .Values.pgbouncer.serverSSL.mode }} -server_tls_ciphers = {{ .Values.pgbouncer.serverSSL.ciphers }} -{{- if .Values.pgbouncer.serverSSL.caFile.existingSecret }} -server_tls_ca_file = /home/pgbouncer/certs/server-ca.crt -{{- end }} -{{- if .Values.pgbouncer.serverSSL.keyFile.existingSecret }} -server_tls_key_file = /home/pgbouncer/certs/server.key -{{- end }} -{{- if .Values.pgbouncer.serverSSL.certFile.existingSecret }} -server_tls_cert_file = /home/pgbouncer/certs/server.crt -{{- end }} - -{{- end }} - -{{/* -Define the content of the `gen_auth_file.sh` sh script. -*/}} -{{- define "airflow.pgbouncer.gen_auth_file.sh" }} -#!/bin/sh -e - -# DESCRIPTION: -# - updates the pgbouncer `auth_file` from environment variables -# - called in main pgbouncer container start-command so that `auth_file` is updated each restart, -# for example, when the livenessProbe fails due to a DATABASE_PASSWORD secret update - -# variables to increase clarity of pattern matching -ONE_QUOTE='"' -TWO_QUOTE='""' - -# pgbouncer requires `"` to be escaped as `""` -ESCAPED_DATABASE_USER="${DATABASE_USER/$ONE_QUOTE/$TWO_QUOTE}" -ESCAPED_DATABASE_PASSWORD="${DATABASE_PASSWORD/$ONE_QUOTE/$TWO_QUOTE}" - -# pgbouncer requires auth_file in format `"my-username" "my-password"` -echo \"$ESCAPED_DATABASE_USER\" \"$ESCAPED_DATABASE_PASSWORD\" > /home/pgbouncer/users.txt -echo "Successfully generated auth_file: /home/pgbouncer/users.txt" -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-deployment.yaml deleted file mode 100644 index 413c8bb2c4..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-deployment.yaml +++ /dev/null @@ -1,211 +0,0 @@ -{{- if include "airflow.pgbouncer.should_use" . }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.pgbouncer.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.pgbouncer.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.pgbouncer.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.pgbouncer.securityContext) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-pgbouncer - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer - {{- if .Values.pgbouncer.labels }} - {{- toYaml .Values.pgbouncer.labels | nindent 4 }} - {{- end }} - {{- if .Values.pgbouncer.annotations }} - annotations: - {{- toYaml .Values.pgbouncer.annotations | nindent 4 }} - {{- end }} -spec: - replicas: 1 - strategy: - rollingUpdate: - ## multiple pgbouncer pods can safely run concurrently - maxSurge: 1 - maxUnavailable: 0 - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.pgbouncer.podAnnotations }} - {{- toYaml .Values.pgbouncer.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.pgbouncer.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer - {{- if .Values.pgbouncer.podLabels }} - {{- toYaml .Values.pgbouncer.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - terminationGracePeriodSeconds: {{ .Values.pgbouncer.terminationGracePeriodSeconds }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - containers: - - name: pgbouncer - image: {{ .Values.pgbouncer.image.repository }}:{{ .Values.pgbouncer.image.tag }} - imagePullPolicy: {{ .Values.pgbouncer.image.pullPolicy }} - securityContext: - runAsUser: {{ .Values.pgbouncer.image.uid }} - runAsGroup: {{ .Values.pgbouncer.image.gid }} - resources: - {{- toYaml .Values.pgbouncer.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - ports: - - name: pgbouncer - containerPort: 6432 - protocol: TCP - command: - - "/usr/bin/dumb-init" - ## rewrite SIGTERM as SIGINT, so pgbouncer does a safe shutdown - - "--rewrite=15:2" - - "--" - args: - - "/bin/sh" - - "-c" - ## we generate users.txt on startup, because DATABASE_PASSWORD is defined from a Secret, - ## and we want to pickup the new values on container restart (possibly due to livenessProbe failure) - - |- - /home/pgbouncer/config/gen_auth_file.sh && \ - exec pgbouncer /home/pgbouncer/config/pgbouncer.ini - {{- if .Values.pgbouncer.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.pgbouncer.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.pgbouncer.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.pgbouncer.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.pgbouncer.livenessProbe.failureThreshold }} - exec: - command: - - "/bin/sh" - - "-c" - ## this check is intended to fail when the DATABASE_PASSWORD secret is updated, - ## which would cause `gen_auth_file.sh` to run again on container start - - psql $(eval $DATABASE_PSQL_CMD) --tuples-only --command="SELECT 1;" | grep -q "1" - {{- end }} - {{- if .Values.pgbouncer.startupProbe.enabled }} - startupProbe: - initialDelaySeconds: {{ .Values.pgbouncer.startupProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.pgbouncer.startupProbe.periodSeconds }} - timeoutSeconds: {{ .Values.pgbouncer.startupProbe.timeoutSeconds }} - failureThreshold: {{ .Values.pgbouncer.startupProbe.failureThreshold }} - tcpSocket: - port: 6432 - {{- end }} - volumeMounts: - - name: pgbouncer-config - mountPath: /home/pgbouncer/config - readOnly: true - - name: pgbouncer-certs - mountPath: /home/pgbouncer/certs - readOnly: true - volumes: - - name: pgbouncer-config - secret: - secretName: {{ include "airflow.fullname" . }}-pgbouncer - items: - - key: gen_auth_file.sh - path: gen_auth_file.sh - mode: 0755 - - key: pgbouncer.ini - path: pgbouncer.ini - - name: pgbouncer-certs - projected: - sources: - {{- if or (not .Values.pgbouncer.clientSSL.keyFile.existingSecret) (not .Values.pgbouncer.clientSSL.certFile.existingSecret) }} - ## CLIENT TLS FILES (CHART GENERATED) - - secret: - name: {{ include "airflow.fullname" . }}-pgbouncer-certs - items: - {{- if not .Values.pgbouncer.clientSSL.keyFile.existingSecret }} - - key: client.key - path: client.key - {{- end }} - {{- if not .Values.pgbouncer.clientSSL.certFile.existingSecret }} - - key: client.crt - path: client.crt - {{- end }} - {{- end }} - - {{- if or (.Values.pgbouncer.clientSSL.caFile.existingSecret) (.Values.pgbouncer.clientSSL.keyFile.existingSecret) (.Values.pgbouncer.clientSSL.certFile.existingSecret) }} - ## CLIENT TLS FILES (USER PROVIDED) - {{- if .Values.pgbouncer.clientSSL.caFile.existingSecret }} - - secret: - name: {{ .Values.pgbouncer.clientSSL.caFile.existingSecret }} - items: - - key: {{ .Values.pgbouncer.clientSSL.caFile.existingSecretKey }} - path: client-ca.crt - {{- end }} - {{- if .Values.pgbouncer.clientSSL.keyFile.existingSecret }} - - secret: - name: {{ .Values.pgbouncer.clientSSL.keyFile.existingSecret }} - items: - - key: {{ .Values.pgbouncer.clientSSL.keyFile.existingSecretKey }} - path: client.key - {{- end }} - {{- if .Values.pgbouncer.clientSSL.certFile.existingSecret }} - - secret: - name: {{ .Values.pgbouncer.clientSSL.certFile.existingSecret }} - items: - - key: {{ .Values.pgbouncer.clientSSL.certFile.existingSecretKey }} - path: client.crt - {{- end }} - {{- end }} - - {{- if or (.Values.pgbouncer.serverSSL.caFile.existingSecret) (.Values.pgbouncer.serverSSL.keyFile.existingSecret) (.Values.pgbouncer.serverSSL.certFile.existingSecret) }} - ## SERVER TLS FILES (USER PROVIDED) - {{- if .Values.pgbouncer.serverSSL.caFile.existingSecret }} - - secret: - name: {{ .Values.pgbouncer.serverSSL.caFile.existingSecret }} - items: - - key: {{ .Values.pgbouncer.serverSSL.caFile.existingSecretKey }} - path: server-ca.crt - {{- end }} - {{- if .Values.pgbouncer.serverSSL.keyFile.existingSecret }} - - secret: - name: {{ .Values.pgbouncer.serverSSL.keyFile.existingSecret }} - items: - - key: {{ .Values.pgbouncer.serverSSL.keyFile.existingSecretKey }} - path: server.key - {{- end }} - {{- if .Values.pgbouncer.serverSSL.certFile.existingSecret }} - - secret: - name: {{ .Values.pgbouncer.serverSSL.certFile.existingSecret }} - items: - - key: {{ .Values.pgbouncer.serverSSL.certFile.existingSecretKey }} - path: server.crt - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-pdb.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-pdb.yaml deleted file mode 100644 index be82c9208f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-pdb.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and (include "airflow.pgbouncer.should_use" .) (.Values.pgbouncer.podDisruptionBudget.enabled) }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "airflow.fullname" . }}-pgbouncer - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer -spec: - {{- if .Values.pgbouncer.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.pgbouncer.podDisruptionBudget.maxUnavailable }} - {{- end }} - {{- if .Values.pgbouncer.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.pgbouncer.podDisruptionBudget.minAvailable }} - {{- end }} - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret-certs.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret-certs.yaml deleted file mode 100644 index 4e31afc4b4..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret-certs.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- $self_signed_needed := or (not .Values.pgbouncer.clientSSL.keyFile.existingSecret) (not .Values.pgbouncer.clientSSL.certFile.existingSecret) }} -{{- if and (include "airflow.pgbouncer.should_use" .) ($self_signed_needed) }} -{{- $client_cert := genSelfSignedCert "localhost" nil nil 365 }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-pgbouncer-certs - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer -data: - {{- if not .Values.pgbouncer.clientSSL.keyFile.existingSecret }} - client.key: {{ $client_cert.Key | b64enc | quote }} - {{- end }} - {{- if not .Values.pgbouncer.clientSSL.certFile.existingSecret }} - client.crt: {{ $client_cert.Cert | b64enc | quote }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret.yaml deleted file mode 100644 index 15f968db65..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-secret.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if include "airflow.pgbouncer.should_use" . }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-pgbouncer - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer -data: - pgbouncer.ini: {{ include "airflow.pgbouncer.pgbouncer.ini" . | b64enc | quote }} - gen_auth_file.sh: {{ include "airflow.pgbouncer.gen_auth_file.sh" . | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-service.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-service.yaml deleted file mode 100644 index f8d74cb614..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pgbouncer/pgbouncer-service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if include "airflow.pgbouncer.should_use" . }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "airflow.fullname" . }}-pgbouncer - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer -spec: - type: ClusterIP - selector: - app: {{ include "airflow.labels.app" . }} - component: pgbouncer - ports: - - name: pgbouncer - protocol: TCP - port: 6432 -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-dags.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-dags.yaml deleted file mode 100644 index 577fd4ea96..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-dags.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and (.Values.dags.persistence.enabled) (not .Values.dags.persistence.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ printf "%s-dags" (include "airflow.fullname" . | trunc 58) }} - labels: - app: {{ include "airflow.labels.app" . }} -spec: - accessModes: - - {{ .Values.dags.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.dags.persistence.size | quote }} - {{- if .Values.dags.persistence.storageClass }} - {{- if (eq "-" .Values.dags.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.dags.persistence.storageClass }}" - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-logs.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-logs.yaml deleted file mode 100644 index 0366132cdc..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/pvc-logs.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and (.Values.logs.persistence.enabled) (not .Values.logs.persistence.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ printf "%s-logs" (include "airflow.fullname" . | trunc 58) }} - labels: - app: {{ include "airflow.labels.app" . }} -spec: - accessModes: - - {{ .Values.logs.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.logs.persistence.size | quote }} - {{- if .Values.logs.persistence.storageClass }} - {{- if (eq "-" .Values.logs.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.logs.persistence.storageClass }}" - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-role.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-role.yaml deleted file mode 100644 index 17dc779a49..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-role.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "airflow.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} -rules: -{{- if .Values.rbac.events }} -- apiGroups: - - "" - resources: - - events - verbs: - - "get" - - "list" -{{- end }} -- apiGroups: - - "" - resources: - - pods - verbs: - - "create" - - "get" - - "delete" - - "list" - - "patch" - - "watch" -- apiGroups: - - "" - resources: - - "pods/log" - verbs: - - "get" - - "list" -- apiGroups: - - "" - resources: - - "pods/exec" - verbs: - - "create" - - "get" -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-rolebinding.yaml deleted file mode 100644 index 78d35a732c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-rolebinding.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "airflow.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "airflow.fullname" . }} -subjects: -- kind: ServiceAccount - name: {{ include "airflow.serviceAccountName" . }} - namespace: {{ .Values.namespace }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-serviceaccount.yaml deleted file mode 100644 index 2398bcee26..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/rbac/airflow-serviceaccount.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "airflow.serviceAccountName" . }} - namespace: {{ .Values.namespace }} - {{- if .Values.serviceAccount.annotations }} - annotations: - {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-configmap.yaml deleted file mode 100644 index 916983d682..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-configmap.yaml +++ /dev/null @@ -1,96 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "airflow.fullname" . }}-redis - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.fullname" . }}-redis -data: - redis.conf: |- - # User-supplied configuration: - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly yes - # Disable RDB persistence, AOF persistence already enabled. - save "" - master.conf: |- - dir /data - rename-command FLUSHDB "" - rename-command FLUSHALL "" - replica.conf: |- - dir /data - slave-read-only yes - rename-command FLUSHDB "" - rename-command FLUSHALL "" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "airflow.fullname" . }}-redis-health - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.fullname" . }}-redis -data: - ping_readiness_local.sh: |- - response=$( - timeout -s 9 $1 \ - redis-cli \ - -a $REDIS_PASSWORD --no-auth-warning \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_liveness_local.sh: |- - response=$( - timeout -s 9 $1 \ - redis-cli \ - -a $REDIS_PASSWORD --no-auth-warning \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then - echo "$response" - exit 1 - fi - ping_readiness_master.sh: |- - response=$( - timeout -s 9 $1 \ - redis-cli \ - -a $REDIS_MASTER_PASSWORD --no-auth-warning \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_liveness_master.sh: |- - response=$( - timeout -s 9 $1 \ - redis-cli \ - -a $REDIS_MASTER_PASSWORD --no-auth-warning \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then - echo "$response" - exit 1 - fi - ping_readiness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_readiness_local.sh" $1 || exit_status=$? - "$script_dir/ping_readiness_master.sh" $1 || exit_status=$? - exit $exit_status - ping_liveness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_liveness_local.sh" $1 || exit_status=$? - "$script_dir/ping_liveness_master.sh" $1 || exit_status=$? - exit $exit_status \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-master.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-master.yaml deleted file mode 100644 index 7784a02742..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-master.yaml +++ /dev/null @@ -1,107 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "airflow.fullname" . }}-redis-master - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.fullname" . }}-redis -spec: - selector: - matchLabels: - app: {{ include "airflow.fullname" . }}-redis - serviceName: {{ include "airflow.fullname" . }}-redis-headless - template: - metadata: - labels: - app: {{ include "airflow.fullname" . }}-redis - spec: - securityContext: - fsGroup: 1001 - serviceAccountName: "default" - containers: - - name: {{ include "airflow.fullname" . }}-redis - image: "docker.io/bitnami/redis:5.0.7-debian-10-r32" - imagePullPolicy: "IfNotPresent" - securityContext: - runAsUser: 1001 - command: - - /bin/bash - - -c - - | - if [[ -n $REDIS_PASSWORD_FILE ]]; then - password_aux=`cat ${REDIS_PASSWORD_FILE}` - export REDIS_PASSWORD=$password_aux - fi - if [[ ! -f /opt/bitnami/redis/etc/master.conf ]];then - cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf - fi - if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - ARGS=("--port" "${REDIS_PORT}") - ARGS+=("--requirepass" "${REDIS_PASSWORD}") - ARGS+=("--masterauth" "${REDIS_PASSWORD}") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf") - /run.sh ${ARGS[@]} - env: - - name: REDIS_REPLICATION_MODE - value: master - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: airflow-redis - key: redis-password - - name: REDIS_PORT - value: "6379" - ports: - - name: redis - containerPort: 6379 - livenessProbe: - initialDelaySeconds: 5 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh 5 - readinessProbe: - initialDelaySeconds: 5 - periodSeconds: 5 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 5 - resources: - {} - volumeMounts: - - name: health - mountPath: /health - - name: redis-data - mountPath: /data - subPath: - - name: config - mountPath: /opt/bitnami/redis/mounted-etc - - name: redis-tmp-conf - mountPath: /opt/bitnami/redis/etc/ - volumes: - - name: health - configMap: - name: airflow-redis-health - defaultMode: 0755 - - name: config - configMap: - name: airflow-redis - - name: "redis-data" - emptyDir: {} - - name: redis-tmp-conf - emptyDir: {} - updateStrategy: - type: RollingUpdate \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-secret.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-secret.yaml deleted file mode 100644 index f4a67ce285..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-secret.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-redis - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.fullname" . }}-redis -type: Opaque -data: - redis-password: "YWlyZmxvdw==" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-service.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-service.yaml deleted file mode 100644 index 9b4abd24f1..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/redis/redis-service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "airflow.fullname" . }}-redis-headless - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.fullname" . }}-redis -spec: - type: ClusterIP - clusterIP: None - ports: - - name: redis - port: 6379 - targetPort: redis - selector: - app: {{ include "airflow.fullname" . }}-redis ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "airflow.fullname" . }}-redis-master - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.fullname" . }}-redis -spec: - type: ClusterIP - ports: - - name: redis - port: 6379 - targetPort: redis - selector: - app: {{ include "airflow.fullname" . }}-redis \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-deployment.yaml deleted file mode 100644 index c975e99741..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-deployment.yaml +++ /dev/null @@ -1,214 +0,0 @@ -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.scheduler.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.scheduler.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.scheduler.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.scheduler.securityContext) }} -{{- $extraPipPackages := concat .Values.airflow.extraPipPackages .Values.scheduler.extraPipPackages }} -{{- $extraVolumeMounts := .Values.scheduler.extraVolumeMounts }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumeMounts" $extraVolumeMounts) }} -{{- $extraVolumes := .Values.scheduler.extraVolumes }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumes" $extraVolumes) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-scheduler - namespace: {{ .Values.namespace }} - {{- if .Values.scheduler.annotations }} - annotations: - {{- toYaml .Values.scheduler.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: scheduler - {{- if .Values.scheduler.labels }} - {{- toYaml .Values.scheduler.labels | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.scheduler.replicas }} - strategy: - type: RollingUpdate - rollingUpdate: - {{- if .Values.airflow.legacyCommands }} - ## only one scheduler can run concurrently (Airflow 1.10) - maxSurge: 0 - maxUnavailable: 100% - {{- else }} - ## multiple schedulers can run concurrently (Airflow 2.0) - maxSurge: 25% - maxUnavailable: 0 - {{- end }} - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: scheduler - template: - metadata: - annotations: - {{- if include "airflow.executor.kubernetes_like" . }} - checksum/config-pod-template: {{ include (print $.Template.BasePath "/config/configmap-pod-template.yaml") . | sha256sum }} - {{- end }} - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.scheduler.podAnnotations }} - {{- toYaml .Values.scheduler.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.scheduler.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: scheduler - {{- if .Values.scheduler.podLabels }} - {{- toYaml .Values.scheduler.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- if .Values.scheduler.extraInitContainers }} - {{- toYaml .Values.scheduler.extraInitContainers | nindent 8 }} - {{- end }} - containers: - - name: airflow-scheduler - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.scheduler.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - {{- include "airflow.env.scheduler" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "bash" - - "-c" - - "exec airflow scheduler -n {{ .Values.scheduler.numRuns }}" - {{- if .Values.scheduler.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.scheduler.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.scheduler.livenessProbe.periodSeconds }} - failureThreshold: {{ .Values.scheduler.livenessProbe.failureThreshold }} - timeoutSeconds: {{ .Values.scheduler.livenessProbe.timeoutSeconds }} - exec: - command: - {{- include "airflow.command" . | indent 16 }} - - "python" - - "-Wignore" - - "-c" - - | - import os - import sys - - # suppress logs triggered from importing airflow packages - {{- if .Values.airflow.legacyCommands }} - os.environ["AIRFLOW__CORE__LOGGING_LEVEL"] = "ERROR" - {{- else }} - os.environ["AIRFLOW__LOGGING__LOGGING_LEVEL"] = "ERROR" - {{- end }} - - from airflow.jobs.scheduler_job import SchedulerJob - from airflow.utils.db import create_session - from airflow.utils.net import get_hostname - {{- if .Values.scheduler.livenessProbe.taskCreationCheck.enabled }} - from airflow.jobs.local_task_job import LocalTaskJob - from airflow.utils import timezone - {{- end }} - - with create_session() as session: - # ensure the SchedulerJob with most recent heartbeat for this `hostname` is alive - hostname = get_hostname() - scheduler_job = session \ - .query(SchedulerJob) \ - .filter_by(hostname=hostname) \ - .order_by(SchedulerJob.latest_heartbeat.desc()) \ - .limit(1) \ - .first() - if (scheduler_job is not None) and scheduler_job.is_alive(): - pass - else: - sys.exit(f"The SchedulerJob (id={scheduler_job.id}) for hostname '{hostname}' is not alive") - - {{- if .Values.scheduler.livenessProbe.taskCreationCheck.enabled }} - {{- $task_job_threshold := .Values.scheduler.livenessProbe.taskCreationCheck.thresholdSeconds }} - {{- if not (or (typeIs "float64" $task_job_threshold) (typeIs "int64" $task_job_threshold)) }} - {{- /* the type of a number could be float64 or int64 depending on how it was set (values.yaml, or --set) */ -}} - {{ required (printf "`scheduler.livenessProbe.taskCreationCheck.thresholdSeconds` must be int-type, but got %s!" (typeOf $task_job_threshold)) nil }} - {{- end }} - - # ensure the most recent LocalTaskJob had a start_date in the last `task_job_threshold` seconds - task_job_threshold = {{ $task_job_threshold }} - task_job = session \ - .query(LocalTaskJob) \ - .order_by(LocalTaskJob.id.desc()) \ - .limit(1) \ - .first() - if task_job is not None: - if (timezone.utcnow() - task_job.start_date).total_seconds() < task_job_threshold: - pass - else: - sys.exit( - f"The most recent LocalTaskJob (id={task_job.id}, dag_id={task_job.dag_id}) " - f"started over {task_job_threshold} seconds ago" - ) - {{- end }} - {{- end }} - {{- if or ($volumeMounts) (include "airflow.executor.kubernetes_like" .) }} - volumeMounts: - {{- $volumeMounts | indent 12 }} - {{- if include "airflow.executor.kubernetes_like" . }} - - name: pod-template - mountPath: /opt/airflow/pod_templates/pod_template.yaml - subPath: pod_template.yaml - readOnly: true - {{- end }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - {{- if .Values.scheduler.logCleanup.enabled }} - {{- $lc_resources := .Values.scheduler.logCleanup.resources }} - {{- $lc_retention_min := .Values.scheduler.logCleanup.retentionMinutes }} - {{- $lc_interval_sec := .Values.scheduler.logCleanup.intervalSeconds }} - {{- include "airflow.container.log_cleanup" (dict "Release" .Release "Values" .Values "resources" $lc_resources "retention_min" $lc_retention_min "interval_sec" $lc_interval_sec) | indent 8 }} - {{- end }} - {{- if .Values.airflow.extraContainers }} - {{- toYaml .Values.airflow.extraContainers | nindent 8 }} - {{- end }} - {{- if or ($volumes) (include "airflow.executor.kubernetes_like" .) }} - volumes: - {{- $volumes | indent 8 }} - {{- if include "airflow.executor.kubernetes_like" . }} - - name: pod-template - configMap: - name: {{ include "airflow.fullname" . }}-pod-template - {{- end }} - {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-pdb.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-pdb.yaml deleted file mode 100644 index 6bfc508953..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/scheduler/scheduler-pdb.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.scheduler.podDisruptionBudget.enabled }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "airflow.fullname" . }}-scheduler - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: scheduler -spec: - {{- if .Values.scheduler.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.scheduler.podDisruptionBudget.maxUnavailable }} - {{- end }} - {{- if .Values.scheduler.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.scheduler.podDisruptionBudget.minAvailable }} - {{- end }} - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: scheduler -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/global_code.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/global_code.tpl deleted file mode 100644 index 34addbfe24..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/global_code.tpl +++ /dev/null @@ -1,130 +0,0 @@ -{{/* -Code which is included in all python sync scripts. -*/}} -{{- define "airflow.sync.global_code" }} -#################### -## Global Imports ## -#################### -import logging -import os -import time -from string import Template -from typing import List, Dict, Optional - - -#################### -## Global Configs ## -#################### -# the path which Secret/ConfigMap are mounted to -CONF__TEMPLATES_PATH = "/mnt/templates" - -# how frequently to check for Secret/ConfigMap updates -CONF__TEMPLATES_SYNC_INTERVAL = 10 - -# how frequently to re-sync objects (Connections, Pools, Users, Variables) -CONF__OBJECTS_SYNC_INTERVAL = 60 - - -###################### -## Global Functions ## -###################### -def string_substitution(raw_string: Optional[str], substitution_map: Dict[str, str]) -> str: - """ - Apply bash-like substitutions to a raw string. - - Example: - - string_substitution("Hello!", None) -> "Hello!" - - string_substitution("Hello ${NAME}!", {"NAME": "Airflow"}) -> "Hello Airflow!" - """ - if raw_string and len(substitution_map) > 0: - tpl = Template(raw_string) - return tpl.safe_substitute(substitution_map) - else: - return raw_string - - -def template_mtime(template_name: str) -> float: - """ - Return the modification-time of the file storing `template_name` - """ - file_path = f"{CONF__TEMPLATES_PATH}/{template_name}" - return os.stat(file_path).st_mtime - - -def template_value(template_name: str) -> str: - """ - Return the contents of the file storing `template_name` - """ - file_path = f"{CONF__TEMPLATES_PATH}/{template_name}" - with open(file_path, "r") as f: - return f.read() - - -def refresh_template_cache(template_names: List[str], - template_mtime_cache: Dict[str, float], - template_value_cache: Dict[str, str]) -> List[str]: - """ - Refresh the provided dictionary caches of template values & mtimes. - - :param template_names: the names of all templates to refresh - :param template_mtime_cache: the dictionary cache of template file modification-times - :param template_value_cache: the dictionary cache of template values - :return: the names of templates which changed - """ - changed_templates = [] - for template_name in template_names: - old_mtime = template_mtime_cache.get(template_name, None) - new_mtime = template_mtime(template_name) - # first, check if the files were modified - if old_mtime != new_mtime: - old_value = template_value_cache.get(template_name, None) - new_value = template_value(template_name) - # second, check if the value actually changed - if old_value != new_value: - template_value_cache[template_name] = new_value - changed_templates += [template_name] - template_mtime_cache[template_name] = new_mtime - return changed_templates - - -def main(sync_forever: bool): - # initial sync of template cache - refresh_template_cache( - template_names=VAR__TEMPLATE_NAMES, - template_mtime_cache=VAR__TEMPLATE_MTIME_CACHE, - template_value_cache=VAR__TEMPLATE_VALUE_CACHE - ) - - # initial sync of objects into Airflow DB - sync_with_airflow() - - if sync_forever: - # define variables used to track how long since last refresh/sync - templates_sync_epoch = time.time() - objects_sync_epoch = time.time() - - # main loop - while True: - # monitor for template secret/configmap updates - if (time.time() - templates_sync_epoch) > CONF__TEMPLATES_SYNC_INTERVAL: - logging.debug(f"template sync interval reached, re-syncing all templates...") - changed_templates = refresh_template_cache( - template_names=VAR__TEMPLATE_NAMES, - template_mtime_cache=VAR__TEMPLATE_MTIME_CACHE, - template_value_cache=VAR__TEMPLATE_VALUE_CACHE - ) - templates_sync_epoch = time.time() - if changed_templates: - logging.info(f"template values have changed: [{','.join(changed_templates)}]") - sync_with_airflow() - objects_sync_epoch = time.time() - - # monitor for external changes to objects (like from UI) - if (time.time() - objects_sync_epoch) > CONF__OBJECTS_SYNC_INTERVAL: - logging.debug(f"sync interval reached, re-syncing all objects...") - sync_with_airflow() - objects_sync_epoch = time.time() - - # ensure we dont loop too fast - time.sleep(0.5) -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_connections.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_connections.tpl deleted file mode 100644 index 2ce2399faf..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_connections.tpl +++ /dev/null @@ -1,219 +0,0 @@ -{{/* -The python sync script for connections. -*/}} -{{- define "airflow.sync.sync_connections.py" }} -############################ -#### BEGIN: GLOBAL CODE #### -############################ -{{- include "airflow.sync.global_code" . }} -########################## -#### END: GLOBAL CODE #### -########################## - - -############# -## Imports ## -############# -from airflow.models import Connection -from airflow.utils.db import create_session - - -############# -## Classes ## -############# -class ConnectionWrapper(object): - def __init__( - self, - conn_id: str, - conn_type: str, - {{- if not .Values.airflow.legacyCommands }} - description: Optional[str] = None, - {{- end }} - host: Optional[str] = None, - login: Optional[str] = None, - password: Optional[str] = None, - schema: Optional[str] = None, - port: Optional[int] = None, - extra: Optional[str] = None, - ): - self.conn_id = conn_id - self.conn_type = conn_type - {{- if not .Values.airflow.legacyCommands }} - self.description = description - {{- end }} - self._host = host - self._login = login - self._password = password - self._schema = schema - self.port = port - self._extra = extra - - @property - def host(self) -> str: - return string_substitution(self._host, VAR__TEMPLATE_VALUE_CACHE) - - @property - def login(self) -> str: - return string_substitution(self._login, VAR__TEMPLATE_VALUE_CACHE) - - @property - def password(self) -> str: - return string_substitution(self._password, VAR__TEMPLATE_VALUE_CACHE) - - @property - def schema(self) -> str: - return string_substitution(self._schema, VAR__TEMPLATE_VALUE_CACHE) - - @property - def extra(self) -> str: - return string_substitution(self._extra, VAR__TEMPLATE_VALUE_CACHE) - - def as_connection(self) -> Connection: - return Connection( - conn_id=self.conn_id, - conn_type=self.conn_type, - {{- if not .Values.airflow.legacyCommands }} - description=self.description, - {{- end }} - host=self.host, - login=self.login, - password=self.password, - schema=self.schema, - port=self.port, - extra=self.extra, - ) - - -############### -## Variables ## -############### -VAR__TEMPLATE_NAMES = [ - {{- range $k, $v := .Values.airflow.connectionsTemplates }} - {{ $k | quote }}, - {{- end }} -] -VAR__TEMPLATE_MTIME_CACHE = {} -VAR__TEMPLATE_VALUE_CACHE = {} -VAR__CONNECTION_WRAPPERS = { - {{- range .Values.airflow.connections }} - {{ .id | quote }}: ConnectionWrapper( - conn_id={{ (required "each `id` in `airflow.connections` must be non-empty!" .id) | quote }}, - conn_type={{ (required "each `type` in `airflow.connections` must be non-empty!" .type) | quote }}, - {{- if and (.description) (not $.Values.airflow.legacyCommands) }} - description={{ .description | quote }}, - {{- end }} - {{- if .host }} - host={{ .host | quote }}, - {{- end }} - {{- if .login }} - login={{ .login | quote }}, - {{- end }} - {{- if .password }} - password={{ .password | quote }}, - {{- end }} - {{- if .schema }} - schema={{ .schema | quote }}, - {{- end }} - {{- if .port }} - {{- if not (or (typeIs "float64" .port) (typeIs "int64" .port)) }} - {{- /* the type of a number could be float64 or int64 depending on how it was set */ -}} - {{ required "each `port` in `airflow.connections` must be int-type!" nil }} - {{- end }} - port={{ .port }}, - {{- end }} - {{- if .extra }} - extra={{ .extra | quote }}, - {{- end }} - ), - {{- end }} -} - - -############### -## Functions ## -############### -def compare_connections(c1: Connection, c2: Connection) -> bool: - """ - Check if two Connection objects are identical. - """ - return ( - c1.conn_id == c2.conn_id - and c1.conn_type == c2.conn_type - {{- if not .Values.airflow.legacyCommands }} - and c1.description == c2.description - {{- end }} - and c1.host == c2.host - and c1.login == c2.login - and c1.password == c2.password - and c1.schema == c2.schema - and c1.port == c2.port - and c1.extra == c2.extra - ) - - -def sync_connection(connection_wrapper: ConnectionWrapper) -> None: - """ - Sync the Connection defined by a provided ConnectionWrapper into the airflow DB. - """ - c_id = connection_wrapper.conn_id - c_new = connection_wrapper.as_connection() - - connection_added = False - connection_updated = False - - with create_session() as session: - c_old = session.query(Connection).filter(Connection.conn_id == c_id).first() - if not c_old: - logging.info(f"Connection=`{c_id}` is missing, adding...") - session.add(c_new) - connection_added = True - else: - if compare_connections(c_new, c_old): - pass - else: - logging.info(f"Connection=`{c_id}` exists but has changed, updating...") - c_old.conn_type = c_new.conn_type - {{- if not .Values.airflow.legacyCommands }} - c_old.description = c_new.description - {{- end }} - c_old.host = c_new.host - c_old.login = c_new.login - c_old.password = c_new.password - c_old.schema = c_new.schema - c_old.port = c_new.port - c_old.extra = c_new.extra - connection_updated = True - - if connection_added: - logging.info(f"Connection=`{c_id}` was successfully added.") - if connection_updated: - logging.info(f"Connection=`{c_id}` was successfully updated.") - - -def sync_all_connections(connection_wrappers: Dict[str, ConnectionWrapper]) -> None: - """ - Sync all connections in provided `connection_wrappers`. - """ - logging.info("BEGIN: airflow connections sync") - for connection_wrapper in connection_wrappers.values(): - sync_connection(connection_wrapper) - logging.info("END: airflow connections sync") - - -def sync_with_airflow() -> None: - """ - Preform a sync of all objects with airflow (note, `sync_with_airflow()` is called in `main()` template). - """ - sync_all_connections(connection_wrappers=VAR__CONNECTION_WRAPPERS) - - -############## -## Run Main ## -############## -{{- if .Values.airflow.connectionsUpdate }} -main(sync_forever=True) -{{- else }} -main(sync_forever=False) -{{- end }} - -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_pools.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_pools.tpl deleted file mode 100644 index f5949c58b0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_pools.tpl +++ /dev/null @@ -1,134 +0,0 @@ -{{/* -The python sync script for pools. -*/}} -{{- define "airflow.sync.sync_pools.py" }} -############################ -#### BEGIN: GLOBAL CODE #### -############################ -{{- include "airflow.sync.global_code" . }} -########################## -#### END: GLOBAL CODE #### -########################## - -############# -## Imports ## -############# -from airflow.models import Pool -from airflow.utils.db import create_session - - -############# -## Classes ## -############# -class PoolWrapper(object): - def __init__( - self, - name: str, - description: str, - slots: int, - ): - self.name = name - self.description = description - self.slots = slots - - def as_pool(self) -> Pool: - pool = Pool() - pool.pool = self.name - pool.slots = self.slots - pool.description = self.description - return pool - - -############### -## Variables ## -############### -VAR__TEMPLATE_NAMES = [] -VAR__TEMPLATE_MTIME_CACHE = {} -VAR__TEMPLATE_VALUE_CACHE = {} -VAR__POOL_WRAPPERS = { - {{- range .Values.airflow.pools }} - {{ .name | quote }}: PoolWrapper( - name={{ (required "each `name` in `airflow.pools` must be non-empty!" .name) | quote }}, - description={{ (required "each `description` in `airflow.pools` must be non-empty!" .description) | quote }}, - {{- if not (or (typeIs "float64" .slots) (typeIs "int64" .slots)) }} - {{- /* the type of a number could be float64 or int64 depending on how it was set (values.yaml, or --set) */ -}} - {{ required "each `slots` in `airflow.pools` must be int-type!" nil }} - {{- end }} - slots={{ (required "each `slots` in `airflow.pools` must be non-empty!" .slots) }}, - ), - {{- end }} -} - - -############### -## Functions ## -############### -def compare_pools(p1: Pool, p2: Pool) -> bool: - """ - Check if two Pool objects are identical. - """ - return ( - p1.pool == p1.pool - and p1.description == p2.description - and p1.slots == p2.slots - ) - - -def sync_pool(pool_wrapper: PoolWrapper) -> None: - """ - Sync the Pool defined by a provided PoolWrapper into the airflow DB. - """ - p_name = pool_wrapper.name - p_new = pool_wrapper.as_pool() - - pool_added = False - pool_updated = False - - with create_session() as session: - p_old = session.query(Pool).filter(Pool.pool == p_name).first() - if not p_old: - logging.info(f"Pool=`{p_name}` is missing, adding...") - session.add(p_new) - pool_added = True - else: - if compare_pools(p_new, p_old): - pass - else: - logging.info(f"Pool=`{p_name}` exists but has changed, updating...") - p_old.description = p_new.description - p_old.slots = p_new.slots - pool_updated = True - - if pool_added: - logging.info(f"Pool=`{p_name}` was successfully added.") - if pool_updated: - logging.info(f"Pool=`{p_name}` was successfully updated.") - - -def sync_all_pools(pool_wrappers: Dict[str, PoolWrapper]) -> None: - """ - Sync all pools in provided `pool_wrappers`. - """ - logging.info("BEGIN: airflow pools sync") - for pool_wrapper in pool_wrappers.values(): - sync_pool(pool_wrapper) - logging.info("END: airflow pools sync") - - -def sync_with_airflow() -> None: - """ - Preform a sync of all objects with airflow (note, `sync_with_airflow()` is called in `main()` template). - """ - sync_all_pools(pool_wrappers=VAR__POOL_WRAPPERS) - - -############## -## Run Main ## -############## -{{- if .Values.airflow.poolsUpdate }} -main(sync_forever=True) -{{- else }} -main(sync_forever=False) -{{- end }} - -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_users.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_users.tpl deleted file mode 100644 index ea85e797a7..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_users.tpl +++ /dev/null @@ -1,229 +0,0 @@ -{{/* -The python sync script for users. -*/}} -{{- define "airflow.sync.sync_users.py" }} -############################ -#### BEGIN: GLOBAL CODE #### -############################ -{{- include "airflow.sync.global_code" . }} -########################## -#### END: GLOBAL CODE #### -########################## - - -############# -## Imports ## -############# -import sys -from flask_appbuilder.security.sqla.models import User, Role -from werkzeug.security import check_password_hash, generate_password_hash -{{- if .Values.airflow.legacyCommands }} -import airflow.www_rbac.app as www_app -flask_app, flask_appbuilder = www_app.create_app() -{{- else }} -import airflow.www.app as www_app -flask_app = www_app.create_app() -flask_appbuilder = flask_app.appbuilder -{{- end }} - - -############# -## Classes ## -############# -class UserWrapper(object): - def __init__( - self, - username: str, - first_name: Optional[str] = None, - last_name: Optional[str] = None, - email: Optional[str] = None, - roles: Optional[List[str]] = None, - password: Optional[str] = None - ): - self.username = username - self._first_name = first_name - self._last_name = last_name - self._email = email - self.roles = roles - self._password = password - - @property - def first_name(self) -> str: - return string_substitution(self._first_name, VAR__TEMPLATE_VALUE_CACHE) - - @property - def last_name(self) -> str: - return string_substitution(self._last_name, VAR__TEMPLATE_VALUE_CACHE) - - @property - def email(self) -> str: - return string_substitution(self._email, VAR__TEMPLATE_VALUE_CACHE) - - @property - def password(self) -> str: - return string_substitution(self._password, VAR__TEMPLATE_VALUE_CACHE) - - def as_dict(self) -> Dict[str, str]: - return { - "username": self.username, - "first_name": self.first_name, - "last_name": self.last_name, - "email": self.email, - "roles": [find_role(role_name=role_name) for role_name in self.roles], - "password": self.password - } - - -############### -## Variables ## -############### -VAR__TEMPLATE_NAMES = [ - {{- range $k, $v := .Values.airflow.usersTemplates }} - {{ $k | quote }}, - {{- end }} -] -VAR__TEMPLATE_MTIME_CACHE = {} -VAR__TEMPLATE_VALUE_CACHE = {} -VAR__USER_WRAPPERS = { - {{- range .Values.airflow.users }} - {{ .username | quote }}: UserWrapper( - username={{ (required "each `username` in `airflow.users` must be non-empty!" .username) | quote }}, - first_name={{ (required "each `firstName` in `airflow.users` must be non-empty!" .firstName) | quote }}, - last_name={{ (required "each `lastName` in `airflow.users` must be non-empty!" .lastName) | quote }}, - email={{ (required "each `email` in `airflow.users` must be non-empty!" .email) | quote }}, - roles=[ - {{- if kindIs "string" .role }} - {{- (required "each string-type `role` in `airflow.users` must be non-empty!" .role) | quote | indent 8 }}, - {{- else if kindIs "slice" .role }} - {{- if eq (len .role) 0 }} - {{ required "each list-type `role` in `airflow.users` must contain at least one element!" nil }} - {{- end }} - {{- range .role }} - {{- (required "each list-type `role` in `airflow.users` must not contain any empty elements!" .) | quote | indent 8 }}, - {{- end }} - {{- else }} - {{ required (printf "each `role` in `airflow.users` must be string-type or list-type, but got '%s'!" (kindOf .role)) nil }} - {{- end }} - ], - password={{ (required "each `password` in `airflow.users` must be non-empty!" .password) | quote }}, - ), - {{- end }} -} - - -############### -## Functions ## -############### -def find_role(role_name: str) -> Role: - """ - Get the FAB Role model associated with a `role_name`. - """ - found_role = flask_appbuilder.sm.find_role(role_name) - if found_role: - return found_role - else: - valid_roles = flask_appbuilder.sm.get_all_roles() - logging.error(f"Failed to find role=`{role_name}`, valid roles are: {valid_roles}") - sys.exit(1) - - -def compare_role_lists(role_list_1: List[Role], role_list_2: List[Role]) -> bool: - """ - Check if two lists of FAB Roles contain the same roles (ignores duplicates and order). - """ - name_set_1 = set(role.name for role in role_list_1) - name_set_2 = set(role.name for role in role_list_2) - return name_set_1 == name_set_2 - - - -def compare_users(user_dict: Dict, user_model: User) -> bool: - """ - Check if user info (stored in dict) is identical to a FAB User model. - """ - return ( - user_dict["username"] == user_model.username - and user_dict["first_name"] == user_model.first_name - and user_dict["last_name"] == user_model.last_name - and user_dict["email"] == user_model.email - and compare_role_lists(user_dict["roles"], user_model.roles) - and check_password_hash(pwhash=user_model.password, password=user_dict["password"]) - ) - - -def sync_user(user_wrapper: UserWrapper) -> None: - """ - Sync the User defined by a provided UserWrapper into the FAB DB. - """ - username = user_wrapper.username - u_new = user_wrapper.as_dict() - u_old = flask_appbuilder.sm.find_user(username=username) - - if not u_old: - logging.info(f"User=`{username}` is missing, adding...") - created_user = flask_appbuilder.sm.add_user( - username=u_new["username"], - first_name=u_new["first_name"], - last_name=u_new["last_name"], - email=u_new["email"], - # in old versions of flask_appbuilder `add_user(role=` can only add exactly one role - # (unchecked 0 index is safe because we require at least one role using helm values validation) - role=u_new["roles"][0], - password=u_new["password"] - ) - if created_user: - # add the full list of roles (we only added the first one above) - created_user.roles = u_new["roles"] - logging.info(f"User=`{username}` was successfully added.") - else: - logging.error(f"Failed to add User=`{username}`") - sys.exit(1) - else: - if compare_users(u_new, u_old): - pass - else: - logging.info(f"User=`{username}` exists but has changed, updating...") - u_old.first_name = u_new["first_name"] - u_old.last_name = u_new["last_name"] - u_old.email = u_new["email"] - u_old.roles = u_new["roles"] - u_old.password = generate_password_hash(u_new["password"]) - # strange check for False is because update_user() returns None for success - # but in future might return the User model - if not (flask_appbuilder.sm.update_user(u_old) is False): - logging.info(f"User=`{username}` was successfully updated.") - else: - logging.error(f"Failed to update User=`{username}`") - sys.exit(1) - - -def sync_all_users(user_wrappers: Dict[str, UserWrapper]) -> None: - """ - Sync all users in provided `user_wrappers`. - """ - logging.info("BEGIN: airflow users sync") - for user_wrapper in user_wrappers.values(): - sync_user(user_wrapper) - logging.info("END: airflow users sync") - - # ensures than any SQLAlchemy sessions are closed (so we don't hold a connection to the database) - flask_app.do_teardown_appcontext() - - -def sync_with_airflow() -> None: - """ - Preform a sync of all objects with airflow (note, `sync_with_airflow()` is called in `main()` template). - """ - sync_all_users(user_wrappers=VAR__USER_WRAPPERS) - - -############## -## Run Main ## -############## -{{- if .Values.airflow.usersUpdate }} -main(sync_forever=True) -{{- else }} -main(sync_forever=False) -{{- end }} - -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_variables.tpl b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_variables.tpl deleted file mode 100644 index 74636b5eab..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/_helpers/sync_variables.tpl +++ /dev/null @@ -1,129 +0,0 @@ -{{/* -The python sync script for variables. -*/}} -{{- define "airflow.sync.sync_variables.py" }} -############################ -#### BEGIN: GLOBAL CODE #### -############################ -{{- include "airflow.sync.global_code" . }} -########################## -#### END: GLOBAL CODE #### -########################## - -############# -## Imports ## -############# -from airflow.models import Variable -from airflow.utils.db import create_session - - -############# -## Classes ## -############# -class VariableWrapper(object): - def __init__( - self, - key: str, - val: str, - ): - self.key = key - self._val = val - - @property - def val(self) -> str: - return string_substitution(self._val, VAR__TEMPLATE_VALUE_CACHE) - - def as_variable(self) -> Variable: - return Variable( - key=self.key, - val=self.val - ) - - -############### -## Variables ## -############### -VAR__TEMPLATE_NAMES = [ - {{- range $k, $v := .Values.airflow.variablesTemplates }} - {{ $k | quote }}, - {{- end }} -] -VAR__TEMPLATE_MTIME_CACHE = {} -VAR__TEMPLATE_VALUE_CACHE = {} -VAR__VARIABLE_WRAPPERS = { - {{- range .Values.airflow.variables }} - {{ .key | quote }}: VariableWrapper( - key={{ (required "each `key` in `airflow.variables` must be non-empty!" .key) | quote }}, - val={{ (required "each `value` in `airflow.variables` must be non-empty!" .value) | quote }}, - ), - {{- end }} -} - - -############### -## Functions ## -############### -def compare_variables(v1: Variable, v2: Variable) -> bool: - """ - Check if two Variable objects are identical. - """ - return v1.key == v2.key and v1.val == v2.val - - -def sync_variable(variable_wrapper: VariableWrapper) -> None: - """ - Sync the Variable defined by a provided VariableWrapper into the airflow DB. - """ - v_key = variable_wrapper.key - v_new = variable_wrapper.as_variable() - - variable_added = False - variable_updated = False - - with create_session() as session: - v_old = session.query(Variable).filter(Variable.key == v_key).first() - if not v_old: - logging.info(f"Variable=`{v_key}` is missing, adding...") - session.add(v_new) - variable_added = True - else: - if compare_variables(v_new, v_old): - pass - else: - logging.info(f"Variable=`{v_key}` exists but has changed, updating...") - v_old.val = v_new.val - variable_updated = True - - if variable_added: - logging.info(f"Variable=`{v_key}` was successfully added.") - if variable_updated: - logging.info(f"Variable=`{v_key}` was successfully updated.") - - -def sync_all_variables(variable_wrappers: Dict[str, VariableWrapper]) -> None: - """ - Sync all variables in provided `variable_wrappers`. - """ - logging.info("BEGIN: airflow variables sync") - for variable_wrapper in variable_wrappers.values(): - sync_variable(variable_wrapper) - logging.info("END: airflow variables sync") - - -def sync_with_airflow() -> None: - """ - Preform a sync of all objects with airflow (note, `sync_with_airflow()` is called in `main()` template). - """ - sync_all_variables(variable_wrappers=VAR__VARIABLE_WRAPPERS) - - -############## -## Run Main ## -############## -{{- if .Values.airflow.variablesUpdate }} -main(sync_forever=True) -{{- else }} -main(sync_forever=False) -{{- end }} - -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-deployment.yaml deleted file mode 100644 index 8bdf89f4c6..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-deployment.yaml +++ /dev/null @@ -1,143 +0,0 @@ -{{- if and (.Values.airflow.connections) (.Values.airflow.connectionsUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.sync.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.sync.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.sync.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-sync-connections - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-connections - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - {{- if .Values.airflow.sync.annotations }} - annotations: - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - replicas: 1 - strategy: - ## only 1 replica should run at a time - type: Recreate - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: sync-connections - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-connections - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-connections - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_connections.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.airflow.connectionsTemplates }} - - name: templates - mountPath: "/mnt/templates" - readOnly: true - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-connections - {{- if .Values.airflow.connectionsTemplates }} - - name: templates - projected: - sources: - {{- range $k, $v := .Values.airflow.connectionsTemplates }} - {{- if not (regexMatch "^[a-zA-Z_][a-zA-Z0-9_]*$" $k) }} - {{ required "each key in `airflow.connectionsTemplates` must match the regex: ^[a-zA-Z_][a-zA-Z0-9_]*$" nil }} - {{- end }} - {{- if eq ($v.kind | lower) "configmap" }} - - configMap: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else if eq ($v.kind | lower) "secret" }} - - secret: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else }} - {{ required "each `kind` in `airflow.connectionsTemplates` must be one of ['configmap', 'secret']!" nil }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-job.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-job.yaml deleted file mode 100644 index 7bde872537..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-job.yaml +++ /dev/null @@ -1,134 +0,0 @@ -{{- if and (.Values.airflow.connections) (not .Values.airflow.connectionsUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.scheduler.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.scheduler.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.scheduler.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "airflow.fullname" . }}-sync-connections - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-connections - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - annotations: - helm.sh/hook: post-install,post-upgrade - helm.sh/hook-weight: "0" - helm.sh/hook-delete-policy: before-hook-creation - {{- if .Values.airflow.sync.annotations }} - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-connections - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: OnFailure - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-connections - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_connections.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.airflow.connectionsTemplates }} - - name: templates - mountPath: "/mnt/templates" - readOnly: true - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-connections - {{- if .Values.airflow.connectionsTemplates }} - - name: templates - projected: - sources: - {{- range $k, $v := .Values.airflow.connectionsTemplates }} - {{- if not (regexMatch "^[a-zA-Z_][a-zA-Z0-9_]*$" $k) }} - {{ required "each key in `airflow.connectionsTemplates` must match the regex: ^[a-zA-Z_][a-zA-Z0-9_]*$" nil }} - {{- end }} - {{- if eq ($v.kind | lower) "configmap" }} - - configMap: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else if eq ($v.kind | lower) "secret" }} - - secret: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else }} - {{ required "each `kind` in `airflow.connectionsTemplates` must be one of ['configmap', 'secret']!" nil }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-secret.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-secret.yaml deleted file mode 100644 index fb0ce772a1..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-connections-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.airflow.connections }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-sync-connections - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-connections -data: - sync_connections.py: {{ include "airflow.sync.sync_connections.py" . | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-deployment.yaml deleted file mode 100644 index 4682817b20..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-deployment.yaml +++ /dev/null @@ -1,113 +0,0 @@ -{{- if and (.Values.airflow.pools) (.Values.airflow.poolsUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.sync.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.sync.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.sync.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-sync-pools - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-pools - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - {{- if .Values.airflow.sync.annotations }} - annotations: - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - replicas: 1 - strategy: - ## only 1 replica should run at a time - type: Recreate - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: sync-pools - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-pools - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-pools - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_pools.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-pools -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-job.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-job.yaml deleted file mode 100644 index 7b714f9525..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-job.yaml +++ /dev/null @@ -1,104 +0,0 @@ -{{- if and (.Values.airflow.pools) (not .Values.airflow.poolsUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.sync.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.sync.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.sync.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "airflow.fullname" . }}-sync-pools - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-pools - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - annotations: - helm.sh/hook: post-install,post-upgrade - helm.sh/hook-weight: "0" - helm.sh/hook-delete-policy: before-hook-creation - {{- if .Values.airflow.sync.annotations }} - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-pools - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: OnFailure - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-pools - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_pools.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-pools -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-secret.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-secret.yaml deleted file mode 100644 index 82930fcefb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-pools-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.airflow.pools }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-sync-pools - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-pools -data: - sync_pools.py: {{ include "airflow.sync.sync_pools.py" . | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-deployment.yaml deleted file mode 100644 index 7f706e0f98..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-deployment.yaml +++ /dev/null @@ -1,143 +0,0 @@ -{{- if and (.Values.airflow.users) (.Values.airflow.usersUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.sync.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.sync.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.sync.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-sync-users - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-users - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - {{- if .Values.airflow.sync.annotations }} - annotations: - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - replicas: 1 - strategy: - ## only 1 replica should run at a time - type: Recreate - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: sync-users - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-users - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-users - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_users.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.airflow.usersTemplates }} - - name: templates - mountPath: "/mnt/templates" - readOnly: true - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-users - {{- if .Values.airflow.usersTemplates }} - - name: templates - projected: - sources: - {{- range $k, $v := .Values.airflow.usersTemplates }} - {{- if not (regexMatch "^[a-zA-Z_][a-zA-Z0-9_]*$" $k) }} - {{ required "each key in `airflow.usersTemplates` must match the regex: ^[a-zA-Z_][a-zA-Z0-9_]*$" nil }} - {{- end }} - {{- if eq ($v.kind | lower) "configmap" }} - - configMap: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else if eq ($v.kind | lower) "secret" }} - - secret: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else }} - {{ required "each `kind` in `airflow.usersTemplates` must be one of ['configmap', 'secret']!" nil }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-job.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-job.yaml deleted file mode 100644 index 6dda7b48a4..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-job.yaml +++ /dev/null @@ -1,137 +0,0 @@ -{{- if and (.Values.airflow.users) (not .Values.airflow.usersUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.sync.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.sync.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.sync.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "airflow.fullname" . }}-sync-users - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-users - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - annotations: - helm.sh/hook: post-install,post-upgrade - helm.sh/hook-weight: "0" - helm.sh/hook-delete-policy: before-hook-creation - {{- if .Values.airflow.sync.annotations }} - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - template: - metadata: - annotations: - checksum/secret-config-envs: {{ include (print $.Template.BasePath "/config/secret-config-envs.yaml") . | sha256sum }} - checksum/secret-local-settings: {{ include (print $.Template.BasePath "/config/secret-local-settings.yaml") . | sha256sum }} - checksum/sync-users-script: {{ include "airflow.sync.sync_users.py" . | sha256sum }} - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-users - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: OnFailure - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-users - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_users.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.airflow.usersTemplates }} - - name: templates - mountPath: "/mnt/templates" - readOnly: true - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-users - {{- if .Values.airflow.usersTemplates }} - - name: templates - projected: - sources: - {{- range $k, $v := .Values.airflow.usersTemplates }} - {{- if not (regexMatch "^[a-zA-Z_][a-zA-Z0-9_]*$" $k) }} - {{ required "each key in `airflow.usersTemplates` must match the regex: ^[a-zA-Z_][a-zA-Z0-9_]*$" nil }} - {{- end }} - {{- if eq ($v.kind | lower) "configmap" }} - - configMap: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else if eq ($v.kind | lower) "secret" }} - - secret: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else }} - {{ required "each `kind` in `airflow.usersTemplates` must be one of ['configmap', 'secret']!" nil }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-secret.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-secret.yaml deleted file mode 100644 index f01e160ce1..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-users-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.airflow.users }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-sync-users - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-users -data: - sync_users.py: {{ include "airflow.sync.sync_users.py" . | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-deployment.yaml deleted file mode 100644 index f5892d7171..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-deployment.yaml +++ /dev/null @@ -1,143 +0,0 @@ -{{- if and (.Values.airflow.variables) (.Values.airflow.variablesUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.sync.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.sync.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.sync.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-sync-variables - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-variables - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - {{- if .Values.airflow.sync.annotations }} - annotations: - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - replicas: 1 - strategy: - ## only 1 replica should run at a time - type: Recreate - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: sync-variables - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-variables - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-variables - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_variables.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.airflow.variablesTemplates }} - - name: templates - mountPath: "/mnt/templates" - readOnly: true - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-variables - {{- if .Values.airflow.variablesTemplates }} - - name: templates - projected: - sources: - {{- range $k, $v := .Values.airflow.variablesTemplates }} - {{- if not (regexMatch "^[a-zA-Z_][a-zA-Z0-9_]*$" $k) }} - {{ required "each key in `airflow.variablesTemplates` must match the regex: ^[a-zA-Z_][a-zA-Z0-9_]*$" nil }} - {{- end }} - {{- if eq ($v.kind | lower) "configmap" }} - - configMap: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else if eq ($v.kind | lower) "secret" }} - - secret: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else }} - {{ required "each `kind` in `airflow.variablesTemplates` must be one of ['configmap', 'secret']!" nil }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-job.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-job.yaml deleted file mode 100644 index fa0412fb90..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-job.yaml +++ /dev/null @@ -1,134 +0,0 @@ -{{- if and (.Values.airflow.variables) (not .Values.airflow.variablesUpdate) }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.airflow.sync.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.airflow.sync.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.airflow.sync.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.airflow.sync.securityContext) }} -{{- $extraPipPackages := .Values.airflow.extraPipPackages }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "airflow.fullname" . }}-sync-variables - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-variables - {{- if .Values.airflow.sync.labels }} - {{- toYaml .Values.airflow.sync.labels | nindent 4 }} - {{- end }} - annotations: - helm.sh/hook: post-install,post-upgrade - helm.sh/hook-weight: "0" - helm.sh/hook-delete-policy: before-hook-creation - {{- if .Values.airflow.sync.annotations }} - {{- toYaml .Values.airflow.sync.annotations | nindent 4 }} - {{- end }} -spec: - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.podAnnotations }} - {{- toYaml .Values.airflow.sync.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.airflow.sync.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-variables - {{- if .Values.airflow.sync.podLabels }} - {{- toYaml .Values.airflow.sync.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: OnFailure - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - ## git-sync is included so "airflow plugins" & "python packages" can be stored in the dags repo - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: sync-airflow-variables - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.airflow.sync.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "python" - - "-u" - - "/mnt/scripts/sync_variables.py" - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: scripts - mountPath: /mnt/scripts - readOnly: true - {{- if .Values.airflow.variablesTemplates }} - - name: templates - mountPath: "/mnt/templates" - readOnly: true - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: scripts - secret: - secretName: {{ include "airflow.fullname" . }}-sync-variables - {{- if .Values.airflow.variablesTemplates }} - - name: templates - projected: - sources: - {{- range $k, $v := .Values.airflow.variablesTemplates }} - {{- if not (regexMatch "^[a-zA-Z_][a-zA-Z0-9_]*$" $k) }} - {{ required "each key in `airflow.variablesTemplates` must match the regex: ^[a-zA-Z_][a-zA-Z0-9_]*$" nil }} - {{- end }} - {{- if eq ($v.kind | lower) "configmap" }} - - configMap: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else if eq ($v.kind | lower) "secret" }} - - secret: - name: {{ $v.name | quote }} - items: - - key: {{ $v.key | quote }} - path: {{ $k | quote }} - {{- else }} - {{ required "each `kind` in `airflow.variablesTemplates` must be one of ['configmap', 'secret']!" nil }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-secret.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-secret.yaml deleted file mode 100644 index 88ca7636df..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/sync/sync-variables-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.airflow.variables }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "airflow.fullname" . }}-sync-variables - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: sync-variables -data: - sync_variables.py: {{ include "airflow.sync.sync_variables.py" . | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-deployment.yaml deleted file mode 100644 index 19c848464a..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-deployment.yaml +++ /dev/null @@ -1,154 +0,0 @@ -{{- if include "airflow.triggerer.should_use" . }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.triggerer.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.triggerer.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.triggerer.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.triggerer.securityContext) }} -{{- $extraPipPackages := concat .Values.airflow.extraPipPackages .Values.triggerer.extraPipPackages }} -{{- $extraVolumeMounts := .Values.triggerer.extraVolumeMounts }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumeMounts" $extraVolumeMounts) }} -{{- $extraVolumes := .Values.triggerer.extraVolumes }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumes" $extraVolumes "extraVolumeMounts" $extraVolumeMounts) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-triggerer - namespace: {{ .Values.namespace }} - {{- if .Values.triggerer.annotations }} - annotations: - {{- toYaml .Values.triggerer.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.fullname" . }}-triggerer - component: triggerer - {{- if .Values.triggerer.labels }} - {{- toYaml .Values.triggerer.labels | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.triggerer.replicas }} - strategy: - type: RollingUpdate - rollingUpdate: - ## multiple triggerer pods can safely run concurrently - maxSurge: 25% - maxUnavailable: 0 - selector: - matchLabels: - app: {{ include "airflow.fullname" . }}-triggerer - component: triggerer - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.triggerer.podAnnotations }} - {{- toYaml .Values.triggerer.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.triggerer.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.fullname" . }}-triggerer - component: triggerer - {{- if .Values.triggerer.podLabels }} - {{- toYaml .Values.triggerer.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: airflow-triggerer - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.triggerer.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "bash" - - "-c" - - "exec airflow triggerer" - {{- if .Values.triggerer.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.triggerer.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.triggerer.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.triggerer.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.triggerer.livenessProbe.failureThreshold }} - exec: - command: - {{- include "airflow.command" . | indent 16 }} - - "python" - - "-Wignore" - - "-c" - - | - import os - import sys - - # suppress logs triggered from importing airflow packages - os.environ["AIRFLOW__LOGGING__LOGGING_LEVEL"] = "ERROR" - - from airflow.jobs.triggerer_job import TriggererJob - from airflow.utils.db import create_session - from airflow.utils.net import get_hostname - - with create_session() as session: - # ensure the TriggererJob with most recent heartbeat for this `hostname` is alive - hostname = get_hostname() - triggerer_job = session \ - .query(TriggererJob) \ - .filter_by(hostname=hostname) \ - .order_by(TriggererJob.latest_heartbeat.desc()) \ - .limit(1) \ - .first() - if (triggerer_job is not None) and triggerer_job.is_alive(): - pass - else: - sys.exit(f"The TriggererJob (id={triggerer_job.id}) for hostname '{hostname}' is not alive") - {{- end }} - {{- if $volumeMounts }} - volumeMounts: - {{- $volumeMounts | indent 12 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - {{- if .Values.airflow.extraContainers }} - {{- toYaml .Values.airflow.extraContainers | nindent 8 }} - {{- end }} - {{- if $volumes }} - volumes: - {{- $volumes | indent 8 }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-pdb.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-pdb.yaml deleted file mode 100644 index 927fc17647..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/triggerer/triggerer-pdb.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if and (include "airflow.triggerer.should_use" .) (.Values.triggerer.podDisruptionBudget.enabled) }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "airflow.fullname" . }}-triggerer - labels: - app: {{ include "airflow.labels.app" . }} - component: triggerer - chart: {{ include "airflow.labels.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - {{- if .Values.triggerer.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.triggerer.podDisruptionBudget.maxUnavailable }} - {{- end }} - {{- if .Values.triggerer.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.triggerer.podDisruptionBudget.minAvailable }} - {{- end }} - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: triggerer - release: {{ .Release.Name }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-deployment.yaml deleted file mode 100644 index 1e9d43e8cb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-deployment.yaml +++ /dev/null @@ -1,151 +0,0 @@ -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.web.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.web.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.web.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.web.securityContext) }} -{{- $extraPipPackages := concat .Values.airflow.extraPipPackages .Values.web.extraPipPackages }} -{{- $extraVolumeMounts := .Values.web.extraVolumeMounts }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumeMounts" $extraVolumeMounts) }} -{{- $extraVolumes := .Values.web.extraVolumes }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumes" $extraVolumes "extraVolumeMounts" $extraVolumeMounts) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "airflow.fullname" . }}-web - namespace: {{ .Values.namespace }} - {{- if .Values.web.annotations }} - annotations: - {{- toYaml .Values.web.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web - {{- if .Values.web.labels }} - {{- toYaml .Values.web.labels | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.web.replicas }} - strategy: - type: RollingUpdate - rollingUpdate: - ## multiple web pods can safely run concurrently - maxSurge: 25% - maxUnavailable: 0 - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: web - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.web.podAnnotations }} - {{- toYaml .Values.web.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.web.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web - {{- if .Values.web.podLabels }} - {{- toYaml .Values.web.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: airflow-web - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.web.resources | nindent 12 }} - ports: - - name: web - containerPort: 8080 - protocol: TCP - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "bash" - - "-c" - - "exec airflow webserver" - {{- if .Values.web.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.web.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.web.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.web.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.web.livenessProbe.failureThreshold }} - httpGet: - scheme: {{ include "airflow.web.scheme" . }} - {{- $airflowUrl := .Values.airflow.config.AIRFLOW__WEBSERVER__BASE_URL | default "" | printf "%s/health" | urlParse }} - path: {{ get $airflowUrl "path" }} - port: web - {{- end }} - {{- if .Values.web.readinessProbe.enabled }} - readinessProbe: - initialDelaySeconds: {{ .Values.web.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.web.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.web.readinessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.web.readinessProbe.failureThreshold }} - httpGet: - scheme: {{ include "airflow.web.scheme" . }} - {{- $airflowUrl := .Values.airflow.config.AIRFLOW__WEBSERVER__BASE_URL | default "" | printf "%s/health" | urlParse }} - path: {{ get $airflowUrl "path" }} - port: web - {{- end }} - volumeMounts: - {{- $volumeMounts | indent 12 }} - - name: webserver-config - mountPath: /opt/airflow/webserver_config.py - subPath: webserver_config.py - readOnly: true - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - {{- if .Values.airflow.extraContainers }} - {{- toYaml .Values.airflow.extraContainers | nindent 8 }} - {{- end }} - volumes: - {{- $volumes | indent 8 }} - - name: webserver-config - secret: - {{- if .Values.web.webserverConfig.existingSecret }} - secretName: {{ .Values.web.webserverConfig.existingSecret }} - {{- else }} - secretName: {{ include "airflow.fullname" . }}-webserver-config - {{- end }} - defaultMode: 0644 \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress-v1beta1.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress-v1beta1.yaml deleted file mode 100644 index e52519c0d0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress-v1beta1.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and (.Values.ingress.enabled) (eq .Values.ingress.apiVersion "networking.k8s.io/v1beta1") }} -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: {{ include "airflow.fullname" . }}-web - namespace: {{ .Values.namespace }} - {{- if .Values.ingress.web.annotations }} - annotations: - {{- toYaml .Values.ingress.web.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web - {{- if .Values.ingress.web.labels }} - {{- toYaml .Values.ingress.web.labels | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.web.tls.enabled }} - tls: - - hosts: - - {{ .Values.global.domain }} - {{- if .Values.ingress.web.tls.secretName }} - secretName: {{ .Values.global.domain }}-tls-certs - {{- end }} - {{- end }} - {{- if .Values.ingress.web.ingressClassName }} - ingressClassName: {{ .Values.ingress.web.ingressClassName }} - {{- end }} - rules: - - host: {{ .Values.global.domain }} - http: - paths: - {{- range .Values.ingress.web.precedingPaths }} - - path: {{ .path }} - backend: - serviceName: {{ .serviceName }} - servicePort: {{ .servicePort }} - {{- end }} - - path: {{ .Values.ingress.web.path }} - backend: - serviceName: {{ include "airflow.fullname" . }}-web - servicePort: web - {{- range .Values.ingress.web.succeedingPaths }} - - path: {{ .path }} - backend: - serviceName: {{ .serviceName }} - servicePort: {{ .servicePort }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress.yaml deleted file mode 100644 index 93807e278d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-ingress.yaml +++ /dev/null @@ -1,67 +0,0 @@ -{{- if and (.Values.ingress.enabled) (eq .Values.ingress.apiVersion "networking.k8s.io/v1") }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ include "airflow.fullname" . }}-web - namespace: {{ .Values.namespace }} - {{- if .Values.ingress.web.annotations }} - annotations: - {{- toYaml .Values.ingress.web.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web - {{- if .Values.ingress.web.labels }} - {{- toYaml .Values.ingress.web.labels | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.web.tls.enabled }} - tls: - - hosts: - - {{ .Values.global.domain }} - {{- if .Values.ingress.web.tls.secretName }} - secretName: {{ .Values.global.domain }}-tls-certs - {{- end }} - {{- end }} - {{- if .Values.ingress.web.ingressClassName }} - ingressClassName: {{ .Values.ingress.web.ingressClassName }} - {{- end }} - rules: - - host: {{ .Values.global.domain }} - http: - paths: - {{- range .Values.ingress.web.precedingPaths }} - - path: {{ .path }} - pathType: ImplementationSpecific - backend: - service: - name: {{ .serviceName }} - port: - {{- if kindIs "string" .servicePort }} - name: {{ .servicePort }} - {{- else }} - number: {{ .servicePort }} - {{- end }} - {{- end }} - - path: {{ .Values.ingress.web.path }} - pathType: ImplementationSpecific - backend: - service: - name: {{ include "airflow.fullname" . }}-web - port: - name: web - {{- range .Values.ingress.web.succeedingPaths }} - - path: {{ .path }} - pathType: ImplementationSpecific - backend: - service: - name: {{ .serviceName }} - port: - {{- if kindIs "string" .servicePort }} - name: {{ .servicePort }} - {{- else }} - number: {{ .servicePort }} - {{- end }} - {{- end }} - -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-pdb.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-pdb.yaml deleted file mode 100644 index 17e7bd4a26..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-pdb.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.web.podDisruptionBudget.enabled }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "airflow.fullname" . }}-web - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web -spec: - {{- if .Values.web.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.web.podDisruptionBudget.maxUnavailable }} - {{- end }} - {{- if .Values.web.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.web.podDisruptionBudget.minAvailable }} - {{- end }} - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: web -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-prometheus-rule.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-prometheus-rule.yaml deleted file mode 100644 index 8676c92a07..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-prometheus-rule.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "airflow.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web - {{- if .Values.prometheusRule.additionalLabels }} - {{- toYaml .Values.prometheusRule.additionalLabels | nindent 4 }} - {{- end }} -spec: - groups: - {{- toYaml .Values.prometheusRule.groups | nindent 4 }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service-monitor.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service-monitor.yaml deleted file mode 100644 index e69cc764ec..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service-monitor.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "airflow.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web - {{- if .Values.serviceMonitor.selector }} - {{- toYaml .Values.serviceMonitor.selector | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: web - endpoints: - - port: web - path: {{ .Values.serviceMonitor.path }} - interval: {{ .Values.serviceMonitor.interval }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service.yaml deleted file mode 100644 index 25f6287978..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/webserver/webserver-service.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "airflow.fullname" . }}-web - namespace: {{ .Values.namespace }} - {{- if .Values.web.service.annotations }} - annotations: - {{- toYaml .Values.web.service.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: web -spec: - type: {{ .Values.web.service.type }} - selector: - app: {{ include "airflow.labels.app" . }} - component: web - sessionAffinity: {{ .Values.web.service.sessionAffinity }} - {{- if .Values.web.service.sessionAffinityConfig }} - sessionAffinityConfig: - {{- toYaml .Values.web.service.sessionAffinityConfig | nindent 4 }} - {{- end }} - ports: - - name: web - protocol: TCP - port: {{ .Values.web.service.externalPort | default 8080 }} - {{- if and (eq .Values.web.service.type "NodePort") (.Values.web.service.nodePort.http) }} - nodePort: {{ .Values.web.service.nodePort.http }} - {{- end }} - targetPort: 8080 - {{- if eq .Values.web.service.type "LoadBalancer" }} - {{- if .Values.web.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.web.service.loadBalancerIP | quote }} - {{- end }} - {{- if .Values.web.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- toYaml .Values.web.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-hpa.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-hpa.yaml deleted file mode 100644 index 8732e82442..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-hpa.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if and (.Values.workers.enabled) (.Values.workers.autoscaling.enabled) }} -apiVersion: autoscaling/v2beta2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "airflow.fullname" . }}-worker - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: worker -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: StatefulSet - name: {{ include "airflow.fullname" . }}-worker - minReplicas: {{ .Values.workers.replicas }} - maxReplicas: {{ .Values.workers.autoscaling.maxReplicas }} - metrics: - {{- toYaml .Values.workers.autoscaling.metrics | nindent 4 }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-pdb.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-pdb.yaml deleted file mode 100644 index 0929acbf3e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-pdb.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and (.Values.workers.enabled) (.Values.workers.podDisruptionBudget.enabled) }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ include "airflow.fullname" . }}-worker - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: worker -spec: - {{- if .Values.workers.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.workers.podDisruptionBudget.maxUnavailable }} - {{- end }} - {{- if .Values.workers.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.workers.podDisruptionBudget.minAvailable }} - {{- end }} - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: worker -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-service.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-service.yaml deleted file mode 100644 index 18aaa88b76..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-service.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.workers.enabled }} -apiVersion: v1 -## this Service gives stable DNS entries for workers, used by webserver for logs -kind: Service -metadata: - name: {{ include "airflow.fullname" . }}-worker - namespace: {{ .Values.namespace }} - labels: - app: {{ include "airflow.labels.app" . }} - component: worker -spec: - ports: - - name: worker - protocol: TCP - port: 8793 - clusterIP: None - selector: - app: {{ include "airflow.labels.app" . }} - component: worker -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-statefulset.yaml deleted file mode 100644 index 8a8992b849..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/templates/worker/worker-statefulset.yaml +++ /dev/null @@ -1,181 +0,0 @@ -{{- if .Values.workers.enabled }} -{{- $podNodeSelector := include "airflow.podNodeSelector" (dict "Release" .Release "Values" .Values "nodeSelector" .Values.workers.nodeSelector) }} -{{- $podAffinity := include "airflow.podAffinity" (dict "Release" .Release "Values" .Values "affinity" .Values.workers.affinity) }} -{{- $podTolerations := include "airflow.podTolerations" (dict "Release" .Release "Values" .Values "tolerations" .Values.workers.tolerations) }} -{{- $podSecurityContext := include "airflow.podSecurityContext" (dict "Release" .Release "Values" .Values "securityContext" .Values.workers.securityContext) }} -{{- $extraPipPackages := concat .Values.airflow.extraPipPackages .Values.workers.extraPipPackages }} -{{- $extraVolumeMounts := .Values.workers.extraVolumeMounts }} -{{- $volumeMounts := include "airflow.volumeMounts" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumeMounts" $extraVolumeMounts) }} -{{- $extraVolumes := .Values.workers.extraVolumes }} -{{- $volumes := include "airflow.volumes" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages "extraVolumes" $extraVolumes) }} -apiVersion: apps/v1 -## StatefulSet gives workers consistent DNS names, allowing webserver access to log files -kind: StatefulSet -metadata: - name: {{ include "airflow.fullname" . }}-worker - namespace: {{ .Values.namespace }} - {{- if .Values.workers.annotations }} - annotations: - {{- toYaml .Values.workers.annotations | nindent 4 }} - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: worker - {{- if .Values.workers.labels }} - {{- toYaml .Values.workers.labels | nindent 4 }} - {{- end }} -spec: - serviceName: "{{ include "airflow.fullname" . }}-worker" - replicas: {{ .Values.workers.replicas }} - updateStrategy: - type: RollingUpdate - ## we do not need to guarantee the order in which workers are scaled - podManagementPolicy: Parallel - selector: - matchLabels: - app: {{ include "airflow.labels.app" . }} - component: worker - template: - metadata: - annotations: - {{- if .Values.airflow.podAnnotations }} - {{- toYaml .Values.airflow.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.workers.podAnnotations }} - {{- toYaml .Values.workers.podAnnotations | nindent 8 }} - {{- end }} - {{- if .Values.workers.safeToEvict }} - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - {{- end }} - labels: - app: {{ include "airflow.labels.app" . }} - component: worker - {{- if .Values.workers.podLabels }} - {{- toYaml .Values.workers.podLabels | nindent 8 }} - {{- end }} - spec: - restartPolicy: Always - {{- if .Values.airflow.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.airflow.image.pullSecret }} - {{- end }} - {{- if .Values.workers.celery.gracefullTermination }} - terminationGracePeriodSeconds: {{ add .Values.workers.terminationPeriod .Values.workers.celery.gracefullTerminationPeriod }} - {{- else }} - terminationGracePeriodSeconds: {{ .Values.workers.terminationPeriod }} - {{- end }} - serviceAccountName: {{ include "airflow.serviceAccountName" . }} - {{- if $podNodeSelector }} - nodeSelector: - {{- $podNodeSelector | nindent 8 }} - {{- end }} - {{- if $podAffinity }} - affinity: - {{- $podAffinity | nindent 8 }} - {{- end }} - {{- if $podTolerations }} - tolerations: - {{- $podTolerations | nindent 8 }} - {{- end }} - {{- if $podSecurityContext }} - securityContext: - {{- $podSecurityContext | nindent 8 }} - {{- end }} - initContainers: - {{- if $extraPipPackages }} - {{- include "airflow.init_container.install_pip_packages" (dict "Release" .Release "Values" .Values "extraPipPackages" $extraPipPackages) | indent 8 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" (dict "Release" .Release "Values" .Values "sync_one_time" "true") | indent 8 }} - {{- end }} - {{- include "airflow.init_container.check_db" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - {{- include "airflow.init_container.wait_for_db_migrations" (dict "Release" .Release "Values" .Values "volumeMounts" $volumeMounts) | indent 8 }} - containers: - - name: airflow-worker - {{- include "airflow.image" . | indent 10 }} - resources: - {{- toYaml .Values.workers.resources | nindent 12 }} - envFrom: - {{- include "airflow.envFrom" . | indent 12 }} - env: - {{- include "airflow.env" . | indent 12 }} - # have dumb-init only send signals to direct child process (needed for celery workers to warm shutdown) - - name: DUMB_INIT_SETSID - value: "0" - {{- if .Values.workers.celery.gracefullTermination }} - lifecycle: - preStop: - exec: - command: - - "timeout" - - "{{ .Values.workers.celery.gracefullTerminationPeriod }}s" - - "python" - - "-Wignore" - - "-c" - - | - import os - import time - import subprocess - from celery import Celery - from celery.app.control import Inspect - from typing import List - - def run_command(cmd: List[str]) -> str: - process = subprocess.Popen(cmd, stdout=subprocess.PIPE) - output, error = process.communicate() - if error is not None: - raise Exception(error) - else: - return output.decode(encoding="utf-8") - - broker_url = run_command(["bash", "-c", "eval $AIRFLOW__CELERY__BROKER_URL_CMD"]) - local_celery_host = f"celery@{os.environ['HOSTNAME']}" - app = Celery(broker=broker_url) - - # prevent the worker accepting new tasks - print(f"canceling celery consumer for {local_celery_host}...") - app.control.cancel_consumer("default", destination=[local_celery_host]) - - # wait until the worker finishes its current tasks - i = Inspect(app=app, destination=[local_celery_host]) - active_tasks = i.active()[local_celery_host] - while len(active_tasks) > 0: - print(f"waiting [10 sec] for remaining tasks to finish: {[task.get('name') for task in active_tasks]}") - time.sleep(10) - active_tasks = i.active()[local_celery_host] - {{- end }} - ports: - - name: wlog - containerPort: 8793 - protocol: TCP - command: - {{- include "airflow.command" . | indent 12 }} - args: - - "bash" - - "-c" - {{- if .Values.airflow.legacyCommands }} - - "exec airflow worker" - {{- else }} - - "exec airflow celery worker" - {{- end }} - {{- if $volumeMounts }} - volumeMounts: - {{- $volumeMounts | indent 12 }} - {{- end }} - {{- if .Values.dags.gitSync.enabled }} - {{- include "airflow.container.git_sync" . | indent 8 }} - {{- end }} - {{- if .Values.workers.logCleanup.enabled }} - {{- $lc_resources := .Values.workers.logCleanup.resources }} - {{- $lc_retention_min := .Values.workers.logCleanup.retentionMinutes }} - {{- $lc_interval_sec := .Values.workers.logCleanup.intervalSeconds }} - {{- include "airflow.container.log_cleanup" (dict "Release" .Release "Values" .Values "resources" $lc_resources "retention_min" $lc_retention_min "interval_sec" $lc_interval_sec) | indent 8 }} - {{- end }} - {{- if .Values.airflow.extraContainers }} - {{- toYaml .Values.airflow.extraContainers | nindent 8 }} - {{- end }} - {{- if $volumes }} - volumes: - {{- $volumes | indent 8 }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/airflow/values.yaml b/deploy-as-code/helm/charts/backbone-services/airflow/values.yaml deleted file mode 100644 index 62fbe2ca05..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/airflow/values.yaml +++ /dev/null @@ -1,2172 +0,0 @@ -######################################## -## CONFIG | Airflow Configs -######################################## -namespace: egov -name: airflow -airflow: - ## if we use legacy 1.10 airflow commands - ## - legacyCommands: false - - ## configs for the airflow container image - ## - image: - repository: apache/airflow - tag: 2.2.5-python3.8 - pullPolicy: IfNotPresent - pullSecret: "" - uid: 50000 - gid: 0 - - ## the airflow executor type to use - ## - allowed values: "CeleryExecutor", "KubernetesExecutor", "CeleryKubernetesExecutor" - ## - customize the "KubernetesExecutor" pod-template with `airflow.kubernetesPodTemplate.*` - ## - executor: CeleryExecutor - - ## the fernet encryption key (sets `AIRFLOW__CORE__FERNET_KEY`) - ## - [WARNING] you must change this value to ensure the security of your airflow - ## - set `AIRFLOW__CORE__FERNET_KEY` with `airflow.extraEnv` from a Secret to avoid storing this in your values - ## - use this command to generate your own fernet key: - ## python -c "from cryptography.fernet import Fernet; FERNET_KEY = Fernet.generate_key().decode(); print(FERNET_KEY)" - ## - fernetKey: "7T512UXSSmBOkpWimFHIVb8jK6lfmSAvx4mO6Arehnc=" - - ## the secret_key for flask (sets `AIRFLOW__WEBSERVER__SECRET_KEY`) - ## - [WARNING] you must change this value to ensure the security of your airflow - ## - set `AIRFLOW__WEBSERVER__SECRET_KEY` with `airflow.extraEnv` from a Secret to avoid storing this in your values - ## - webserverSecretKey: "THIS IS UNSAFE!" - - ## environment variables for airflow configs - ## - airflow env-vars are structured: "AIRFLOW__{config_section}__{config_name}" - ## - airflow configuration reference: - ## https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html - ## - ## ____ EXAMPLE _______________ - ## config: - ## # dag configs - ## AIRFLOW__CORE__LOAD_EXAMPLES: "False" - ## AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: "30" - ## - ## # email configs - ## AIRFLOW__EMAIL__EMAIL_BACKEND: "airflow.utils.email.send_email_smtp" - ## AIRFLOW__SMTP__SMTP_HOST: "smtpmail.example.com" - ## AIRFLOW__SMTP__SMTP_MAIL_FROM: "admin@example.com" - ## AIRFLOW__SMTP__SMTP_PORT: "25" - ## AIRFLOW__SMTP__SMTP_SSL: "False" - ## AIRFLOW__SMTP__SMTP_STARTTLS: "False" - ## - ## # domain used in airflow emails - ## AIRFLOW__WEBSERVER__BASE_URL: "http://airflow.example.com" - ## - ## # ether environment variables - ## HTTP_PROXY: "http://proxy.example.com:8080" - ## - config: - AIRFLOW__WEBSERVER__BASE_URL: "https://qa.digit.org/airflow" - AIRFLOW__CELERY__FLOWER_URL_PREFIX: "/airflow/flower" - AIRFLOW__CORE__PLUGINS_FOLDER: /opt/airflow/dags/repo/egov-national-dashboard-accelerator/plugins - AIRFLOW__ELASTICSEARCH__HOST: "" - #AIRFLOW__ELASTICSEARCH__ELASTICSEARCH_HOST: "True" - AIRFLOW__ELASTICSEARCH__LOG_ID_TEMPLATE: "{dag_id}-{task_id}-{execution_date}-{try_number}" - AIRFLOW__ELASTICSEARCH__END_OF_LOG_MARK: "end_of_log" - AIRFLOW__API__AUTH_BACKENDS: "airflow.api.auth.backend.deny_all" - - ## a list of users to create - ## - templates can ONLY be used in: `password`, `email`, `firstName`, `lastName` - ## - templates used a bash-like syntax: ${MY_USERNAME}, $MY_USERNAME - ## - templates are defined in `usersTemplates` - ## - `role` can be a single role or a list of roles - ## - users: - - username: admin - password: admin - role: Admin - email: admin@example.com - firstName: admin - lastName: admin - - ## bash-like templates to be used in `airflow.users` - ## - [WARNING] if a Secret or ConfigMap is missing, the sync Pod will crash - ## - [WARNING] all keys must match the regex: ^[a-zA-Z_][a-zA-Z0-9_]*$ - ## - ## ____ EXAMPLE _______________ - ## usersTemplates - ## MY_USERNAME: - ## kind: configmap - ## name: my-configmap - ## key: username - ## MY_PASSWORD: - ## kind: secret - ## name: my-secret - ## key: password - ## - usersTemplates: {} - - ## if we create a Deployment to perpetually sync `airflow.users` - ## - when `true`, users are updated in real-time, as ConfigMaps/Secrets change - ## - when `true`, users changes from the WebUI will be reverted automatically - ## - when `false`, users will only update one-time, after each `helm upgrade` - ## - usersUpdate: true - - ## a list airflow connections to create - ## - templates can ONLY be used in: `host`, `login`, `password`, `schema`, `extra` - ## - templates used a bash-like syntax: ${AWS_ACCESS_KEY} or $AWS_ACCESS_KEY - ## - templates are defined in `connectionsTemplates` - ## - ## ____ EXAMPLE _______________ - ## connections: - ## - id: my_aws - ## type: aws - ## description: my AWS connection - ## extra: |- - ## { "aws_access_key_id": "${AWS_KEY_ID}", - ## "aws_secret_access_key": "${AWS_ACCESS_KEY}", - ## "region_name":"eu-central-1" } - ## - connections: [] - - ## bash-like templates to be used in `airflow.connections` - ## - see docs for `airflow.usersTemplates` - ## - connectionsTemplates: {} - - ## if we create a Deployment to perpetually sync `airflow.connections` - ## - see docs for `airflow.usersUpdate` - ## - connectionsUpdate: true - - ## a list airflow variables to create - ## - templates can ONLY be used in: `value` - ## - templates used a bash-like syntax: ${MY_VALUE} or $MY_VALUE - ## - templates are defined in `connectionsTemplates` - ## - ## ____ EXAMPLE _______________ - ## variables: - ## - key: "var_1" - ## value: "my_value_1" - ## - key: "var_2" - ## value: "my_value_2" - ## - variables: [] - - ## bash-like templates to be used in `airflow.variables` - ## - see docs for `airflow.usersTemplates` - ## - variablesTemplates: {} - - ## if we create a Deployment to perpetually sync `airflow.variables` - ## - see docs for `airflow.usersUpdate` - ## - variablesUpdate: true - - ## a list airflow pools to create - ## - ## ____ EXAMPLE _______________ - ## pools: - ## - name: "pool_1" - ## description: "example pool with 5 slots" - ## slots: 5 - ## - name: "pool_2" - ## description: "example pool with 10 slots" - ## slots: 10 - ## - pools: [] - - ## if we create a Deployment to perpetually sync `airflow.pools` - ## - see docs for `airflow.usersUpdate` - ## - poolsUpdate: true - - ## default nodeSelector for airflow Pods (is overridden by pod-specific values) - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - defaultNodeSelector: {} - - ## default affinity configs for airflow Pods (is overridden by pod-specific values) - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - defaultAffinity: {} - - ## default toleration configs for airflow Pods (is overridden by pod-specific values) - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - defaultTolerations: [] - - ## default securityContext configs for airflow Pods (is overridden by pod-specific values) - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - defaultSecurityContext: - ## sets the filesystem owner group of files/folders in mounted volumes - ## this does NOT give root permissions to Pods, only the "root" group - fsGroup: 0 - - ## extra annotations for airflow Pods - ## - podAnnotations: {} - - ## extra pip packages to install in airflow Pods - ## - ## ____ EXAMPLE _______________ - ## extraPipPackages: - ## - "SomeProject==1.0.0" - ## - extraPipPackages: [] - - ## extra environment variables for the airflow Pods - ## - spec for EnvVar: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#envvar-v1-core - ## - extraEnv: [] - - ## extra containers for the airflow Pods - ## - spec for Container: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#container-v1-core - ## - extraContainers: [] - - ## extra VolumeMounts for the airflow Pods - ## - spec for VolumeMount: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volumemount-v1-core - ## - extraVolumeMounts: [] - - ## extra Volumes for the airflow Pods - ## - spec for Volume: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core - ## - extraVolumes: [] - - ## kubernetes cluster domain name - ## - configured in the kubelet with `--cluster-domain` flag (deprecated): - ## https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/ - ## - or configured in the kubelet with configuration file `clusterDomain` option: - ## https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ - ## - clusterDomain: "cluster.local" - - ######################################## - ## FILE | airflow_local_settings.py - ######################################## - ## - localSettings: - ## the full content of the `airflow_local_settings.py` file (as a string) - ## - docs for airflow cluster policies: - ## https://airflow.apache.org/docs/apache-airflow/stable/concepts/cluster-policies.html - ## - ## ____ EXAMPLE _______________ - ## stringOverride: | - ## # use a custom `xcom_sidecar` image for KubernetesPodOperator() - ## from airflow.kubernetes.pod_generator import PodDefaults - ## PodDefaults.SIDECAR_CONTAINER.image = "gcr.io/PROJECT-ID/custom-sidecar-image" - ## - stringOverride: "" - - ## the name of a Secret containing a `airflow_local_settings.py` key - ## - if set, this disables `airflow.localSettings.stringOverride` - ## - existingSecret: "" - - ######################################## - ## FILE | pod_template.yaml - ######################################## - ## - generates a file for `AIRFLOW__KUBERNETES__POD_TEMPLATE_FILE` - ## - the `dags.gitSync` values will create a git-sync init-container in the pod - ## - the `airflow.extraPipPackages` will NOT be installed - ## - kubernetesPodTemplate: - ## the full content of the pod-template file (as a string) - ## - [WARNING] all other `kubernetesPodTemplate.*` are disabled when this is set - ## - docs for pod-template file: - ## https://airflow.apache.org/docs/apache-airflow/stable/executor/kubernetes.html#pod-template-file - ## - ## ____ EXAMPLE _______________ - ## stringOverride: |- - ## apiVersion: v1 - ## kind: Pod - ## spec: ... - ## - stringOverride: "" - - ## resource requests/limits for the Pod template "base" container - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the Pod template - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the Pod template - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the Pod template - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## labels for the Pod template - ## - podLabels: {} - - ## annotations for the Pod template - ## - podAnnotations: {} - - ## the security context for the Pod template - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## the shareProcessNamespace config for the Pod template - ## - docs for shareProcessNamespace: - ## https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/ - ## - shareProcessNamespace: false - - ## extra pip packages to install in the Pod template - ## - ## ____ EXAMPLE _______________ - ## extraPipPackages: - ## - "SomeProject==1.0.0" - ## - extraPipPackages: [] - - ## extra containers for the pod template - ## - spec for Container: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#container-v1-core - ## - extraContainers: [] - - ## extra init-containers for the Pod template - ## - spec of Container: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#container-v1-core - ## - extraInitContainers: [] - - ## extra VolumeMounts for the Pod template - ## - spec for VolumeMount: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volumemount-v1-core - ## - extraVolumeMounts: [] - - ## extra Volumes for the Pod template - ## - spec for Volume: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core - ## - extraVolumes: [] - - ######################################## - ## COMPONENT | db-migrations Deployment - ######################################## - dbMigrations: - ## if the db-migrations Deployment/Job is created - ## - [WARNING] if `false`, you have to MANUALLY run `airflow db upgrade` when required - ## - enabled: true - - ## if a post-install helm Job should be used (instead of a Deployment) - ## - [WARNING] setting `true` will NOT work with the helm `--wait` flag, - ## this is because post-install helm Jobs run AFTER the main resources become Ready, - ## which will cause a deadlock, as other resources require db-migrations to become Ready - ## - runAsJob: false - - ## resource requests/limits for the db-migrations Pods - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the db-migrations Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the db-migrations Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the db-migrations Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the db-migrations Pods - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## Labels for the db-migrations Deployment - ## - labels: {} - - ## Pod labels for the db-migrations Deployment - ## - podLabels: {} - - ## annotations for the db-migrations Deployment/Job - ## - annotations: {} - - ## Pod annotations for the db-migrations Deployment/Job - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - - ## the number of seconds between checks for unapplied db migrations - ## - only applies if `airflow.dbMigrations.runAsJob` is `false` - ## - checkInterval: 300 - - ######################################## - ## COMPONENT | Sync Deployments - ######################################## - ## - used by the Deployments/Jobs used by `airflow.{connections,pools,users,variables}` - ## - sync: - ## resource requests/limits for the sync Pods - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the sync Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the sync Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the sync Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the sync Pods - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## Labels for the sync Deployments/Jobs - ## - labels: {} - - ## Pod labels for the sync Deployments/Jobs - ## - podLabels: {} - - ## annotations for the sync Deployments/Jobs - ## - annotations: {} - - ## Pod annotations for the sync Deployments/Jobs - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - -################################### -## COMPONENT | Airflow Scheduler -################################### -scheduler: - ## the number of scheduler Pods to run - ## - if you set this >1 we recommend defining a `scheduler.podDisruptionBudget` - ## - replicas: 1 - - ## resource requests/limits for the scheduler Pod - ## - spec of ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the scheduler Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the scheduler Pods - ## - spec of Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the scheduler Pods - ## - spec of Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the scheduler Pods - ## - spec of PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## labels for the scheduler Deployment - ## - labels: {} - - ## Pod labels for the scheduler Deployment - ## - podLabels: {} - - ## annotations for the scheduler Deployment - ## - annotations: {} - - ## Pod annotations for the scheduler Deployment - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - - ## configs for the PodDisruptionBudget of the scheduler - ## - podDisruptionBudget: - ## if a PodDisruptionBudget resource is created for the scheduler - ## - enabled: false - - ## the maximum unavailable pods/percentage for the scheduler - ## - maxUnavailable: "" - - ## the minimum available pods/percentage for the scheduler - ## - minAvailable: "" - - ## configs for the log-cleanup sidecar of the scheduler - ## - helps prevent excessive log buildup by regularly deleting old files - ## - logCleanup: - ## if the log-cleanup sidecar is enabled - ## - [WARNING] must be disabled if `logs.persistence.enabled` is `true` - ## - enabled: true - - ## resource requests/limits for the log-cleanup container - ## - spec of ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the number of minutes to retain log files (by last-modified time) - ## - retentionMinutes: 21600 - - ## the number of seconds between each check for files to delete - ## - intervalSeconds: 900 - - ## sets `airflow --num_runs` parameter used to run the airflow scheduler - ## - numRuns: -1 - - ## configs for the scheduler Pods' liveness probe - ## - "unhealthy" means the SchedulerJob has not had a heartbeat for - ## AIRFLOW__SCHEDULER__SCHEDULER_HEALTH_CHECK_THRESHOLD seconds - ## - `periodSeconds` x `failureThreshold` = max seconds a scheduler can be in an "unhealthy" state - ## - livenessProbe: - enabled: true - initialDelaySeconds: 60 - periodSeconds: 30 - timeoutSeconds: 60 - failureThreshold: 5 - - ## configs for an additional check that ensures tasks are being created by the scheduler - ## - this check works by ensuring that the most recent LocalTaskJob had a `start_date` no more than - ## `taskCreationCheck.thresholdSeconds` seconds ago - ## - this check is useful because the scheduler can deadlock with a heartbeat, but not be scheduling new tasks: - ## https://github.com/apache/airflow/issues/7935 - patched in airflow `2.0.2` - ## https://github.com/apache/airflow/issues/15938 - patched in airflow `2.1.1` - ## - taskCreationCheck: - ## if the task creation check is enabled - ## - enabled: false - - ## the maximum number of seconds since the start_date of the most recent LocalTaskJob - ## - [WARNING] must be AT LEAST equal to your shortest DAG schedule_interval - ## - [WARNING] DummyOperator tasks will NOT be seen by this probe - ## - thresholdSeconds: 300 - - ## extra pip packages to install in the scheduler Pods - ## - ## ____ EXAMPLE _______________ - ## extraPipPackages: - ## - "SomeProject==1.0.0" - ## - extraPipPackages: [] - - ## extra VolumeMounts for the scheduler Pods - ## - spec of VolumeMount: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volumemount-v1-core - ## - extraVolumeMounts: [] - - ## extra Volumes for the scheduler Pods - ## - spec of Volume: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core - ## - extraVolumes: [] - - ## extra init containers to run in the scheduler Pods - ## - spec of Container: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#container-v1-core - ## - extraInitContainers: [] - -################################### -## COMPONENT | Airflow Webserver -################################### -web: - ######################################## - ## FILE | webserver_config.py - ######################################## - ## - webserverConfig: - ## the full content of the `webserver_config.py` file (as a string) - ## - docs for Flask-AppBuilder security configs: - ## https://flask-appbuilder.readthedocs.io/en/latest/security.html - ## - ## ____ EXAMPLE _______________ - ## stringOverride: | - ## from airflow import configuration as conf - ## from flask_appbuilder.security.manager import AUTH_DB - ## - ## # the SQLAlchemy connection string - ## SQLALCHEMY_DATABASE_URI = conf.get('core', 'SQL_ALCHEMY_CONN') - ## - ## # use embedded DB for auth - ## AUTH_TYPE = AUTH_DB - ## - stringOverride: "" - - ## the name of a Secret containing a `webserver_config.py` key - ## - existingSecret: "" - - ## the number of web Pods to run - ## - if you set this >1 we recommend defining a `web.podDisruptionBudget` - ## - replicas: 1 - - ## resource requests/limits for the web Pod - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the web Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the web Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the web Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the web Pods - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## labels for the web Deployment - ## - labels: {} - - ## Pod labels for the web Deployment - ## - podLabels: {} - - ## annotations for the web Deployment - ## - annotations: {} - - ## Pod annotations for the web Deployment - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - - ## configs for the PodDisruptionBudget of the web Deployment - ## - podDisruptionBudget: - ## if a PodDisruptionBudget resource is created for the web Deployment - ## - enabled: false - - ## the maximum unavailable pods/percentage for the web Deployment - ## - maxUnavailable: "" - - ## the minimum available pods/percentage for the web Deployment - ## - minAvailable: "" - - ## configs for the Service of the web Pods - ## - service: - annotations: {} - sessionAffinity: "None" - sessionAffinityConfig: {} - type: ClusterIP - externalPort: 8080 - loadBalancerIP: "" - loadBalancerSourceRanges: [] - nodePort: - http: "" - - ## configs for the web Pods' readiness probe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - - ## configs for the web Pods' liveness probe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 60 - periodSeconds: 30 - timeoutSeconds: 60 - failureThreshold: 6 - - ## extra pip packages to install in the web Pods - ## - ## ____ EXAMPLE _______________ - ## extraPipPackages: - ## - "SomeProject==1.0.0" - ## - extraPipPackages: [] - - ## extra VolumeMounts for the web Pods - ## - spec for VolumeMount: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volumemount-v1-core - ## - extraVolumeMounts: [] - - ## extra Volumes for the web Pods - ## - spec for Volume: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core - ## - extraVolumes: [] - -################################### -## COMPONENT | Airflow Workers -################################### -workers: - ## if the airflow workers StatefulSet should be deployed - ## - enabled: true - - ## the number of worker Pods to run - ## - if you set this >1 we recommend defining a `workers.podDisruptionBudget` - ## - this is the minimum when `workers.autoscaling.enabled` is true - ## - replicas: 1 - - ## resource requests/limits for the worker Pod - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the worker Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the worker Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the worker Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the worker Pods - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## labels for the worker StatefulSet - ## - labels: {} - - ## Pod labels for the worker StatefulSet - ## - podLabels: {} - - ## annotations for the worker StatefulSet - ## - annotations: {} - - ## Pod annotations for the worker StatefulSet - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - - ## configs for the PodDisruptionBudget of the worker StatefulSet - ## - podDisruptionBudget: - ## if a PodDisruptionBudget resource is created for the worker StatefulSet - ## - enabled: false - - ## the maximum unavailable pods/percentage for the worker StatefulSet - ## - maxUnavailable: "" - - ## the minimum available pods/percentage for the worker StatefulSet - ## - minAvailable: "" - - ## configs for the HorizontalPodAutoscaler of the worker Pods - ## - [WARNING] if using git-sync, ensure `dags.gitSync.resources` is set - ## - [WARNING] if using worker log-cleanup, ensure `workers.logCleanup.resources` is set - ## - ## ____ EXAMPLE _______________ - ## autoscaling: - ## enabled: true - ## maxReplicas: 16 - ## metrics: - ## - type: Resource - ## resource: - ## name: memory - ## target: - ## type: Utilization - ## averageUtilization: 80 - ## - autoscaling: - enabled: false - maxReplicas: 2 - metrics: [] - - ## configs for the celery worker Pods - ## - celery: - ## if celery worker Pods are gracefully terminated - ## - consider defining a `workers.podDisruptionBudget` to prevent there not being - ## enough available workers during graceful termination waiting periods - ## - ## graceful termination process: - ## 1. prevent worker accepting new tasks - ## 2. wait AT MOST `workers.celery.gracefullTerminationPeriod` for tasks to finish - ## 3. send SIGTERM to worker - ## 4. wait AT MOST `workers.terminationPeriod` for kill to finish - ## 5. send SIGKILL to worker - ## - gracefullTermination: false - - ## how many seconds to wait for tasks to finish before SIGTERM of the celery worker - ## - gracefullTerminationPeriod: 600 - - ## how many seconds to wait after SIGTERM before SIGKILL of the celery worker - ## - [WARNING] tasks that are still running during SIGKILL will be orphaned, this is important - ## to understand with KubernetesPodOperator(), as Pods may continue running - ## - terminationPeriod: 60 - - ## configs for the log-cleanup sidecar of the worker Pods - ## - helps prevent excessive log buildup by regularly deleting old files - ## - logCleanup: - ## if the log-cleanup sidecar is enabled - ## - [WARNING] must be disabled if `logs.persistence.enabled` is `true` - ## - enabled: true - - ## resource requests/limits for the log-cleanup container - ## - spec of ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the number of minutes to retain log files (by last-modified time) - ## - retentionMinutes: 21600 - - ## the number of seconds between each check for files to delete - ## - intervalSeconds: 900 - - ## extra pip packages to install in the worker Pod - ## - ## ____ EXAMPLE _______________ - ## extraPipPackages: - ## - "SomeProject==1.0.0" - ## - extraPipPackages: [] - - ## extra VolumeMounts for the worker Pods - ## - spec for VolumeMount: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volumemount-v1-core - ## - extraVolumeMounts: [] - - ## extra Volumes for the worker Pods - ## - spec for Volume: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core - ## - extraVolumes: [] - -################################### -## COMPONENT | Flower -################################### -flower: - ## if the airflow flower UI should be deployed - ## - enabled: true - - ## the number of flower Pods to run - ## - if you set this >1 we recommend defining a `flower.podDisruptionBudget` - ## - replicas: 1 - - ## resource requests/limits for the flower Pod - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the flower Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the flower Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the flower Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the flower Pods - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## labels for the flower Deployment - ## - labels: {} - - ## Pod labels for the flower Deployment - ## - podLabels: {} - - ## annotations for the flower Deployment - ## - annotations: {} - - ## Pod annotations for the flower Deployment - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - - ## configs for the PodDisruptionBudget of the flower Deployment - ## - podDisruptionBudget: - ## if a PodDisruptionBudget resource is created for the flower Deployment - ## - enabled: false - - ## the maximum unavailable pods/percentage for the flower Deployment - ## - maxUnavailable: "" - - ## the minimum available pods/percentage for the flower Deployment - ## - minAvailable: "" - - ## the name of a pre-created secret containing the basic authentication value for flower - ## - this will override any value of `config.AIRFLOW__CELERY__FLOWER_BASIC_AUTH` - ## - basicAuthSecret: "" - - ## the key within `flower.basicAuthSecret` containing the basic authentication string - ## - basicAuthSecretKey: "" - - ## configs for the Service of the flower Pods - ## - service: - annotations: {} - type: ClusterIP - externalPort: 5555 - loadBalancerIP: "" - loadBalancerSourceRanges: [] - nodePort: - http: - - ## configs for the flower Pods' readinessProbe probe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - - ## configs for the flower Pods' liveness probe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - - ## extra pip packages to install in the flower Pod - ## - ## ____ EXAMPLE _______________ - ## extraPipPackages: - ## - "SomeProject==1.0.0" - ## - extraPipPackages: [] - - ## extra VolumeMounts for the flower Pods - ## - spec for VolumeMount: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volumemount-v1-core - ## - extraVolumeMounts: [] - - ## extra Volumes for the flower Pods - ## - spec for Volume: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core - ## - extraVolumes: [] - -################################### -## CONFIG | Airflow Logs -################################### -logs: - ## the airflow logs folder - ## - path: /opt/airflow/logs - - ## configs for the logs PVC - ## - persistence: - ## if a persistent volume is mounted at `logs.path` - ## - enabled: false - - ## the name of an existing PVC to use - ## - existingClaim: "" - - ## sub-path under `logs.persistence.existingClaim` to use - ## - subPath: "" - - ## the name of the StorageClass used by the PVC - ## - if set to "", then `PersistentVolumeClaim/spec.storageClassName` is omitted - ## - if set to "-", then `PersistentVolumeClaim/spec.storageClassName` is set to "" - ## - storageClass: "" - - ## the access mode of the PVC - ## - [WARNING] must be "ReadWriteMany" or airflow pods will fail to start - ## - accessMode: ReadWriteMany - - ## the size of PVC to request - ## - size: 1Gi - -################################### -## CONFIG | Airflow DAGs -################################### -dags: - ## the airflow dags folder - ## - path: /opt/airflow/dags - - ## configs for the dags PVC - ## - persistence: - ## if a persistent volume is mounted at `dags.path` - ## - enabled: false - - ## the name of an existing PVC to use - ## - existingClaim: "" - - ## sub-path under `dags.persistence.existingClaim` to use - ## - subPath: "" - - ## the name of the StorageClass used by the PVC - ## - if set to "", then `PersistentVolumeClaim/spec.storageClassName` is omitted - ## - if set to "-", then `PersistentVolumeClaim/spec.storageClassName` is set to "" - ## - storageClass: "" - - ## the access mode of the PVC - ## - [WARNING] must be "ReadOnlyMany" or "ReadWriteMany" otherwise airflow pods will fail to start - ## - accessMode: ReadOnlyMany - - ## the size of PVC to request - ## - size: 1Gi - - ## configs for the git-sync sidecar (https://github.com/kubernetes/git-sync) - ## - gitSync: - ## if the git-sync sidecar container is enabled - ## - enabled: true - - ## the git-sync container image - ## - image: - repository: k8s.gcr.io/git-sync/git-sync - tag: v3.5.0 - pullPolicy: IfNotPresent - uid: 65533 - gid: 65533 - - ## resource requests/limits for the git-sync container - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the url of the git repo - ## - ## ____ EXAMPLE _______________ - ## # https git repo - ## repo: "https://github.com/USERNAME/REPOSITORY.git" - ## - ## ____ EXAMPLE _______________ - ## # ssh git repo - ## repo: "git@github.com:USERNAME/REPOSITORY.git" - ## - repo: "https://github.com/pmidc-digit/utilities.git" - - ## the sub-path within your repo where dags are located - ## - only dags under this path within your repo will be seen by airflow, - ## (note, the full repo will still be cloned) - ## - repoSubPath: "egov-national-dashboard-accelerator/dags" - - ## the git branch to check out - ## - branch: develop - - ## the git revision (tag or hash) to check out - ## - revision: HEAD - - ## shallow clone with a history truncated to the specified number of commits - ## - depth: 1 - - ## the number of seconds between syncs - ## - syncWait: 60 - - ## the max number of seconds allowed for a complete sync - ## - syncTimeout: 120 - - ## the name of a pre-created Secret with git http credentials - ## - httpSecret: "" - - ## the key in `dags.gitSync.httpSecret` with your git username - ## - httpSecretUsernameKey: username - - ## the key in `dags.gitSync.httpSecret` with your git password/token - ## - httpSecretPasswordKey: password - - ## the name of a pre-created Secret with git ssh credentials - ## - sshSecret: "" - - ## the key in `dags.gitSync.sshSecret` with your ssh-key file - ## - sshSecretKey: id_rsa - - ## the string value of a "known_hosts" file (for SSH only) - ## - [WARNING] known_hosts verification will be disabled if left empty, making you more - ## vulnerable to repo spoofing attacks - ## - ## ____ EXAMPLE _______________ - ## sshKnownHosts: |- - ## ssh-rsa - ## - sshKnownHosts: "" - - ## the number of consecutive failures allowed before aborting - ## - the first sync must succeed - ## - a value of -1 will retry forever after the initial sync - ## - maxFailures: 0 - -################################### -## COMPONENT | Triggerer -################################### -triggerer: - ## if the airflow triggerer should be deployed - ## - [WARNING] the triggerer component was added in airflow 2.2.0 - ## - [WARNING] if `airflow.legacyCommands` is `true` the triggerer will NOT be deployed - ## - enabled: true - - ## the number of triggerer Pods to run - ## - if you set this >1 we recommend defining a `triggerer.podDisruptionBudget` - ## - replicas: 1 - - ## resource requests/limits for the triggerer Pods - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the triggerer Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the triggerer Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the triggerer Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the triggerer Pods - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## labels for the triggerer Deployment - ## - labels: {} - - ## Pod labels for the triggerer Deployment - ## - podLabels: {} - - ## annotations for the triggerer Deployment - ## - annotations: {} - - ## Pod annotations for the triggerer Deployment - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - - ## configs for the PodDisruptionBudget of the triggerer Deployment - ## - podDisruptionBudget: - ## if a PodDisruptionBudget resource is created for the triggerer Deployment - ## - enabled: false - - ## the maximum unavailable pods/percentage for the triggerer Deployment - ## - maxUnavailable: "" - - ## the minimum available pods/percentage for the triggerer Deployment - ## - minAvailable: "" - - ## maximum number of triggers each triggerer will run at once (sets `AIRFLOW__TRIGGERER__DEFAULT_CAPACITY`) - ## - capacity: 1000 - - ## configs for the triggerer Pods' liveness probe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 30 - timeoutSeconds: 60 - failureThreshold: 5 - - ## extra pip packages to install in the triggerer Pod - ## - ## ____ EXAMPLE _______________ - ## extraPipPackages: - ## - "SomeProject==1.0.0" - ## - extraPipPackages: [] - - ## extra VolumeMounts for the triggerer Pods - ## - spec for VolumeMount: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volumemount-v1-core - ## - extraVolumeMounts: [] - - ## extra Volumes for the triggerer Pods - ## - spec for Volume: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#volume-v1-core - ## - extraVolumes: [] - -################################### -## CONFIG | Kubernetes Ingress -################################### -ingress: - ## if we should deploy Ingress resources - ## - enabled: true - - ## the `apiVersion` to use for Ingress resources - ## - for Kubernetes 1.19 and later: "networking.k8s.io/v1" - ## - for Kubernetes 1.18 and before: "networking.k8s.io/v1beta1" - ## - apiVersion: networking.k8s.io/v1beta1 - - ## configs for the Ingress of the web Service - ## - web: - ## annotations for the web Ingress - ## - annotations: {} - - ## additional labels for the web Ingress - ## - labels: {} - - ## the path for the web Ingress - ## - [WARNING] do NOT include the trailing slash (for root, set an empty string) - ## - ## ____ EXAMPLE _______________ - ## # webserver URL: http://example.com/airflow - ## path: "/airflow" - ## - path: "/airflow" - - ## the hostname for the web Ingress - ## - host: "qa.digit.org" - - ## the Ingress Class for the web Ingress - ## - [WARNING] requires Kubernetes 1.18 or later, use "kubernetes.io/ingress.class" annotation for older versions - ## - ingressClassName: "" - - ## configs for web Ingress TLS - ## - tls: - ## enable TLS termination for the web Ingress - ## - enabled: true - - ## the name of a pre-created Secret containing a TLS private key and certificate - ## - secretName: "qa.digit.org-tls" - - ## http paths to add to the web Ingress before the default path - ## - ## ____ EXAMPLE _______________ - ## precedingPaths: - ## - path: "/*" - ## serviceName: "my-service" - ## servicePort: "port-name" - ## - precedingPaths: [] - - ## http paths to add to the web Ingress after the default path - ## - ## ____ EXAMPLE _______________ - ## succeedingPaths: - ## - path: "/extra-service" - ## serviceName: "my-service" - ## servicePort: "port-name" - ## - succeedingPaths: [] - - ## configs for the Ingress of the flower Service - ## - flower: - ## annotations for the flower Ingress - ## - annotations: {} - - ## additional labels for the flower Ingress - ## - labels: {} - - ## the path for the flower Ingress - ## - [WARNING] do NOT include the trailing slash (for root, set an empty string) - ## - ## ____ EXAMPLE _______________ - ## # flower URL: http://example.com/airflow/flower - ## path: "/airflow/flower" - ## - path: "/airflow/flower" - - ## the hostname for the flower Ingress - ## - host: "qa.digit.org" - - ## the Ingress Class for the flower Ingress - ## - [WARNING] requires Kubernetes 1.18 or later, use "kubernetes.io/ingress.class" annotation for older versions - ## - ingressClassName: "" - - ## configs for flower Ingress TLS - ## - tls: - ## enable TLS termination for the flower Ingress - ## - enabled: true - - ## the name of a pre-created Secret containing a TLS private key and certificate - ## - secretName: "qa.digit.org-tls" - - ## http paths to add to the flower Ingress before the default path - ## - ## ____ EXAMPLE _______________ - ## precedingPaths: - ## - path: "/*" - ## serviceName: "my-service" - ## servicePort: "port-name" - ## - precedingPaths: [] - - ## http paths to add to the flower Ingress after the default path - ## - ## ____ EXAMPLE _______________ - ## succeedingPaths: - ## - path: "/extra-service" - ## serviceName: "my-service" - ## servicePort: "port-name" - ## - succeedingPaths: [] - -################################### -## CONFIG | Kubernetes RBAC -################################### -rbac: - ## if Kubernetes RBAC resources are created - ## - these allow the service account to create/delete Pods in the airflow namespace, - ## which is required for the KubernetesPodOperator() to function - ## - create: true - - ## if the created RBAC Role has GET/LIST on Event resources - ## - this is needed for KubernetesPodOperator() to use `log_events_on_failure=True` - ## - events: true - -################################### -## CONFIG | Kubernetes ServiceAccount -################################### -serviceAccount: - ## if a Kubernetes ServiceAccount is created - ## - if `false`, you must create the service account outside this chart with name: `serviceAccount.name` - ## - create: true - - ## the name of the ServiceAccount - ## - by default the name is generated using the `airflow.serviceAccountName` template in `_helpers/common.tpl` - ## - name: "" - - ## annotations for the ServiceAccount - ## - ## ____ EXAMPLE _______________ - ## # EKS - IAM Roles for Service Accounts - ## annotations: - ## eks.amazonaws.com/role-arn: "arn:aws:iam::XXXXXXXXXX:role/<>" - ## - ## ____ EXAMPLE _______________ - ## # GKE - WorkloadIdentity - ## annotations: - ## iam.gke.io/gcp-service-account: "<>@<>.iam.gserviceaccount.com" - ## - annotations: {} - -################################### -## CONFIG | Kubernetes Extra Manifests -################################### -## a list of extra Kubernetes manifests that will be deployed alongside the chart -## - helm templates within these strings will be rendered -## -## ____ EXAMPLE _______________ -## extraManifests: -## - | -## apiVersion: v1 -## kind: Secret -## metadata: -## name: airflow-postgres -## data: -## postgresql-password: {{ `password1` | b64enc | quote }} -## - | -## apiVersion: apps/v1 -## kind: Deployment -## metadata: -## name: {{ include "airflow.fullname" . }}-busybox -## labels: -## app: {{ include "airflow.labels.app" . }} -## component: busybox -## chart: {{ include "airflow.labels.chart" . }} -## release: {{ .Release.Name }} -## heritage: {{ .Release.Service }} -## spec: -## replicas: 1 -## selector: -## matchLabels: -## app: {{ include "airflow.labels.app" . }} -## component: busybox -## release: {{ .Release.Name }} -## template: -## metadata: -## labels: -## app: {{ include "airflow.labels.app" . }} -## component: busybox -## release: {{ .Release.Name }} -## spec: -## containers: -## - name: busybox -## image: busybox:1.35 -## command: -## - "/bin/sh" -## - "-c" -## args: -## - | -## ## to break the infinite loop when we receive SIGTERM -## trap "exit 0" SIGTERM; -## ## keep the container running (so people can `kubectl exec -it` into it) -## while true; do -## echo "I am alive..."; -## sleep 30; -## done -## -extraManifests: [] - -################################### -## DATABASE | PgBouncer -################################### -pgbouncer: - ## if the pgbouncer Deployment is created - ## - enabled: true - - ## configs for the pgbouncer container image - ## - image: - repository: ghcr.io/airflow-helm/pgbouncer - tag: 1.17.0-patch.0 - pullPolicy: IfNotPresent - uid: 1001 - gid: 1001 - - ## resource requests/limits for the pgbouncer Pods - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the pgbouncer Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the pgbouncer Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the pgbouncer Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## the security context for the pgbouncer Pods - ## - spec for PodSecurityContext: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core - ## - securityContext: {} - - ## Labels for the pgbouncer Deployment - ## - labels: {} - - ## Pod labels for the pgbouncer Deployment - ## - podLabels: {} - - ## annotations for the pgbouncer Deployment - ## - annotations: {} - - ## Pod annotations for the pgbouncer Deployment - ## - podAnnotations: {} - - ## if we add the annotation: "cluster-autoscaler.kubernetes.io/safe-to-evict" = "true" - ## - safeToEvict: true - - ## configs for the PodDisruptionBudget of the pgbouncer Deployment - ## - podDisruptionBudget: - ## if a PodDisruptionBudget resource is created for the pgbouncer Deployment - ## - enabled: false - - ## the maximum unavailable pods/percentage for the pgbouncer Deployment - ## - maxUnavailable: - - ## the minimum available pods/percentage for the pgbouncer Deployment - ## - minAvailable: - - ## configs for the pgbouncer Pods' liveness probe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 30 - timeoutSeconds: 60 - failureThreshold: 3 - - ## configs for the pgbouncer Pods' startup probe - ## - startupProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 15 - failureThreshold: 30 - - ## the maximum number of seconds to wait for queries upon pod termination, before force killing - ## - terminationGracePeriodSeconds: 120 - - ## sets pgbouncer config: `auth_type` - ## - authType: md5 - - ## sets pgbouncer config: `max_client_conn` - ## - maxClientConnections: 1000 - - ## sets pgbouncer config: `default_pool_size` - ## - poolSize: 20 - - ## sets pgbouncer config: `log_disconnections` - ## - logDisconnections: 0 - - ## sets pgbouncer config: `log_connections` - ## - logConnections: 0 - - ## ssl configs for: clients -> pgbouncer - ## - clientSSL: - ## sets pgbouncer config: `client_tls_sslmode` - ## - mode: prefer - - ## sets pgbouncer config: `client_tls_ciphers` - ## - ciphers: normal - - ## sets pgbouncer config: `client_tls_ca_file` - ## - caFile: - existingSecret: "" - existingSecretKey: root.crt - - ## sets pgbouncer config: `client_tls_key_file` - ## - [WARNING] a self-signed cert & key are generated if left empty - ## - keyFile: - existingSecret: "" - existingSecretKey: client.key - - ## sets pgbouncer config: `client_tls_cert_file` - ## - [WARNING] a self-signed cert & key are generated if left empty - ## - certFile: - existingSecret: "" - existingSecretKey: client.crt - - ## ssl configs for: pgbouncer -> postgres - ## - serverSSL: - ## sets pgbouncer config: `server_tls_sslmode` - ## - mode: prefer - - ## sets pgbouncer config: `server_tls_ciphers` - ## - ciphers: normal - - ## sets pgbouncer config: `server_tls_ca_file` - ## - caFile: - existingSecret: "" - existingSecretKey: root.crt - - ## sets pgbouncer config: `server_tls_key_file` - ## - keyFile: - existingSecret: "" - existingSecretKey: server.key - - ## sets pgbouncer config: `server_tls_cert_file` - ## - certFile: - existingSecret: "" - existingSecretKey: server.crt - -################################### -## DATABASE | Embedded Postgres -################################### -postgresql: - ## if the `stable/postgresql` chart is used - ## - [WARNING] the embedded Postgres is NOT SUITABLE for production deployments of Airflow - ## - [WARNING] consider using an external database with `externalDatabase.*` - ## - set to `false` if using `externalDatabase.*` - ## - enabled: false - - ## the postgres database to use - ## - postgresqlDatabase: airflow - - ## the postgres user to create - ## - postgresqlUsername: postgres - - ## the postgres user's password - ## - postgresqlPassword: airflow - - ## the name of a pre-created secret containing the postgres password - ## - existingSecret: "" - - ## the key within `postgresql.existingSecret` containing the password string - ## - existingSecretKey: "postgresql-password" - - ## configs for the PVC of postgresql - ## - persistence: - ## if postgres will use Persistent Volume Claims to store data - ## - [WARNING] if false, data will be LOST as postgres Pods restart - ## - enabled: true - - ## the name of the StorageClass used by the PVC - ## - storageClass: "" - - ## the access modes of the PVC - ## - accessModes: - - ReadWriteOnce - - ## the size of PVC to request - ## - size: 8Gi - - ## configs for the postgres StatefulSet - ## - master: - ## the nodeSelector configs for the postgres Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the postgres Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the postgres Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## annotations for the postgres Pods - ## - podAnnotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - -################################### -## DATABASE | External Database -################################### -externalDatabase: - ## the type of external database - ## - allowed values: "mysql", "postgres" - ## - type: postgres - - ## the host of the external database - ## - host: postgres.example.org - - ## the port of the external database - ## - port: 5432 - - ## the database/scheme to use within the external database - ## - database: airflow - - ## the username for the external database - ## - user: airflow - - ## the name of a pre-created secret containing the external database user - ## - if set, this overrides `externalDatabase.user` - ## - userSecret: "" - - ## the key within `externalDatabase.userSecret` containing the user string - ## - userSecretKey: "postgresql-user" - - ## the password for the external database - ## - [WARNING] to avoid storing the password in plain-text within your values, - ## create a Kubernetes secret and use `externalDatabase.passwordSecret` - ## - password: "" - - ## the name of a pre-created secret containing the external database password - ## - if set, this overrides `externalDatabase.password` - ## - passwordSecret: "" - - ## the key within `externalDatabase.passwordSecret` containing the password string - ## - passwordSecretKey: "postgresql-password" - - ## extra connection-string properties for the external database - ## - ## ____ EXAMPLE _______________ - ## # require SSL (only for Postgres) - ## properties: "?sslmode=require" - ## - properties: "" - -################################### -## DATABASE | Embedded Redis -################################### -redis: - ## if the `stable/redis` chart is used - ## - set to `false` if `airflow.executor` is `KubernetesExecutor` - ## - set to `false` if using `externalRedis.*` - ## - enabled: true - - ## the redis password - ## - password: airflow - - ## the name of a pre-created secret containing the redis password - ## - existingSecret: "" - - ## the key within `redis.existingSecret` containing the password string - ## - existingSecretPasswordKey: "redis-password" - - ## configs for redis cluster mode - ## - cluster: - ## if redis runs in cluster mode - ## - enabled: false - - ## the number of redis slaves - ## - slaveCount: 1 - - ## configs for the redis master StatefulSet - ## - master: - ## resource requests/limits for the redis master Pods - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the redis master Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the redis master Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the redis master Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## annotations for the redis master Pods - ## - podAnnotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - - ## configs for the PVC of the redis master Pods - ## - persistence: - ## use a PVC to persist data - ## - enabled: false - - ## the name of the StorageClass used by the PVC - ## - storageClass: "" - - ## the access mode of the PVC - ## - accessModes: - - ReadWriteOnce - - ## the size of PVC to request - ## - size: 8Gi - - ## configs for the redis slave StatefulSet - ## - only used if `redis.cluster.enabled` is `true` - ## - slave: - ## resource requests/limits for the slave Pods - ## - spec for ResourceRequirements: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#resourcerequirements-v1-core - ## - resources: {} - - ## the nodeSelector configs for the redis slave Pods - ## - docs for nodeSelector: - ## https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - ## - nodeSelector: {} - - ## the affinity configs for the redis slave Pods - ## - spec for Affinity: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#affinity-v1-core - ## - affinity: {} - - ## the toleration configs for the redis slave Pods - ## - spec for Toleration: - ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core - ## - tolerations: [] - - ## annotations for the slave Pods - ## - podAnnotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - - ## configs for the PVC of the redis slave Pods - ## - persistence: - ## use a PVC to persist data - ## - enabled: false - - ## the name of the StorageClass used by the PVC - ## - storageClass: "" - - ## the access mode of the PVC - ## - accessModes: - - ReadWriteOnce - - ## the size of PVC to request - ## - size: 8Gi - -################################### -## DATABASE | External Redis -################################### -externalRedis: - ## the host of the external redis - ## - host: redis.backbone - - ## the port of the external redis - ## - port: 6379 - - ## the database number to use within the external redis - ## - databaseNumber: 1 - - ## the password for the external redis - ## - [WARNING] to avoid storing the password in plain-text within your values, - ## create a Kubernetes secret and use `externalRedis.passwordSecret` - ## - password: "" - - ## the name of a pre-created secret containing the external redis password - ## - if set, this overrides `externalRedis.password` - ## - passwordSecret: "" - - ## the key within `externalRedis.passwordSecret` containing the password string - ## - passwordSecretKey: "redis-password" - - ## extra connection-string properties for the external redis - ## - ## ____ EXAMPLE _______________ - ## properties: "?ssl_cert_reqs=CERT_OPTIONAL" - ## - properties: "" - -################################### -## CONFIG | ServiceMonitor (Prometheus Operator) -################################### -serviceMonitor: - ## if ServiceMonitor resources should be deployed for airflow webserver - ## - [WARNING] you will need a metrics exporter in your `airflow.image`, for example: - ## https://github.com/epoch8/airflow-exporter - ## - ServiceMonitor is a resource from prometheus-operator: - ## https://github.com/prometheus-operator/prometheus-operator - ## - enabled: false - - ## labels for ServiceMonitor, so that Prometheus can select it - ## - selector: - prometheus: kube-prometheus - - ## the ServiceMonitor web endpoint path - ## - path: /admin/metrics - - ## the ServiceMonitor web endpoint interval - ## - interval: "30s" - -################################### -## CONFIG | PrometheusRule (Prometheus Operator) -################################### -prometheusRule: - ## if PrometheusRule resources should be deployed for airflow webserver - ## - [WARNING] you will need a metrics exporter in your `airflow.image`, for example: - ## https://github.com/epoch8/airflow-exporter - ## - PrometheusRule is a resource from prometheus-operator: - ## https://github.com/prometheus-operator/prometheus-operator - ## - enabled: false - - ## labels for PrometheusRule, so that Prometheus can select it - ## - additionalLabels: {} - - ## alerting rules for Prometheus - ## - docs for alerting rules: https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/ - ## - groups: [] diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore b/deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore deleted file mode 100644 index 50af031725..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml deleted file mode 100644 index 39075c33af..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: cert-manager -description: A Helm chart for cert-manager on Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: v0.10.1 diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml deleted file mode 100644 index 89a5154ddb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml +++ /dev/null @@ -1,1426 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: certificates.certmanager.k8s.io -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .spec.secretName - name: Secret - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: certmanager.k8s.io - names: - kind: Certificate - plural: certificates - shortNames: - - cert - - certs - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - acme: - description: ACME contains configuration specific to ACME Certificates. - Notably, this contains details on how the domain names listed on this - Certificate resource should be 'solved', i.e. mapping HTTP01 and DNS01 - providers to DNS names. - properties: - config: - items: - properties: - domains: - description: Domains is the list of domains that this SolverConfig - applies to. - items: - type: string - type: array - required: - - domains - type: object - type: array - required: - - config - type: object - commonName: - description: CommonName is a common name to be used on the Certificate. - If no CommonName is given, then the first entry in DNSNames is used - as the CommonName. The CommonName should have a length of 64 characters - or fewer to avoid generating invalid CSRs; in order to have longer - domain names, set the CommonName (or first DNSNames entry) to have - 64 characters or fewer, and then add the longer domain name to DNSNames. - type: string - dnsNames: - description: DNSNames is a list of subject alt names to be used on the - Certificate. If no CommonName is given, then the first entry in DNSNames - is used as the CommonName and must have a length of 64 characters - or fewer. - items: - type: string - type: array - duration: - description: Certificate default Duration - type: string - ipAddresses: - description: IPAddresses is a list of IP addresses to be used on the - Certificate - items: - type: string - type: array - isCA: - description: IsCA will mark this Certificate as valid for signing. This - implies that the 'signing' usage is set - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this certificate. - If the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the Certificate will - be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer - with the provided name will be used. The 'name' field in this stanza - is required at all times. - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - keyAlgorithm: - description: KeyAlgorithm is the private key algorithm of the corresponding - private key for this certificate. If provided, allowed values are - either "rsa" or "ecdsa" If KeyAlgorithm is specified and KeySize is - not provided, key size of 256 will be used for "ecdsa" key algorithm - and key size of 2048 will be used for "rsa" key algorithm. - enum: - - rsa - - ecdsa - type: string - keyEncoding: - description: KeyEncoding is the private key cryptography standards (PKCS) - for this certificate's private key to be encoded in. If provided, - allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, - respectively. If KeyEncoding is not specified, then PKCS#1 will be - used by default. - type: string - keySize: - description: KeySize is the key bit size of the corresponding private - key for this certificate. If provided, value must be between 2048 - and 8192 inclusive when KeyAlgorithm is empty or is set to "rsa", - and value must be one of (256, 384, 521) when KeyAlgorithm is set - to "ecdsa". - format: int64 - type: integer - organization: - description: Organization is the organization to be used on the Certificate - items: - type: string - type: array - renewBefore: - description: Certificate renew before expiration duration - type: string - secretName: - description: SecretName is the name of the secret resource to store - this secret in - type: string - required: - - secretName - - issuerRef - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - type: string - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: Type of the condition, currently ('Ready'). - type: string - required: - - type - - status - type: object - type: array - lastFailureTime: - format: date-time - type: string - notAfter: - description: The expiration time of the certificate stored in the secret - named by this resource in spec.secretName. - format: date-time - type: string - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: certificaterequests.certmanager.k8s.io -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: certmanager.k8s.io - names: - kind: CertificateRequest - plural: certificaterequests - shortNames: - - cr - - crs - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - csr: - description: Byte slice containing the PEM encoded CertificateSigningRequest - format: byte - type: string - duration: - description: Requested certificate default Duration - type: string - isCA: - description: IsCA will mark the resulting certificate as valid for signing. - This implies that the 'signing' usage is set - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this CertificateRequest. If - the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the CertificateRequest - will be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer - with the provided name will be used. The 'name' field in this stanza - is required at all times. The group field refers to the API group - of the issuer which defaults to 'certmanager.k8s.io' if empty. - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - required: - - issuerRef - type: object - status: - properties: - ca: - description: Byte slice containing the PEM encoded certificate authority - of the signed certificate. - format: byte - type: string - certificate: - description: Byte slice containing a PEM encoded signed certificate - resulting from the given certificate signing request. - format: byte - type: string - conditions: - items: - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - type: string - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: Type of the condition, currently ('Ready'). - type: string - required: - - type - - status - type: object - type: array - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: challenges.certmanager.k8s.io -spec: - additionalPrinterColumns: - - JSONPath: .status.state - name: State - type: string - - JSONPath: .spec.dnsName - name: Domain - type: string - - JSONPath: .status.reason - name: Reason - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: certmanager.k8s.io - names: - kind: Challenge - plural: challenges - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - authzURL: - description: AuthzURL is the URL to the ACME Authorization resource - that this challenge is a part of. - type: string - config: - description: 'Config specifies the solver configuration for this challenge. - Only **one** of ''config'' or ''solver'' may be specified, and if - both are specified then no action will be performed on the Challenge - resource. DEPRECATED: the ''solver'' field should be specified instead' - type: object - dnsName: - description: DNSName is the identifier that this challenge is for, e.g. - example.com. - type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type Issuer - which should be used to create this Challenge. If the Issuer does - not exist, processing will be retried. If the Issuer is not an 'ACME' - Issuer, an error will be returned and the Challenge will be marked - as failed. - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - key: - description: Key is the ACME challenge key for this challenge - type: string - solver: - description: Solver contains the domain solving configuration that should - be used to solve this challenge resource. Only **one** of 'config' - or 'solver' may be specified, and if both are specified then no action - will be performed on the Challenge resource. - properties: - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - properties: - dnsNames: - description: List of DNSNames that this solver will be used - to solve. If specified and a match is found, a dnsNames selector - will take precedence over a dnsZones selector. If multiple - solvers match with the same dnsNames value, the solver with - the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in - the list will be selected. - items: - type: string - type: array - dnsZones: - description: List of DNSZones that this solver will be used - to solve. The most specific DNS zone match specified here - will take precedence over other DNS zone matches, so a solver - specifying sys.example.com will be selected over one specifying - example.com for the domain www.sys.example.com. If multiple - solvers match with the same dnsZones value, the solver with - the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in - the list will be selected. - items: - type: string - type: array - matchLabels: - description: A label selector that is used to refine the set - of certificate's that this challenge solver will apply to. - type: object - type: object - type: object - token: - description: Token is the ACME challenge token for this challenge. - type: string - type: - description: Type is the type of ACME challenge this resource represents, - e.g. "dns01" or "http01" - type: string - url: - description: URL is the URL of the ACME Challenge resource for this - challenge. This can be used to lookup details about the status of - this challenge. - type: string - wildcard: - description: Wildcard will be true if this challenge is for a wildcard - identifier, for example '*.example.com' - type: boolean - required: - - authzURL - - type - - url - - dnsName - - token - - key - - wildcard - - issuerRef - type: object - status: - properties: - presented: - description: Presented will be set to true if the challenge values for - this challenge are currently 'presented'. This *does not* imply the - self check is passing. Only that the values have been 'submitted' - for the appropriate challenge mechanism (i.e. the DNS01 TXT record - has been presented, or the HTTP01 configuration has been configured). - type: boolean - processing: - description: Processing is used to denote whether this challenge should - be processed or not. This field will only be set to true by the 'scheduling' - component. It will only be set to false by the 'challenges' controller, - after the challenge has reached a final state or timed out. If this - field is set to false, the challenge controller will not take any - more action. - type: boolean - reason: - description: Reason contains human readable information on why the Challenge - is in the current state. - type: string - state: - description: State contains the current 'state' of the challenge. If - not set, the state of the challenge is unknown. - enum: - - "" - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - type: string - required: - - processing - - presented - - reason - type: object - required: - - metadata - - spec - - status - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: clusterissuers.certmanager.k8s.io -spec: - group: certmanager.k8s.io - names: - kind: ClusterIssuer - plural: clusterissuers - scope: Cluster - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - acme: - properties: - email: - description: Email is the email for this account - type: string - privateKeySecretRef: - description: PrivateKey is the name of a secret containing the private - key for this user account. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - server: - description: Server is the ACME server URL - type: string - skipTLSVerify: - description: If true, skip verifying the ACME server TLS certificate - type: boolean - solvers: - description: Solvers is a list of challenge solvers that will be - used to solve ACME challenges for the matching domains. - items: - properties: - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - type: object - type: object - type: array - required: - - server - - privateKeySecretRef - type: object - ca: - properties: - secretName: - description: SecretName is the name of the secret used to sign Certificates - issued by this Issuer. - type: string - required: - - secretName - type: object - selfSigned: - type: object - vault: - properties: - auth: - description: Vault authentication - properties: - appRole: - description: This Secret contains a AppRole and Secret - properties: - path: - description: Where the authentication path is mounted in - Vault. - type: string - roleId: - type: string - secretRef: - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - required: - - path - - roleId - - secretRef - type: object - tokenSecretRef: - description: This Secret contains the Vault token key - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - type: object - caBundle: - description: Base64 encoded CA bundle to validate Vault server certificate. - Only used if the Server URL is using HTTPS protocol. This parameter - is ignored for plain HTTP protocol connection. If not set the - system root certificates are used to validate the TLS connection. - format: byte - type: string - path: - description: Vault URL path to the certificate role - type: string - server: - description: Server is the vault connection address - type: string - required: - - auth - - server - - path - type: object - venafi: - properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for - the Venafi Cloud API token. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - url: - description: URL is the base URL for Venafi Cloud - type: string - required: - - url - - apiTokenSecretRef - type: object - tpp: - description: TPP specifies Trust Protection Platform configuration - settings. Only one of TPP or Cloud may be specified. - properties: - caBundle: - description: CABundle is a PEM encoded TLS certifiate to use - to verify connections to the TPP instance. If specified, system - roots will not be used and the issuing CA for the TPP instance - must be verifiable using the provided root. If not specified, - the connection will be verified using the cert-manager system - root certificates. - format: byte - type: string - credentialsRef: - description: CredentialsRef is a reference to a Secret containing - the username and password for the TPP server. The secret must - contain two keys, 'username' and 'password'. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - url: - description: URL is the base URL for the Venafi TPP instance - type: string - required: - - url - - credentialsRef - type: object - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by - the named zone policy. This field is required. - type: string - required: - - zone - type: object - type: object - status: - properties: - acme: - properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the - latest registered ACME account, in order to track changes made - to registered account associated with the Issuer - type: string - uri: - description: URI is the unique account identifier, which can also - be used to retrieve account details from the CA - type: string - type: object - conditions: - items: - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - type: string - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: Type of the condition, currently ('Ready'). - type: string - required: - - type - - status - type: object - type: array - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: issuers.certmanager.k8s.io -spec: - group: certmanager.k8s.io - names: - kind: Issuer - plural: issuers - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - acme: - properties: - email: - description: Email is the email for this account - type: string - privateKeySecretRef: - description: PrivateKey is the name of a secret containing the private - key for this user account. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - server: - description: Server is the ACME server URL - type: string - skipTLSVerify: - description: If true, skip verifying the ACME server TLS certificate - type: boolean - solvers: - description: Solvers is a list of challenge solvers that will be - used to solve ACME challenges for the matching domains. - items: - properties: - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - type: object - type: object - type: array - required: - - server - - privateKeySecretRef - type: object - ca: - properties: - secretName: - description: SecretName is the name of the secret used to sign Certificates - issued by this Issuer. - type: string - required: - - secretName - type: object - selfSigned: - type: object - vault: - properties: - auth: - description: Vault authentication - properties: - appRole: - description: This Secret contains a AppRole and Secret - properties: - path: - description: Where the authentication path is mounted in - Vault. - type: string - roleId: - type: string - secretRef: - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - required: - - path - - roleId - - secretRef - type: object - tokenSecretRef: - description: This Secret contains the Vault token key - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - type: object - caBundle: - description: Base64 encoded CA bundle to validate Vault server certificate. - Only used if the Server URL is using HTTPS protocol. This parameter - is ignored for plain HTTP protocol connection. If not set the - system root certificates are used to validate the TLS connection. - format: byte - type: string - path: - description: Vault URL path to the certificate role - type: string - server: - description: Server is the vault connection address - type: string - required: - - auth - - server - - path - type: object - venafi: - properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for - the Venafi Cloud API token. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - url: - description: URL is the base URL for Venafi Cloud - type: string - required: - - url - - apiTokenSecretRef - type: object - tpp: - description: TPP specifies Trust Protection Platform configuration - settings. Only one of TPP or Cloud may be specified. - properties: - caBundle: - description: CABundle is a PEM encoded TLS certifiate to use - to verify connections to the TPP instance. If specified, system - roots will not be used and the issuing CA for the TPP instance - must be verifiable using the provided root. If not specified, - the connection will be verified using the cert-manager system - root certificates. - format: byte - type: string - credentialsRef: - description: CredentialsRef is a reference to a Secret containing - the username and password for the TPP server. The secret must - contain two keys, 'username' and 'password'. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object - url: - description: URL is the base URL for the Venafi TPP instance - type: string - required: - - url - - credentialsRef - type: object - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by - the named zone policy. This field is required. - type: string - required: - - zone - type: object - type: object - status: - properties: - acme: - properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the - latest registered ACME account, in order to track changes made - to registered account associated with the Issuer - type: string - uri: - description: URI is the unique account identifier, which can also - be used to retrieve account details from the CA - type: string - type: object - conditions: - items: - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - type: string - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: Type of the condition, currently ('Ready'). - type: string - required: - - type - - status - type: object - type: array - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: orders.certmanager.k8s.io -spec: - additionalPrinterColumns: - - JSONPath: .status.state - name: State - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.reason - name: Reason - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: certmanager.k8s.io - names: - kind: Order - plural: orders - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - commonName: - description: CommonName is the common name as specified on the DER encoded - CSR. If CommonName is not specified, the first DNSName specified will - be used as the CommonName. At least one of CommonName or a DNSNames - must be set. This field must match the corresponding field on the - DER encoded CSR. - type: string - config: - description: 'Config specifies a mapping from DNS identifiers to how - those identifiers should be solved when performing ACME challenges. - A config entry must exist for each domain listed in DNSNames and CommonName. - Only **one** of ''config'' or ''solvers'' may be specified, and if - both are specified then no action will be performed on the Order resource. This - field will be removed when support for solver config specified on - the Certificate under certificate.spec.acme has been removed. DEPRECATED: - this field will be removed in future. Solver configuration must instead - be provided on ACME Issuer resources.' - items: - properties: - domains: - description: Domains is the list of domains that this SolverConfig - applies to. - items: - type: string - type: array - required: - - domains - type: object - type: array - csr: - description: Certificate signing request bytes in DER encoding. This - will be used when finalizing the order. This field must be set on - the order. - format: byte - type: string - dnsNames: - description: DNSNames is a list of DNS names that should be included - as part of the Order validation process. If CommonName is not specified, - the first DNSName specified will be used as the CommonName. At least - one of CommonName or a DNSNames must be set. This field must match - the corresponding field on the DER encoded CSR. - items: - type: string - type: array - issuerRef: - description: IssuerRef references a properly configured ACME-type Issuer - which should be used to create this Order. If the Issuer does not - exist, processing will be retried. If the Issuer is not an 'ACME' - Issuer, an error will be returned and the Order will be marked as - failed. - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - required: - - csr - - issuerRef - type: object - status: - properties: - certificate: - description: Certificate is a copy of the PEM encoded certificate for - this Order. This field will be populated after the order has been - successfully finalized with the ACME server, and the order has transitioned - to the 'valid' state. - format: byte - type: string - challenges: - description: Challenges is a list of ChallengeSpecs for Challenges that - must be created in order to complete this Order. - items: - properties: - authzURL: - description: AuthzURL is the URL to the ACME Authorization resource - that this challenge is a part of. - type: string - config: - description: 'Config specifies the solver configuration for this - challenge. Only **one** of ''config'' or ''solver'' may be specified, - and if both are specified then no action will be performed on - the Challenge resource. DEPRECATED: the ''solver'' field should - be specified instead' - type: object - dnsName: - description: DNSName is the identifier that this challenge is - for, e.g. example.com. - type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type - Issuer which should be used to create this Challenge. If the - Issuer does not exist, processing will be retried. If the Issuer - is not an 'ACME' Issuer, an error will be returned and the Challenge - will be marked as failed. - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - key: - description: Key is the ACME challenge key for this challenge - type: string - solver: - description: Solver contains the domain solving configuration - that should be used to solve this challenge resource. Only **one** - of 'config' or 'solver' may be specified, and if both are specified - then no action will be performed on the Challenge resource. - properties: - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - type: object - type: object - token: - description: Token is the ACME challenge token for this challenge. - type: string - type: - description: Type is the type of ACME challenge this resource - represents, e.g. "dns01" or "http01" - type: string - url: - description: URL is the URL of the ACME Challenge resource for - this challenge. This can be used to lookup details about the - status of this challenge. - type: string - wildcard: - description: Wildcard will be true if this challenge is for a - wildcard identifier, for example '*.example.com' - type: boolean - required: - - authzURL - - type - - url - - dnsName - - token - - key - - wildcard - - issuerRef - type: object - type: array - failureTime: - description: FailureTime stores the time that this order failed. This - is used to influence garbage collection and back-off. - format: date-time - type: string - finalizeURL: - description: FinalizeURL of the Order. This is used to obtain certificates - for this order once it has been completed. - type: string - reason: - description: Reason optionally provides more information about a why - the order is in the current state. - type: string - state: - description: State contains the current state of this Order resource. - States 'success' and 'expired' are 'final' - enum: - - "" - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - type: string - url: - description: URL of the Order. This will initially be empty when the - resource is first created. The Order controller will populate this - field when the Order is first processed. This field will be immutable - after it is initially set. - type: string - type: object - required: - - metadata - - spec - - status - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl deleted file mode 100644 index c3b5dfbae6..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml deleted file mode 100644 index c09ed9228d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: certmanager.k8s.io/v1alpha1 -kind: ClusterIssuer -metadata: - name: {{ .Values.clusterIssuer.stage.name }} -spec: - acme: - # The ACME server URL - server: {{ .Values.clusterIssuer.stage.acme.server }} - # Email address used for ACME registration - email: {{ .Values.clusterIssuer.stage.acme.email }} - # Name of a secret used to store the ACME account private key - privateKeySecretRef: - name: {{ .Values.clusterIssuer.stage.acme.secretName }} - # Enable the HTTP-01 challenge provider - solvers: - - http01: - ingress: - class: nginx ---- -apiVersion: certmanager.k8s.io/v1alpha1 -kind: ClusterIssuer -metadata: - name: {{ .Values.clusterIssuer.prod.name }} -spec: - acme: - # The ACME server URL - server: {{ .Values.clusterIssuer.prod.acme.server }} - # Email address used for ACME registration - email: {{ .Values.clusterIssuer.prod.acme.email }} - # Name of a secret used to store the ACME account private key - privateKeySecretRef: - name: {{ .Values.clusterIssuer.prod.acme.secretName }} - # Enable the HTTP-01 challenge provider - solvers: - - http01: - ingress: - class: nginx diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml deleted file mode 100644 index ca7bf7633f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml +++ /dev/null @@ -1,204 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-leaderelection - labels: - app: {{ template "name" . }} -rules: - # Used for leader election by the controller - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "update", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-issuers - labels: - app: {{ template "name" . }} -rules: - - apiGroups: ["certmanager.k8s.io"] - resources: ["issuers", "issuers/status"] - verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["issuers"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -# ClusterIssuer controller role -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-clusterissuers - labels: - app: {{ template "name" . }} -rules: - - apiGroups: ["certmanager.k8s.io"] - resources: ["clusterissuers", "clusterissuers/status"] - verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["clusterissuers"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-certificates - labels: - app: {{ template "name" . }} -rules: - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] - verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates", "certificaterequests", "clusterissuers", "issuers", "orders"] - verbs: ["get", "list", "watch"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates/finalizers"] - verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["orders"] - verbs: ["create", "delete"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-orders - labels: - app: {{ template "name" . }} -rules: - - apiGroups: ["certmanager.k8s.io"] - resources: ["orders", "orders/status"] - verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["orders", "clusterissuers", "issuers", "challenges"] - verbs: ["get", "list", "watch"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["challenges"] - verbs: ["create", "delete"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["certmanager.k8s.io"] - resources: ["orders/finalizers"] - verbs: ["update"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-challenges - labels: - app: {{ template "name" . }} -rules: - # Use to update challenge resource status - - apiGroups: ["certmanager.k8s.io"] - resources: ["challenges", "challenges/status"] - verbs: ["update"] - # Used to watch challenges, issuer and clusterissuer resources - - apiGroups: ["certmanager.k8s.io"] - resources: ["challenges", "issuers", "clusterissuers"] - verbs: ["get", "list", "watch"] - # Need to be able to retrieve ACME account private key to complete challenges - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - # Used to create events - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] - # HTTP01 rules - - apiGroups: [""] - resources: ["pods", "services"] - verbs: ["get", "list", "watch", "create", "delete"] - - apiGroups: ["extensions"] - resources: ["ingresses"] - verbs: ["get", "list", "watch", "create", "delete", "update"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["certmanager.k8s.io"] - resources: ["challenges/finalizers"] - verbs: ["update"] - # DNS01 rules (duplicated above) - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-ingress-shim - labels: - app: {{ template "name" . }} -rules: - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates", "certificaterequests"] - verbs: ["create", "update", "delete"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] - verbs: ["get", "list", "watch"] - - apiGroups: ["extensions"] - resources: ["ingresses"] - verbs: ["get", "list", "watch"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["extensions"] - resources: ["ingresses/finalizers"] - verbs: ["update"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-edit - labels: - app: {{ template "name" . }} - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["create", "delete", "deletecollection", "patch", "update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-view - labels: - app: {{ template "name" . }} - rbac.authorization.k8s.io/aggregate-to-view: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["get", "list", "watch"] diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml deleted file mode 100644 index b226fc0976..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,104 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-leaderelection - labels: - app: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-leaderelection -subjects: - - name: cert-manager - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-issuers - labels: - app: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-issuers -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-clusterissuers - labels: - app: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-clusterissuers -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-certificates - labels: - app: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-certificates -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-orders - labels: - app: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-orders -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-challenges - labels: - app: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-challenges -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-ingress-shim - labels: - app: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-ingress-shim -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml deleted file mode 100644 index 7c5ec74a32..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - labels: - app: {{ template "name" . }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ template "name" . }} - template: - metadata: - labels: - app: {{ template "name" . }} - spec: - serviceAccountName: {{ template "name" . }} - containers: - - name: {{ template "name" . }} - image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - --v=2 - - --cluster-resource-namespace=$(POD_NAMESPACE) - - --leader-election-namespace=$(POD_NAMESPACE) - ports: - - containerPort: 9402 - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - {} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml deleted file mode 100644 index 6ba9103c3f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - labels: - app: {{ template "name" . }} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml deleted file mode 100644 index 5d5e7f9591..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml +++ /dev/null @@ -1,65 +0,0 @@ -# Default values for cert-manager. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -name: cert-manager -namespace: egov -replicaCount: 1 - -image: - repository: quay.io/jetstack/cert-manager-controller - pullPolicy: IfNotPresent - tag: v0.10.1 - -imagePullSecrets: [] - -updateStrategy: OnDelete -serviceAccount: - # Specifies whether a service account should be created - create: true - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: cert-manager - - -clusterIssuer: - stage: - name: letsencrypt-staging - acme: - server: https://acme-staging-v02.api.letsencrypt.org/directory - email: sre-staff@egovernments.org - secretName: letsencrypt-staging - prod: - name: letsencrypt-prod - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: sre-staff@egovernments.org - secretName: letsencrypt-prod - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml deleted file mode 100644 index 42ec8216fd..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -description: Scales worker nodes within autoscaling groups. -name: cluster-autoscaler -version: 7.3.2 -appVersion: 1.17.1 - - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS deleted file mode 100644 index 3261178b75..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -approvers: -- yurrriq -reviewers: -- yurrriq diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md deleted file mode 100644 index 3cb0691833..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md +++ /dev/null @@ -1,332 +0,0 @@ -# cluster-autoscaler - -[The cluster autoscaler](https://github.com/kubernetes/autoscaler/tree/master/cluster-autoscaler) scales worker nodes within an AWS autoscaling group (ASG) or Spotinst Elastigroup. - -Cluster Autoscaler version: **v1.17.1** - -## TL;DR: - -```console -$ helm install stable/cluster-autoscaler --name my-release --set "autoscalingGroups[0].name=your-asg-name,autoscalingGroups[0].maxSize=10,autoscalingGroups[0].minSize=1" -``` - -## Introduction - -This chart bootstraps a cluster-autoscaler deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -## Prerequisites - - - Kubernetes 1.8+ -> [older versions](https://github.com/kubernetes/autoscaler/tree/master/cluster-autoscaler#releases) may work by overriding the `image`. Cluster-autoscaler internally simulates the scheduler and bugs between mismatched versions may be subtle. - - Azure AKS specific Prerequisites: - - Kubernetes 1.10+ with RBAC-enabled - -## Upgrading from <2.X - -In order to upgrade to chart version to 2.X from 1.X or 0.X, deleting the old helm release first is required. - -```console -$ helm del --purge my-release -``` - -Once the old release is deleted, the new 2.X release can be installed using the standard instructions. -Note that autoscaling will not occur during the time between deletion and installation. - -## Upgrading from 4.X to 5.X - -In order to upgrade to chart version 5.X from <=4.X, deleting the old helm release first is required. - -```console -$ helm del --purge my-release -``` - -Once the old release is deleted, the new 5.X release can be installed using the standard instructions. -Note that autoscaling will not occur during the time between deletion and installation. - -## Installing the Chart - -**By default, no deployment is created and nothing will autoscale**. - -You must provide some minimal configuration, either to specify instance groups or enable auto-discovery. It is not recommended to do both. - -Either: - - set `autoDiscovery.clusterName` and tag your autoscaling groups appropriately (`--cloud-provider=aws` only) **or** - - set at least one ASG as an element in the `autoscalingGroups` array with its three values: `name`, `minSize` and `maxSize`. - -To install the chart with the release name `my-release`: - -### Using auto-discovery of tagged instance groups - -#### AWS - -Auto-discovery finds ASGs tags as below and automatically manages them based on the min and max size specified in the ASG. `cloudProvider=aws` only. - -1) tag the ASGs with keys to match `.Values.autoDiscovery.tags`, by default: `k8s.io/cluster-autoscaler/enabled` and `k8s.io/cluster-autoscaler/` -2) verify the [IAM Permissions](#iam) -3) set `autoDiscovery.clusterName=` -4) set `awsRegion=` -5) set `awsAccessKeyID=` and `awsSecretAccessKey=` if you want to [use AWS credentials directly instead of an instance role](https://github.com/kubernetes/autoscaler/blob/5ac706fdfa5601348f33d5b634e62de6655bb9bf/cluster-autoscaler/cloudprovider/aws/README.md#using-aws-credentials) - -```console -$ helm install stable/cluster-autoscaler --name my-release --set autoDiscovery.clusterName= -``` - -The [auto-discovery](#auto-discovery) section provides more details and examples - -#### GCE -##### Required parameters -- `autoDiscovery.clusterName=any-name` -- `--cloud-provider=gce` -- `autoscalingGroupsnamePrefix[0].name=your-ig-prefix,autoscalingGroupsnamePrefix[0].maxSize=10,autoscalingGroupsnamePrefix[0].minSize=1` - -To use Managed Instance Group (MIG) auto-discovery, provide a YAML file setting `autoscalingGroupsnamePrefix` (see values.yaml) or use `--set` when installing the Chart - e.g. - -```console -$ helm install stable/cluster-autoscaler \ ---name my-release \ ---set autoDiscovery.clusterName= \ ---set cloudProvider=gce \ ---set "autoscalingGroupsnamePrefix[0].name=your-ig-prefix,autoscalingGroupsnamePrefix[0].maxSize=10,autoscalingGroupsnamePrefix[0].minSize=1" -``` - -Note that `your-ig-prefix` should be a _prefix_ matching one or more MIGs, and _not_ the full name of the MIG. For example, to match multiple instance groups - `k8s-node-group-a-standard`, `k8s-node-group-b-gpu`, you would use a prefix of `k8s-node-group-`. - -In the event you want to explicitly specify MIGs instead of using auto-discovery, set members of the `autoscalingGroups` array directly - e.g. - -``` -# where 'n' is the index, starting at 0 --- set autoscalingGroups[n].name=https://content.googleapis.com/compute/v1/projects/$PROJECTID/zones/$ZONENAME/instanceGroupManagers/$FULL-MIG-NAME,autoscalingGroups[n].maxSize=$MAXSIZE,autoscalingGroups[n].minSize=$MINSIZE -``` - -#### Azure AKS -##### Required Parameters -- `cloudProvider=azure` -- `autoscalingGroups[0].name=your-agent-pool,autoscalingGroups[0].maxSize=10,autoscalingGroups[0].minSize=1` -- `azureClientID: "your-service-principal-app-id"` -- `azureClientSecret: "your-service-principal-client-secret"` -- `azureSubscriptionID: "your-azure-subscription-id"` -- `azureTenantID: "your-azure-tenant-id"` -- `azureClusterName: "your-aks-cluster-name"` -- `azureResourceGroup: "your-aks-cluster-resource-group-name"` -- `azureVMType: "AKS"` -- `azureNodeResourceGroup: "your-aks-cluster-node-resource-group"` - - -### Specifying groups manually (only aws) - -Without autodiscovery, specify an array of elements each containing ASG name, min size, max size. The sizes specified here will be applied to the ASG, assuming IAM permissions are correctly configured. - -1) verify the [IAM Permissions](#iam) -2) Either provide a yaml file setting `autoscalingGroups` (see values.yaml) or use `--set` e.g.: - -```console -$ helm install stable/cluster-autoscaler --name my-release --set "autoscalingGroups[0].name=your-asg-name,autoscalingGroups[0].maxSize=10,autoscalingGroups[0].minSize=1" -``` - -## Uninstalling the Chart - -To uninstall `my-release`: - -```console -$ helm delete my-release -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -> **Tip**: List all releases using `helm list` or start clean with `helm delete --purge my-release` - -## Configuration - -The following table lists the configurable parameters of the cluster-autoscaler chart and their default values. - -Parameter | Description | Default ---- | --- | --- -`affinity` | node/pod affinities | None -`autoDiscovery.clusterName` | enable autodiscovery for name in ASG tag (only `cloudProvider=aws`). Must be set for `cloudProvider=gce`, but no MIG tagging required.| `""` **required unless autoscalingGroups[] provided** -`autoDiscovery.tags` | ASG tags to match, run through `tpl` | `[ "k8s.io/cluster-autoscaler/enabled", "k8s.io/cluster-autoscaler/{{ .Values.autoDiscovery.clusterName }}" ]` -`autoscalingGroups[].name` | autoscaling group name | None. Required unless `autoDiscovery.enabled=true` -`autoscalingGroups[].maxSize` | maximum autoscaling group size | None. Required unless `autoDiscovery.enabled=true` -`autoscalingGroups[].minSize` | minimum autoscaling group size | None. Required unless `autoDiscovery.enabled=true` -`awsRegion` | AWS region (required if `cloudProvider=aws`) | `us-east-1` -`awsAccessKeyID` | AWS access key ID ([if AWS user keys used](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md#using-aws-credentials)) | `""` -`awsSecretAccessKey` | AWS access secret key ([if AWS user keys used](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md#using-aws-credentials)) | `""` -`autoscalingGroupsnamePrefix[].name` | GCE MIG name prefix (the full name is invalid) | None. Required for `cloudProvider=gce` -`autoscalingGroupsnamePrefix[].maxSize` | maximum MIG size | None. Required for `cloudProvider=gce` -`autoscalingGroupsnamePrefix[].minSize` | minimum MIG size | None. Required for `cloudProvider=gce` -`cloudProvider` | `aws` or `spotinst` are currently supported for AWS. `gce` for GCE. `azure` for Azure AKS | `aws` -`image.repository` | Image | `k8s.gcr.io/cluster-autoscaler` -`image.tag` | Image tag | `v1.17.1` -`image.pullPolicy` | Image pull policy | `IfNotPresent` -`image.pullSecrets` | Image pull secrets | `[]` -`extraArgs` | additional container arguments | `{}` -`podDisruptionBudget` | Pod disruption budget | `maxUnavailable: 1` -`extraEnv` | additional container environment variables | `{}` -`envFromConfigMap` | additional container environment variables from a configmap | `{}` -`envFromSecret` | secret name containing keys that will be exposed as envs | `nil` -`extraEnvSecrets` | additional container environment variables from a secret | `{}` -`fullnameOverride` | String to fully override cluster-autoscaler.fullname template | `""` -`nameOverride` | String to partially override cluster-autoscaler.fullname template (will maintain the release name) | `""` -`nodeSelector` | node labels for pod assignment | `{}` -`podAnnotations` | annotations to add to each pod | `{}` -`rbac.create` | If true, create & use RBAC resources | `false` -`rbac.serviceAccount.create` | If true and rbac.create is also true, a service account will be created | `true` -`rbac.serviceAccount.name` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template | `nil` -`rbac.serviceAccountAnnotations` | Additional Service Account annotations | `{}` -`rbac.pspEnabled` | Must be used with `rbac.create` true. If true, creates & uses RBAC resources required in the cluster with [Pod Security Policies](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) enabled. | `false` -`replicaCount` | desired number of pods | `1` -`priorityClassName` | priorityClassName | `nil` -`dnsPolicy` | dnsPolicy | `nil` -`securityContext` | [Security context for pod](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) | `nil` -`containerSecurityContext` | [Security context for container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) | `nil` -`resources` | pod resource requests & limits | `{}` -`updateStrategy` | [Deployment update strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) | `nil` -`service.annotations` | annotations to add to service | none -`service.externalIPs` | service external IP addresses | `[]` -`service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` -`service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | `[]` -`service.servicePort` | service port to expose | `8085` -`service.portName` | name for service port | `http` -`service.type` | type of service to create | `ClusterIP` -`spotinst.account` | Spotinst Account ID (required if `cloudprovider=spotinst`) | `""` -`spotinst.token` | Spotinst API token (required if `cloudprovider=spotinst`) | `""` -`spotinst.image.repository` | Image (used if `cloudProvider=spotinst`) | `spotinst/kubernetes-cluster-autoscaler` -`spotinst.image.tag` | Image tag (used if `cloudProvider=spotinst`) | `v0.6.0` -`spotinst.image.pullPolicy` | Image pull policy (used if `cloudProvider=spotinst`) | `IfNotPresent` -`tolerations` | List of node taints to tolerate (requires Kubernetes >= 1.6) | `[]` -`serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor | `false` -`serviceMonitor.interval` | Interval that Prometheus scrapes Cluster Autoscaler metrics | `10s` -`serviceMonitor.namespace` | Namespace which Prometheus is running in | `monitoring` -`serviceMonitor.path` | The path to scrape for metrics | `/metrics` -`serviceMonitor.selector` | Default to kube-prometheus install (CoreOS recommended), but should be set according to Prometheus install | `{ prometheus: kube-prometheus }` -`azureClientID` | Service Principal ClientID with contributor permission to Cluster and Node ResourceGroup | none -`azureClientSecret` | Service Principal ClientSecret with contributor permission to Cluster and Node ResourceGroup | none -`azureSubscriptionID` | Azure subscription where the resources are located | none -`azureTenantID` | Azure tenant where the resources are located | none -`azureClusterName` | Azure AKS cluster name | none -`azureResourceGroup` | Azure resource group that the cluster is located | none -`azureVMType: "AKS"` | Azure VM type | `AKS` -`azureNodeResourceGroup` | azure resource group where the clusters Nodes are located, typically set as `MC___` | none -`azureUseManagedIdentityExtension` | Whether to use Azure's managed identity extension for credentials | false -`kubeTargetVersionOverride` | Override the .Capabilities.KubeVersion.GitVersion | `""` -`expanderPriorities` | The expanderPriorities is used if extraArgs.expander is set to priority and expanderPriorities is also set with the priorities. - -Specify each parameter you'd like to override using a YAML file as described above in the [installation](#installing-the-chart) section or by using the `--set key=value[,key=value]` argument to `helm install`. For example, to change the region and [expander](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders): - -```console -$ helm install stable/cluster-autoscaler --name my-release \ - --set extraArgs.expander=most-pods \ - --set awsRegion=us-west-1 -``` - -## IAM - -The worker running the cluster autoscaler will need access to certain resources and actions: - -``` -{ - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "autoscaling:DescribeAutoScalingGroups", - "autoscaling:DescribeAutoScalingInstances", - "autoscaling:DescribeLaunchConfigurations", - "autoscaling:DescribeTags", - "autoscaling:SetDesiredCapacity", - "autoscaling:TerminateInstanceInAutoScalingGroup" - ], - "Resource": "*" - } - ] -} -``` - - - `DescribeTags` is required for autodiscovery. - - `DescribeLaunchconfigurations` is required to scale up an ASG from 0 - -Unfortunately AWS does not support ARNs for autoscaling groups yet so you must use "*" as the resource. More information [here](http://docs.aws.amazon.com/autoscaling/latest/userguide/IAM.html#UsingWithAutoScaling_Actions). - -# IAM Roles for Service Accounts (IRSA) - -For Kubernetes clusters that use Amazon EKS, the service account can be configured with an IAM role using [IAM Roles for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) to avoid needing to grant access to the worker nodes for AWS resources. - -In order to accomplish this, you will first need to create a new IAM role with the above mentions policies. Take care in [configuring the trust relationship](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-technical-overview.html#iam-role-configuration) to restrict access just to the service account used by cluster autoscaler. - -Once you have the IAM role configured, you would then need to `--set rbac.serviceAccountAnnotations."eks\.amazonaws\.com/role-arn"=arn:aws:iam::123456789012:role/MyRoleName` when installing. - - -## Auto-discovery - -For auto-discovery of instances to work, they must be tagged with the keys in `.Values.autoDiscovery.tags`, which by default are -`k8s.io/cluster-autoscaler/enabled` and `k8s.io/cluster-autoscaler/` - -The value of the tag does not matter, only the key. - -An example kops spec excerpt: - -``` -apiVersion: kops/v1alpha2 -kind: Cluster -metadata: - name: my.cluster.internal -spec: - additionalPolicies: - node: | - [ - {"Effect":"Allow","Action":["autoscaling:DescribeAutoScalingGroups","autoscaling:DescribeAutoScalingInstances","autoscaling:DescribeLaunchConfigurations","autoscaling:DescribeTags","autoscaling:SetDesiredCapacity","autoscaling:TerminateInstanceInAutoScalingGroup"],"Resource":"*"} - ] - ... ---- -apiVersion: kops/v1alpha2 -kind: InstanceGroup -metadata: - labels: - kops.k8s.io/cluster: my.cluster.internal - name: my-instances -spec: - cloudLabels: - k8s.io/cluster-autoscaler/enabled: "" - k8s.io/cluster-autoscaler/my.cluster.internal: "" - image: kope.io/k8s-1.8-debian-jessie-amd64-hvm-ebs-2018-01-14 - machineType: r4.large - maxSize: 4 - minSize: 0 -``` - -In this example you would need to `--set autoDiscovery.clusterName=my.cluster.internal` when installing. - -It is not recommended to try to mix this with setting `autoscalingGroups` - -See [autoscaler AWS documentation](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md#auto-discovery-setup) for a more discussion of the setup - -### Troubleshooting - -The chart will succeed even if the container arguments are incorrect. A few minutes after starting -`kubectl logs -l "app=aws-cluster-autoscaler" --tail=50` should loop through something like - -``` -polling_autoscaler.go:111] Poll finished -static_autoscaler.go:97] Starting main loop -utils.go:435] No pod using affinity / antiaffinity found in cluster, disabling affinity predicate for this loop -static_autoscaler.go:230] Filtering out schedulables -``` - -If not, find a pod that the deployment created and `describe` it, paying close attention to the arguments under `Command`. e.g.: - -``` -Containers: - cluster-autoscaler: - Command: - ./cluster-autoscaler - --cloud-provider=aws -# if specifying ASGs manually - --nodes=1:10:your-scaling-group-name -# if using autodiscovery - --node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled,k8s.io/cluster-autoscaler/ - --v=4 -``` - -#### PodSecurityPolicy - -Though enough for the majority of installations, the default PodSecurityPolicy _could_ be too restrictive depending on the specifics of your release. Please make sure to check that the template fits with any customizations made or disable it by setting `rbac.pspEnabled` to `false`. diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock deleted file mode 100644 index 1c98f1cc43..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: file://../../common - version: 0.0.5 -digest: sha256:5ecdd1fdad744b1a0d5873f42283e09223272e4c8717a0679c27d8e215bdbc85 -generated: "2020-08-18T18:03:18.916934853+05:30" diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl deleted file mode 100644 index d0523fc740..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl +++ /dev/null @@ -1,55 +0,0 @@ -{{- define "common.name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} - -{{- define "common.labels" -}} -app: {{ template "common.name" . }} -{{- if .Values.labels.group }} -group: {{ .Values.labels.group }} -{{- end }} -{{- range $key, $val := .Values.additionalLabels }} -{{ $key }}: {{ $val | quote }} -{{- end }} -{{- end }} - -{{- define "common.image" -}} -{{- if contains "/" .repository -}} -{{- printf "%s:%s" .repository ( required "Tag is mandatory" .tag ) -}} -{{- else -}} -{{- printf "%s/%s:%s" $.Values.global.containerRegistry .repository ( required "Tag is mandatory" .tag ) -}} -{{- end -}} -{{- end -}} - - - - -{{/* -Return the appropriate apiVersion for deployment. -*/}} -{{- define "deployment.apiVersion" -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if semverCompare "<1.9-0" $kubeTargetVersion -}} -{{- print "apps/v1beta2" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for podsecuritypolicy. -*/}} -{{- define "podsecuritypolicy.apiVersion" -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if semverCompare "<1.10-0" $kubeTargetVersion -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "policy/v1beta1" -}} -{{- end -}} -{{- end -}} - - diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml deleted file mode 100644 index b5340e1742..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml +++ /dev/null @@ -1,147 +0,0 @@ -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: -{{- include "common.labels" . | nindent 4 }} - name: {{ template "common.name" . }} -rules: - - apiGroups: - - "" - resources: - - events - - endpoints - verbs: - - create - - patch - - apiGroups: - - "" - resources: - - pods/eviction - verbs: - - create - - apiGroups: - - "" - resources: - - pods/status - verbs: - - update - - apiGroups: - - "" - resources: - - endpoints - resourceNames: - - cluster-autoscaler - verbs: - - get - - update - - apiGroups: - - "" - resources: - - nodes - verbs: - - watch - - list - - get - - update - - apiGroups: - - "" - resources: - - pods - - services - - replicationcontrollers - - persistentvolumeclaims - - persistentvolumes - verbs: - - watch - - list - - get - - apiGroups: - - batch - resources: - - jobs - - cronjobs - verbs: - - watch - - list - - get - - apiGroups: - - batch - - extensions - resources: - - jobs - verbs: - - get - - list - - patch - - watch - - apiGroups: - - extensions - resources: - - replicasets - - daemonsets - verbs: - - watch - - list - - get - - apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - watch - - list - - apiGroups: - - apps - resources: - - daemonsets - - replicasets - - statefulsets - verbs: - - watch - - list - - get - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - - csinodes - verbs: - - watch - - list - - get - - apiGroups: - - "" - resources: - - configmaps - verbs: - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - apiGroups: - - coordination.k8s.io - resourceNames: - - cluster-autoscaler - resources: - - leases - verbs: - - get - - update -{{- if .Values.rbac.pspEnabled }} - - apiGroups: - - extensions - - policy - resources: - - podsecuritypolicies - resourceNames: - - {{ template "common.name" . }} - verbs: - - use -{{- end -}} - -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml deleted file mode 100644 index 969bb02949..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: -{{- include "common.labels" . | nindent 4 }} - name: {{ template "common.name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.name" . }} -subjects: - - kind: ServiceAccount - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml deleted file mode 100644 index 7424a1000c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml +++ /dev/null @@ -1,214 +0,0 @@ -{{- if or .Values.autoDiscovery.clusterName .Values.autoscalingGroups }} -{{/* one of the above is required */}} -apiVersion: {{ template "deployment.apiVersion" . }} -kind: Deployment -metadata: - labels: -{{- include "common.labels" . | nindent 4 }} - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} -spec: - replicas: {{ .Values.replicas }} - selector: - matchLabels: -{{- include "common.labels" . | nindent 6 }} - {{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 6 }} - {{- end }} -{{- if .Values.updateStrategy }} - strategy: - {{ toYaml .Values.updateStrategy | nindent 4 | trim }} -{{- end }} - template: - metadata: - {{- if .Values.podAnnotations }} - annotations: -{{ toYaml .Values.podAnnotations | indent 8 }} - {{- end }} - labels: -{{- include "common.labels" . | nindent 8 }} - {{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 8 }} - {{- end }} - spec: - {{- if .Values.priorityClassName }} - priorityClassName: "{{ .Values.priorityClassName }}" - {{- end }} - {{- if .Values.dnsPolicy }} - dnsPolicy: "{{ .Values.dnsPolicy }}" - {{- end }} - containers: - - name: {{ template "common.name" . }} - {{- if eq .Values.cloudProvider "spotinst" }} - image: "{{ .Values.spotinst.image.repository }}:{{ .Values.spotinst.image.tag }}" - imagePullPolicy: "{{ .Values.spotinst.image.pullPolicy }}" - {{- else }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: "{{ .Values.image.pullPolicy }}" - {{- end }} - command: - - ./cluster-autoscaler - - --cloud-provider={{ .Values.cloudProvider }} - - --namespace={{ .Values.namespace }} - {{- if .Values.autoscalingGroups }} - {{- range .Values.autoscalingGroups }} - - --nodes={{ .minSize }}:{{ .maxSize }}:{{ .name }} - {{- end }} - {{- end }} - {{- if eq .Values.cloudProvider "aws" }} - {{- if .Values.autoDiscovery.clusterName }} - - --node-group-auto-discovery=asg:tag={{ tpl (join "," .Values.autoDiscovery.tags) . }} - {{- end }} - {{- else if eq .Values.cloudProvider "gce" }} - {{- if .Values.autoscalingGroupsnamePrefix }} - {{- range .Values.autoscalingGroupsnamePrefix }} - - --node-group-auto-discovery=mig:namePrefix={{ .name }},min={{ .minSize }},max={{ .maxSize }} - {{- end }} - {{- end }} - {{- end }} - {{- if eq .Values.cloudProvider "gce" }} - - --cloud-config={{ .Values.cloudConfigPath }} - {{- end }} - {{- range $key, $value := .Values.extraArgs }} - - --{{ $key }}={{ $value }} - {{- end }} - - env: - {{- if and (eq .Values.cloudProvider "aws") (ne .Values.awsRegion "") }} - - name: AWS_REGION - value: "{{ .Values.awsRegion }}" - {{- if .Values.awsAccessKeyID }} - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - key: AwsAccessKeyId - name: {{ template "common.name" . }} - {{- end }} - {{- if .Values.awsSecretAccessKey }} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - key: AwsSecretAccessKey - name: {{ template "common.name" . }} - {{- end }} - {{- else if eq .Values.cloudProvider "spotinst" }} - - name: SPOTINST_TOKEN - value: "{{ .Values.spotinst.token }}" - - name: SPOTINST_ACCOUNT - value: "{{ .Values.spotinst.account }}" - {{- else if eq .Values.cloudProvider "azure" }} - - name: ARM_SUBSCRIPTION_ID - valueFrom: - secretKeyRef: - key: SubscriptionID - name: {{ template "common.name" . }} - - name: ARM_RESOURCE_GROUP - valueFrom: - secretKeyRef: - key: ResourceGroup - name: {{ template "common.name" . }} - - name: ARM_VM_TYPE - valueFrom: - secretKeyRef: - key: VMType - name: {{ template "common.name" . }} - {{- if .Values.azureUseManagedIdentityExtension }} - - name: ARM_USE_MANAGED_IDENTITY_EXTENSION - value: "true" - {{- else }} - - name: ARM_TENANT_ID - valueFrom: - secretKeyRef: - key: TenantID - name: {{ template "common.name" . }} - - name: ARM_CLIENT_ID - valueFrom: - secretKeyRef: - key: ClientID - name: {{ template "common.name" . }} - - name: ARM_CLIENT_SECRET - valueFrom: - secretKeyRef: - key: ClientSecret - name: {{ template "common.name" . }} - - name: AZURE_CLUSTER_NAME - valueFrom: - secretKeyRef: - key: ClusterName - name: {{ template "common.name" . }} - - name: AZURE_NODE_RESOURCE_GROUP - valueFrom: - secretKeyRef: - key: NodeResourceGroup - name: {{ template "common.name" . }} - {{- end }} - {{- end }} - {{- range $key, $value := .Values.extraEnv }} - - name: {{ $key }} - value: "{{ $value }}" - {{- end }} - {{- range $key, $value := .Values.envFromConfigMap }} - - name: {{ $key }} - valueFrom: - configMapKeyRef: - name: {{ template "common.name" . }} - key: {{ required "Must specify key!" $value.key }} - {{- end }} - {{- range $key, $value := .Values.extraEnvSecrets }} - - name: {{ $key }} - valueFrom: - secretKeyRef: - name: {{ template "common.name" . }} - key: {{ required "Must specify key!" $value.key }} - {{- end }} - {{- if .Values.envFromSecret }} - envFrom: - - secretRef: - name: {{ .Values.envFromSecret }} - {{- end }} - livenessProbe: - httpGet: - path: /health-check - port: {{ .Values.httpPort }} - ports: - - containerPort: {{ .Values.httpPort }} - resources: -{{ toYaml .Values.resources | indent 12 }} - {{- if .Values.containerSecurityContext }} - securityContext: - {{ toYaml .Values.containerSecurityContext | nindent 12 | trim }} - {{- end }} - {{- if eq .Values.cloudProvider "gce" }} - volumeMounts: - - name: cloudconfig - mountPath: {{ .Values.cloudConfigPath }} - readOnly: true - {{- end }} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - serviceAccountName: {{ template "common.name" . }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} - {{- if .Values.securityContext }} - securityContext: - {{ toYaml .Values.securityContext | nindent 8 | trim }} - {{- end }} - {{- if eq .Values.cloudProvider "gce" }} - volumes: - - name: cloudconfig - hostPath: - path: {{ .Values.cloudConfigPath }} - {{- end }} - {{- if .Values.image.pullSecrets }} - imagePullSecrets: - {{- range .Values.image.pullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml deleted file mode 100644 index 18b1ca2223..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.podDisruptionBudget -}} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - labels: -{{- include "common.labels" . | nindent 4 }} - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} -spec: - selector: - matchLabels: -{{- include "common.labels" . | nindent 6 }} -{{ .Values.podDisruptionBudget | indent 2 }} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml deleted file mode 100644 index 3ee7a06525..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- if .Values.rbac.pspEnabled }} -apiVersion: {{ template "podsecuritypolicy.apiVersion" . }} -kind: PodSecurityPolicy -metadata: - name: {{ template "common.name" . }} - labels: -{{- include "common.labels" . | nindent 4 }} -spec: - # Prevents running in privileged mode - privileged: false - # Required to prevent escalations to root. - allowPrivilegeEscalation: false - requiredDropCapabilities: - - ALL - volumes: - - 'configMap' - - 'secret' - - 'hostPath' - - 'emptyDir' - - 'projected' - - 'downwardAPI' -{{- if eq .Values.cloudProvider "gce" }} - allowedHostPaths: - - pathPrefix: {{ .Values.cloudConfigPath }} -{{- end }} - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml deleted file mode 100644 index 3169e1bcae..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if hasKey .Values.extraArgs "expander" }} -{{- if and (.Values.expanderPriorities) (eq .Values.extraArgs.expander "priority") -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "common.name" . }} - labels: -{{- include "common.labels" . | nindent 4 }} -data: - priorities: |- -{{ .Values.expanderPriorities | indent 4 }} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml deleted file mode 100644 index 58e7c0b220..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: -{{- include "common.labels" . | nindent 4 }} - name: {{ template "common.name" . }} -rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - apiGroups: - - "" - resources: - - configmaps - resourceNames: - - cluster-autoscaler-status - verbs: - - delete - - get - - update -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml deleted file mode 100644 index 7c50bf4bd4..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: -{{- include "common.labels" . | nindent 4 }} - name: {{ template "common.name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "common.name" . }} -subjects: - - kind: ServiceAccount - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml deleted file mode 100644 index 246180d36e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if or (eq .Values.cloudProvider "azure") (and (eq .Values.cloudProvider "aws") (not (has "" (list .Values.awsAccessKeyID .Values.awsSecretAccessKey)))) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} -data: -{{- if eq .Values.cloudProvider "azure" }} - ClientID: "{{ .Values.azureClientID | b64enc }}" - ClientSecret: "{{ .Values.azureClientSecret | b64enc }}" - ResourceGroup: "{{ .Values.azureResourceGroup | b64enc }}" - SubscriptionID: "{{ .Values.azureSubscriptionID | b64enc }}" - TenantID: "{{ .Values.azureTenantID | b64enc }}" - VMType: "{{ .Values.azureVMType | b64enc }}" - ClusterName: "{{ .Values.azureClusterName | b64enc }}" - NodeResourceGroup: "{{ .Values.azureNodeResourceGroup | b64enc }}" -{{- else if eq .Values.cloudProvider "aws" }} - AwsAccessKeyId: "{{ .Values.awsAccessKeyID | b64enc }}" - AwsSecretAccessKey: "{{ .Values.awsSecretAccessKey | b64enc }}" -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml deleted file mode 100644 index 70c568b54f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: -{{- include "common.labels" . | nindent 4 }} - name: {{ template "common.name" . }} -{{- end }} -{{- if .Values.rbac.serviceAccountAnnotations }} - annotations: {{ toYaml .Values.rbac.serviceAccountAnnotations | nindent 4 }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml deleted file mode 100644 index fcf2b2f143..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{ if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "common.name" . }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} - {{- end }} - labels: - {{- range $key, $value := .Values.serviceMonitor.selector }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - selector: - matchLabels: -{{- include "common.labels" . | nindent 4 }} - endpoints: - - port: {{ .Values.service.portName }} - interval: {{ .Values.serviceMonitor.interval }} - path: {{ .Values.serviceMonitor.path }} - namespaceSelector: - matchNames: - - {{.Values.namespace}} -{{ end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml deleted file mode 100644 index 17895fbce7..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml +++ /dev/null @@ -1,214 +0,0 @@ -namespace: backbone -labels: - app: "cluster-autoscaler" - -autoDiscovery: -# Only cloudProvider `aws` and `gce` are supported by auto-discovery at this time -# AWS: Set tags as described in https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md#auto-discovery-setup - clusterName: cluster.local - tags: - - k8s.io/cluster-autoscaler/enabled - - k8s.io/cluster-autoscaler/{{ .Values.autoDiscovery.clusterName }} - # - kubernetes.io/cluster/{{ .Values.autoDiscovery.clusterName }} - -tracing-enabled: false -autoscalingGroups: -# At least one element is required if not using autoDiscovery -# - name: asg1 -# maxSize: 2 -# minSize: 1 - # - name: asg2 - # maxSize: 2 - # minSize: 1 - -autoscalingGroupsnamePrefix: [] -# At least one element is required if not using autoDiscovery - # - name: ig01 - # maxSize: 10 - # minSize: 0 - # - name: ig02 - # maxSize: 10 - # minSize: 0 - -# Required if cloudProvider=aws -awsRegion: ap-south-1 -awsAccessKeyID: "" -awsSecretAccessKey: "" - -# Required if cloudProvider=azure -# clientID/ClientSecret with contributor permission to Cluster and Node ResourceGroup -azureClientID: "" -azureClientSecret: "" -# Cluster resource Group -azureResourceGroup: "" -azureSubscriptionID: "" -azureTenantID: "" -# if using AKS azureVMType should be set to "AKS" -azureVMType: "AKS" -azureClusterName: "" -azureNodeResourceGroup: "" -# if using MSI, ensure subscription ID and resource group are set -azureUseManagedIdentityExtension: false - -# Currently only `gce`, `aws`, `azure` & `spotinst` are supported -cloudProvider: aws - -# Configuration file for cloud provider -cloudConfigPath: /etc/gce.conf - -image: - repository: "asia.gcr.io/k8s-artifacts-prod/autoscaling/cluster-autoscaler" - tag: "v1.15.7" - pullPolicy: IfNotPresent - - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistrKeySecretName - -tolerations: [] - -## Extra ENV passed to the container -extraEnv: {} - -extraArgs: - v: 4 - stderrthreshold: info - logtostderr: true - aws-use-static-instance-list: true - # write-status-configmap: true - # leader-elect: true - # skip-nodes-with-local-storage: false - # expander: least-waste - # scale-down-enabled: true - # balance-similar-node-groups: true - # min-replica-count: 2 - # scale-down-utilization-threshold: 0.5 - # scale-down-non-empty-candidates-count: 5 - # max-node-provision-time: 15m0s - # scan-interval: 10s - # scale-down-delay-after-add: 10m - # scale-down-delay-after-delete: 0s - # scale-down-delay-after-failure: 3m - # scale-down-unneeded-time: 10m - # skip-nodes-with-local-storage: false - # skip-nodes-with-system-pods: true - -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## affinity: {} - -podDisruptionBudget: | - maxUnavailable: 1 - # minAvailable: 2 - -## Node labels for pod assignment -## Ref: https://kubernetes.io/docs/user-guide/node-selection/ -nodeSelector: {} - -podAnnotations: {} -podLabels: {} -replicas: 1 - -rbac: - ## If true, create & use RBAC resources - ## - create: true - ## If true, create & use Pod Security Policy resources - ## https://kubernetes.io/docs/concepts/policy/pod-security-policy/ - pspEnabled: true - serviceAccount: - # Specifies whether a service account should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - ## Annotations for the Service Account - ## - serviceAccountAnnotations: {} - -resources: - limits: - cpu: 100m - memory: 300Mi - requests: - cpu: 100m - memory: 300Mi - -priorityClassName: "" - -# Defaults to "ClusterFirst". Valid values are -# 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None' -# autoscaler does not depend on cluster DNS, recommended to set this to "Default" -# dnsPolicy: "Default" - -## Security context for pod -## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -# securityContext: -# runAsNonRoot: true -# runAsUser: 1001 -# runAsGroup: 1001 - -## Security context for container -## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -# containerSecurityContext: -# capabilities: -# drop: -# - all - -## Deployment update strategy -## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy -# updateStrategy: -# rollingUpdate: -# maxSurge: 1 -# maxUnavailable: 0 -# type: RollingUpdate - -httpPort: 8085 -portName: http - - -spotinst: - account: "" - token: "" - image: - repository: spotinst/kubernetes-cluster-autoscaler - tag: 0.6.0 - pullPolicy: IfNotPresent - -## Are you using Prometheus Operator? -serviceMonitor: - enabled: false - interval: "10s" - # Namespace Prometheus is installed in - namespace: monitoring - ## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/helm/charts/tree/master/stable/prometheus-operator#tldr) - ## [Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#prometheus-operator-1) - ## [Kube Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#exporters) - selector: - prometheus: kube-prometheus - # The metrics path to scrape - autoscaler exposes /metrics (standard) - path: /metrics - -## String to partially override cluster-autoscaler.fullname template (will maintain the release name) -nameOverride: "" - -## String to fully override cluster-autoscaler.fullname template -fullnameOverride: "" - -# Allow overridding the .Capabilities.KubeVersion.GitVersion (useful for "helm template" command) -kubeTargetVersionOverride: "" - -## Priorities Expander -## If extraArgs.expander is set to priority, then expanderPriorities is used to define cluster-autoscaler-priority-expander priorities -## https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/expander/priority/readme.md -expanderPriorities: {} - -ingress: - enabled: false - zuul: false - -service: - additionalAnnotations: {} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/Chart.yaml deleted file mode 100755 index 89848f5554..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -appVersion: "1.98.0" -description: A Helm chart that sets up Kubecost, Prometheus, and Grafana to monitor - cloud costs. -name: cost-analyzer -version: "1.98.0" -annotations: - "artifacthub.io/links": | - - name: Homepage - url: https://www.kubecost.com - diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/README.md b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/README.md deleted file mode 100644 index 6a4caee3ef..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/README.md +++ /dev/null @@ -1,68 +0,0 @@ -# Kubecost helm chart -Helm chart for the Kubecost project, which is created to monitor and manage Kubernetes resource spend. Please contact team@kubecost.com or visit [kubecost.com](http://kubecost.com) for more info. - -While Helm is the [recommended install path](http://kubecost.com/install), these resources can also be deployed with the following command: - -`kubectl apply -f https://raw.githubusercontent.com/kubecost/cost-analyzer-helm-chart/master/kubecost.yaml --namespace kubecost` - -
-The following table lists the commonly used configurable parameters of the Kubecost Helm chart and their default values. - -Parameter | Description | Default ---------- | ----------- | ------- -`global.prometheus.enabled` | If false, use an existing Prometheus install. [More info](http://docs.kubecost.com/custom-prom). | `true` -`prometheus.kube-state-metrics.disabled` | If false, deploy [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics) for Kubernetes metrics | `false` -`prometheus.kube-state-metrics.resources` | Set kube-state-metrics resource requests and limits. | `{}` -`prometheus.server.persistentVolume.enabled` | If true, Prometheus server will create a Persistent Volume Claim. | `true` -`prometheus.server.persistentVolume.size` | Prometheus server data Persistent Volume size. Default set to retain ~6000 samples per second for 15 days. | `32Gi` -`prometheus.server.retention` | Determines when to remove old data. | `15d` -`prometheus.server.resources` | Prometheus server resource requests and limits. | `{}` -`prometheus.nodeExporter.resources` | Node exporter resource requests and limits. | `{}` -`prometheus.nodeExporter.enabled` `prometheus.serviceAccounts.nodeExporter.create` | If false, do not crate NodeExporter daemonset. | `true` -`prometheus.alertmanager.persistentVolume.enabled` | If true, Alertmanager will create a Persistent Volume Claim. | `true` -`prometheus.pushgateway.persistentVolume.enabled` | If true, Prometheus Pushgateway will create a Persistent Volume Claim. | `true` -`persistentVolume.enabled` | If true, Kubecost will create a Persistent Volume Claim for product config data. | `true` -`persistentVolume.size` | Define PVC size for cost-analyzer | `32.0Gi` -`persistentVolume.dbSize` | Define PVC size for cost-analyzer's flat file database | `32.0Gi` -`ingress.enabled` | If true, Ingress will be created | `false` -`ingress.annotations` | Ingress annotations | `{}` -`ingress.paths` | Ingress paths | `["/"]` -`ingress.hosts` | Ingress hostnames | `[cost-analyzer.local]` -`ingress.tls` | Ingress TLS configuration (YAML) | `[]` -`networkPolicy.enabled` | If true, create a NetworkPolicy to deny egress | `false` -`networkPolicy.costAnalyzer.enabled` | If true, create a newtork policy for cost-analzyer | `false` -`networkPolicy.costAnalyzer.annotations` | Annotations to be added to the network policy | `{}` -`networkPolicy.costAnalyzer.additionalLabels` | Additional labels to be added to the network policy | `{}` -`networkPolicy.costAnalyzer.ingressRules` | A list of network policy ingress rules | `null` -`networkPolicy.costAnalyzer.egressRules` | A list of network policy egress rules | `null` -`networkCosts.enabled` | If true, collect network allocation metrics [More info](http://docs.kubecost.com/network-allocation) | `false` -`networkCosts.podMonitor.enabled` | If true, a [PodMonitor](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#podmonitor) for the network-cost daemonset is created | `false` -`serviceMonitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` -`serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` -`prometheusRule.enabled` | Set this to `true` to create PrometheusRule for Prometheus operator | `false` -`prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` -`grafana.resources` | Grafana resource requests and limits. | `{}` -`grafana.sidecar.datasources.defaultDatasourceEnabled` | Set this to `false` to disable creation of Prometheus datasource in Grafana | `true` -`serviceAccount.create` | Set this to `false` if you want to create the service account `kubecost-cost-analyzer` on your own | `true` -`tolerations` | node taints to tolerate | `[]` -`affinity` | pod affinity | `{}` -`kubecostProductConfigs.productKey.mountPath` | Use instead of `kubecostProductConfigs.productKey.secretname` to declare the path at which the product key file is mounted (eg. by a secrets provisioner) | `N/A` -`kubecostFrontend.api.fqdn` | Customize the upstream api FQDN | `computed in terms of the service name and namespace` -`kubecostFrontend.model.fqdn` | Customize the upstream model FQDN | `computed in terms of the service name and namespace` -`clusterController.fqdn` | Customize the upstream cluster controller FQDN | `computed in terms of the service name and namespace` -`global.grafana.fqdn` | Customize the upstream grafana FQDN | `computed in terms of the release name and namespace` - - -## Testing -To perform local testing do next: -- install locally [kind](https://github.com/kubernetes-sigs/kind) according to documentation. -- install locally [ct](https://github.com/helm/chart-testing) according to documentation. -- create local cluster using `kind` \ -use image version from [kind docker registry](https://hub.docker.com/r/kindest/node/tags?page=1) -```shell -kind create cluster --image kindest/node: -``` -- perform ct execution -```shell -ct install --chart-dirs="." --charts="." --helm-repo-extra-args="--set=global.prometheus.enabled=false --set=global.grafana.enabled=false" -``` \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/attached-disks.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/attached-disks.json deleted file mode 100644 index 88f60d983e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/attached-disks.json +++ /dev/null @@ -1,444 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "gnetId": null, - "graphTooltip": 0, - "id": 10, - "iteration": 1589748792557, - "links": [], - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fill": 1, - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 2, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(container_fs_limit_bytes{instance=~'$disk', device!=\"tmpfs\", id=\"/\"}) by (instance)", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk Size", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "decbytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fill": 1, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 4, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(container_fs_usage_bytes{instance=~'$disk',id=\"/\"}) by (instance) / sum(container_fs_limit_bytes{instance=~'$disk',device!=\"tmpfs\", id=\"/\"}) by (instance)", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk Utilization", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": 1, - "format": "percentunit", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fill": 1, - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 9 - }, - "id": 5, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "1 - sum(container_fs_inodes_free{instance=~'$disk',id=\"/\"}) by (instance) / sum(container_fs_inodes_total{instance=~'$disk',id=\"/\"}) by (instance)", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "iNode Utilization", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": 1, - "format": "percentunit", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fill": 1, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 9 - }, - "id": 3, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(container_fs_usage_bytes{instance=~'$disk',id=\"/\"}) by (instance)", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk Usage", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "decbytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "schemaVersion": 16, - "style": "dark", - "tags": [ - "cost", - "utilization", - "metrics" - ], - "templating": { - "list": [ - { - "allValue": null, - "current": { - "text": "All", - "value": "$__all" - }, - "datasource": "${datasource}", - "hide": 0, - "includeAll": true, - "label": null, - "multi": false, - "name": "disk", - "options": [], - "query": "query_result(sum(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance))", - "refresh": 1, - "regex": "/instance=\\\"(.*?)(\\\")/", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": true, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "error": null, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-7d", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "", - "title": "Attached disk metrics", - "uid": "nBH7qBgMk", - "version": 2 -} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-metrics.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-metrics.json deleted file mode 100644 index 2470de2620..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-metrics.json +++ /dev/null @@ -1,1682 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "description": "Cost metrics from the Kubecost product", - "editable": true, - "gnetId": null, - "graphTooltip": 0, - "id": 7, - "iteration": 1558062099204, - "links": [], - "panels": [ - { - "content": "Note: this dashboard requires Kubecost metrics to be available in your Prometheus deployment. [Learn more](https://github.com/kubecost/cost-model/blob/master/PROMETHEUS.md)", - "gridPos": { - "h": 2, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 27, - "links": [], - "mode": "markdown", - "title": "", - "transparent": true, - "type": "text" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource": "${datasource}", - "decimals": 2, - "description": "Monthly run rate of CPU + GPU costs based on currently provisioned resources.", - "format": "currencyUSD", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 6, - "x": 0, - "y": 2 - }, - "hideTimeOverride": true, - "id": 2, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": true, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n)", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "thresholds": "", - "timeFrom": "15m", - "timeShift": null, - "title": "CPU Cost", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource": "${datasource}", - "decimals": 2, - "description": "Monthly run rate of memory costs based on currently provisioned expenses.", - "format": "currencyUSD", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 6, - "x": 6, - "y": 2 - }, - "hideTimeOverride": true, - "id": 3, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n)", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "thresholds": "", - "timeFrom": "15m", - "timeShift": null, - "title": "Memory Cost", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource": "${datasource}", - "decimals": 2, - "description": "Monthly run rate of attached storage and PV costs based on currently provisioned resources.", - "format": "currencyUSD", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 6, - "x": 12, - "y": 2 - }, - "hideTimeOverride": true, - "id": 4, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(avg(pv_hourly_cost) by (persistentvolume) * 730 * avg(kube_persistentvolume_capacity_bytes) by (persistentvolume) / 1024 / 1024 / 1024) \n+\nsum(sum(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "thresholds": "", - "timeFrom": "15m", - "timeShift": null, - "title": "Storage Cost", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource": "${datasource}", - "decimals": 2, - "description": "Sum of compute, memory, storage and network costs.", - "format": "currencyUSD", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 7, - "w": 6, - "x": 18, - "y": 2 - }, - "hideTimeOverride": true, - "id": 11, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "# Compute\nsum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n\n# Memory\nsum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n# Storage \n\nsum(avg(pv_hourly_cost) by (persistentvolume) * 730 * avg(kube_persistentvolume_capacity_bytes) by (persistentvolume) / 1024 / 1024 / 1024) \n+\nsum(sum(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "thresholds": "", - "timeFrom": "15m", - "timeShift": null, - "title": "Total Cost", - "type": "singlestat", - "valueFontSize": "120%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "datasource": "${datasource}", - "decimals": 2, - "description": "Current CPU use from applications divided by allocatable CPUs", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 0, - "y": 5 - }, - "height": "180px", - "hideTimeOverride": true, - "id": 13, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "(\n sum(\n count(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n * on (instance) \n sum(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n ) \n / \n (sum (kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}))\n) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "30, 80", - "timeFrom": "", - "title": "CPU Utilization", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "datasource": "${datasource}", - "decimals": 2, - "description": "Current CPU reservation requests from applications vs allocatable CPU", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 3, - "y": 5 - }, - "height": "180px", - "id": 15, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "SUM(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) / SUM(kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "30, 80", - "title": "CPU Requests", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "datasource": "${datasource}", - "description": "Current RAM use vs RAM available", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 6, - "y": 5 - }, - "height": "180px", - "hideTimeOverride": true, - "id": 17, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "SUM(container_memory_usage_bytes{namespace!=\"\"}) / SUM(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"}) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - }, - { - "expr": "", - "format": "time_series", - "intervalFactor": 1, - "refId": "B" - } - ], - "thresholds": "30,80", - "timeFrom": "", - "title": "RAM Utilization", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "datasource": "${datasource}", - "description": "Current RAM requests vs RAM available", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 9, - "y": 5 - }, - "height": "180px", - "id": 19, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"})\n /\n sum(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"})\n) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "30,80", - "title": "RAM Requests", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "datasource": "${datasource}", - "decimals": 2, - "description": "This gauge shows the current standard storage use, including cluster storage, vs storage available", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 12, - "y": 5 - }, - "height": "180px", - "hideTimeOverride": true, - "id": 21, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (\n sum(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, namespace)\n + on (persistentvolumeclaim, namespace)\n sum(pod_pvc_allocation) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) /\nsum (\n sum(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, namespace)\n + on (persistentvolumeclaim, namespace)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "30, 80", - "timeFrom": "", - "title": "Storage Utilization", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "Monthly run rate of CPU + GPU costs", - "fill": 1, - "gridPos": { - "h": 7, - "w": 6, - "x": 0, - "y": 9 - }, - "id": 6, - "interval": "1m", - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 +\n avg(node_gpu_hourly_cost) by (node) * 730\n)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "compute cost", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Compute Cost", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "currencyUSD", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "Monthly run rate of memory costs", - "fill": 1, - "gridPos": { - "h": 7, - "w": 6, - "x": 6, - "y": 9 - }, - "id": 9, - "interval": "1m", - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730\n)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "memory cost", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Cost", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "currencyUSD", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "Monthly run rate of attached disk + PV storage costs", - "fill": 1, - "gridPos": { - "h": 7, - "w": 6, - "x": 12, - "y": 9 - }, - "id": 10, - "interval": "1m", - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(\n avg(avg_over_time(pv_hourly_cost[$timeRange] offset 1m)) by (persistentvolume) * 730 \n * avg(avg_over_time(kube_persistentvolume_capacity_bytes[$timeRange] offset 1m)) by (persistentvolume) / 1024 / 1024 / 1024\n) +\nsum(avg(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "storage cost", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Storage Cost", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "currencyUSD", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "Sum of compute, memory, and storage costs", - "fill": 1, - "gridPos": { - "h": 7, - "w": 6, - "x": 18, - "y": 9 - }, - "id": 22, - "interval": "1m", - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "# Compute\nsum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n\n# Memory\nsum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n# Storage \n\nsum(avg(pv_hourly_cost) by (persistentvolume) * 730 * avg(kube_persistentvolume_capacity_bytes) by (persistentvolume) / 1024 / 1024 / 1024) \n+\nsum(sum(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "total cost", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Total Cost", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "currencyUSD", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "columns": [], - "datasource": "${datasource}", - "description": "Cost of by resource class of currently provisioned nodes", - "fontSize": "100%", - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 16 - }, - "id": 8, - "links": [], - "pageSize": null, - "scroll": true, - "showHeader": true, - "sort": { - "col": 4, - "desc": false - }, - "styles": [ - { - "alias": "", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "Compute Cost", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value", - "thresholds": [], - "type": "number", - "unit": "short" - }, - { - "alias": "CPU Cost", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "Mem Cost", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #B", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "Total", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #C", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "instance", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "GPU", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #D", - "thresholds": [], - "type": "number", - "unit": "short" - }, - { - "alias": "", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "decimals": 2, - "pattern": "/.*/", - "thresholds": [], - "type": "number", - "unit": "short" - } - ], - "targets": [ - { - "expr": "avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost or up * 0) by (node) * 730 * (1-$useDiscount/100)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "", - "refId": "A" - }, - { - "expr": "avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "", - "refId": "B" - }, - { - "expr": "avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "D" - }, - { - "expr": "# CPU \navg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost or up * 0) by (node) * 730 * (1-$useDiscount/100) +\n# GPU\navg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n# Memory\navg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "C" - } - ], - "title": "Cost by node", - "transform": "table", - "type": "table" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "Monthly run rate of attached disk + PV storage costs based on currently provisioned resources.", - "fill": 1, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 16 - }, - "id": 25, - "interval": "1m", - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "sum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 +\n avg(node_gpu_hourly_cost) by (node) * 730\n)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "cpu", - "refId": "B" - }, - { - "expr": "sum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730\n)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "memory", - "refId": "A" - }, - { - "expr": "sum(\n avg(avg_over_time(pv_hourly_cost[$timeRange] offset 1m)) by (persistentvolume) * 730 \n * avg(avg_over_time(kube_persistentvolume_capacity_bytes[$timeRange] offset 1m)) by (persistentvolume) / 1024 / 1024 / 1024\n) +\nsum(avg(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "storage", - "refId": "C" - }, - { - "expr": "SUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $percentEgress * $egressCost ", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "network", - "refId": "D" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Cost by Resource", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "currencyUSD", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "refresh": false, - "schemaVersion": 16, - "style": "dark", - "tags": [ - "cost", - "utilization", - "metrics" - ], - "templating": { - "list": [ - { - "auto": true, - "auto_count": 1, - "auto_min": "1m", - "current": { - "text": "auto", - "value": "$__auto_interval_timeRange" - }, - "hide": 2, - "label": null, - "name": "timeRange", - "options": [ - { - "selected": true, - "text": "auto", - "value": "$__auto_interval_timeRange" - }, - { - "selected": false, - "text": "1h", - "value": "1h" - }, - { - "selected": false, - "text": "6h", - "value": "6h" - }, - { - "selected": false, - "text": "12h", - "value": "12h" - }, - { - "selected": false, - "text": "1d", - "value": "1d" - }, - { - "selected": false, - "text": "7d", - "value": "7d" - }, - { - "selected": false, - "text": "14d", - "value": "14d" - }, - { - "selected": false, - "text": "30d", - "value": "30d" - }, - { - "selected": false, - "text": "90d", - "value": "90d" - } - ], - "query": "1h,6h,12h,1d,7d,14d,30d,90d", - "refresh": 2, - "skipUrlSync": false, - "type": "interval" - }, - { - "current": { - "text": ".04", - "value": ".04" - }, - "hide": 2, - "label": "Cost per Gb hour for attached disks", - "name": "localStorageGBCost", - "options": [ - { - "selected": true, - "text": ".04", - "value": ".04" - } - ], - "query": ".04", - "skipUrlSync": false, - "type": "constant" - }, - { - "current": { - "tags": [], - "text": "0", - "value": "0" - }, - "hide": 0, - "label": "Sustained Use Discount %", - "name": "useDiscount", - "options": [ - { - "selected": true, - "text": "0", - "value": "0" - } - ], - "query": "0", - "skipUrlSync": false, - "type": "constant" - }, - { - "current": { - "text": ".1", - "value": ".1" - }, - "hide": 2, - "label": null, - "name": "percentEgress", - "options": [ - { - "selected": true, - "text": ".1", - "value": ".1" - } - ], - "query": ".1", - "skipUrlSync": false, - "type": "constant" - }, - { - "current": { - "text": ".12", - "value": ".12" - }, - "hide": 2, - "label": null, - "name": "egressCost", - "options": [ - { - "selected": true, - "text": ".12", - "value": ".12" - } - ], - "query": ".12", - "skipUrlSync": false, - "type": "constant" - }, - { - "current": { - "selected": true, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "error": null, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-7d", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "", - "title": "Kubecost cluster metrics", - "uid": "JOUdHGZZz", - "version": 20 -} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-utilization.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-utilization.json deleted file mode 100644 index 9007618b0b..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/cluster-utilization.json +++ /dev/null @@ -1,3196 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "A dashboard to help manage Kubernetes cluster costs and resources", - "editable": true, - "fiscalYearStartMonth": 0, - "gnetId": 6873, - "graphTooltip": 0, - "id": 10, - "iteration": 1645112913364, - "links": [], - "liveNow": false, - "panels": [ - { - "gridPos": { - "h": 2, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 86, - "links": [], - "options": { - "content": "This dashboard shows monthly cost estimates for the cluster, based on **current** CPU, RAM and storage provisioned.", - "mode": "markdown" - }, - "pluginVersion": "8.3.2", - "transparent": true, - "type": "text" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 2 - }, - "hideTimeOverride": true, - "id": 75, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "sum(\n (\n (\n sum(kube_node_status_capacity_cpu_cores) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) * $costpcpu\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) * ($costcpu - ($costcpu / 100 * $costDiscount))\n )\n) ", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "CPU Cost", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 6, - "y": 2 - }, - "hideTimeOverride": true, - "id": 77, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "sum(\n (\n (\n sum(kube_node_status_capacity_memory_bytes) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) /1024/1024/1024 * $costpram\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) /1024/1024/1024 * ($costram - ($costram / 100 * $costDiscount))\n)\n) ", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "RAM Cost", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 12, - "y": 2 - }, - "hideTimeOverride": true, - "id": 78, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageSSD\n\n+\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageStandard\n\n+ \n\nsum(container_fs_limit_bytes{id=\"/\"}) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "Storage Cost (Cluster and PVC)", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Represents a near worst-case approximation of network costs.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 18, - "y": 2 - }, - "hideTimeOverride": true, - "id": 129, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "SUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $costEgress", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "Network Egress Cost", - "type": "stat" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "description": "Current CPU use from applications divided by allocatable CPUs", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(245, 54, 54, 0.9)", - "value": null - }, - { - "color": "rgba(50, 172, 45, 0.97)", - "value": 30 - }, - { - "color": "#c15c17", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 0, - "y": 6 - }, - "hideTimeOverride": true, - "id": 82, - "links": [], - "maxDataPoints": 100, - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "expr": "(\n sum(\n count(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n * on (instance) \n sum(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n ) \n / \n (sum (kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}))\n) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "timeFrom": "", - "title": "CPU Utilization", - "type": "gauge" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "description": "Current CPU reservation requests from applications vs allocatable CPU", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(245, 54, 54, 0.9)", - "value": null - }, - { - "color": "rgba(50, 172, 45, 0.97)", - "value": 30 - }, - { - "color": "#c15c17", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 3, - "y": 6 - }, - "id": 91, - "links": [], - "maxDataPoints": 100, - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "expr": "SUM(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) / SUM(kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "title": "CPU Requests", - "type": "gauge" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "description": "Current RAM use vs RAM available", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(245, 54, 54, 0.9)", - "value": null - }, - { - "color": "rgba(50, 172, 45, 0.97)", - "value": 30 - }, - { - "color": "#c15c17", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 6, - "y": 6 - }, - "hideTimeOverride": true, - "id": 80, - "links": [], - "maxDataPoints": 100, - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "expr": "SUM(container_memory_usage_bytes{namespace!=\"\"}) / SUM(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"}) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - }, - { - "expr": "", - "format": "time_series", - "intervalFactor": 1, - "refId": "B" - } - ], - "timeFrom": "", - "title": "RAM Utilization", - "type": "gauge" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "description": "Current RAM requests vs RAM available", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(245, 54, 54, 0.9)", - "value": null - }, - { - "color": "rgba(50, 172, 45, 0.97)", - "value": 30 - }, - { - "color": "#c15c17", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 9, - "y": 6 - }, - "id": 92, - "links": [], - "maxDataPoints": 100, - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"})\n /\n sum(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"})\n) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "title": "RAM Requests", - "type": "gauge" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "description": "This gauge shows the current standard storage use, including cluster storage, vs storage available", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(245, 54, 54, 0.9)", - "value": null - }, - { - "color": "rgba(50, 172, 45, 0.97)", - "value": 30 - }, - { - "color": "#c15c17", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 12, - "y": 6 - }, - "hideTimeOverride": true, - "id": 95, - "links": [], - "maxDataPoints": 100, - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kubelet_volume_stats_used_bytes) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) /\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "timeFrom": "", - "title": "Storage Utilization", - "type": "gauge" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "description": "This gauge shows the current SSD use vs SSD available", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgba(245, 54, 54, 0.9)", - "value": null - }, - { - "color": "rgba(50, 172, 45, 0.97)", - "value": 30 - }, - { - "color": "#c15c17", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 15, - "y": 6 - }, - "hideTimeOverride": true, - "id": 96, - "links": [], - "maxDataPoints": 100, - "options": { - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kubelet_volume_stats_used_bytes) by (persistentvolumeclaim, namespace)\n) /\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace)\n) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "timeFrom": "", - "title": "SSD Utilization", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Expected monthly cost given current CPU, memory storage, and network resource consumption", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 18, - "y": 6 - }, - "hideTimeOverride": true, - "id": 93, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "8.3.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "# CPU\nsum(\n (\n (\n sum(kube_node_status_capacity_cpu_cores) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) * $costpcpu\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) * ($costcpu - ($costcpu / 100 * $costDiscount))\n )\n) \n\n+ \n\n# Storage\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageSSD\n\n+\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageStandard\n\n+ \n\nsum(container_fs_limit_bytes{id=\"/\"}) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard \n\n+\n\n# END STORAGE\n# RAM \nsum(\n (\n (\n sum(kube_node_status_capacity_memory_bytes) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) /1024/1024/1024 * $costpram\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) /1024/1024/1024 * ($costram - ($costram / 100 * $costDiscount))\n)\n)\n\n+\n\n#Network \nSUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $costEgress", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "Total Monthly Cost", - "type": "stat" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "description": "Expected monthly CPU, memory and storage costs given provisioned resources", - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 10 - }, - "hiddenSeries": false, - "id": 120, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "# CPU\nsum(\n (\n (\n sum(kube_node_status_capacity_cpu_cores) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) * $costpcpu\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) * ($costcpu - ($costcpu / 100 * $costDiscount))\n )\n) \n\n+ \n\n# Storage\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageSSD\n\n+\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageStandard\n\n+ \n\nsum(container_fs_limit_bytes{id=\"/\"}) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard \n\n+\n\n# END STORAGE\n# RAM \nsum(\n (\n (\n sum(kube_node_status_capacity_memory_bytes) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) /1024/1024/1024 * $costpram\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) /1024/1024/1024 * ($costram - ($costram / 100 * $costDiscount))\n)\n) \n\n+\n\n#Network \nSUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $costEgress", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "cluster cost", - "refId": "A" - } - ], - "thresholds": [], - "timeRegions": [], - "title": "Total monthly cost", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "currencyUSD", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": { - "uid": "${datasource}" - }, - "description": "Resources allocated to namespace based on container requests", - "fontSize": "100%", - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 10 - }, - "hideTimeOverride": false, - "id": 73, - "links": [], - "pageSize": 10, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 7, - "desc": true - }, - "styles": [ - { - "alias": "Namespace", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "link": true, - "linkTooltip": "View namespace cost metrics", - "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", - "pattern": "namespace", - "thresholds": [ - "30", - "80" - ], - "type": "string", - "unit": "currencyUSD" - }, - { - "alias": "RAM", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "pattern": "Value #B", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "CPU", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "PV Storage", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #C", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "Total", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #D", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "CPU Utilization", - "align": "auto", - "colorMode": "value", - "colors": [ - "#bf1b00", - "rgba(50, 172, 45, 0.97)", - "#ef843c" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #E", - "thresholds": [ - "30", - "80" - ], - "type": "number", - "unit": "percent" - }, - { - "alias": "RAM Utilization", - "align": "auto", - "colorMode": "value", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#ef843c" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #F", - "thresholds": [ - "30", - "80" - ], - "type": "number", - "unit": "percent" - } - ], - "targets": [ - { - "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"}*($costcpu - ($costcpu / 100 * $costDiscount))) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"}*$costpcpu) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)", - "format": "table", - "hide": false, - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ namespace }}", - "refId": "A" - }, - { - "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"} / 1024 / 1024 / 1024*($costram- ($costram / 100 * $costDiscount))) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"} / 1024 / 1024 / 1024 * $costpram ) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{ namespace }}", - "refId": "B" - }, - { - "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageSSD \n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageStandard", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{ namespace }}", - "refId": "C" - }, - { - "expr": "# CPU \n(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"}*($costcpu - ($costcpu / 100 * $costDiscount))) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"}*$costpcpu) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n#END CPU \n# Memory \n\n(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"} / 1024 / 1024 / 1024*($costram- ($costram / 100 * $costDiscount))) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"} / 1024 / 1024 / 1024 * $costpram ) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n# PV storage\n\n(\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageSSD \n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageStandard \n)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "Total", - "refId": "D" - } - ], - "timeFrom": "", - "title": "Namespace cost allocation", - "transform": "table", - "type": "table-old" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 18 - }, - "id": 108, - "panels": [], - "title": "CPU Metrics", - "type": "row" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 19 - }, - "hiddenSeries": false, - "id": 116, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "SUM(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"})", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "capacity", - "refId": "A" - }, - { - "expr": "SUM(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"})", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "requests", - "refId": "C" - }, - { - "expr": "SUM(irate(container_cpu_usage_seconds_total{id=\"/\"}[5m]))", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "usage", - "refId": "B" - }, - { - "expr": "SUM(kube_pod_container_resource_limits{resource=\"cpu\", unit=\"core\"}) ", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "limits", - "refId": "D" - } - ], - "thresholds": [], - "timeRegions": [], - "title": "Cluster CPUs", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": 1, - "format": "short", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 27 - }, - "hiddenSeries": false, - "id": 130, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "avg(irate(node_cpu_seconds_total{mode!=\"idle\"}[5m])) by (mode) * 100", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{mode}}", - "refId": "A" - } - ], - "thresholds": [], - "timeRegions": [], - "title": "CPU Mode", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "logBase": 1, - "show": true - }, - { - "format": "percent", - "logBase": 1, - "show": false - } - ], - "yaxis": { - "align": false - } - }, - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": { - "uid": "${datasource}" - }, - "description": "This table shows the comparison of CPU requests and usage by namespace", - "fontSize": "100%", - "gridPos": { - "h": 10, - "w": 12, - "x": 0, - "y": 35 - }, - "hideTimeOverride": true, - "id": 104, - "links": [], - "pageSize": 8, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 1, - "desc": true - }, - "styles": [ - { - "alias": "CPU Requests", - "align": "auto", - "colors": [ - "#fceaca", - "#fce2de", - "rgba(245, 54, 54, 0.9)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [ - "" - ], - "type": "number", - "unit": "short" - }, - { - "alias": "Node", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "node", - "thresholds": [], - "type": "string", - "unit": "short" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "CPU Requests", - "align": "auto", - "colorMode": "value", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#cffaff" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #B", - "thresholds": [ - "" - ], - "type": "number", - "unit": "short" - }, - { - "alias": "24h CPU Usage", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #C", - "thresholds": [ - "30" - ], - "type": "number", - "unit": "none" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "link": true, - "linkTooltip": "View namespace cost metrics", - "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", - "mappingType": 1, - "pattern": "namespace", - "thresholds": [], - "type": "number", - "unit": "short" - } - ], - "targets": [ - { - "expr": "sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\"}) by (namespace) ", - "format": "table", - "hide": false, - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A" - }, - { - "expr": "sum (rate (container_cpu_usage_seconds_total{image!=\"\",namespace!=\"\"}[24h])) by (namespace)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{ namespace }}", - "refId": "C" - } - ], - "title": "CPU request utilization by namespace", - "transform": "table", - "type": "table-old" - }, - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": { - "uid": "${datasource}" - }, - "description": "This table shows the comparison of application CPU usage vs the capacity of the node (measured over last 60 minutes)", - "fontSize": "100%", - "gridPos": { - "h": 10, - "w": 12, - "x": 12, - "y": 35 - }, - "hideTimeOverride": true, - "id": 90, - "links": [], - "pageSize": 8, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 2, - "desc": true - }, - "styles": [ - { - "alias": "CPU Request Utilization", - "align": "auto", - "colorMode": "value", - "colors": [ - "#ef843c", - "rgba(50, 172, 45, 0.97)", - "rgba(245, 54, 54, 0.9)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [ - ".30", - " .80" - ], - "type": "number", - "unit": "percentunit" - }, - { - "alias": "Node", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "node", - "thresholds": [], - "type": "string", - "unit": "short" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "CPU Utilization", - "align": "auto", - "colorMode": "value", - "colors": [ - "#ef843c", - "rgba(50, 172, 45, 0.97)", - "rgba(245, 54, 54, 0.9)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #B", - "thresholds": [ - ".20", - " .80" - ], - "type": "number", - "unit": "percentunit" - }, - { - "alias": "24h Utilization ", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value", - "thresholds": [], - "type": "number", - "unit": "percentunit" - } - ], - "targets": [ - { - "expr": "SUM(\nSUM(rate(container_cpu_usage_seconds_total[24h])) by (pod_name)\n* on (pod_name) group_left (node) \nlabel_replace(\n avg(kube_pod_info{}),\n \"pod_name\", \n \"$1\", \n \"pod\", \n \"(.+)\"\n)\n) by (node) \n/ \nsum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "B" - }, - { - "expr": "sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) by (node) / sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Cluster cost & utilization by node", - "transform": "table", - "type": "table-old" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 45 - }, - "id": 113, - "panels": [], - "title": "Memory Metrics", - "type": "row" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 46 - }, - "id": 117, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"} / 1024 / 1024 / 1024)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "capacity", - "refId": "A" - }, - { - "expr": "SUM(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"} / 1024 / 1024 / 1024)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "requests", - "refId": "C" - }, - { - "expr": "SUM(container_memory_usage_bytes{image!=\"\"} / 1024 / 1024 / 1024)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "usage", - "refId": "B" - }, - { - "expr": "SUM(kube_pod_container_resource_limits{resource=\"memory\", unit=\"byte\", namespace!=\"\"} / 1024 / 1024 / 1024)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "limits", - "refId": "D" - } - ], - "thresholds": [], - "title": "Cluster memory (GB)", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "decgbytes", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 54 - }, - "id": 131, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "1 - sum(node_memory_MemAvailable_bytes) by (node) / sum(node_memory_MemTotal_bytes) by (node)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "usage", - "refId": "A" - } - ], - "thresholds": [], - "title": "Cluster Memory Utilization", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percentunit", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": { - "uid": "${datasource}" - }, - "description": "Comparison of memory requests and current usage by namespace", - "fontSize": "100%", - "gridPos": { - "h": 10, - "w": 12, - "x": 0, - "y": 62 - }, - "hideTimeOverride": true, - "id": 109, - "links": [], - "pageSize": 7, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 1, - "desc": true - }, - "styles": [ - { - "alias": "Mem Requests (GB)", - "align": "auto", - "colors": [ - "#fceaca", - "#fce2de", - "rgba(245, 54, 54, 0.9)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [ - "" - ], - "type": "number", - "unit": "short" - }, - { - "alias": "Node", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "node", - "thresholds": [], - "type": "string", - "unit": "short" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "CPU Requests", - "align": "auto", - "colorMode": "value", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#cffaff" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #B", - "thresholds": [ - "" - ], - "type": "number", - "unit": "short" - }, - { - "alias": "24h Mem Usage", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "#508642", - "#e5ac0e" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #C", - "thresholds": [ - ".30", - ".75" - ], - "type": "number", - "unit": "none" - }, - { - "alias": "Namespace", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "link": true, - "linkTooltip": "View namespace cost metrics", - "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", - "mappingType": 1, - "pattern": "namespace", - "thresholds": [], - "type": "number", - "unit": "short" - } - ], - "targets": [ - { - "expr": "sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"} / 1024 / 1024 / 1024) by (namespace) ", - "format": "table", - "hide": false, - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A" - }, - { - "expr": "SUM(container_memory_usage_bytes{image!=\"\",namespace!=\"\"} / 1024 / 1024 / 1024) by (namespace)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "legendFormat": "", - "refId": "C" - } - ], - "title": "Memory requests & utilization by namespace", - "transform": "table", - "type": "table-old" - }, - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": { - "uid": "${datasource}" - }, - "description": "Container RAM usage vs node capacity", - "fontSize": "100%", - "gridPos": { - "h": 10, - "w": 12, - "x": 12, - "y": 62 - }, - "hideTimeOverride": true, - "id": 114, - "links": [], - "pageSize": 8, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 1, - "desc": true - }, - "styles": [ - { - "alias": "RAM Requests", - "align": "auto", - "colorMode": "value", - "colors": [ - "#ef843c", - "rgba(50, 172, 45, 0.97)", - "rgba(245, 54, 54, 0.9)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [ - "30", - " 80" - ], - "type": "number", - "unit": "percentunit" - }, - { - "alias": "Node", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "node", - "thresholds": [], - "type": "string", - "unit": "short" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "RAM Usage", - "align": "auto", - "colorMode": "value", - "colors": [ - "#ef843c", - "rgba(50, 172, 45, 0.97)", - "rgba(245, 54, 54, 0.9)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #B", - "thresholds": [ - "25", - " 80" - ], - "type": "number", - "unit": "percent" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "", - "thresholds": [], - "type": "number", - "unit": "short" - } - ], - "targets": [ - { - "expr": "SUM(label_replace(container_memory_usage_bytes{namespace!=\"\"}, \"node\", \"$1\", \"instance\",\"(.+)\")) by (node) * 100\n/\nSUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "B" - }, - { - "expr": "sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"}) by (node) / SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Node utilization of allocatable RAM", - "transform": "table", - "type": "table-old" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 72 - }, - "id": 101, - "panels": [], - "title": "Storage Metrics", - "type": "row" - }, - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": { - "uid": "${datasource}" - }, - "fontSize": "100%", - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 73 - }, - "hideTimeOverride": true, - "id": 97, - "links": [], - "pageSize": 8, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 4, - "desc": true - }, - "styles": [ - { - "alias": "Node", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "instance", - "thresholds": [], - "type": "string", - "unit": "short" - }, - { - "alias": "PVC Name", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "persistentvolumeclaim", - "thresholds": [], - "type": "number", - "unit": "short" - }, - { - "alias": "Storage Class", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "storageclass", - "thresholds": [], - "type": "number", - "unit": "short" - }, - { - "alias": "Cost", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "Cost", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "Size (GB)", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #B", - "thresholds": [], - "type": "number", - "unit": "short" - }, - { - "alias": "Usage", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #C", - "thresholds": [], - "type": "number", - "unit": "percentunit" - } - ], - "targets": [ - { - "expr": "SUM(container_fs_limit_bytes{id=\"/\"}) by (instance) / 1024 / 1024 / 1024 * 1.03", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "B" - }, - { - "expr": "SUM(container_fs_limit_bytes{id=\"/\"}) by (instance) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard\n", - "format": "table", - "hide": false, - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ persistentvolumeclaim }}", - "refId": "A" - }, - { - "expr": "sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"} / container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"}) by (instance) \n", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "C" - } - ], - "title": "Local Storage", - "transform": "table", - "type": "table-old" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 73 - }, - "id": 128, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "SUM(container_fs_usage_bytes{id=\"/\"}) / SUM(container_fs_limit_bytes{id=\"/\"})", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "reads", - "refId": "D" - } - ], - "thresholds": [], - "title": "Local storage utilization", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": "IOPS", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": { - "uid": "${datasource}" - }, - "fontSize": "100%", - "gridPos": { - "h": 10, - "w": 12, - "x": 0, - "y": 82 - }, - "hideTimeOverride": true, - "id": 94, - "links": [], - "pageSize": 10, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 2, - "desc": true - }, - "styles": [ - { - "alias": "Namespace", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "link": true, - "linkTooltip": "View namespace cost metrics", - "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", - "mappingType": 1, - "pattern": "namespace", - "thresholds": [], - "type": "string", - "unit": "short" - }, - { - "alias": "PVC Name", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "persistentvolumeclaim", - "thresholds": [], - "type": "number", - "unit": "short" - }, - { - "alias": "Storage Class", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "storageclass", - "thresholds": [], - "type": "number", - "unit": "short" - }, - { - "alias": "Cost", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "Cost", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "Usage", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #B", - "thresholds": [], - "type": "number", - "unit": "percentunit" - }, - { - "alias": "Size (GB)", - "align": "auto", - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #C", - "thresholds": [], - "type": "number", - "unit": "short" - } - ], - "targets": [ - { - "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024\n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024\n\n\n", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "C" - }, - { - "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024 * $costStorageSSD\n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024 * $costStorageStandard\n", - "format": "table", - "hide": false, - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ persistentvolumeclaim }}", - "refId": "A" - }, - { - "expr": "sum(kubelet_volume_stats_used_bytes) by (persistentvolumeclaim, namespace) \n/\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "B" - } - ], - "title": "Persistent Volume Claims", - "transform": "table", - "type": "table-old" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "gridPos": { - "h": 10, - "w": 12, - "x": 12, - "y": 82 - }, - "id": 132, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "SUM(rate(node_disk_reads_completed_total[10m])) or SUM(rate(node_disk_reads_completed[10m]))\n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "reads", - "refId": "D" - }, - { - "expr": "SUM(rate(node_disk_writes_completed_total[10m])) or SUM(rate(node_disk_writes_completed[10m]))", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "writes", - "refId": "A" - } - ], - "thresholds": [], - "title": "Disk IOPS", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "IOPS", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "gridPos": { - "h": 9, - "w": 24, - "x": 0, - "y": 92 - }, - "id": 122, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "SUM( kubelet_volume_stats_inodes_used / kubelet_volume_stats_inodes) by (persistentvolumeclaim) * 100", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "", - "refId": "D" - } - ], - "thresholds": [], - "title": "Inode usage", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 101 - }, - "id": 127, - "panels": [], - "title": "Network", - "type": "row" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "gridPos": { - "h": 9, - "w": 24, - "x": 0, - "y": 102 - }, - "id": 123, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "8.3.2", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (rate (node_network_transmit_bytes_total{}[60m]))\n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "node_out", - "refId": "B" - }, - { - "expr": "SUM ( rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]))", - "format": "time_series", - "instant": false, - "intervalFactor": 1, - "legendFormat": "eth0 out", - "refId": "C" - } - ], - "thresholds": [], - "title": "Node network transmit", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "decbytes", - "logBase": 1, - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - } - ], - "refresh": "15m", - "schemaVersion": 33, - "style": "dark", - "tags": [ - "cost", - "utilization", - "metrics" - ], - "templating": { - "list": [ - { - "current": { - "selected": true, - "text": "23.076", - "value": "23.076" - }, - "hide": 0, - "label": "CPU", - "name": "costcpu", - "options": [ - { - "selected": true, - "text": "23.076", - "value": "23.076" - } - ], - "query": "23.076", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": true, - "text": "5.10", - "value": "5.10" - }, - "hide": 0, - "label": "PE CPU", - "name": "costpcpu", - "options": [ - { - "selected": true, - "text": "5.10", - "value": "5.10" - } - ], - "query": "5.10", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": true, - "text": "3.25", - "value": "3.25" - }, - "hide": 0, - "label": "RAM", - "name": "costram", - "options": [ - { - "selected": true, - "text": "3.25", - "value": "3.25" - } - ], - "query": "3.25", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": true, - "text": "0.6862", - "value": "0.6862" - }, - "hide": 0, - "label": "PE RAM", - "name": "costpram", - "options": [ - { - "selected": true, - "text": "0.6862", - "value": "0.6862" - } - ], - "query": "0.6862", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": true, - "text": "0.040", - "value": "0.040" - }, - "hide": 0, - "label": "Storage", - "name": "costStorageStandard", - "options": [ - { - "selected": true, - "text": "0.040", - "value": "0.040" - } - ], - "query": "0.040", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": true, - "text": ".17", - "value": ".17" - }, - "hide": 0, - "label": "SSD", - "name": "costStorageSSD", - "options": [ - { - "selected": true, - "text": ".17", - "value": ".17" - } - ], - "query": ".17", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": true, - "text": ".12", - "value": ".12" - }, - "hide": 0, - "label": "Egress", - "name": "costEgress", - "options": [ - { - "selected": true, - "text": ".12", - "value": ".12" - } - ], - "query": ".12", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": true, - "text": "30", - "value": "30" - }, - "hide": 0, - "label": "Discount", - "name": "costDiscount", - "options": [ - { - "selected": true, - "text": "30", - "value": "30" - } - ], - "query": "30", - "skipUrlSync": false, - "type": "textbox" - }, - { - "current": { - "selected": false, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-24h", - "to": "now" - }, - "timepicker": { - "hidden": false, - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "Cluster cost & utilization metrics", - "uid": "cluster-costs", - "version": 1, - "weekStart": "" - } \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/deployment-utilization.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/deployment-utilization.json deleted file mode 100644 index ef63592027..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/deployment-utilization.json +++ /dev/null @@ -1,1386 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "description": "Monitors Kubernetes deployments in cluster using Prometheus and kube-state-metrics. Shows resource utilization of deployments, daemonsets, and statefulsets.", - "editable": true, - "gnetId": 8588, - "graphTooltip": 0, - "id": 2, - "iteration": 1586200623748, - "links": [], - "panels": [ - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 5, - "w": 8, - "x": 0, - "y": 0 - }, - "height": "180px", - "id": 1, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (container_memory_working_set_bytes{container!=\"\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\", pod_name!=\"\"}) / sum (kube_node_status_allocatable{resource=\"memory\", unit=\"byte\", node=~\"^$Node.*$\"}) * 100", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "refId": "A", - "step": 900 - } - ], - "thresholds": "65, 90", - "title": "Deployment memory usage", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "${datasource}", - "decimals": 2, - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 5, - "w": 8, - "x": 8, - "y": 0 - }, - "height": "180px", - "id": 2, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (rate (container_cpu_usage_seconds_total{pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\"}[2m])) / sum (machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "refId": "A", - "step": 900 - } - ], - "thresholds": "65, 90", - "title": "Deployment CPU usage", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 5, - "w": 8, - "x": 16, - "y": 0 - }, - "height": "180px", - "id": 3, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "(((sum(kube_deployment_status_replicas{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_desired_number_scheduled{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))) - ((sum(kube_deployment_status_replicas_available{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_status_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_number_ready{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)))) / ((sum(kube_deployment_status_replicas{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_desired_number_scheduled{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))) * 100", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 1800 - } - ], - "thresholds": "1,30", - "title": "Unavailable Replicas", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 0, - "y": 5 - }, - "height": "100px", - "id": 4, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(container_memory_working_set_bytes{container!=\"\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\", pod_name!=\"\"})", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 1800 - } - ], - "thresholds": "", - "title": "Used", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 4, - "y": 5 - }, - "height": "100px", - "id": 5, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (kube_node_status_allocatable{resource=\"memory\", unit=\"byte\", node=~\"^$Node.*$\"})", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 1800 - } - ], - "thresholds": "", - "title": "Total", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 8, - "y": 5 - }, - "height": "100px", - "id": 6, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": " cores", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (rate (container_cpu_usage_seconds_total{pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\"}[5m]))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 1800 - } - ], - "thresholds": "", - "title": "Used", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 12, - "y": 5 - }, - "height": "100px", - "id": 7, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": " cores", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"})", - "intervalFactor": 2, - "refId": "A", - "step": 1800 - } - ], - "thresholds": "", - "title": "Total", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "avg" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 16, - "y": 5 - }, - "height": "100px", - "id": 8, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "(sum(kube_deployment_status_replicas_available{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_status_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_number_ready{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 1800 - } - ], - "thresholds": "", - "title": "Available (cluster)", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "${datasource}", - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 20, - "y": 5 - }, - "height": "100px", - "id": 9, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "(sum(kube_deployment_status_replicas{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_desired_number_scheduled{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{ $Daemonset }}", - "refId": "A", - "step": 1800 - } - ], - "thresholds": "", - "title": "Total (cluster)", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 3, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "gridPos": { - "h": 11, - "w": 24, - "x": 0, - "y": 8 - }, - "height": "", - "id": 10, - "legend": { - "alignAsTable": true, - "avg": false, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/avlbl.*/", - "yaxis": 2 - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (irate (container_cpu_usage_seconds_total{container!=\"\",image!=\"\",name=~\"^k8s_.*\",io_kubernetes_container_name!=\"POD\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}[5m])) by (pod_name,kubernetes_io_hostname)", - "format": "time_series", - "hide": false, - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "usage: {{ kubernetes_io_hostname }} | {{ pod_name }} ", - "metric": "container_cpu", - "refId": "A", - "step": 60 - }, - { - "expr": "sum (kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", pod=~\"^$Deployment$Statefulset$Daemonset.*$\",node=~\"^$Node$\"}) by (pod,node)", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "rqst: {{ node }} | {{ pod }}", - "refId": "B", - "step": 120 - }, - { - "expr": "sum ((kube_node_status_allocatable{resource=\"cpu\", unit=\"core\", node=~\"^$Node$\"})) by (node)", - "format": "time_series", - "hide": true, - "intervalFactor": 2, - "legendFormat": "avlbl: {{ node }}", - "refId": "C", - "step": 30 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU usage & requests", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "cores", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 2, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "gridPos": { - "h": 13, - "w": 24, - "x": 0, - "y": 19 - }, - "id": 11, - "legend": { - "alignAsTable": true, - "avg": false, - "current": true, - "max": true, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/^avlbl.*$/", - "yaxis": 2 - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "max (container_memory_working_set_bytes{container!=\"POD\",container!=\"\",id!=\"/\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}) by (pod_name,kubernetes_io_hostname)", - "format": "time_series", - "hide": false, - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "usage: {{kubernetes_io_hostname }} | {{ pod_name }}", - "metric": "container_memory_usage:sort_desc", - "refId": "A", - "step": 60 - }, - { - "expr": "sum ((kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", pod=~\"^$Deployment$Statefulset$Daemonset.*$\",node=~\"^$Node$\"})) by (pod,node)", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "rqst: {{ node }} | {{ pod }}", - "refId": "B", - "step": 120 - }, - { - "expr": "sum ((kube_node_status_allocatable{resource=\"memory\", unit=\"byte\", node=~\"^$Node$\"})) by (node)", - "format": "time_series", - "hide": true, - "intervalFactor": 2, - "legendFormat": "avlbl: {{ node }}", - "refId": "C", - "step": 30 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory usage & requests", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fill": 1, - "gridPos": { - "h": 9, - "w": 24, - "x": 0, - "y": 32 - }, - "id": 12, - "legend": { - "alignAsTable": true, - "avg": false, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "100 * (kubelet_volume_stats_used_bytes{kubernetes_io_hostname=~\"^$Node$\", persistentvolumeclaim=~\".*$Deployment$Statefulset$Daemonset.*$\"} / kubelet_volume_stats_capacity_bytes{kubernetes_io_hostname=~\"^$Node$\", persistentvolumeclaim=~\".*$Deployment$Statefulset$Daemonset.*$\"})", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{ persistentvolumeclaim }} | {{ kubernetes_io_hostname }}", - "refId": "A", - "step": 120 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk Usage", - "tooltip": { - "shared": true, - "sort": 2, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 13, - "w": 24, - "x": 0, - "y": 41 - }, - "id": 13, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (rate (container_network_receive_bytes_total{id!=\"/\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}[2m])) by (pod_name, kubernetes_io_hostname)", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "-> {{ kubernetes_io_hostname }} | {{ pod_name }}", - "metric": "network", - "refId": "A", - "step": 60 - }, - { - "expr": "- sum( rate (container_network_transmit_bytes_total{id!=\"/\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}[2m])) by (pod_name, kubernetes_io_hostname)", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "<- {{ kubernetes_io_hostname }} | {{ pod_name }}", - "metric": "network", - "refId": "B", - "step": 60 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "All processes network I/O", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "refresh": false, - "schemaVersion": 16, - "style": "dark", - "tags": [ - "cost", - "utilization", - "metrics" - ], - "templating": { - "list": [ - { - "allValue": "()", - "current": { - "selected": false, - "tags": [], - "text": "All", - "value": "$__all" - }, - "datasource": "${datasource}", - "hide": 0, - "includeAll": true, - "label": null, - "multi": false, - "name": "Deployment", - "options": [], - "query": "label_values(deployment)", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": "()", - "current": { - "text": "All", - "value": "$__all" - }, - "datasource": "${datasource}", - "hide": 0, - "includeAll": true, - "label": null, - "multi": false, - "name": "Statefulset", - "options": [], - "query": "label_values(statefulset)", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": "()", - "current": { - "text": "All", - "value": "$__all" - }, - "datasource": "${datasource}", - "hide": 0, - "includeAll": true, - "label": null, - "multi": false, - "name": "Daemonset", - "options": [], - "query": "label_values(daemonset)", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": ".*", - "current": { - "text": "All", - "value": "$__all" - }, - "datasource": "${datasource}", - "hide": 0, - "includeAll": true, - "label": null, - "multi": false, - "name": "Node", - "options": [], - "query": "label_values(kubernetes_io_hostname)", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": true, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "error": null, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-24h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "Deployment/Statefulset/Daemonset utilization metrics", - "uid": "deployment-metrics", - "version": 1 -} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/label-cost-utilization.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/label-cost-utilization.json deleted file mode 100644 index 4c144df18b..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/label-cost-utilization.json +++ /dev/null @@ -1,1145 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "iteration": 1645115160709, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Monthly projected CPU cost given last 10m", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 5, - "w": 6, - "x": 0, - "y": 0 - }, - "hideTimeOverride": true, - "id": 15, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "sum(\n avg(container_cpu_allocation) by (pod,node)\n\n * on (node) group_left()\n avg(avg_over_time(node_cpu_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "CPU Cost", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Based on CPU usage over last 24 hours", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 5, - "w": 6, - "x": 6, - "y": 0 - }, - "hideTimeOverride": true, - "id": 16, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "sum(\n avg(container_memory_allocation_bytes) by (pod,node) / 1024 / 1024 / 1024\n\n * on (node) group_left()\n avg(avg_over_time(node_ram_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "Memory Cost", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 5, - "w": 6, - "x": 12, - "y": 0 - }, - "hideTimeOverride": true, - "id": 21, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "sum(\n sum(kube_persistentvolumeclaim_info{storageclass!=\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .04 \n\n+\n\nsum(\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .17 \n", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "Storage Cost", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Cost of memory + CPU usage", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "currencyUSD" - }, - "overrides": [] - }, - "gridPos": { - "h": 5, - "w": 6, - "x": 18, - "y": 0 - }, - "hideTimeOverride": true, - "id": 20, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "P0C970EB638C812D0" - }, - "exemplar": false, - "expr": "# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ CPU ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nsum(\n avg(container_cpu_allocation) by (pod,node)\n\n * on (node) group_left()\n avg(avg_over_time(node_cpu_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730\n\n#END CPU\n+\n\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Memory ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nsum(\n avg(container_memory_allocation_bytes) by (pod,node) / 1024 / 1024 / 1024\n\n * on (node) group_left()\n avg(avg_over_time(node_ram_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730\n\n# END MEMORY\n\n+\n\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~ STORAGE ~~~~~~~~~~~~~~~~~~~~~~~~~\n\nsum(\n sum(kube_persistentvolumeclaim_info{storageclass!=\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .04 \n\n+\n\nsum(\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .17 \n\n\n# END STORAGE\n", - "format": "time_series", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": " {{ node }}", - "refId": "A" - } - ], - "timeFrom": "15m", - "title": "Total Cost", - "type": "stat" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 0, - "y": 5 - }, - "id": 10, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "expr": "sum(\n sum (kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) by (pod)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod)\n or up * 0\n) ", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "CPU Request", - "type": "stat" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 2, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 3, - "y": 5 - }, - "id": 17, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "expr": "sum(\n label_replace(\n sum(rate(container_cpu_usage_seconds_total{image!=\"\",container_name!=\"POD\"}[1h])) by (kubernetes_io_hostname,pod_name),\n \"node\",\n \"$1\", \n \"kubernetes_io_hostname\", \n \"(.+)\"\n ) \n * on (pod_name) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n ) or up * 0\n) ", - "format": "time_series", - "intervalFactor": 2, - "refId": "A" - } - ], - "title": "CPU Used", - "type": "stat" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 0, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 6, - "y": 5 - }, - "id": 11, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "expr": "sum(\n sum (kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\"}) by (pod)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod)\n or up * 0\n) ", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Memory Request", - "type": "stat" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 3, - "x": 9, - "y": 5 - }, - "id": 18, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "expr": "sum(\n label_replace(\n sum (container_memory_working_set_bytes{pod_name!=\"\",container!=\"POD\",container!=\"\"}) by (pod_name),\n \"pod\",\n \"$1\", \n \"pod_name\", \n \"(.+)\")\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod)\n or up * 0\n)", - "format": "time_series", - "instant": true, - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Memory Usage", - "type": "stat" - }, - { - "datasource": { - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 0, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 12, - "y": 5 - }, - "id": 22, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "targets": [ - { - "expr": "sum(\n max(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) \n", - "format": "time_series", - "instant": true, - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Storage Request", - "type": "stat" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 9 - }, - "hiddenSeries": false, - "id": 8, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_limits{resource=\"cpu\", unit=\"core\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "limit", - "refId": "C" - }, - { - "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "request", - "refId": "B" - }, - { - "expr": "sum(\n label_replace(\n sum (rate (container_cpu_usage_seconds_total{image!=\"\",container!=\"POD\",container!=\"\"}[10m])) by (container,pod),\n \"pod\", \n \"$1\", \n \"pod_name\", \n \"(.+)\"\n )\n * on (pod) group_left (label_$label)\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container)\n)\n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "usage", - "refId": "A" - } - ], - "thresholds": [], - "timeRegions": [], - "title": "CPU Usage vs Requests vs Limits", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "logBase": 1, - "min": "0", - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": { - "uid": "${datasource}" - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 9 - }, - "hiddenSeries": false, - "id": 23, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "options": { - "alertThreshold": true - }, - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_limits{resource=\"memory\", unit=\"byte\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "limit", - "refId": "C" - }, - { - "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "request", - "refId": "B" - }, - { - "expr": "sum(\n label_replace(\n sum (container_memory_working_set_bytes{container!=\"\",container!=\"POD\"}) by (container,pod),\n \"pod\", \n \"$1\", \n \"pod_name\", \n \"(.+)\"\n )\n * on (pod) group_left (label_$label)\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container)\n)\n", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "usage", - "refId": "A" - } - ], - "thresholds": [], - "timeRegions": [], - "title": "Memory Usage vs Requests vs Limits", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "mode": "time", - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "logBase": 1, - "min": "0", - "show": true - }, - { - "format": "short", - "logBase": 1, - "show": true - } - ], - "yaxis": { - "align": false - } - } - ], - "refresh": false, - "schemaVersion": 34, - "style": "dark", - "tags": [ - "cost", - "utilization", - "metrics" - ], - "templating": { - "list": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "filters": [], - "hide": 0, - "label": "", - "name": "Filters", - "skipUrlSync": false, - "type": "adhoc" - }, - { - "current": { - "tags": [], - "text": "app", - "value": "app" - }, - "hide": 0, - "includeAll": false, - "label": "Label", - "multi": false, - "name": "label", - "options": [ - { - "selected": true, - "text": "app", - "value": "app" - }, - { - "selected": false, - "text": "tier", - "value": "tier" - }, - { - "selected": false, - "text": "component", - "value": "component" - }, - { - "selected": false, - "text": "release", - "value": "release" - }, - { - "selected": false, - "text": "name", - "value": "name" - }, - { - "selected": false, - "text": "team", - "value": "team" - }, - { - "selected": false, - "text": "department", - "value": "department" - }, - { - "selected": false, - "text": "owner", - "value": "owner" - }, - { - "selected": false, - "text": "contact", - "value": "contact" - } - ], - "query": "app, tier, component, release, name, team, department, owner, contact", - "skipUrlSync": false, - "type": "custom" - }, - { - "allValue": ".*", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "", - "hide": 0, - "includeAll": true, - "label": "Value", - "multi": false, - "name": "label_value", - "options": [], - "query": { - "query": "query_result(SUM(kube_pod_labels{label_$label!=\"\",namespace!=\"kube-system\"}) by (label_$label))", - "refId": "default-kubecost-label_value-Variable-Query" - }, - "refresh": 1, - "regex": "/label_$label=\\\"(.*?)(\\\")/", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": "()", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "", - "hide": 0, - "includeAll": true, - "label": "", - "multi": false, - "name": "Deployments", - "options": [], - "query": { - "query": "label_values(deployment)", - "refId": "default-kubecost-Deployments-Variable-Query" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "", - "hide": 0, - "includeAll": true, - "multi": false, - "name": "Secondary", - "options": [], - "query": { - "query": "query_result(kube_pod_labels)", - "refId": "default-kubecost-Secondary-Variable-Query" - }, - "refresh": 1, - "regex": "/.+?label_([^=]*).*/", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-24h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "", - "title": "Label costs & utilization", - "uid": "lWMhIA-ik", - "version": 1, - "weekStart": "" -} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/namespace-utilization.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/namespace-utilization.json deleted file mode 100644 index a2e60c1f20..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/namespace-utilization.json +++ /dev/null @@ -1,1175 +0,0 @@ -{ - "annotations":{ - "list":[ - { - "builtIn":1, - "datasource":"-- Grafana --", - "enable":true, - "hide":true, - "iconColor":"rgba(0, 211, 255, 1)", - "name":"Annotations & Alerts", - "type":"dashboard" - } - ] - }, - "description":"A dashboard to help with utilization and resource allocation", - "editable":true, - "gnetId":8673, - "graphTooltip":0, - "id":9, - "iteration":1553150922105, - "links":[ - - ], - "panels":[ - { - "columns":[ - { - "text":"Avg", - "value":"avg" - } - ], - "datasource":"${datasource}", - "fontSize":"100%", - "gridPos":{ - "h":9, - "w":16, - "x":0, - "y":0 - }, - "hideTimeOverride":true, - "id":73, - "links":[ - - ], - "pageSize":8, - "repeat":null, - "repeatDirection":"v", - "scroll":true, - "showHeader":true, - "sort":{ - "col":2, - "desc":false - }, - "styles":[ - { - "alias":"Pod", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "link":false, - "linkTooltip":"", - "linkUrl":"", - "pattern":"pod_name", - "thresholds":[ - "30", - "80" - ], - "type":"string", - "unit":"currencyUSD" - }, - { - "alias":"RAM", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "pattern":"Value #B", - "thresholds":[ - - ], - "type":"number", - "unit":"decbytes" - }, - { - "alias":"CPU %", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #A", - "thresholds":[ - - ], - "type":"number", - "unit":"percent" - }, - { - "alias":"", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Time", - "thresholds":[ - - ], - "type":"hidden", - "unit":"short" - }, - { - "alias":"Storage", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #C", - "thresholds":[ - - ], - "type":"number", - "unit":"currencyUSD" - }, - { - "alias":"Total", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #D", - "thresholds":[ - - ], - "type":"number", - "unit":"currencyUSD" - }, - { - "alias":"CPU Utilization", - "colorMode":"value", - "colors":[ - "#bf1b00", - "rgba(50, 172, 45, 0.97)", - "#ef843c" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #E", - "thresholds":[ - "30", - "80" - ], - "type":"number", - "unit":"percent" - }, - { - "alias":"RAM Utilization", - "colorMode":"value", - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#ef843c" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #F", - "thresholds":[ - "30", - "80" - ], - "type":"number", - "unit":"percent" - } - ], - "targets":[ - { - "expr":"sum (rate (container_cpu_usage_seconds_total{namespace=\"$namespace\"}[10m])) by (pod_name) * 100", - "format":"table", - "hide":false, - "instant":true, - "interval":"", - "intervalFactor":1, - "legendFormat":"{{ pod_name }}", - "refId":"A" - }, - { - "expr":"sum (avg_over_time (container_memory_working_set_bytes{namespace=\"$namespace\", container_name!=\"POD\"}[10m])) by (pod_name)", - "format":"table", - "hide":false, - "instant":true, - "intervalFactor":1, - "legendFormat":"{{ pod_name }}", - "refId":"B" - } - ], - "timeFrom":"1M", - "timeShift":null, - "title":"Pod utilization analysis", - "transform":"table", - "transparent":false, - "type":"table" - }, - { - "columns":[ - { - "text":"Avg", - "value":"avg" - } - ], - "datasource":"${datasource}", - "fontSize":"100%", - "gridPos":{ - "h":9, - "w":8, - "x":16, - "y":0 - }, - "hideTimeOverride":true, - "id":90, - "links":[ - - ], - "pageSize":8, - "repeatDirection":"v", - "scroll":true, - "showHeader":true, - "sort":{ - "col":4, - "desc":true - }, - "styles":[ - { - "alias":"Namespace", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"namespace", - "thresholds":[ - - ], - "type":"hidden", - "unit":"short" - }, - { - "alias":"PVC Name", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"persistentvolumeclaim", - "thresholds":[ - - ], - "type":"number", - "unit":"short" - }, - { - "alias":"Storage Class", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"storageclass", - "thresholds":[ - - ], - "type":"number", - "unit":"short" - }, - { - "alias":"Size", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":1, - "mappingType":1, - "pattern":"Value", - "thresholds":[ - - ], - "type":"number", - "unit":"gbytes" - }, - { - "alias":"", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Time", - "thresholds":[ - - ], - "type":"hidden", - "unit":"short" - } - ], - "targets":[ - { - "expr":"sum (\n sum(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right (storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{namespace=~\"$namespace\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024 ", - "format":"table", - "hide":false, - "instant":true, - "interval":"", - "intervalFactor":1, - "legendFormat":"{{ persistentvolumeclaim }}", - "refId":"A" - } - ], - "timeFrom":null, - "timeShift":null, - "title":"Persistent Volume Claims", - "transform":"table", - "transparent":false, - "type":"table" - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "description":"CPU requests by pod divided by the rate of CPU usage over the last hour", - "fill":1, - "gridPos":{ - "h":9, - "w":24, - "x":0, - "y":9 - }, - "id":100, - "legend":{ - "avg":false, - "current":false, - "max":false, - "min":false, - "show":true, - "total":false, - "values":false - }, - "lines":true, - "linewidth":1, - "links":[ - - ], - "nullPointMode":"null", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":false, - "targets":[ - { - "expr":"topk(10,\n label_replace(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace=\"$namespace\"}) by (pod),\n \"pod_name\", \n \"$1\", \n \"pod\", \n \"(.+)\"\n ) \n/ on (pod_name) sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\",pod_name=~\".+\"}[1h])) by (pod_name))", - "format":"time_series", - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":[ - - ], - "timeFrom":null, - "timeShift":null, - "title":"Ratio of CPU requests to usage (Top 10 pods)", - "tooltip":{ - "shared":true, - "sort":0, - "value_type":"individual" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":true - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":3, - "description":"This panel shows historical utilization as an average across all pods in this namespace. It only accounts for currently deployed pods", - "editable":true, - "error":false, - "fill":0, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":0, - "y":18 - }, - "height":"", - "id":94, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":false, - "current":false, - "hideEmpty":false, - "hideZero":false, - "max":false, - "min":false, - "rightSide":false, - "show":false, - "sideWidth":null, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":true, - "targets":[ - { - "expr":"sum (rate (container_cpu_usage_seconds_total{namespace=\"$namespace\"}[10m])) by (namespace)\n", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"10s", - "intervalFactor":1, - "legendFormat":"cpu utilization", - "metric":"container_cpu", - "refId":"A", - "step":10 - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"Overall CPU Utilization", - "tooltip":{ - "msResolution":true, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "decimals":null, - "format":"percent", - "label":"", - "logBase":1, - "max":"110", - "min":"0", - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":2, - "description":"This panel shows historical utilization as an average across all pods in this namespace. It only accounts for currently deployed pods", - "editable":true, - "error":false, - "fill":0, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":12, - "y":18 - }, - "id":92, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":false, - "current":false, - "max":false, - "min":false, - "rightSide":false, - "show":false, - "sideWidth":200, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":true, - "targets":[ - { - "expr":"sum (container_memory_working_set_bytes{namespace=\"$namespace\"})\n/\nsum(node_memory_MemTotal_bytes)", - "format":"time_series", - "instant":false, - "intervalFactor":1, - "legendFormat":"mem utilization", - "refId":"B" - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"Overall RAM Utilization", - "tooltip":{ - "msResolution":false, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "decimals":null, - "format":"percent", - "label":null, - "logBase":1, - "max":"110", - "min":"0", - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":2, - "description":"Traffic in and out of this namespace, as a sum of the pods within it", - "editable":true, - "error":false, - "fill":1, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":0, - "y":24 - }, - "height":"", - "id":96, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":true, - "current":true, - "hideEmpty":false, - "hideZero":false, - "max":false, - "min":false, - "rightSide":false, - "show":true, - "sideWidth":null, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":false, - "targets":[ - { - "expr":"sum (rate (container_network_receive_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"<- in", - "metric":"container_cpu", - "refId":"A", - "step":10 - }, - { - "expr":"- sum (rate (container_network_transmit_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"-> out", - "refId":"B" - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"Network IO", - "tooltip":{ - "msResolution":true, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "format":"Bps", - "label":"", - "logBase":1, - "max":null, - "min":null, - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":2, - "description":"Disk reads and writes for the namespace, as a sum of the pods within it", - "editable":true, - "error":false, - "fill":1, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":12, - "y":24 - }, - "height":"", - "id":98, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":true, - "current":true, - "hideEmpty":false, - "hideZero":false, - "max":false, - "min":false, - "rightSide":false, - "show":true, - "sideWidth":null, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":false, - "targets":[ - { - "expr":"sum (rate (container_fs_writes_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"<- write", - "metric":"container_cpu", - "refId":"A", - "step":10 - }, - { - "expr":"- sum (rate (container_fs_reads_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"-> read", - "refId":"B" - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"Disk IO", - "tooltip":{ - "msResolution":true, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "format":"Bps", - "label":"", - "logBase":1, - "max":null, - "min":null, - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - } - ], - "refresh":"10s", - "schemaVersion":16, - "style":"dark", - "tags":[ - "cost", - "utilization", - "metrics" - ], - "templating":{ - "list":[ - { - "current":{ - "text":"23.06", - "value":"23.06" - }, - "hide":0, - "label":"CPU", - "name":"costcpu", - "options":[ - { - "text":"23.06", - "value":"23.06" - } - ], - "query":"23.06", - "skipUrlSync":false, - "type":"constant" - }, - { - "current":{ - "text":"7.28", - "value":"7.28" - }, - "hide":0, - "label":"PE CPU", - "name":"costpcpu", - "options":[ - { - "text":"7.28", - "value":"7.28" - } - ], - "query":"7.28", - "skipUrlSync":false, - "type":"constant" - }, - { - "current":{ - "text":"3.25", - "value":"3.25" - }, - "hide":0, - "label":"RAM", - "name":"costram", - "options":[ - { - "text":"3.25", - "value":"3.25" - } - ], - "query":"3.25", - "skipUrlSync":false, - "type":"constant" - }, - { - "current":{ - "text":"0.6862", - "value":"0.6862" - }, - "hide":0, - "label":"PE RAM", - "name":"costpram", - "options":[ - { - "text":"0.6862", - "value":"0.6862" - } - ], - "query":"0.6862", - "skipUrlSync":false, - "type":"constant" - }, - { - "current":{ - "text":"0.04", - "value":"0.04" - }, - "hide":0, - "label":"Storage", - "name":"costStorageStandard", - "options":[ - { - "text":"0.04", - "value":"0.04" - } - ], - "query":"0.04", - "skipUrlSync":false, - "type":"constant" - }, - { - "current":{ - "text":".17", - "value":".17" - }, - "hide":0, - "label":"SSD", - "name":"costStorageSSD", - "options":[ - { - "text":".17", - "value":".17" - } - ], - "query":".17", - "skipUrlSync":false, - "type":"constant" - }, - { - "current":{ - "text":"30", - "value":"30" - }, - "hide":0, - "label":"Disc.", - "name":"costDiscount", - "options":[ - { - "text":"30", - "value":"30" - } - ], - "query":"30", - "skipUrlSync":false, - "type":"constant" - }, - { - "allValue":null, - "current":{ - "text":"kube-system", - "value":"kube-system" - }, - "datasource":"${datasource}", - "hide":0, - "includeAll":false, - "label":"NS", - "multi":false, - "name":"namespace", - "options":[ - - ], - "query":"query_result(sum(kube_namespace_created{namespace!=\"\"}) by (namespace))", - "refresh":1, - "regex":"/namespace=\\\"(.*?)(\\\")/", - "skipUrlSync":false, - "sort":0, - "tagValuesQuery":"", - "tags":[ - - ], - "tagsQuery":"", - "type":"query", - "useTags":false - }, - { - "datasource":"${datasource}", - "filters":[ - - ], - "hide":0, - "label":"", - "name":"Filters", - "skipUrlSync":false, - "type":"adhoc" - }, - { - "current": { - "selected": true, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "error": null, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time":{ - "from":"now-15m", - "to":"now" - }, - "timepicker":{ - "hidden":false, - "refresh_intervals":[ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options":[ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone":"browser", - "title":"Namespace utilization metrics", - "uid":"at-cost-analysis-namespace2", - "version":1 -} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/node-utilization.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/node-utilization.json deleted file mode 100644 index dc03cc0743..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/node-utilization.json +++ /dev/null @@ -1,1389 +0,0 @@ -{ - "annotations":{ - "list":[ - { - "builtIn":1, - "datasource":"-- Grafana --", - "enable":true, - "hide":true, - "iconColor":"rgba(0, 211, 255, 1)", - "name":"Annotations & Alerts", - "type":"dashboard" - } - ] - }, - "editable":true, - "gnetId":null, - "graphTooltip":0, - "id":6, - "iteration":1557245882378, - "links":[ - - ], - "panels":[ - { - "cacheTimeout":null, - "colorBackground":false, - "colorValue":false, - "colors":[ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource":"${datasource}", - "format":"percentunit", - "gauge":{ - "maxValue":100, - "minValue":0, - "show":true, - "thresholdLabels":false, - "thresholdMarkers":true - }, - "gridPos":{ - "h":7, - "w":8, - "x":0, - "y":0 - }, - "id":2, - "interval":null, - "links":[ - - ], - "mappingType":1, - "mappingTypes":[ - { - "name":"value to text", - "value":1 - }, - { - "name":"range to text", - "value":2 - } - ], - "maxDataPoints":100, - "nullPointMode":"connected", - "nullText":null, - "postfix":"", - "postfixFontSize":"50%", - "prefix":"", - "prefixFontSize":"50%", - "rangeMaps":[ - { - "from":"null", - "text":"N/A", - "to":"null" - } - ], - "sparkline":{ - "fillColor":"rgba(31, 118, 189, 0.18)", - "full":false, - "lineColor":"rgb(31, 120, 193)", - "show":false - }, - "tableColumn":"", - "targets":[ - { - "expr":"sum(irate(container_cpu_usage_seconds_total{id=\"/\",instance=\"$node\"}[10m]))", - "format":"time_series", - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":"", - "title":"CPU Usage", - "type":"singlestat", - "valueFontSize":"80%", - "valueMaps":[ - { - "op":"=", - "text":"N/A", - "value":"null" - } - ], - "valueName":"avg" - }, - { - "cacheTimeout":null, - "colorBackground":false, - "colorValue":false, - "colors":[ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource":"${datasource}", - "format":"percentunit", - "gauge":{ - "maxValue":100, - "minValue":0, - "show":true, - "thresholdLabels":false, - "thresholdMarkers":true - }, - "gridPos":{ - "h":7, - "w":8, - "x":8, - "y":0 - }, - "id":3, - "interval":null, - "links":[ - - ], - "mappingType":1, - "mappingTypes":[ - { - "name":"value to text", - "value":1 - }, - { - "name":"range to text", - "value":2 - } - ], - "maxDataPoints":100, - "nullPointMode":"connected", - "nullText":null, - "postfix":"", - "postfixFontSize":"50%", - "prefix":"", - "prefixFontSize":"50%", - "rangeMaps":[ - { - "from":"null", - "text":"N/A", - "to":"null" - } - ], - "sparkline":{ - "fillColor":"rgba(31, 118, 189, 0.18)", - "full":false, - "lineColor":"rgb(31, 120, 193)", - "show":false - }, - "tableColumn":"", - "targets":[ - { - "expr":"SUM(container_memory_usage_bytes{namespace!=\"\",instance=\"$node\"}) / SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\", node=\"$node\"})", - "format":"time_series", - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":"", - "title":"Memory Usage", - "type":"singlestat", - "valueFontSize":"80%", - "valueMaps":[ - { - "op":"=", - "text":"N/A", - "value":"null" - } - ], - "valueName":"avg" - }, - { - "cacheTimeout":null, - "colorBackground":false, - "colorValue":false, - "colors":[ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource":"${datasource}", - "format":"percentunit", - "gauge":{ - "maxValue":100, - "minValue":0, - "show":true, - "thresholdLabels":false, - "thresholdMarkers":true - }, - "gridPos":{ - "h":7, - "w":8, - "x":16, - "y":0 - }, - "id":4, - "interval":null, - "links":[ - - ], - "mappingType":1, - "mappingTypes":[ - { - "name":"value to text", - "value":1 - }, - { - "name":"range to text", - "value":2 - } - ], - "maxDataPoints":100, - "nullPointMode":"connected", - "nullText":null, - "postfix":"", - "postfixFontSize":"50%", - "prefix":"", - "prefixFontSize":"50%", - "rangeMaps":[ - { - "from":"null", - "text":"N/A", - "to":"null" - } - ], - "sparkline":{ - "fillColor":"rgba(31, 118, 189, 0.18)", - "full":false, - "lineColor":"rgb(31, 120, 193)", - "show":false - }, - "tableColumn":"", - "targets":[ - { - "expr":"sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\",instance=\"$node\"}) /\nsum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\",instance=\"$node\"})", - "format":"time_series", - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":"", - "title":"Storage Usage", - "type":"singlestat", - "valueFontSize":"80%", - "valueMaps":[ - { - "op":"=", - "text":"N/A", - "value":"null" - } - ], - "valueName":"avg" - }, - { - "columns":[ - { - "text":"Avg", - "value":"avg" - } - ], - "datasource":"${datasource}", - "fontSize":"100%", - "gridPos":{ - "h":8, - "w":16, - "x":0, - "y":7 - }, - "hideTimeOverride":true, - "id":21, - "links":[ - - ], - "pageSize":8, - "repeat":null, - "repeatDirection":"v", - "scroll":true, - "showHeader":true, - "sort":{ - "col":4, - "desc":true - }, - "styles":[ - { - "alias":"Pod", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "link":false, - "linkTooltip":"", - "linkUrl":"", - "pattern":"pod_name", - "thresholds":[ - "30", - "80" - ], - "type":"string", - "unit":"currencyUSD" - }, - { - "alias":"", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Time", - "thresholds":[ - - ], - "type":"hidden", - "unit":"short" - }, - { - "alias":"CPU Usage", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #C", - "thresholds":[ - - ], - "type":"number", - "unit":"short" - }, - { - "alias":"CPU Request", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #A", - "thresholds":[ - - ], - "type":"number", - "unit":"short" - }, - { - "alias":"CPU Limit", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #B", - "thresholds":[ - - ], - "type":"number", - "unit":"short" - }, - { - "alias":"Mem Usage", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #D", - "thresholds":[ - - ], - "type":"number", - "unit":"bytes" - }, - { - "alias":"Mem Request", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #E", - "thresholds":[ - - ], - "type":"number", - "unit":"bytes" - }, - { - "alias":"Mem Limit", - "colorMode":null, - "colors":[ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat":"YYYY-MM-DD HH:mm:ss", - "decimals":2, - "mappingType":1, - "pattern":"Value #F", - "thresholds":[ - - ], - "type":"number", - "unit":"bytes" - } - ], - "targets":[ - { - "expr":"sum(rate(container_cpu_usage_seconds_total{container_name!=\"\",container_name!=\"POD\",pod_name!=\"\",instance=\"$node\"}[24h])) by (pod_name)", - "format":"table", - "instant":true, - "intervalFactor":1, - "refId":"C" - }, - { - "expr":"sum(label_replace(\nsum(avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", container!=\"\",container!=\"POD\",node=\"$node\"}[24h])) by (pod), \n\"pod_name\",\"$1\",\"pod\",\"(.+)\")\nor up * 0\n) by (pod_name)", - "format":"table", - "instant":true, - "intervalFactor":1, - "refId":"A" - }, - { - "expr":"sum(avg_over_time(container_memory_usage_bytes{container_name!=\"\",container_name!=\"POD\",pod_name!=\"\",instance=\"$node\"}[24h])) by (pod_name)\n", - "format":"table", - "instant":true, - "intervalFactor":1, - "refId":"D" - }, - { - "expr":"sum(label_replace(label_replace(\nsum(avg_over_time(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", container!=\"\",container!=\"POD\",node=\"$node\"}[24h])) by (pod),\n\"container_name\",\"$1\",\"container\",\"(.+)\"), \"pod_name\",\"$1\",\"pod\",\"(.+)\")\nor up * 0\n) by (pod_name)\n", - "format":"table", - "instant":true, - "intervalFactor":1, - "refId":"E" - } - ], - "timeFrom":"1M", - "timeShift":null, - "title":"Current pods", - "transform":"table", - "transparent":false, - "type":"table" - }, - { - "cacheTimeout":null, - "colorBackground":false, - "colorValue":false, - "colors":[ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource":"${datasource}", - "decimals":0, - "format":"none", - "gauge":{ - "maxValue":100, - "minValue":0, - "show":false, - "thresholdLabels":false, - "thresholdMarkers":true - }, - "gridPos":{ - "h":4, - "w":4, - "x":16, - "y":7 - }, - "id":8, - "interval":null, - "links":[ - - ], - "mappingType":1, - "mappingTypes":[ - { - "name":"value to text", - "value":1 - }, - { - "name":"range to text", - "value":2 - } - ], - "maxDataPoints":100, - "nullPointMode":"connected", - "nullText":null, - "postfix":"", - "postfixFontSize":"50%", - "prefix":"", - "prefixFontSize":"50%", - "rangeMaps":[ - { - "from":"null", - "text":"N/A", - "to":"null" - } - ], - "sparkline":{ - "fillColor":"rgba(31, 118, 189, 0.18)", - "full":false, - "lineColor":"rgb(31, 120, 193)", - "show":false - }, - "tableColumn":"", - "targets":[ - { - "expr":"sum(\n count(avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", container!=\"\",container!=\"POD\",node=\"$node\"}[24h])) by (pod)\n * on (pod) group_right()\n sum(kube_pod_container_status_running) by (pod)\n)", - "format":"time_series", - "instant":true, - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":"", - "title":"Pods Running", - "type":"singlestat", - "valueFontSize":"80%", - "valueMaps":[ - { - "op":"=", - "text":"N/A", - "value":"null" - } - ], - "valueName":"current" - }, - { - "cacheTimeout":null, - "colorBackground":false, - "colorValue":false, - "colors":[ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource":"${datasource}", - "format":"bytes", - "gauge":{ - "maxValue":100, - "minValue":0, - "show":false, - "thresholdLabels":false, - "thresholdMarkers":true - }, - "gridPos":{ - "h":4, - "w":4, - "x":20, - "y":7 - }, - "id":18, - "interval":null, - "links":[ - - ], - "mappingType":1, - "mappingTypes":[ - { - "name":"value to text", - "value":1 - }, - { - "name":"range to text", - "value":2 - } - ], - "maxDataPoints":100, - "nullPointMode":"connected", - "nullText":null, - "postfix":"", - "postfixFontSize":"50%", - "prefix":"", - "prefixFontSize":"50%", - "rangeMaps":[ - { - "from":"null", - "text":"N/A", - "to":"null" - } - ], - "sparkline":{ - "fillColor":"rgba(31, 118, 189, 0.18)", - "full":false, - "lineColor":"rgb(31, 120, 193)", - "show":false - }, - "tableColumn":"", - "targets":[ - { - "expr":"sum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\",instance=\"$node\"})", - "format":"time_series", - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":"", - "title":"Storage Capacity", - "type":"singlestat", - "valueFontSize":"80%", - "valueMaps":[ - { - "op":"=", - "text":"N/A", - "value":"null" - } - ], - "valueName":"current" - }, - { - "cacheTimeout":null, - "colorBackground":false, - "colorValue":false, - "colors":[ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource":"${datasource}", - "format":"none", - "gauge":{ - "maxValue":100, - "minValue":0, - "show":false, - "thresholdLabels":false, - "thresholdMarkers":true - }, - "gridPos":{ - "h":4, - "w":4, - "x":16, - "y":11 - }, - "id":9, - "interval":null, - "links":[ - - ], - "mappingType":1, - "mappingTypes":[ - { - "name":"value to text", - "value":1 - }, - { - "name":"range to text", - "value":2 - } - ], - "maxDataPoints":100, - "nullPointMode":"connected", - "nullText":null, - "postfix":"", - "postfixFontSize":"50%", - "prefix":"", - "prefixFontSize":"50%", - "rangeMaps":[ - { - "from":"null", - "text":"N/A", - "to":"null" - } - ], - "sparkline":{ - "fillColor":"rgba(31, 118, 189, 0.18)", - "full":false, - "lineColor":"rgb(31, 120, 193)", - "show":false - }, - "tableColumn":"", - "targets":[ - { - "expr":"kube_node_status_capacity{resource=\"cpu\", unit=\"core\", node=\"$node\"}", - "format":"time_series", - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":"", - "title":"CPU Capacity", - "type":"singlestat", - "valueFontSize":"80%", - "valueMaps":[ - { - "op":"=", - "text":"N/A", - "value":"null" - } - ], - "valueName":"avg" - }, - { - "cacheTimeout":null, - "colorBackground":false, - "colorValue":false, - "colors":[ - "#299c46", - "rgba(237, 129, 40, 0.89)", - "#d44a3a" - ], - "datasource":"${datasource}", - "format":"bytes", - "gauge":{ - "maxValue":100, - "minValue":0, - "show":false, - "thresholdLabels":false, - "thresholdMarkers":true - }, - "gridPos":{ - "h":4, - "w":4, - "x":20, - "y":11 - }, - "id":19, - "interval":null, - "links":[ - - ], - "mappingType":1, - "mappingTypes":[ - { - "name":"value to text", - "value":1 - }, - { - "name":"range to text", - "value":2 - } - ], - "maxDataPoints":100, - "nullPointMode":"connected", - "nullText":null, - "postfix":"", - "postfixFontSize":"50%", - "prefix":"", - "prefixFontSize":"50%", - "rangeMaps":[ - { - "from":"null", - "text":"N/A", - "to":"null" - } - ], - "sparkline":{ - "fillColor":"rgba(31, 118, 189, 0.18)", - "full":false, - "lineColor":"rgb(31, 120, 193)", - "show":false - }, - "tableColumn":"", - "targets":[ - { - "expr":"kube_node_status_capacity{resource=\"memory\", unit=\"byte\", node=\"$node\"}", - "format":"time_series", - "intervalFactor":1, - "refId":"A" - } - ], - "thresholds":"", - "title":"RAM Capacity", - "type":"singlestat", - "valueFontSize":"80%", - "valueMaps":[ - { - "op":"=", - "text":"N/A", - "value":"null" - } - ], - "valueName":"current" - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":3, - "description":"This panel shows historical utilization for the node.", - "editable":true, - "error":false, - "fill":0, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":0, - "y":15 - }, - "height":"", - "id":11, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":false, - "current":false, - "hideEmpty":false, - "hideZero":false, - "max":false, - "min":false, - "rightSide":false, - "show":false, - "sideWidth":null, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":true, - "targets":[ - { - "expr":"sum(irate(container_cpu_usage_seconds_total{id=\"/\",instance=\"$node\"}[10m]))", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"10s", - "intervalFactor":1, - "legendFormat":"cpu utilization", - "metric":"container_cpu", - "refId":"A", - "step":10 - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"CPU Utilization", - "tooltip":{ - "msResolution":true, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "decimals":null, - "format":"percentunit", - "label":"", - "logBase":1, - "max":"1.1", - "min":"0", - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":2, - "description":"This panel shows historical utilization for the node.", - "editable":true, - "error":false, - "fill":0, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":12, - "y":15 - }, - "id":13, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":false, - "current":false, - "max":false, - "min":false, - "rightSide":false, - "show":false, - "sideWidth":200, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":true, - "targets":[ - { - "expr":"SUM(container_memory_usage_bytes{namespace!=\"\",instance=\"$node\"}) / SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\", node=\"$node\"})", - "format":"time_series", - "instant":false, - "interval":"10s", - "intervalFactor":1, - "legendFormat":"ram utilization", - "metric":"container_memory_usage:sort_desc", - "refId":"A", - "step":10 - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"RAM Utilization", - "tooltip":{ - "msResolution":false, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "decimals":null, - "format":"percentunit", - "label":null, - "logBase":1, - "max":"1.1", - "min":"0", - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":2, - "description":"Traffic in and out of this namespace, as a sum of the pods within it", - "editable":true, - "error":false, - "fill":1, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":0, - "y":21 - }, - "height":"", - "id":15, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":true, - "current":true, - "hideEmpty":false, - "hideZero":false, - "max":false, - "min":false, - "rightSide":false, - "show":true, - "sideWidth":null, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":false, - "targets":[ - { - "expr":"sum (rate (container_network_receive_bytes_total{instance=\"$node\"}[10m]))", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"<- in", - "metric":"container_cpu", - "refId":"A", - "step":10 - }, - { - "expr":"- sum (rate (container_network_transmit_bytes_total{instance=\"$node\"}[10m]))", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"-> out", - "refId":"B" - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"Network IO", - "tooltip":{ - "msResolution":true, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "format":"Bps", - "label":"", - "logBase":1, - "max":null, - "min":null, - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - }, - { - "aliasColors":{ - - }, - "bars":false, - "dashLength":10, - "dashes":false, - "datasource":"${datasource}", - "decimals":2, - "description":"Disk reads and writes for the namespace, as a sum of the pods within it", - "editable":true, - "error":false, - "fill":1, - "grid":{ - - }, - "gridPos":{ - "h":6, - "w":12, - "x":12, - "y":21 - }, - "height":"", - "id":17, - "isNew":true, - "legend":{ - "alignAsTable":false, - "avg":true, - "current":true, - "hideEmpty":false, - "hideZero":false, - "max":false, - "min":false, - "rightSide":false, - "show":true, - "sideWidth":null, - "sort":"current", - "sortDesc":true, - "total":false, - "values":true - }, - "lines":true, - "linewidth":2, - "links":[ - - ], - "nullPointMode":"connected", - "percentage":false, - "pointradius":5, - "points":false, - "renderer":"flot", - "seriesOverrides":[ - - ], - "spaceLength":10, - "stack":false, - "steppedLine":false, - "targets":[ - { - "expr":"sum (rate (container_fs_writes_bytes_total{instance=\"$node\"}[10m]))", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"<- write", - "metric":"container_cpu", - "refId":"A", - "step":10 - }, - { - "expr":"- sum (rate (container_fs_reads_bytes_total{instance=\"$node\"}[10m]))", - "format":"time_series", - "hide":false, - "instant":false, - "interval":"", - "intervalFactor":1, - "legendFormat":"-> read", - "refId":"B" - } - ], - "thresholds":[ - - ], - "timeFrom":"", - "timeShift":null, - "title":"Disk IO", - "tooltip":{ - "msResolution":true, - "shared":true, - "sort":2, - "value_type":"cumulative" - }, - "type":"graph", - "xaxis":{ - "buckets":null, - "mode":"time", - "name":null, - "show":true, - "values":[ - - ] - }, - "yaxes":[ - { - "format":"Bps", - "label":"", - "logBase":1, - "max":null, - "min":null, - "show":true - }, - { - "format":"short", - "label":null, - "logBase":1, - "max":null, - "min":null, - "show":false - } - ], - "yaxis":{ - "align":false, - "alignLevel":null - } - } - ], - "schemaVersion":16, - "style":"dark", - "tags":[ - "cost", - "utilization", - "metrics" - ], - "templating":{ - "list":[ - { - "allValue":null, - "current":{ - "text":"ip-172-20-44-170.us-east-2.compute.internal", - "value":"ip-172-20-44-170.us-east-2.compute.internal" - }, - "datasource":"${datasource}", - "hide":0, - "includeAll":false, - "label":null, - "multi":false, - "name":"node", - "options":[ - - ], - "query":"query_result(kube_node_labels)", - "refresh":1, - "regex":"/node=\\\"(.*?)(\\\")/", - "skipUrlSync":false, - "sort":0, - "tagValuesQuery":"", - "tags":[ - - ], - "tagsQuery":"", - "type":"query", - "useTags":false - }, - { - "current": { - "selected": true, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "error": null, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time":{ - "from":"now-6h", - "to":"now" - }, - "timepicker":{ - "refresh_intervals":[ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options":[ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone":"", - "title":"Node utilization metrics", - "uid":"NUQW37Lmk", - "version":1 -} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/pod-utilization.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/pod-utilization.json deleted file mode 100644 index 250b06dd1f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/pod-utilization.json +++ /dev/null @@ -1,950 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "description": "Visualize your kubernetes costs at the pod level.", - "editable": true, - "gnetId": 9063, - "graphTooltip": 0, - "iteration": 1616382275479, - "links": [], - "panels": [ - { - "columns": [ - { - "text": "Avg", - "value": "avg" - } - ], - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fontSize": "100%", - "gridPos": { - "h": 5, - "w": 24, - "x": 0, - "y": 0 - }, - "hideTimeOverride": true, - "id": 98, - "links": [], - "pageSize": 5, - "repeatDirection": "v", - "scroll": true, - "showHeader": true, - "sort": { - "col": 6, - "desc": true - }, - "styles": [ - { - "alias": "Container", - "align": "auto", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(50, 172, 45, 0.97)", - "#c15c17" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "link": false, - "pattern": "container_name", - "thresholds": [ - "30", - "80" - ], - "type": "string", - "unit": "currencyUSD" - }, - { - "alias": "Memory Allocation", - "align": "auto", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "pattern": "Value #B", - "thresholds": [], - "type": "number", - "unit": "bytes" - }, - { - "alias": "CPU Allocation", - "align": "auto", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #A", - "thresholds": [], - "type": "number", - "unit": "none" - }, - { - "alias": "", - "align": "auto", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Time", - "thresholds": [], - "type": "hidden", - "unit": "short" - }, - { - "alias": "Memory ($/hour)", - "align": "auto", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #C", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "Spot/PE RAM", - "align": "auto", - "colorMode": null, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #D", - "thresholds": [], - "type": "number", - "unit": "currencyUSD" - }, - { - "alias": "Total", - "align": "auto", - "colorMode": null, - "colors": [ - "#bf1b00", - "rgba(50, 172, 45, 0.97)", - "#ef843c" - ], - "dateFormat": "YYYY-MM-DD HH:mm:ss", - "decimals": 2, - "mappingType": 1, - "pattern": "Value #E", - "thresholds": [ - "" - ], - "type": "number", - "unit": "currencyUSD" - } - ], - "targets": [ - { - "expr": "sum(\n avg_over_time(container_memory_allocation_bytes{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__range])\n) by (container,node)", - "format": "table", - "instant": true, - "intervalFactor": 1, - "refId": "B" - }, - { - "expr": "sum(\n avg_over_time(container_cpu_allocation{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__range])\n or up * 0 \n) by (container,node)", - "format": "table", - "hide": false, - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A" - } - ], - "timeFrom": "1M", - "timeShift": null, - "title": "Container cost & allocation analysis", - "transform": "table", - "type": "table-old" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 3, - "description": "This graph attempts to show you CPU use of your application vs its requests", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 7, - "w": 12, - "x": 0, - "y": 5 - }, - "height": "", - "hiddenSeries": false, - "id": 94, - "isNew": true, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "hideEmpty": false, - "hideZero": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "avg (rate (container_cpu_usage_seconds_total{namespace=~\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\",container_name!=\"\"}[10m])) by (container_name)", - "format": "time_series", - "hide": false, - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ container_name }} (usage)", - "metric": "container_cpu", - "refId": "A", - "step": 10 - }, - { - "exemplar": true, - "expr": "avg(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace=~\"$namespace\", pod=~\"$pod\", container!=\"POD\"}) by (container)", - "legendFormat": "{{ container}} (request)", - "refId": "B" - } - ], - "thresholds": [], - "timeFrom": "", - "timeRegions": [], - "timeShift": null, - "title": "CPU Usage vs Requested", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 3, - "description": "This graph attempts to show you RAM use of your application vs its requests", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 7, - "w": 12, - "x": 12, - "y": 5 - }, - "height": "", - "hiddenSeries": false, - "id": 96, - "isNew": true, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "hideEmpty": false, - "hideZero": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "avg (avg_over_time (container_memory_working_set_bytes{namespace=\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\",container_name!=\"\"}[1m])) by (container_name)", - "format": "time_series", - "hide": false, - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ container_name }} (usage)", - "metric": "container_cpu", - "refId": "A", - "step": 10 - }, - { - "expr": "avg(kube_pod_container_resource_requests_memory_bytes{namespace=~\"$namespace\", pod=\"$pod\", container!=\"POD\"}) by (container)", - "format": "time_series", - "hide": false, - "instant": false, - "intervalFactor": 1, - "legendFormat": "{{ container }} (requested)", - "refId": "B" - } - ], - "thresholds": [], - "timeFrom": "", - "timeRegions": [], - "timeShift": null, - "title": "RAM Usage vs Requested", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 2, - "description": "Traffic in and out of this pod, as a sum of its containers", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 7, - "w": 12, - "x": 0, - "y": 12 - }, - "height": "", - "hiddenSeries": false, - "id": 95, - "isNew": true, - "legend": { - "alignAsTable": false, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "avg (rate (container_network_receive_bytes_total{namespace=\"$namespace\",pod_name=\"$pod\"}[10m])) by (pod_name)", - "format": "time_series", - "hide": false, - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "<- in", - "metric": "container_cpu", - "refId": "A", - "step": 10 - }, - { - "expr": "- avg (rate (container_network_transmit_bytes_total{namespace=\"$namespace\",pod_name=\"$pod\"}[10m])) by (pod_name)", - "format": "time_series", - "hide": false, - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "-> out", - "refId": "B" - } - ], - "thresholds": [], - "timeFrom": "", - "timeRegions": [], - "timeShift": null, - "title": "Network IO", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 2, - "description": "Disk read writes", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 7, - "w": 12, - "x": 12, - "y": 12 - }, - "height": "", - "hiddenSeries": false, - "id": 97, - "isNew": true, - "legend": { - "alignAsTable": false, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "avg (rate (container_fs_writes_bytes_total{namespace=\"$namespace\",pod_name=\"$pod\"}[10m])) by (pod_name)", - "format": "time_series", - "hide": false, - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "<- write", - "metric": "container_cpu", - "refId": "A", - "step": 10 - }, - { - "expr": "- avg (rate (container_fs_reads_bytes_total{namespace=\"$namespace\",pod_name=\"$pod\"}[10m])) by (pod_name)", - "format": "time_series", - "hide": false, - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "-> read", - "refId": "B" - } - ], - "thresholds": [], - "timeFrom": "", - "timeRegions": [], - "timeShift": null, - "title": "Disk IO", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 3, - "description": "This graph shows the % of periods where a pod is being throttled. Values range from 0-100", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {} - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "grid": {}, - "gridPos": { - "h": 7, - "w": 12, - "x": 0, - "y": 19 - }, - "height": "", - "hiddenSeries": false, - "id": 99, - "isNew": true, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "hideEmpty": false, - "hideZero": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "100\n * sum by(container_name, pod_name, namespace) (increase(container_cpu_cfs_throttled_periods_total{container_name!=\"\",namespace=~\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\"}[5m]))\n / sum by(container_name, pod_name, namespace) (increase(container_cpu_cfs_periods_total{container_name!=\"\",namespace=~\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\"}[5m]))", - "format": "time_series", - "instant": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{container_name}}", - "refId": "B" - } - ], - "thresholds": [], - "timeFrom": "", - "timeRegions": [], - "timeShift": null, - "title": "CPU throttle percent", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "refresh": false, - "schemaVersion": 26, - "style": "dark", - "tags": [ - "cost", - "utilization", - "metrics" - ], - "templating": { - "list": [ - { - "allValue": null, - "current": { - "selected": true, - "text": "kube-system", - "value": "kube-system" - }, - "datasource": "${datasource}", - "definition": "query_result(sum(container_memory_working_set_bytes{namespace!=\"\"}) by (namespace))", - "hide": 0, - "includeAll": false, - "label": "ns", - "multi": false, - "name": "namespace", - "options": [], - "query": "query_result(sum(container_memory_working_set_bytes{namespace!=\"\"}) by (namespace))", - "refresh": 1, - "regex": "/namespace=\\\"(.*?)(\\\")/", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": null, - "current": { - "selected": true, - "text": "heapster-gke-5759dc947d-ctckh", - "value": "heapster-gke-5759dc947d-ctckh" - }, - "datasource": "${datasource}", - "definition": "", - "hide": 0, - "includeAll": false, - "label": "pod", - "multi": false, - "name": "pod", - "options": [], - "query": "query_result(sum(container_memory_working_set_bytes{namespace=\"$namespace\"}) by (pod_name))", - "refresh": 1, - "regex": "/pod_name=\\\"(.*?)(\\\")/", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": null, - "current": { - "isNone": true, - "selected": false, - "text": "None", - "value": "" - }, - "datasource": "${datasource}", - "definition": "query_result(sum(container_memory_working_set_bytes{namespace!=\"\"}) by (cluster_id))", - "hide": 0, - "includeAll": false, - "label": "", - "multi": false, - "name": "cluster", - "options": [], - "query": "query_result(sum(container_memory_working_set_bytes{namespace!=\"\"}) by (cluster_id))", - "refresh": 1, - "regex": "/cluster_id=\\\"(.*?)(\\\")/", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "error": null, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-24h", - "to": "now" - }, - "timepicker": { - "hidden": false, - "refresh_intervals": [ - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "Pod cost & utilization metrics", - "uid": "at-cost-analysis-pod", - "version": 1 -} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/prom-benchmark.json b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/prom-benchmark.json deleted file mode 100644 index 0c5eae7e5f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/prom-benchmark.json +++ /dev/null @@ -1,5689 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "description": "Metrics useful for benchmarking and loadtesting Prometheus itself. Designed primarily for Prometheus 2.17.x.", - "editable": true, - "gnetId": 12054, - "graphTooltip": 1, - "id": 9, - "iteration": 1603144824023, - "links": [], - "panels": [ - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 49, - "panels": [], - "title": "Basics", - "type": "row" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 1 - }, - "hiddenSeries": false, - "id": 40, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_build_info{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{version}} - {{revision}}", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Prometheus Version", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 1 - }, - "hiddenSeries": false, - "id": 72, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "time() - process_start_time_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Age", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Uptime", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "dtdurations", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 1 - }, - "hiddenSeries": false, - "id": 107, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "time() - prometheus_config_last_reload_success_timestamp_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Age", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Last Successful Config Reload", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "dtdurations", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 46, - "panels": [], - "title": "Ingestion", - "type": "row" - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "Time series": "#70dbed" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 9 - }, - "hiddenSeries": false, - "id": 3, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_head_series{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Time series", - "metric": "prometheus_local_storage_memory_series", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Head Time series", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 9 - }, - "hiddenSeries": false, - "id": 26, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_head_active_appenders{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Head Appenders", - "metric": "prometheus_local_storage_memory_series", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Head Active Appenders", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "samples/s": "#e5a8e2" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 9 - }, - "hiddenSeries": false, - "id": 1, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_head_samples_appended_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "samples/s", - "metric": "prometheus_local_storage_ingested_samples_total", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Samples Appended/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "To persist": "#9AC48A" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 16 - }, - "hiddenSeries": false, - "id": 2, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/Max.*/", - "fill": 0 - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_head_chunks{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Chunks", - "metric": "prometheus_local_storage_memory_chunks", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Head Chunks", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 16 - }, - "hiddenSeries": false, - "id": 4, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_head_chunks_created_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Created", - "metric": "prometheus_local_storage_chunk_ops_total", - "refId": "A", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_head_chunks_removed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Removed", - "metric": "prometheus_local_storage_chunk_ops_total", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Head Chunks/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "ops", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "Removed": "#e5ac0e" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 16 - }, - "hiddenSeries": false, - "id": 25, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_isolation_high_watermark{job=\"prometheus\",instance=\"$Prometheus:9090\"} - prometheus_tsdb_isolation_low_watermark{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Difference", - "metric": "prometheus_local_storage_chunk_ops_total", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Isolation Watermarks", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 23 - }, - "id": 52, - "panels": [], - "title": "Compaction", - "type": "row" - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max": "#447ebc", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "Min": "#447ebc", - "Now": "#7eb26d" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 24 - }, - "hiddenSeries": false, - "id": 28, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "Max", - "fillBelowTo": "Min", - "lines": false - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_head_min_time{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Min", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - }, - { - "expr": "time() * 1000", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Now", - "refId": "C" - }, - { - "expr": "prometheus_tsdb_head_max_time{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Max", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Head Time Range", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": null, - "format": "dateTimeAsIso", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 24 - }, - "hiddenSeries": false, - "id": 29, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_head_gc_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "GC Time/s", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Head GC Time/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 24 - }, - "hiddenSeries": false, - "id": 14, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "Queue length", - "yaxis": 2 - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_blocks_loaded{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Blocks Loaded", - "metric": "prometheus_local_storage_indexing_batch_sizes_sum", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Blocks Loaded", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Failed Compactions": "#bf1b00", - "Failed Reloads": "#bf1b00", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 31 - }, - "hiddenSeries": false, - "id": 30, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_reloads_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Reloads", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "TSDB Reloads/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Failed Compactions": "#bf1b00", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 31 - }, - "hiddenSeries": false, - "id": 31, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_wal_fsync_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_tsdb_wal_fsync_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Fsync Latency", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_wal_truncate_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m]) / rate(prometheus_tsdb_wal_trunacte_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Truncate Latency", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "WAL Fsync&Truncate Latency", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Failed Compactions": "#bf1b00", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "{instance=\"demo.robustperception.io:9090\",job=\"prometheus\"}": "#bf1b00" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 31 - }, - "hiddenSeries": false, - "id": 32, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_wal_corruptions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "WAL Corruptions", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_reloads_failures_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Reload Failures", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "B", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_head_series_not_found{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Head Series Not Found", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "C", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_compactions_failed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Compaction Failures", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "D", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_retention_cutoffs_failures_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Retention Cutoff Failures", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "E", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_checkpoint_creations_failed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "WAL Checkpoint Creation Failures", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "F", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_checkpoint_deletions_failed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "WAL Checkpoint Deletion Failures", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "G", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "TSDB Problems/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Failed Compactions": "#bf1b00", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 38 - }, - "hiddenSeries": false, - "id": 19, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_compactions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Compactions", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Compactions/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 38 - }, - "hiddenSeries": false, - "id": 33, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_compaction_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Compaction Time/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Allocated bytes": "#F9BA8F", - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "RSS": "#890F02" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 38 - }, - "hiddenSeries": false, - "id": 8, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_time_retentions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Time Cutoffs", - "metric": "last", - "refId": "A", - "step": 10 - }, - { - "expr": "rate(prometheus_tsdb_size_retentions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Size Cutoffs", - "metric": "last", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Retention Cutoffs/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 45 - }, - "hiddenSeries": false, - "id": 27, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_compaction_chunk_range_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m]) / rate(prometheus_tsdb_compaction_chunk_range_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Chunk Time Range", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "First Compaction, Avg Chunk Time Range", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": null, - "format": "dtdurationms", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 45 - }, - "hiddenSeries": false, - "id": 35, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_compaction_chunk_size_bytes_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m]) / rate(prometheus_tsdb_compaction_chunk_samples_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Bytes/Sample", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "First Compaction, Avg Bytes/Sample", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": null, - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 45 - }, - "hiddenSeries": false, - "id": 34, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_tsdb_compaction_chunk_samples_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m]) / rate(prometheus_tsdb_compaction_chunk_samples_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Chunk Samples", - "metric": "prometheus_local_storage_series_chunks_persisted_count", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "First Compaction, Avg Chunk Samples", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": null, - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 52 - }, - "id": 55, - "panels": [], - "title": "Resource Usage", - "type": "row" - }, - { - "aliasColors": { - "Allocated bytes": "#7EB26D", - "Allocated bytes - 1m max": "#BF1B00", - "Allocated bytes - 1m min": "#BF1B00", - "Allocated bytes - 5m max": "#BF1B00", - "Allocated bytes - 5m min": "#BF1B00", - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "RSS": "#447EBC" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": null, - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 53 - }, - "hiddenSeries": false, - "id": 6, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/-/", - "fill": 0 - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "process_resident_memory_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "intervalFactor": 2, - "legendFormat": "RSS", - "metric": "process_resident_memory_bytes", - "refId": "B", - "step": 10 - }, - { - "expr": "prometheus_local_storage_target_heap_size_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "intervalFactor": 2, - "legendFormat": "Target heap size", - "metric": "go_memstats_alloc_bytes", - "refId": "D", - "step": 10 - }, - { - "expr": "go_memstats_next_gc_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "intervalFactor": 2, - "legendFormat": "Next GC", - "metric": "go_memstats_next_gc_bytes", - "refId": "C", - "step": 10 - }, - { - "expr": "go_memstats_alloc_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "intervalFactor": 2, - "legendFormat": "Allocated", - "metric": "go_memstats_alloc_bytes", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Memory", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Allocated bytes": "#F9BA8F", - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833", - "RSS": "#890F02" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 53 - }, - "hiddenSeries": false, - "id": 7, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(go_memstats_alloc_bytes_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Allocated Bytes/s", - "metric": "go_memstats_alloc_bytes", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Allocations", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 2, - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 53 - }, - "hiddenSeries": false, - "id": 9, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "hideEmpty": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(process_cpu_seconds_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "intervalFactor": 2, - "legendFormat": "Irate", - "metric": "prometheus_local_storage_ingested_samples_total", - "refId": "A", - "step": 10 - }, - { - "expr": "rate(process_cpu_seconds_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[5m])", - "intervalFactor": 2, - "legendFormat": "5m rate", - "metric": "prometheus_local_storage_ingested_samples_total", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "CPU", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ - "avg" - ] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 2, - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 60 - }, - "hiddenSeries": false, - "id": 70, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "hideEmpty": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_symbol_table_size_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "RAM Used", - "metric": "prometheus_local_storage_ingested_samples_total", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Symbol Tables Size", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ - "avg" - ] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "decimals": 2, - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 60 - }, - "hiddenSeries": false, - "id": 71, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "hideEmpty": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_tsdb_storage_blocks_bytes_total{job=\"prometheus\",instance=\"$Prometheus:9090\"} or prometheus_tsdb_storage_blocks_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Disk Used", - "metric": "prometheus_local_storage_ingested_samples_total", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Block Size", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [ - "avg" - ] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Max": "#e24d42", - "Open": "#508642" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 60 - }, - "hiddenSeries": false, - "id": 41, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "process_max_fds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Max", - "refId": "A" - }, - { - "expr": "process_open_fds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Open", - "refId": "B" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "File Descriptors", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 67 - }, - "id": 91, - "panels": [], - "title": "Service Discovery", - "type": "row" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 68 - }, - "hiddenSeries": false, - "id": 42, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_sd_discovered_targets{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{name}}-{{config}}", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Discovered Targets", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 68 - }, - "hiddenSeries": false, - "id": 96, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_sd_updates_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[5m])", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{name}}", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Sent Updates/s", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 68 - }, - "hiddenSeries": false, - "id": 97, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_sd_received_updates_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[5m])", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{name}}", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Received Updates/s", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 75 - }, - "id": 99, - "panels": [], - "title": "Scraping", - "type": "row" - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 76 - }, - "hiddenSeries": false, - "id": 105, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_target_interval_length_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_target_interval_length_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{interval}}", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Scrape Interval", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 76 - }, - "hiddenSeries": false, - "id": 104, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_target_scrapes_exceeded_sample_limit_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "Exceeded Sample Limit", - "refId": "A" - }, - { - "expr": "rate(prometheus_target_scrapes_sample_duplicate_timestamp_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "Duplicate Timestamp", - "refId": "C" - }, - { - "expr": "rate(prometheus_target_scrapes_sample_out_of_bounds_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "Out Of Bounds ", - "refId": "D" - }, - { - "expr": "rate(prometheus_target_scrapes_sample_out_of_order_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "Out of Order", - "refId": "E" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Scrape Problems/s", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 76 - }, - "hiddenSeries": false, - "id": 95, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_target_metadata_cache_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{scrape_job}}", - "refId": "A" - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Metadata Cache Size", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 83 - }, - "id": 63, - "panels": [], - "title": "Query Engine", - "type": "row" - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "Time spent in each mode, per second", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 84 - }, - "hiddenSeries": false, - "id": 24, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_engine_query_duration_seconds_sum{job=\"prometheus\",}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{slice}}", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Query engine timings/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 84 - }, - "hiddenSeries": false, - "id": 22, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_rule_group_iterations_missed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) ", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Rule group missed", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "B", - "step": 10 - }, - { - "expr": "rate(prometheus_rule_evaluation_failures_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Rule evals failed", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "C", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Rule group evaulation problems/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 84 - }, - "hiddenSeries": false, - "id": 23, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_rule_group_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Rule evaluation duration", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Evaluation time of rule groups/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": true, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 91 - }, - "id": 77, - "panels": [ - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 92 - }, - "hiddenSeries": false, - "id": 86, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_notifications_sent_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{alertmanager}}", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Notification Sent/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 92 - }, - "hiddenSeries": false, - "id": 87, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_notifications_errors_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_notifications_sent_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{alertmanager}}", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Notification Error Ratio", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 92 - }, - "hiddenSeries": false, - "id": 81, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_notifications_latency_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m]) / rate(prometheus_notifications_latency_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{alertmanager}}", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Notification Latency", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 99 - }, - "hiddenSeries": false, - "id": 85, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_notifications_alertmanagers_discovered{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Alertmanagers", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Alertmanagers Discovered", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 99 - }, - "hiddenSeries": false, - "id": 89, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_notifications_dropped_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Dropped", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Notifications Dropped/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 99 - }, - "hiddenSeries": false, - "id": 88, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_notifications_queue_length{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Pending", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - }, - { - "expr": "prometheus_notifications_queue_capacity{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Max", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Notification Queue", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "title": "Notification", - "type": "row" - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 92 - }, - "id": 58, - "panels": [], - "title": "HTTP Server", - "type": "row" - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 93 - }, - "hiddenSeries": false, - "id": 38, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_http_request_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{handler}}", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "HTTP requests/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 93 - }, - "hiddenSeries": false, - "id": 37, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_http_request_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_http_request_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{handler}}", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "HTTP request latency", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "description": "", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 1, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 93 - }, - "hiddenSeries": false, - "id": 36, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "rate(prometheus_http_request_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{handler}}", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "Time spent in HTTP requests/s", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 100 - }, - "id": 61, - "panels": [], - "repeat": "RuleGroup", - "scopedVars": { - "RuleGroup": { - "selected": false, - "text": "/etc/config/rules;CPU", - "value": "/etc/config/rules;CPU" - } - }, - "title": "Rule Group: $RuleGroup", - "type": "row" - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Interval": "#890f02", - "Last Duration": "#f9934e", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 12, - "x": 0, - "y": 101 - }, - "hiddenSeries": false, - "id": 43, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "repeatDirection": "h", - "scopedVars": { - "RuleGroup": { - "selected": false, - "text": "/etc/config/rules;CPU", - "value": "/etc/config/rules;CPU" - } - }, - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_rule_group_interval_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Interval", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - }, - { - "expr": "prometheus_rule_group_last_duration_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Last Duration", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "$RuleGroup: Duration", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Interval": "#890f02", - "Last Duration": "#f9934e", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 12, - "x": 12, - "y": 101 - }, - "hiddenSeries": false, - "id": 66, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeatDirection": "h", - "scopedVars": { - "RuleGroup": { - "selected": false, - "text": "/etc/config/rules;CPU", - "value": "/etc/config/rules;CPU" - } - }, - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_rule_group_rules{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Rules", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "$RuleGroup: Rules", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": 0, - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "collapsed": false, - "datasource": "${datasource}", - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 108 - }, - "id": 108, - "panels": [], - "repeat": null, - "repeatIteration": 1603144824023, - "repeatPanelId": 61, - "scopedVars": { - "RuleGroup": { - "selected": false, - "text": "/etc/config/rules;Savings", - "value": "/etc/config/rules;Savings" - } - }, - "title": "Rule Group: $RuleGroup", - "type": "row" - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Interval": "#890f02", - "Last Duration": "#f9934e", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 12, - "x": 0, - "y": 109 - }, - "hiddenSeries": false, - "id": 109, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "repeatDirection": "h", - "repeatIteration": 1603144824023, - "repeatPanelId": 43, - "repeatedByRow": true, - "scopedVars": { - "RuleGroup": { - "selected": false, - "text": "/etc/config/rules;Savings", - "value": "/etc/config/rules;Savings" - } - }, - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_rule_group_interval_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Interval", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - }, - { - "expr": "prometheus_rule_group_last_duration_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Last Duration", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "$RuleGroup: Duration", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": { - "Chunks": "#1F78C1", - "Chunks to persist": "#508642", - "Interval": "#890f02", - "Last Duration": "#f9934e", - "Max chunks": "#052B51", - "Max to persist": "#3F6833" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "${datasource}", - "editable": true, - "error": false, - "fieldConfig": { - "defaults": { - "custom": {}, - "links": [] - }, - "overrides": [] - }, - "fill": 0, - "fillGradient": 0, - "gridPos": { - "h": 7, - "w": 12, - "x": 12, - "y": 109 - }, - "hiddenSeries": false, - "id": 110, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pluginVersion": "7.1.1", - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeatDirection": "h", - "repeatIteration": 1603144824023, - "repeatPanelId": 66, - "repeatedByRow": true, - "scopedVars": { - "RuleGroup": { - "selected": false, - "text": "/etc/config/rules;Savings", - "value": "/etc/config/rules;Savings" - } - }, - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "prometheus_rule_group_rules{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Rules", - "metric": "prometheus_local_storage_memory_chunkdescs", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeRegions": [], - "timeShift": null, - "title": "$RuleGroup: Rules", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "decimals": 0, - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "refresh": false, - "schemaVersion": 26, - "style": "dark", - "tags": [], - "templating": { - "list": [ - { - "allValue": null, - "current": { - "selected": false, - "text": "localhost", - "value": "localhost" - }, - "datasource": "${datasource}", - "definition": "", - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "Prometheus", - "options": [], - "query": "query_result(up{job=\"prometheus\"} == 1)", - "refresh": 2, - "regex": ".*instance=\"([^\"]+):9090\".*", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": null, - "tags": [], - "tagsQuery": null, - "type": "query", - "useTags": false - }, - { - "allValue": null, - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": "${datasource}", - "definition": "", - "hide": 2, - "includeAll": true, - "label": null, - "multi": false, - "name": "RuleGroup", - "options": [], - "query": "prometheus_rule_group_last_duration_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", - "refresh": 2, - "regex": ".*rule_group=\"(.*?)\".*", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": true, - "text": "default-kubecost", - "value": "default-kubecost" - }, - "error": null, - "hide": 0, - "includeAll": false, - "label": null, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-24h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "utc", - "title": "Prometheus Benchmark - 2.17.x", - "uid": "L0HBvojWz", - "version": 4 -} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/NOTES.txt deleted file mode 100644 index 5e61f8520e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/NOTES.txt +++ /dev/null @@ -1,19 +0,0 @@ - - --------------------------------------------------- -{{- $servicePort := .Values.service.port | default 9090 -}} -Kubecost has been successfully installed. - -Please allow 5-10 minutes for Kubecost to gather metrics. - -If you have configured cloud-integrations, it can take up to 48 hours for cost reconciliation to occur. - -When using Durable storage (Enterprise Edition), please allow up to 4 hours for data to be collected and the UI to be healthy. - -When pods are Ready, you can enable port-forwarding with the following command: - - kubectl port-forward --namespace {{ .Release.Namespace }} deployment/{{ template "cost-analyzer.fullname" . }} {{ $servicePort }} - -Next, navigate to http://localhost:{{ $servicePort }} in a web browser. - -Having installation issues? View our Troubleshooting Guide at http://docs.kubecost.com/troubleshoot-install diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/_helpers.tpl deleted file mode 100755 index fd8f4d57bb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/_helpers.tpl +++ /dev/null @@ -1,238 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "cost-analyzer.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "cost-analyzer.fullname" -}} -{{- default .Chart.Name -}} -{{- end -}} - -{{/* -Create the fully qualified name for Prometheus server service. -*/}} -{{- define "cost-analyzer.prometheus.server.name" -}} -{{- if .Values.prometheus -}} -{{- if .Values.prometheus.server -}} -{{- if .Values.prometheus.server.fullnameOverride -}} -{{- .Values.prometheus.server.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-prometheus-server" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- else -}} -{{- printf "%s-prometheus-server" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- else -}} -{{- printf "%s-prometheus-server" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} - -{{/* -Create the fully qualified name for Prometheus alertmanager service. -*/}} -{{- define "cost-analyzer.prometheus.alertmanager.name" -}} -{{- if .Values.prometheus -}} -{{- if .Values.prometheus.alertmanager -}} -{{- if .Values.prometheus.alertmanager.fullnameOverride -}} -{{- .Values.prometheus.alertmanager.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-prometheus-alertmanager" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- else -}} -{{- printf "%s-prometheus-alertmanager" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- else -}} -{{- printf "%s-prometheus-alertmanager" .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} - -{{- define "cost-analyzer.serviceName" -}} -{{- printf "%s-%s" .Release.Name "cost-analyzer" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Network Costs name used to tie autodiscovery of metrics to daemon set pods -*/}} -{{- define "cost-analyzer.networkCostsName" -}} -{{- printf "%s-%s" .Release.Name "network-costs" -}} -{{- end -}} - -{{- define "kubecost.clusterControllerName" -}} -{{- printf "%s-%s" .Release.Name "cluster-controller" -}} -{{- end -}} - -{{- define "kubecost.kubeMetricsName" -}} -{{- if .Values.agent }} -{{- printf "%s-%s" .Release.Name "agent" -}} -{{- else }} -{{- printf "%s-%s" .Release.Name "metrics" -}} -{{- end }} -{{- end -}} - -{{/* -Create the chart labels. -*/}} -{{- define "kubecost.chartLabels" -}} -app.kubernetes.io/name: {{ include "cost-analyzer.name" . }} -helm.sh/chart: {{ include "cost-analyzer.chart" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "cost-analyzer.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the service account -*/}} -{{- define "cost-analyzer.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "cost-analyzer.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the common labels. -*/}} -{{- define "cost-analyzer.commonLabels" -}} -app.kubernetes.io/name: {{ include "cost-analyzer.name" . }} -app.kubernetes.io/instance: {{ .Chart.Name }} -app: cost-analyzer -{{- end -}} - -{{/* -Create the selector labels. -*/}} -{{- define "cost-analyzer.selectorLabels" -}} -app.kubernetes.io/name: {{ include "cost-analyzer.name" . }} -app.kubernetes.io/instance: {{ .Chart.Name }} -app: cost-analyzer -{{- end -}} - -{{/* -Return the appropriate apiVersion for daemonset. -*/}} -{{- define "cost-analyzer.daemonset.apiVersion" -}} -{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "^1.9-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for priorityClass. -*/}} -{{- define "cost-analyzer.priorityClass.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "scheduling.k8s.io/v1beta1" -}} -{{- else if semverCompare "^1.14-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "scheduling.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "cost-analyzer.networkPolicy.apiVersion" -}} -{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for podsecuritypolicy. -*/}} -{{- define "cost-analyzer.podSecurityPolicy.apiVersion" -}} -{{- if semverCompare ">=1.3-0, <1.10-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "^1.10-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "policy/v1beta1" -}} -{{- end -}} -{{- end -}} - -{{/* -Recursive filter which accepts a map containing an input map (.v) and an output map (.r). The template -will traverse all values inside .v recursively writing non-map values to the output .r. If a nested map -is discovered, we look for an 'enabled' key. If it doesn't exist, we continue traversing the -map. If it does exist, we omit the inner map traversal iff enabled is false. This filter writes the -enabled only version to the output .r -*/}} -{{- define "cost-analyzer.filter" -}} -{{- $v := .v }} -{{- $r := .r }} -{{- range $key, $value := .v }} - {{- $tp := kindOf $value -}} - {{- if eq $tp "map" -}} - {{- $isEnabled := true -}} - {{- if (hasKey $value "enabled") -}} - {{- $isEnabled = $value.enabled -}} - {{- end -}} - {{- if $isEnabled -}} - {{- $rr := "{}" | fromYaml }} - {{- template "cost-analyzer.filter" (dict "v" $value "r" $rr) }} - {{- $_ := set $r $key $rr -}} - {{- end -}} - {{- else -}} - {{- $_ := set $r $key $value -}} - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -This template accepts a map and returns a base64 encoded json version of the map where all disabled -leaf nodes are omitted. - -The implied use case is {{ template "cost-analyzer.filterEnabled" .Values }} -*/}} -{{- define "cost-analyzer.filterEnabled" -}} -{{- $result := "{}" | fromYaml }} -{{- template "cost-analyzer.filter" (dict "v" . "r" $result) }} -{{- $result | toJson | b64enc }} -{{- end -}} - -{{/* -This template runs the full check for leader/follower requirements in order to determine -whether it should be configured. This template will return true if it's enabled and all -requirements are met. -*/}} -{{- define "cost-analyzer.leaderFollowerEnabled" }} - {{- if .Values.kubecostDeployment }} - {{- if .Values.kubecostDeployment.leaderFollower }} - {{- if .Values.kubecostDeployment.leaderFollower.enabled }} - {{- $replicas := .Values.kubecostDeployment.replicas | default 1 }} - {{- if not .Values.kubecostModel.etlFileStoreEnabled }} - {{- "" }} - {{- else if (eq (quote .Values.kubecostModel.etlBucketConfigSecret) "") }} - {{- "" }} - {{- else if not (gt (int $replicas) 1) }} - {{- ""}} - {{- else }} - {{- "true" }} - {{- end }} - {{- else }} - {{- "" }} - {{- end }} - {{- else }} - {{- "" }} - {{- end }} - {{- else }} - {{- "" }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/aws-service-key-secret.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/aws-service-key-secret.yaml deleted file mode 100644 index d960f5cfd0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/aws-service-key-secret.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.kubecostProductConfigs }} -{{- if .Values.kubecostProductConfigs.createServiceKeySecret }} -{{- if .Values.kubecostProductConfigs.awsServiceKeyName }} -apiVersion: v1 -kind: Secret -metadata: - name: cloud-service-key - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -type: Opaque -stringData: - service-key.json: |- - { - "aws_access_key_id": "{{ .Values.kubecostProductConfigs.awsServiceKeyName }}", - "aws_secret_access_key": "{{ .Values.kubecostProductConfigs.awsServiceKeyPassword }}" - } -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-deployment-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-deployment-template.yaml deleted file mode 100644 index 0a538334ff..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-deployment-template.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.awsstore }} -{{- if .Values.awsstore.useAwsStore }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "cost-analyzer.fullname" . }}-awsstore - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - selector: - matchLabels: - app: awsstore - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - app: awsstore - spec: - serviceAccountName: awsstore-serviceaccount - containers: - - image: {{ .Values.awsstore.imageNameAndVersion }} - name: awsstore - # Just sleep forever - command: [ "sleep" ] - args: [ "infinity" ] -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-service-account-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-service-account-template.yaml deleted file mode 100644 index a326658c92..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/awsstore-service-account-template.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.awsstore }} -{{- if .Values.awsstore.createServiceAccount }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: awsstore-serviceaccount - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -{{- with .Values.awsstore.annotations }} - annotations: - {{- toYaml . | nindent 4 }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-service-key-secret.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-service-key-secret.yaml deleted file mode 100644 index ae77dae7b2..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-service-key-secret.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if .Values.kubecostProductConfigs }} -{{- if .Values.kubecostProductConfigs.createServiceKeySecret }} -{{- if .Values.kubecostProductConfigs.azureSubscriptionID }} -apiVersion: v1 -kind: Secret -metadata: - name: cloud-service-key - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -type: Opaque -stringData: - service-key.json: |- - { - "subscriptionId": "{{ .Values.kubecostProductConfigs.azureSubscriptionID }}", - "serviceKey": { - "appId": "{{ .Values.kubecostProductConfigs.azureClientID }}", - "password": "{{ .Values.kubecostProductConfigs.azureClientPassword }}", - "tenant": "{{ .Values.kubecostProductConfigs.azureTenantID }}" - } - } -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-storage-config-secret.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-storage-config-secret.yaml deleted file mode 100644 index 311b87723d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/azure-storage-config-secret.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{/*This method of configuration is deprecated*/}} -{{- if .Values.kubecostProductConfigs }} -{{- if .Values.kubecostProductConfigs.azureStorageCreateSecret }} -{{- if .Values.kubecostProductConfigs.azureStorageAccessKey }} -{{- if .Values.kubecostProductConfigs.azureStorageAccount }} -{{- if .Values.kubecostProductConfigs.azureStorageContainer }} -apiVersion: v1 -kind: Secret -metadata: - name: azure-storage-config - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -type: Opaque -stringData: - azure-storage-config.json: |- - { - "azureStorageAccount": "{{ .Values.kubecostProductConfigs.azureStorageAccount }}", - "azureStorageAccessKey": "{{ .Values.kubecostProductConfigs.azureStorageAccessKey }}", - "azureStorageContainer": "{{ .Values.kubecostProductConfigs.azureStorageContainer }}" - } -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-alerts-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-alerts-configmap.yaml deleted file mode 100644 index da03a036b7..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-alerts-configmap.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if .Values.global.notifications.alertConfigs }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ default "alert-configs" .Values.alertConfigmapName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - alerts.json: '{{ toJson .Values.global.notifications.alertConfigs }}' -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-asset-reports-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-asset-reports-configmap.yaml deleted file mode 100644 index cc11f7d292..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-asset-reports-configmap.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.global.assetReports }} -{{- if .Values.global.assetReports.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ default "asset-report-configs" .Values.assetReportConfigmapName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - asset-reports.json: '{{ toJson .Values.global.assetReports.reports }}' -{{- end -}} -{{- end -}} - diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-binding-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-binding-template.yaml deleted file mode 100755 index 315c5df161..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-binding-template.yaml +++ /dev/null @@ -1,36 +0,0 @@ -{{- if .Values.reporting }} -{{- if .Values.reporting.logCollection }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "cost-analyzer.serviceAccountName" . }} - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "cost-analyzer.serviceAccountName" . }} -subjects: - - kind: ServiceAccount - name: {{ template "cost-analyzer.serviceAccountName" . }} - namespace: {{ .Values.namespace }} ---- -{{- end }} -{{- end }} -{{- if (not .Values.kubecostModel.etlReadOnlyMode) }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cost-analyzer.serviceAccountName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cost-analyzer.serviceAccountName" . }} -subjects: - - kind: ServiceAccount - name: {{ template "cost-analyzer.serviceAccountName" . }} - namespace: {{ .Values.namespace }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template-readonly.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template-readonly.yaml deleted file mode 100755 index c84f105e9c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template-readonly.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if (.Values.kubecostModel.etlReadOnlyMode) }} -{{- if and .Values.reporting .Values.reporting.logCollection -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: {{ .Release.Namespace }} - name: {{ template "cost-analyzer.serviceAccountName" . }} -rules: - - apiGroups: - - '' - resources: - - "pods/log" - verbs: - - get - - list - - watch - - apiGroups: - - '' - resources: - - configmaps - verbs: - - get - - list - - watch -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template.yaml deleted file mode 100644 index aa5a6d44a3..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-cluster-role-template.yaml +++ /dev/null @@ -1,118 +0,0 @@ -{{- if not .Values.kubecostModel.etlReadOnlyMode -}} -{{- if and .Values.reporting .Values.reporting.logCollection -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: {{ .Values.namespace }} - name: {{ template "cost-analyzer.serviceAccountName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -rules: -- apiGroups: - - '' - resources: - - "pods/log" - verbs: - - get - - list - - watch ---- -{{- end }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cost-analyzer.serviceAccountName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -rules: - - apiGroups: - - '' - resources: - - configmaps - - deployments - - nodes - - pods - - events - - services - - resourcequotas - - replicationcontrollers - - limitranges - - persistentvolumeclaims - - persistentvolumes - - namespaces - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - extensions - resources: - - daemonsets - - deployments - - replicasets - verbs: - - get - - list - - watch -{{- $isLeaderFollowerEnabled := include "cost-analyzer.leaderFollowerEnabled" . }} -{{- if $isLeaderFollowerEnabled }} - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - '*' -{{- end }} - - apiGroups: - - apps - resources: - - statefulsets - - deployments - - daemonsets - - replicasets - verbs: - - list - - watch - - apiGroups: - - batch - resources: - - cronjobs - - jobs - verbs: - - get - - list - - watch - - apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - get - - list - - watch - - apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - get - - list - - watch - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - verbs: - - get - - list - - watch - - apiGroups: - - events.k8s.io - resources: - - events - verbs: - - get - - list - - watch -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-config-map-template.yaml deleted file mode 100755 index a69140ae23..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-config-map-template.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "cost-analyzer.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - {{- if .Values.global.prometheus.enabled }} - {{- if .Values.global.zone }} - prometheus-alertmanager-endpoint: http://{{ template "cost-analyzer.prometheus.alertmanager.name" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.zone }} - {{ else }} - prometheus-alertmanager-endpoint: http://{{ template "cost-analyzer.prometheus.alertmanager.name" . }}.{{ .Release.Namespace }} - {{- end -}} - {{ else }} - prometheus-alertmanager-endpoint: {{ .Values.global.notifications.alertmanager.fqdn }} - {{- end -}} - {{if .Values.global.amp.enabled }} - prometheus-server-endpoint: {{ .Values.global.amp.prometheusServerEndpoint }} - {{- else if .Values.global.prometheus.enabled }} - {{- if .Values.global.zone }} - prometheus-server-endpoint: http://{{ template "cost-analyzer.prometheus.server.name" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.zone }} - {{ else }} - prometheus-server-endpoint: http://{{ template "cost-analyzer.prometheus.server.name" . }}.{{ .Release.Namespace }} - {{- end -}} - {{ else }} - prometheus-server-endpoint: {{ .Values.global.prometheus.fqdn }} - {{- end -}} - {{- if .Values.kubecostToken }} - kubecost-token: {{ .Values.kubecostToken }} - {{ else }} - kubecost-token: not-applied - {{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-db-pvc-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-db-pvc-template.yaml deleted file mode 100755 index 38b7e92f8a..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-db-pvc-template.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if (.Values.kubecostModel.etlToDisk | default true) -}} -{{- if .Values.persistentVolume -}} -{{- if not .Values.persistentVolume.dbExistingClaim -}} -{{- if .Values.persistentVolume.enabled -}} -{{- if .Values.persistentVolume.dbPVEnabled -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ template "cost-analyzer.fullname" . }}-db - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - {{- if .Values.persistentVolume.dbStorageClass }} - storageClassName: {{ .Values.persistentVolume.dbStorageClass }} - {{ end }} - resources: - requests: - {{- if .Values.persistentVolume }} - storage: {{ .Values.persistentVolume.dbSize }} - {{- else }} - storage: 32.0Gi - {{ end }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-deployment-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-deployment-template.yaml deleted file mode 100755 index 888451e886..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-deployment-template.yaml +++ /dev/null @@ -1,984 +0,0 @@ -{{- if not .Values.agent }} -{{- $nginxPort := int .Values.service.port | default 9090 -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "cost-analyzer.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -{{- if .Values.kubecostDeployment }} -{{- with .Values.kubecostDeployment.labels }} -{{ toYaml . | indent 4 }} -{{- end }} -{{- end }} -spec: -{{- if .Values.kubecostDeployment }} - replicas: {{ .Values.kubecostDeployment.replicas | default 1 }} -{{- end }} - selector: - matchLabels: -{{ include "cost-analyzer.selectorLabels" . | nindent 8}} -{{- if .Values.kubecostDeployment }} -{{- if .Values.kubecostDeployment.deploymentStrategy }} -{{- with .Values.kubecostDeployment.deploymentStrategy }} - strategy: {{ toYaml . | nindent 4 }} -{{- end }} -{{- else }} - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 1 - type: RollingUpdate -{{- end }} -{{- end }} - template: - metadata: - labels: - {{ include "cost-analyzer.selectorLabels" . | nindent 8 }} - {{- if .Values.global.additionalLabels }} - {{ toYaml .Values.global.additionalLabels | nindent 8 }} - {{- end }} -{{- if .Values.kubecostDeployment }} -{{- with .Values.kubecostDeployment.labels }} -{{ toYaml . | indent 8 }} -{{- end }} -{{- end }} -{{- if .Values.global.podAnnotations}} - annotations: -{{- with .Values.global.podAnnotations }} -{{ toYaml . | indent 8 }} -{{- end }} -{{- end }} - spec: - {{- if .Values.kubecostFrontend.tls }} - {{- if .Values.kubecostFrontend.tls.enabled }} - securityContext: - runAsUser: 0 - {{- else }} - securityContext: - runAsUser: 1001 - runAsGroup: 1001 - fsGroup: 1001 - {{- end }} - {{- else if lt $nginxPort 1025 }} - securityContext: - runAsUser: 0 - {{- else }} - securityContext: - runAsUser: 1001 - runAsGroup: 1001 - fsGroup: 1001 - {{- end }} - restartPolicy: Always - serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} - volumes: - {{- if .Values.hosted }} - - name: config-store - secret: - defaultMode: 420 - secretName: kubecost-thanos - {{- end }} - - name: tmp - emptyDir: {} - - name: nginx-conf - configMap: - name: nginx-conf - items: - - key: nginx.conf - path: default.conf - {{- if .Values.kubecostModel.etlBucketConfigSecret }} - - name: etl-bucket-config - secret: - defaultMode: 420 - secretName: {{ .Values.kubecostModel.etlBucketConfigSecret }} - {{- end }} - {{- if .Values.kubecostModel.federatedStorageConfigSecret }} - - name: federated-storage-config - secret: - defaultMode: 420 - secretName: {{ .Values.kubecostModel.federatedStorageConfigSecret }} - {{- end }} - {{- if .Values.kubecostProductConfigs }} - {{- if .Values.kubecostProductConfigs.productKey }} - {{- if .Values.kubecostProductConfigs.productKey.secretname }} - - name: productkey-secret - secret: - secretName: {{ .Values.kubecostProductConfigs.productKey.secretname }} - items: - - key: productkey.json - path: productkey.json - {{- end }} - {{- end -}} - {{- if .Values.kubecostProductConfigs }} - {{- if .Values.kubecostProductConfigs.gcpSecretName }} - - name: gcp-key-secret - secret: - secretName: {{ .Values.kubecostProductConfigs.gcpSecretName }} - items: - - key: compute-viewer-kubecost-key.json - path: service-key.json - {{- end }} - {{- end -}} - {{- if .Values.kubecostProductConfigs.serviceKeySecretName }} - - name: service-key-secret - secret: - secretName: {{ .Values.kubecostProductConfigs.serviceKeySecretName }} - {{- else if .Values.kubecostProductConfigs.createServiceKeySecret }} - - name: service-key-secret - secret: - secretName: cloud-service-key - {{- end }} - {{- if .Values.kubecostProductConfigs.azureStorageSecretName }} - - name: azure-storage-config - secret: - secretName: {{ .Values.kubecostProductConfigs.azureStorageSecretName }} - items: - - key: azure-storage-config.json - path: azure-storage-config.json - {{- else if .Values.kubecostProductConfigs.azureStorageCreateSecret }} - - name: azure-storage-config - secret: - secretName: azure-storage-config - {{- end }} - {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }} - - name: cloud-integration - secret: - secretName: {{ .Values.kubecostProductConfigs.cloudIntegrationSecret }} - items: - - key: cloud-integration.json - path: cloud-integration.json - {{- end }} - {{- if .Values.kubecostProductConfigs.clusters }} - - name: kubecost-clusters - configMap: - name: kubecost-clusters - {{- range .Values.kubecostProductConfigs.clusters }} - {{- if .auth }} - {{- if .auth.secretName }} - - name: {{ .auth.secretName }} - secret: - secretName: {{ .auth.secretName }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.kubecostFrontend.tls }} - {{- if .Values.kubecostFrontend.tls.enabled }} - - name: tls - secret: - secretName : {{ .Values.kubecostFrontend.tls.secretName }} - items: - - key: tls.crt - path: kc.crt - - key: tls.key - path: kc.key - {{- end }} - {{- end }} - {{- if .Values.saml }} - {{- if .Values.saml.enabled }} - {{- if .Values.saml.secretName }} - - name: secret-volume - secret: - secretName: {{ .Values.saml.secretName }} - {{- end }} - {{- if .Values.saml.metadataSecretName }} - - name: metadata-secret-volume - secret: - secretName: {{ .Values.saml.metadataSecretName }} - {{- end }} - {{- if .Values.saml.rbac.enabled }} - - name: saml-roles - configMap: - name: {{ template "cost-analyzer.fullname" . }}-saml - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.oidc }} - {{- if .Values.oidc.enabled }} - - name: oidc-config - configMap: - name: {{ template "cost-analyzer.fullname" . }}-oidc - {{- if .Values.oidc.secretName }} - - name: oidc-client-secret - secret: - secretName: {{ .Values.oidc.secretName }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.federatedETL.federator }} - {{- if .Values.federatedETL.federator.enabled }} - - name: federator-config - configMap: - name: {{ template "cost-analyzer.fullname" . }}-federator - {{- end }} - {{- end }} - {{- if .Values.extraVolumes }} - # Extra volume(s) - {{- toYaml .Values.extraVolumes | nindent 8 }} - {{- end }} - - name: persistent-configs -{{- if .Values.persistentVolume }} -{{- if .Values.persistentVolume.enabled }} - persistentVolumeClaim: -{{- if .Values.persistentVolume.existingClaim }} - claimName: {{ .Values.persistentVolume.existingClaim }} -{{- else }} - claimName: {{ template "cost-analyzer.fullname" . }} -{{- end -}} -{{- else }} - emptyDir: {} -{{- end -}} -{{- else }} - persistentVolumeClaim: - claimName: {{ template "cost-analyzer.fullname" . }} -{{- end }} -{{- if and (.Values.kubecostModel.etlToDisk | default true) .Values.persistentVolume.dbPVEnabled }} - - name: persistent-db -{{- if .Values.persistentVolume }} -{{- if .Values.persistentVolume.enabled }} - persistentVolumeClaim: -{{- if .Values.persistentVolume.dbExistingClaim }} - claimName: {{ .Values.persistentVolume.dbExistingClaim }} -{{- else }} - claimName: {{ template "cost-analyzer.fullname" . }}-db -{{- end -}} -{{- else }} - emptyDir: {} -{{- end -}} -{{- else }} - persistentVolumeClaim: - claimName: {{ template "cost-analyzer.fullname" . }}-db -{{- end }} -{{- end }} - initContainers: -{{- if .Values.supportNFS }} - - name: config-db-perms-fix - {{- if .Values.initChownDataImage }} - image: {{ .Values.initChownDataImage }} - {{- else }} - image: busybox - {{- end }} - resources: -{{ toYaml .Values.initChownData.resources | indent 12 }} - {{- if and (.Values.kubecostModel.etlToDisk | default true) .Values.persistentVolume.dbPVEnabled }} - command: ["sh", "-c", "/bin/chmod -R 777 /var/configs && /bin/chmod -R 777 /var/db"] - {{- else }} - command: ["sh", "-c", "/bin/chmod -R 777 /var/configs"] - {{- end}} - volumeMounts: - - name: persistent-configs - mountPath: /var/configs - {{- if and (.Values.kubecostModel.etlToDisk | default true) .Values.persistentVolume.dbPVEnabled }} - - name: persistent-db - mountPath: /var/db - {{- end }} - securityContext: - runAsUser: 0 -{{ end }} - containers: - {{- if .Values.global.amp.enabled }} - - name: sigv4proxy - image: {{ .Values.sigV4Proxy.image }} - {{- if .Values.sigV4Proxy.imagePullPolicy }} - imagePullPolicy: {{ .Values.sigV4Proxy.imagePullPolicy }} - {{- else }} - imagePullPolicy: Always - {{- end }} - args: - - --name - - {{ .Values.sigV4Proxy.name }} - - --region - - {{ .Values.sigV4Proxy.region }} - - --host - - {{ .Values.sigV4Proxy.host }} - {{- if .Values.sigV4Proxy.role_arn }} - - --role-arn - - {{ .Values.sigV4Proxy.role_arn }} - {{- end }} - - --port - - :{{ .Values.sigV4Proxy.port }} - ports: - - name: aws-sigv4-proxy - containerPort: {{ .Values.sigV4Proxy.port | int }} - {{- if .Values.sigV4Proxy.extraEnv }} - env: - {{- toYaml .Values.sigV4Proxy.extraEnv | nindent 10 }} - {{- end }} - {{- end }} - {{- if .Values.kubecostModel }} - {{- if .Values.kubecostModel.openSourceOnly }} - - image: quay.io/kubecost1/kubecost-cost-model:{{ .Values.imageVersion }} - {{- else if .Values.kubecostModel.fullImageName }} - - image: {{ .Values.kubecostModel.fullImageName }} - {{- else if .Values.imageVersion }} - - image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} - {{- else }} - - image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} - {{ end }} - {{- else }} - - image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} - {{ end }} - name: cost-model - {{- if .Values.kubecostModel.extraArgs }} - args: - {{- toYaml .Values.kubecostModel.extraArgs | nindent 12 }} - {{- end }} - {{- if .Values.kubecostModel.securityContext }} - securityContext: - {{- toYaml .Values.kubecostModel.securityContext | nindent 12 -}} - {{ end }} - {{- if .Values.kubecostModel.imagePullPolicy }} - imagePullPolicy: {{ .Values.kubecostModel.imagePullPolicy }} - {{- else }} - imagePullPolicy: Always - {{- end }} - ports: - - name: tcp-model - containerPort: 9003 - protocol: TCP - - name: tcp-frontend - containerPort: 9090 - protocol: TCP - resources: -{{ toYaml .Values.kubecostModel.resources | indent 12 }} - readinessProbe: - httpGet: - path: /healthz - port: 9003 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 200 - volumeMounts: - {{- if .Values.hosted }} - - name: config-store - mountPath: /var/secrets - readOnly: true - {{- end }} - - name: persistent-configs - mountPath: /var/configs - {{- if .Values.extraVolumeMounts }} - # Extra volume mount(s) - {{- toYaml .Values.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- if .Values.kubecostModel.etlBucketConfigSecret }} - - name: etl-bucket-config - mountPath: /var/configs/etl - readOnly: true - {{- else if and (.Values.kubecostModel.etlToDisk | default true) .Values.persistentVolume.dbPVEnabled }} - - name: persistent-db - mountPath: /var/db - {{- end }} - {{- if .Values.kubecostModel.federatedStorageConfigSecret }} - - name: federated-storage-config - mountPath: /var/configs/etl/federated - readOnly: true - {{- end }} - {{- if .Values.federatedETL }} - {{- if .Values.federatedETL.federator.enabled }} - - name: federator-config - mountPath: /var/configs/federator - {{- end }} - {{- end }} - {{- if .Values.kubecostProductConfigs }} - {{- if .Values.kubecostProductConfigs.productKey }} - {{- if .Values.kubecostProductConfigs.productKey.secretname }} - - name: productkey-secret - mountPath: /var/configs/productkey - {{- end }} - {{- end }} - {{- if .Values.kubecostProductConfigs.gcpSecretName }} - - name: gcp-key-secret - mountPath: /var/secrets - {{- end }} - {{- if or .Values.kubecostProductConfigs.azureStorageSecretName .Values.kubecostProductConfigs.azureStorageCreateSecret }} - - name: azure-storage-config - mountPath: /var/azure-storage-config - {{- end }} - {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }} - - name: cloud-integration - mountPath: /var/cloud-integration - {{- end }} - {{- if or .Values.kubecostProductConfigs.serviceKeySecretName .Values.kubecostProductConfigs.createServiceKeySecret }} - - name: service-key-secret - mountPath: /var/secrets - {{- end }} - {{- if .Values.kubecostProductConfigs.clusters }} - - name: kubecost-clusters - mountPath: /var/configs/clusters - {{- range .Values.kubecostProductConfigs.clusters }} - {{- if .auth }} - {{- if .auth.secretName }} - - name: {{ .auth.secretName }} - mountPath: /var/secrets/{{ .auth.secretName }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.saml }} - {{- if .Values.saml.enabled }} - {{- if .Values.saml.secretName }} - - name: secret-volume - mountPath: /var/configs/secret-volume - {{- end }} - {{- if .Values.saml.metadataSecretName }} - - name: metadata-secret-volume - mountPath: /var/configs/metadata-secret-volume - {{- end }} - {{- if .Values.saml.rbac.enabled }} - - name: saml-roles - mountPath: /var/configs/saml - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.oidc }} - {{- if .Values.oidc.enabled }} - - name: oidc-config - mountPath: /var/configs/oidc - {{- if .Values.oidc.secretName }} - - name: oidc-client-secret - mountPath: /var/configs/oidc-client-secret - {{- end }} - {{- end }} - {{- end }} - env: - {{- if .Values.global.grafana }} - - name: GRAFANA_ENABLED - value: {{ (quote .Values.global.grafana.enabled) | default (quote false) }} - {{- end}} - {{- if .Values.kubecostModel.extraEnv -}} - {{ toYaml .Values.kubecostModel.extraEnv | nindent 12 }} - {{- end }} - {{- if .Values.reporting }} - {{- if .Values.reporting.valuesReporting }} - - name: HELM_VALUES - value: {{ template "cost-analyzer.filterEnabled" .Values }} - {{- end }} - {{- end }} - {{- if .Values.alertConfigmapName }} - - name: ALERT_CONFIGMAP_NAME - value: {{ .Values.alertConfigmapName }} - {{- end }} - {{- if .Values.productConfigmapName }} - - name: PRODUCT_CONFIGMAP_NAME - value: {{ .Values.productConfigmapName }} - {{- end }} - {{- if .Values.appConfigmapName }} - - name: APP_CONFIGMAP_NAME - value: {{ .Values.appConfigmapName }} - {{- end }} - {{- if .Values.kubecostModel.softMemoryLimit }} - - name: GOMEMLIMIT - value: {{ .Values.kubecostModel.softMemoryLimit }} - {{- end }} - {{- if .Values.assetReportConfigmapName }} - - name: ASSET_REPORT_CONFIGMAP_NAME - value: {{ .Values.assetReportConfigmapName }} - {{- end }} - {{- if .Values.savedReportConfigmapName }} - - name: SAVED_REPORT_CONFIGMAP_NAME - value: {{ .Values.savedReportConfigmapName }} - {{- end }} - {{- if .Values.groupFiltersConfigmapName }} - - name: GROUP_FILTERS_CONFIGMAP_NAME - value: {{ .Values.groupFiltersConfigmapName }} - {{- end }} - {{- if .Values.pricingConfigmapName }} - - name: PRICING_CONFIGMAP_NAME - value: {{ .Values.pricingConfigmapName }} - {{- end }} - {{- if .Values.metricsConfigmapName }} - - name: METRICS_CONFIGMAP_NAME - value: {{ .Values.metricsConfigmapName }} - {{- end }} - - name: READ_ONLY - value: {{ (quote .Values.readonly) | default (quote false) }} - - name: PROMETHEUS_SERVER_ENDPOINT - valueFrom: - configMapKeyRef: - name: {{ template "cost-analyzer.fullname" . }} - key: prometheus-server-endpoint - - name: CLOUD_PROVIDER_API_KEY - value: "AIzaSyDXQPG_MHUEy9neR7stolq6l0ujXmjJlvk" # The GCP Pricing API requires a key. - {{- if .Values.kubecostProductConfigs }} - {{- if .Values.kubecostProductConfigs.gcpSecretName }} - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /var/configs/key.json - {{- end }} - {{- end }} - - name: CONFIG_PATH - value: /var/configs/ - - name: DB_PATH - value: /var/db/ - - name: CLUSTER_PROFILE - {{- if .Values.kubecostProductConfigs }} - value: {{ .Values.kubecostProductConfigs.clusterProfile | default "production" }} - {{- else }} - value: production - {{- end }} - {{- if .Values.kubecostProductConfigs }} - {{- if .Values.kubecostProductConfigs.productKey }} - {{- if .Values.kubecostProductConfigs.productKey.mountPath }} - - name: PRODUCT_KEY_MOUNT_PATH - value: {{ .Values.kubecostProductConfigs.productKey.mountPath }} - {{- end }} - {{- end }} - {{- if .Values.kubecostProductConfigs.ingestPodUID }} - - name: INGEST_POD_UID - value: {{ (quote .Values.kubecostProductConfigs.ingestPodUID) }} - {{- end }} - {{- end }} - - name: REMOTE_WRITE_PASSWORD - value: {{ .Values.remoteWrite.postgres.auth.password }} - {{- if .Values.remoteWrite.postgres.enabled }} - - name: REMOTE_WRITE_ENABLED - value: "true" - {{- end }} - {{- if .Values.global.thanos.queryServiceBasicAuthSecretName}} - - name: MC_BASIC_AUTH_USERNAME - valueFrom: - secretKeyRef: - name: {{ .Values.global.thanos.queryServiceBasicAuthSecretName }} - key: USERNAME - - name: MC_BASIC_AUTH_PW - valueFrom: - secretKeyRef: - name: {{ .Values.global.thanos.queryServiceBasicAuthSecretName }} - key: PASSWORD - {{- end }} - {{- if .Values.global.prometheus.queryServiceBasicAuthSecretName}} - - name: DB_BASIC_AUTH_USERNAME - valueFrom: - secretKeyRef: - name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} - key: USERNAME - - name: DB_BASIC_AUTH_PW - valueFrom: - secretKeyRef: - name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} - key: PASSWORD - {{- end }} - {{- if .Values.global.prometheus.queryServiceBearerTokenSecretName }} - - name: DB_BEARER_TOKEN - valueFrom: - secretKeyRef: - name: {{ .Values.global.prometheus.queryServiceBearerTokenSecretName }} - key: TOKEN - {{- end }} - {{- if .Values.global.thanos.queryServiceBearerTokenSecretName }} - - name: MC_BEARER_TOKEN - valueFrom: - secretKeyRef: - name: {{ .Values.global.thanos.queryServiceBearerTokenSecretName }} - key: TOKEN - {{- end }} - {{- if .Values.global.prometheus.insecureSkipVerify }} - - name: INSECURE_SKIP_VERIFY - value: {{ (quote .Values.global.prometheus.insecureSkipVerify) }} - {{- end }} - {{- if .Values.pricingCsv }} - {{- if .Values.pricingCsv.enabled }} - - name: USE_CSV_PROVIDER - value: "true" - - name: CSV_PATH - value: {{ .Values.pricingCsv.location.URI }} - - name: CSV_REGION - value: {{ .Values.pricingCsv.location.region }} - {{- if eq .Values.pricingCsv.location.provider "AWS"}} - {{- if .Values.pricingCsv.location.csvAccessCredentials }} - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: {{ .Values.pricingCsv.location.csvAccessCredentials }} - key: AWS_ACCESS_KEY_ID - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: {{ .Values.pricingCsv.location.csvAccessCredentials }} - key: AWS_SECRET_ACCESS_KEY - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.kubecostMetrics }} - - name: EMIT_POD_ANNOTATIONS_METRIC - value: {{ (quote .Values.kubecostMetrics.emitPodAnnotations) | default (quote false) }} - - name: EMIT_NAMESPACE_ANNOTATIONS_METRIC - value: {{ (quote .Values.kubecostMetrics.emitNamespaceAnnotations) | default (quote false) }} - {{- end }} - {{- if .Values.kubecostMetrics }} - - name: EMIT_KSM_V1_METRICS - value: {{ (quote .Values.kubecostMetrics.emitKsmV1Metrics) | default (quote true) }} - {{- end }} - {{- if .Values.kubecostMetrics }} - - name: EMIT_KSM_V1_METRICS_ONLY # ONLY emit KSM v1 metrics that do not exist in KSM 2 by default - value: {{ (quote .Values.kubecostMetrics.emitKsmV1MetricsOnly) | default (quote false) }} - {{- end }} - {{- if .Values.reporting }} - - name: LOG_COLLECTION_ENABLED - value: {{ (quote .Values.reporting.logCollection) | default (quote true) }} - - name: PRODUCT_ANALYTICS_ENABLED - value: {{ (quote .Values.reporting.productAnalytics) | default (quote true) }} - - name: ERROR_REPORTING_ENABLED - value: {{ (quote .Values.reporting.errorReporting ) | default (quote true) }} - - name: VALUES_REPORTING_ENABLED - value: {{ (quote .Values.reporting.valuesReporting) | default (quote true) }} - {{- if .Values.reporting.errorReporting }} - - name: SENTRY_DSN - value: "https://71964476292e4087af8d5072afe43abd@o394722.ingest.sentry.io/5245431" - {{- end }} - {{- end }} - - name: LEGACY_EXTERNAL_API_DISABLED - value: {{ (quote .Values.kubecostModel.legacyOutOfClusterAPIDisabled) | default (quote false) }} - - name: OUT_OF_CLUSTER_PROM_METRICS_ENABLED - value: {{ (quote .Values.kubecostModel.outOfClusterPromMetricsEnabled) | default (quote false) }} - - name: CACHE_WARMING_ENABLED - value: {{ (quote .Values.kubecostModel.warmCache) | default (quote true) }} - - name: SAVINGS_CACHE_WARMING_ENABLED - value: {{ (quote .Values.kubecostModel.warmSavingsCache) | default (quote true) }} - - name: ETL_ENABLED - value: {{ (quote .Values.kubecostModel.etl) | default (quote true) }} - {{- if .Values.kubecostModel.etlReadOnlyMode }} - - name: ETL_READ_ONLY - value: "true" - {{- end }} - {{- if .Values.kubecostModel.etlBucketConfigSecret }} - - name: ETL_TO_DISK_ENABLED - value: "false" - - name: ETL_BUCKET_CONFIG - value: "/var/configs/etl/object-store.yaml" - {{- else }} - - name: ETL_TO_DISK_ENABLED - value: {{ (quote .Values.kubecostModel.etlToDisk) | default (quote true) }} - {{- end }} - {{- if .Values.kubecostModel.federatedStorageConfigSecret }} - - name: FEDERATED_STORE_CONFIG - value: "/var/configs/etl/federated/federated-store.yaml" - {{- end }} - {{- if or .Values.federatedETL.federatedCluster .Values.kubecostModel.federatedStorageConfigSecret }} - - name: FEDERATED_CLUSTER - value: "true" - {{- end}} - {{- if .Values.federatedETL.primaryCluster }} - - name: FEDERATED_PRIMARY_CLUSTER - value: "true" - {{- end}} - {{- if .Values.federatedETL.redirectS3Backup }} - - name: FEDERATED_REDIRECT_BACKUP - value: "true" - {{- end}} - {{- if .Values.federatedETL.useExistingS3Config }} - - name: FEDERATED_USE_EXISTING_CONFIG - value: "true" - {{- end}} - {{- if .Values.federatedETL.federator.enabled }} - - name: FEDERATED_FEDERATOR_ENABLED - value: "true" - {{- end}} - - name: ETL_STORE_READ_ONLY - value: {{ (quote .Values.kubecostModel.etlStoreReadOnly) | default (quote false) }} - - name : ETL_CLOUD_USAGE_ENABLED - {{- if kindIs "bool" .Values.kubecostModel.etlCloudUsage }} - value: {{ (quote .Values.kubecostModel.etlCloudUsage) }} - {{- else if kindIs "bool" .Values.kubecostModel.etlCloudAsset }} - value: {{ (quote .Values.kubecostModel.etlCloudAsset) }} - {{- else }} - value: "true" - {{- end }} - - name: CLOUD_ASSETS_EXCLUDE_PROVIDER_ID - value: {{ (quote .Values.kubecostModel.cloudAssetsExcludeProviderID) | default (quote false) }} - - name: ETL_CLOUD_REFRESH_RATE_HOURS - value: {{ (quote .Values.kubecostModel.etlCloudRefreshRateHours) | default (quote 6) }} - - name: ETL_CLOUD_QUERY_WINDOW_DAYS - value: {{ (quote .Values.kubecostModel.etlCloudQueryWindowDays) | default (quote 7) }} - - name: ETL_CLOUD_RUN_WINDOW_DAYS - value: {{ (quote .Values.kubecostModel.etlCloudRunWindowDays) | default (quote 3) }} - {{- if .Values.persistentVolume.dbPVEnabled }} - - name: ETL_PATH_PREFIX - value: "/var/db" - {{- end }} - - name: ETL_RESOLUTION_SECONDS - value: {{ (quote .Values.kubecostModel.etlResolutionSeconds) | default (quote 300) }} - - name: ETL_MAX_PROMETHEUS_QUERY_DURATION_MINUTES - value: {{ (quote .Values.kubecostModel.maxPrometheusQueryDurationMinutes) | default (quote 1440) }} - - name: ETL_DAILY_STORE_DURATION_DAYS - value: {{ (quote .Values.kubecostModel.etlDailyStoreDurationDays) | default (quote 91) }} - - name: ETL_HOURLY_STORE_DURATION_HOURS - value: {{ (quote .Values.kubecostModel.etlHourlyStoreDurationHours) | default (quote 49) }} - - name: ETL_FILE_STORE_ENABLED - value: {{ (quote .Values.kubecostModel.etlFileStoreEnabled) | default (quote true) }} - - name: ETL_ASSET_RECONCILIATION_ENABLED - value: {{ (quote .Values.kubecostModel.etlAssetReconciliationEnabled) | default (quote true) }} - - name: ETL_USE_UNBLENDED_COST - value: {{ (quote .Values.kubecostModel.etlUseUnblendedClost) | default (quote false) }} - - name: CONTAINER_STATS_ENABLED - value: {{ (quote .Values.kubecostModel.containerStatsEnabled) | default (quote false) }} - - name: RECONCILE_NETWORK - value: {{ (quote .Values.kubecostModel.reconcileNetwork) | default (quote true) }} - {{- if .Values.systemProxy.enabled }} - - name: HTTP_PROXY - value: {{ .Values.systemProxy.httpProxyUrl }} - - name: http_proxy - value: {{ .Values.systemProxy.httpProxyUrl }} - - name: HTTPS_PROXY - value: {{ .Values.systemProxy.httpsProxyUrl }} - - name: https_proxy - value: {{ .Values.systemProxy.httpsProxyUrl }} - - name: NO_PROXY - value: {{ .Values.systemProxy.noProxy }} - - name: no_proxy - value: {{ .Values.systemProxy.noProxy }} - {{- end }} - {{- if .Values.kubecostMetrics }} - {{- if .Values.kubecostMetrics.exporter }} - - name: KUBECOST_METRICS_POD_ENABLED - value: {{ (quote .Values.kubecostMetrics.exporter.enabled) | default (quote false) }} - {{- end }} - {{- end }} - - name: PV_ENABLED - value: {{ (quote .Values.persistentVolume.enabled) | default (quote true) }} - - name: MAX_QUERY_CONCURRENCY - value: {{ (quote .Values.kubecostModel.maxQueryConcurrency) | default (quote 5) }} - - name: UTC_OFFSET - value: {{ (quote .Values.kubecostModel.utcOffset) | default (quote ) }} - {{- if .Values.networkCosts }} - {{- if .Values.networkCosts.enabled }} - - name: NETWORK_COSTS_PORT - value: {{ quote .Values.networkCosts.port | default (quote 3001) }} - {{- end }} - {{- end }} - {{- /* - If queryService is set, the cost-analyzer will always pass THANOS_ENABLED as true - to ensure that the custom query service target is used. The global.thanos.enabled - flag does not have any affect on this behavior. - */}} - {{- if .Values.global.thanos.queryService }} - - name: THANOS_ENABLED - value: "true" - - name: THANOS_QUERY_URL - value: {{ .Values.global.thanos.queryService }} - - name: THANOS_QUERY_OFFSET - value: {{ .Values.global.thanos.queryOffset | default "3h" }} - - name: THANOS_MAX_SOURCE_RESOLUTION - value: {{ .Values.kubecostModel.maxSourceResolution | default "raw" }} - {{- else if and .Values.global.thanos.enabled .Values.thanos }} - {{- if .Values.thanos.query }} - {{- if .Values.thanos.query.enabled }} - - name: THANOS_ENABLED - {{- if .Values.hosted }} - value: "false" - {{- else }} - value: "true" - {{- end }} - - name: THANOS_QUERY_URL - value: http://{{ .Chart.Name }}-thanos-query-frontend-http.{{ .Values.namespace }}:{{ .Values.thanos.queryFrontend.http.port }} - - name: THANOS_QUERY_OFFSET - value: {{ .Values.global.thanos.queryOffset | default "3h" }} - - name: THANOS_MAX_SOURCE_RESOLUTION - value: {{ .Values.kubecostModel.maxSourceResolution | default "raw" }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.oidc.enabled }} - - name: OIDC_ENABLED - value: "true" - {{- end}} - {{- if .Values.saml }} - {{- if .Values.saml.enabled }} - - name: SAML_ENABLED - value: "true" - - name: IDP_URL - value: {{ .Values.saml.idpMetadataURL }} - - name: SP_HOST - value: {{ .Values.saml.appRootURL }} - {{- if .Values.saml.audienceURI }} - - name: AUDIENCE_URI - value: {{ .Values.saml.audienceURI }} - {{- end }} - {{- if .Values.saml.isGLUUProvider }} - - name: GLUU_SAML_PROVIDER - value: {{ (quote .Values.saml.isGLUUProvider) }} - {{- end }} - {{- if .Values.saml.nameIDFormat }} - - name: NAME_ID_FORMAT - value: {{ .Values.saml.nameIDFormat }} - {{- end}} - {{- if .Values.saml.authTimeout }} - - name: AUTH_TOKEN_TIMEOUT - value: {{ (quote .Values.saml.authTimeout) }} - {{- end}} - {{- if .Values.saml.redirectURL }} - - name: LOGOUT_REDIRECT_URL - value: {{ .Values.saml.redirectURL }} - {{- end}} - {{- if .Values.saml.rbac.enabled }} - - name: SAML_RBAC_ENABLED - value: "true" - {{- end }} - {{- end }} - {{- end }} - {{- if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }} - - name: CLUSTER_ID - value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} - {{- end }} - {{- if .Values.prometheus.server.clusterIDConfigmap }} - - name: CLUSTER_ID - valueFrom: - configMapKeyRef: - name: {{ .Values.prometheus.server.clusterIDConfigmap }} - key: CLUSTER_ID - {{- end }} - {{- if .Values.remoteWrite.postgres.installLocal }} - - name: SQL_ADDRESS - value: pgprometheus - {{- else }} - - name: SQL_ADDRESS - value: {{ .Values.remoteWrite.postgres.remotePostgresAddress }} - {{- end }} - {{- if .Values.kubecostModel.promClusterIDLabel }} - - name: PROM_CLUSTER_ID_LABEL - value: {{ .Values.kubecostModel.promClusterIDLabel }} - {{- end }} - {{- if .Values.hosted }} - - name: KUBECOST_CONFIG_BUCKET - value: /var/secrets/object-store.yaml - - name: CLUSTER_INFO_FILE_ENABLED - value: "true" - - name: CLUSTER_CACHE_FILE_ENABLED - value: "true" - {{- end }} - {{- if .Values.reporting.googleAnalyticsTag }} - - name: GOOGLE_ANALYTICS_TAG - value: {{ .Values.reporting.googleAnalyticsTag }} - {{- end }} - {{- /* - Leader/Follower has baseline requirements before enabling: - * ETL FileStore Enabled - * Bucket Backup Configured - * Replicas > 1 - */}} - {{- if .Values.kubecostDeployment }} - {{- if .Values.kubecostDeployment.leaderFollower }} - {{- if .Values.kubecostDeployment.leaderFollower.enabled -}} - - {{- $etlFileStore := .Values.kubecostModel.etlFileStoreEnabled }} - {{- if not $etlFileStore }} - {{- fail "Leader/Follower requires kubecostModel.etlFileStoreEnabled be true." }} - {{- end -}} - - {{- if (eq (quote .Values.kubecostModel.etlBucketConfigSecret) "") }} - {{- fail "Leader/Follower requires kubecostModel.etlBucketConfigSecret be valid." }} - {{- end -}} - - {{- $replicas := .Values.kubecostDeployment.replicas | default 1 }} - {{- if not (gt (int $replicas) 1) }} - {{- fail "Leader/Follower should be used with kubecostDeployment.replicas > 1" }} - {{- end }} - {{- /* - Checks to ensure that the named template returns true if we've made it here - */}} - {{- $result := include "cost-analyzer.leaderFollowerEnabled" . }} - {{- if not $result }} - {{- fail (quote $result) }} - {{- end }} - - name: LEADER_FOLLOWER_ENABLED - value: "true" - {{- end }} - {{- end }} - {{- end }} - - name: RELEASE_NAME - value: {{ .Chart.Name }} - - name: KUBECOST_NAMESPACE - value: {{ .Values.namespace }} - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: KUBECOST_TOKEN - valueFrom: - configMapKeyRef: - name: {{ template "cost-analyzer.fullname" . }} - key: kubecost-token - {{- if .Values.kubecostFrontend }} - {{- if .Values.kubecostFrontend.fullImageName }} - - image: {{ .Values.kubecostFrontend.fullImageName }} - {{- else if .Values.imageVersion }} - - image: {{ .Values.kubecostFrontend.image }}:{{ .Values.imageVersion }} - {{- else }} - - image: {{ .Values.kubecostFrontend.image }}:prod-{{ $.Chart.AppVersion }} - {{ end }} - {{- else }} - - image: gcr.io/kubecost1/frontend:prod-{{ $.Chart.AppVersion }} - {{ end }} - {{- if .Values.kubecostFrontend.tls }} - {{- if .Values.kubecostFrontend.tls.enabled }} - command: ["nginx", "-g", "daemon off;"] - ports: - - containerPort: 443 - {{- end }} - {{- end }} - env: - - name: GET_HOSTS_FROM - value: dns - {{- if .Values.kubecostFrontend.extraEnv -}} - {{ toYaml .Values.kubecostFrontend.extraEnv | nindent 12 }} - {{- end }} - name: cost-analyzer-frontend - {{- if .Values.kubecostFrontend.securityContext }} - securityContext: - {{- toYaml .Values.kubecostFrontend.securityContext | nindent 12 }} - {{ end }} - volumeMounts: - - name: tmp - mountPath: /tmp - - name: nginx-conf - mountPath: /etc/nginx/conf.d/ - {{- if .Values.kubecostFrontend.tls }} - {{- if .Values.kubecostFrontend.tls.enabled }} - - name: tls - mountPath: /etc/ssl/certs - {{- end }} - {{- end }} - resources: -{{ toYaml .Values.kubecostFrontend.resources | indent 12 }} - {{- if .Values.kubecostFrontend.imagePullPolicy }} - imagePullPolicy: {{ .Values.kubecostFrontend.imagePullPolicy }} - {{- else }} - imagePullPolicy: Always - {{- end }} - readinessProbe: - httpGet: - path: /healthz - port: 9003 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 200 - {{- if .Values.imagePullSecrets }} - imagePullSecrets: - {{ toYaml .Values.imagePullSecrets | indent 2 }} - {{- end }} - {{- if .Values.priority }} - {{- if .Values.priority.enabled }} - {{- if gt (len .Values.priority.name) 0 }} - priorityClassName: {{ .Values.priority.name }} - {{- else }} - priorityClassName: {{ template "cost-analyzer.fullname" . }}-priority - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-federator-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-federator-config-map-template.yaml deleted file mode 100644 index 1e18786baa..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-federator-config-map-template.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.federatedETL.federator }} -{{- if .Values.federatedETL.federator.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "cost-analyzer.fullname" . }}-federator - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: -{{- $root := . }} - federator.json: '{{ toJson .Values.federatedETL.federator }}' -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-frontend-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-frontend-config-map-template.yaml deleted file mode 100755 index 77772664d8..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-frontend-config-map-template.yaml +++ /dev/null @@ -1,287 +0,0 @@ -{{- if not .Values.agent }} -{{- $serviceName := .Chart.Name -}} -{{- $nginxPort := .Values.service.targetPort | default 9090 -}} -{{- if .Values.saml.enabled }} -{{- if .Values.oidc.enabled }} -{{- fail "SAML and OIDC cannot both be enabled" }} -{{- end }} -{{- end }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: nginx-conf - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - nginx.conf: | - gzip_static on; - - # Enable gzip encoding for content of the provided types of 50kb and higher. - gzip on; - gzip_min_length 50000; - gzip_proxied expired no-cache no-store private auth; - gzip_types - application/atom+xml - application/geo+json - application/javascript - application/x-javascript - application/json - application/ld+json - application/manifest+json - application/rdf+xml - application/rss+xml - application/vnd.ms-fontobject - application/wasm - application/x-web-app-manifest+json - application/xhtml+xml - application/xml - font/eot - font/otf - font/ttf - image/bmp - image/svg+xml - text/cache-manifest - text/calendar - text/css - text/javascript - text/markdown - text/plain - text/xml - text/x-component - text/x-cross-domain-policy; - - upstream api { -{{- if.Values.kubecostFrontend.api }} -{{- if.Values.kubecostFrontend.api.fqdn }} - server {{ .Values.kubecostFrontend.api.fqdn }}; -{{- else }} - server {{ $serviceName }}.{{ .Values.namespace }}:9001; -{{- end }} -{{- else }} - server {{ $serviceName }}.{{ .Values.namespace }}:9001; -{{- end }} - } - - upstream model { -{{- if.Values.kubecostFrontend.model }} -{{- if.Values.kubecostFrontend.model.fqdn }} - server {{ .Values.kubecostFrontend.model.fqdn }}; -{{- else }} - server {{ $serviceName }}.{{ .Values.namespace }}:9003; -{{- end }} -{{- else }} - server {{ $serviceName }}.{{ .Values.namespace }}:9003; -{{- end }} - } - -{{- if .Values.clusterController }} -{{- if .Values.clusterController.enabled }} - upstream clustercontroller { -{{- if .Values.clusterController.fqdn }} - server {{ .Values.clusterController.fqdn }}; -{{- else }} - server {{ template "kubecost.clusterControllerName" . }}-service.{{ .Values.namespace }}:9731; -{{- end }} - } -{{- end }} -{{- end }} - -{{- if .Values.global.grafana.proxy }} - upstream grafana { -{{- if .Values.global.grafana.enabled }} -{{- if .Values.global.grafana.fqdn }} - server {{ .Values.global.grafana.fqdn }}; -{{- else }} - server {{ .Chart.Name }}-grafana.{{ .Values.namespace }}; -{{- end }} -{{- else }} - server {{.Values.global.grafana.domainName}}; -{{- end }} - } -{{- end }} - - server { - server_name _; - root /var/www; - index index.html; - large_client_header_buffers 4 32k; - add_header Cache-Control "must-revalidate"; - - error_page 504 /custom_504.html; - location = /custom_504.html { - internal; - } - -{{- if or .Values.saml.enabled .Values.oidc.enabled }} - add_header Cache-Control "max-age=0"; - location / { - auth_request /auth; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - error_page 401 = /login; - try_files $uri $uri/ /index.html; - } -{{- else }} - add_header Cache-Control "max-age=300"; - location / { - try_files $uri $uri/ /index.html; - } -{{- end }} -{{- if .Values.imageVersion }} - add_header ETag "{{ $.Values.imageVersion }}"; -{{- else }} - add_header ETag "{{ $.Chart.Version }}"; -{{- end }} -{{- if .Values.kubecostFrontend.tls }} -{{- if .Values.kubecostFrontend.tls.enabled }} -{{- if .Values.kubecostFrontend.tls.specifyProtocols }} - ssl_protocols {{ $.Values.kubecostFrontend.tls.protocols }}; -{{- end }} - ssl_certificate /etc/ssl/certs/kc.crt; - ssl_certificate_key /etc/ssl/certs/kc.key; - listen 443 ssl; -{{- if .Values.kubecostFrontend.ipv6.enabled }} - listen [::]:443 ssl; -{{- end }} -{{- else }} - listen {{ $nginxPort }}; -{{- if .Values.kubecostFrontend.ipv6.enabled }} - listen [::]:{{ $nginxPort }}; -{{- end }} -{{- end }} -{{- else }} - listen {{ $nginxPort }}; -{{- if .Values.kubecostFrontend.ipv6.enabled }} - listen [::]:{{ $nginxPort }}; -{{- end }} -{{- end }} - location /api/ { - {{- if or .Values.saml.enabled .Values.oidc.enabled }} - auth_request /auth; - {{- end }} - proxy_pass http://api/; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - location /model/ { - proxy_connect_timeout 180; - proxy_send_timeout 180; - proxy_read_timeout 180; - proxy_pass http://model/; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location ~ ^/(turndown|cluster)/ { - - add_header 'Access-Control-Allow-Origin' '*' always; -{{- if .Values.clusterController }} -{{- if .Values.clusterController.enabled }} - {{- if or .Values.saml .Values.oidc }} - {{- if or .Values.saml.enabled .Values.oidc.enabled }} - auth_request /auth; - {{- else if .Values.saml.rbac.enabled}} - auth_request /authrbac; - {{- end }} - {{- end }} - - rewrite ^/(?:turndown|cluster)/(.*)$ /$1 break; - proxy_pass http://clustercontroller; - proxy_connect_timeout 180; - proxy_send_timeout 180; - proxy_read_timeout 180; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - -{{- else }} - return 404; -{{- end }} -{{- else }} - return 404; -{{- end }} - } - location /oidc/ { - proxy_connect_timeout 180; - proxy_send_timeout 180; - proxy_read_timeout 180; - proxy_pass http://model/oidc/; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - location /saml/ { - proxy_connect_timeout 180; - proxy_send_timeout 180; - proxy_read_timeout 180; - proxy_pass http://model/saml/; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - location /login { - proxy_connect_timeout 180; - proxy_send_timeout 180; - proxy_read_timeout 180; - proxy_pass http://model/login; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location /logout { - proxy_connect_timeout 180; - proxy_send_timeout 180; - proxy_read_timeout 180; - proxy_pass http://model/logout; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - {{- if .Values.global.grafana.proxy }} - location /grafana/ { - {{- if .Values.saml.enabled }} - auth_request /auth; - {{- end }} - proxy_pass http://grafana/; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - } - {{ end }} - {{- if or .Values.saml.enabled .Values.oidc.enabled }} - location /auth { - proxy_pass http://model/isAuthenticated; - } - {{- end }} - {{- if .Values.saml.rbac.enabled }} - location /authrbac { - proxy_pass http://model/isAdminAuthenticated; - } - {{- end }} - } -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-ingress-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-ingress-template.yaml deleted file mode 100644 index e8a441dee0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-ingress-template.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{- if .Values.ingress -}} -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "cost-analyzer.fullname" . -}} -{{- $serviceName := include "cost-analyzer.serviceName" . -}} -{{- $ingressPaths := .Values.ingress.paths -}} -{{- $ingressPathType := .Values.ingress.pathType -}} -{{- $apiV1 := false -}} -{{- if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare "^1.19-0" .Capabilities.KubeVersion.GitVersion) }} -{{- $apiV1 = true -}} -apiVersion: networking.k8s.io/v1 -{{ else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -apiVersion: networking.k8s.io/v1beta1 -{{ else }} -apiVersion: extensions/v1beta1 -{{ end -}} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: -{{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} -{{- end }} -{{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ . | quote }} - http: - paths: - {{- range $ingressPaths }} - {{- if $apiV1 }} - - path: {{ . }} - pathType: {{ $ingressPathType }} - backend: - service: - name: {{ $serviceName }} - port: - name: tcp-frontend - {{- else }} - - path: {{ . }} - backend: - serviceName: {{ $serviceName }} - servicePort: tcp-frontend - {{- end }} - {{- end }} - {{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-metrics-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-metrics-config-map-template.yaml deleted file mode 100644 index 966bf8fd79..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-metrics-config-map-template.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.kubecostProductConfigs -}} -{{- if .Values.kubecostProductConfigs.metricsConfigs -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ default "metrics-config" .Values.metricsConfigmapName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - metrics.json: '{{ toJson .Values.kubecostProductConfigs.metricsConfigs }}' -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-config-map-template.yaml deleted file mode 100644 index 37276f2971..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-config-map-template.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.networkCosts -}} -{{- if .Values.networkCosts.enabled -}} -{{- if .Values.networkCosts.config -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: network-costs-config - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - config.yaml: | -{{- toYaml .Values.networkCosts.config | nindent 4 }} -{{- end -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-podmonitor-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-podmonitor-template.yaml deleted file mode 100644 index d45567616d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-podmonitor-template.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.networkCosts }} -{{- if .Values.networkCosts.enabled }} -{{- if .Values.networkCosts.podMonitor }} -{{- if .Values.networkCosts.podMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PodMonitor -metadata: - name: {{ include "cost-analyzer.networkCostsName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if .Values.networkCosts.podMonitor.additionalLabels }} - {{ toYaml .Values.networkCosts.podMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - podMetricsEndpoints: - - port: http-server - honorLabels: true - interval: 1m - scrapeTimeout: 10s - path: /metrics - scheme: http - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - app: {{ template "cost-analyzer.networkCostsName" . }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-service-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-service-template.yaml deleted file mode 100644 index 8242f12a87..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-service-template.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.networkCosts }} -{{- if .Values.networkCosts.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "cost-analyzer.networkCostsName" . }} -{{- if (or .Values.networkCosts.service.annotations .Values.networkCosts.prometheusScrape) }} - annotations: -{{- if .Values.networkCosts.service.annotations }} -{{ toYaml .Values.networkCosts.service.annotations | indent 4 }} -{{- end }} -{{- if .Values.networkCosts.prometheusScrape }} - prometheus.io/scrape: "true" - prometheus.io/port: {{ (quote .Values.networkCosts.port) | default (quote 3001) }} -{{- end }} -{{- end }} - labels: - {{ unset (include "cost-analyzer.commonLabels" . | fromYaml) "app" | toYaml | nindent 4 }} - app: {{ template "cost-analyzer.networkCostsName" . }} -spec: - clusterIP: None - ports: - - name: metrics - port: {{ .Values.networkCosts.port | default 3001 }} - protocol: TCP - targetPort: {{ .Values.networkCosts.port | default 3001 }} - selector: - app: {{ template "cost-analyzer.networkCostsName" . }} - type: ClusterIP -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-template.yaml deleted file mode 100644 index 7f26a6379f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-costs-template.yaml +++ /dev/null @@ -1,120 +0,0 @@ -{{- if .Values.networkCosts -}} -{{- if .Values.networkCosts.enabled -}} -apiVersion: {{ include "cost-analyzer.daemonset.apiVersion" . }} -kind: DaemonSet -metadata: - name: {{ template "cost-analyzer.networkCostsName" . }} - labels: - {{- include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - {{- if .Values.networkCosts.updateStrategy }} - updateStrategy: - {{- toYaml .Values.networkCosts.updateStrategy | nindent 4 }} - {{- end }} - selector: - matchLabels: - app: {{ template "cost-analyzer.networkCostsName" . }} - template: - metadata: - {{- with .Values.networkCosts.annotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - app: {{ template "cost-analyzer.networkCostsName" . }} - {{- if .Values.networkCosts.additionalLabels }} - {{ toYaml .Values.networkCosts.additionalLabels | nindent 8 }} - {{- end }} - spec: - {{- if .Values.imagePullSecrets }} - imagePullSecrets: - {{ toYaml .Values.imagePullSecrets | indent 2 }} - {{- end }} - hostNetwork: true - serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} - containers: - - name: {{ template "cost-analyzer.networkCostsName" . }} - image: {{ .Values.networkCosts.image }} - {{- if .Values.networkCosts.extraArgs }} - args: - {{- toYaml .Values.networkCosts.extraArgs | nindent 8 }} - {{- end }} -{{- if .Values.networkCosts.imagePullPolicy }} - imagePullPolicy: {{ .Values.networkCosts.imagePullPolicy }} -{{- else }} - imagePullPolicy: Always -{{- end }} -{{- if .Values.networkCosts.resources }} - resources: -{{ toYaml .Values.networkCosts.resources | indent 10 }} -{{- end }} - env: - {{- if .Values.networkCosts.hostProc }} - - name: HOST_PROC - value: {{ .Values.networkCosts.hostProc.mountPath }} - {{- end }} - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: HOST_PORT - value: {{ (quote .Values.networkCosts.port) | default (quote 3001) }} - - name: TRAFFIC_LOGGING_ENABLED - value: {{ (quote .Values.networkCosts.trafficLogging) | default (quote true) }} - - name: GODEBUG - value: "madvdontneed=1" - volumeMounts: - {{- if .Values.networkCosts.hostProc }} - - mountPath: {{ .Values.networkCosts.hostProc.mountPath }} - name: host-proc - {{- else }} - - mountPath: /net - name: nf-conntrack - - mountPath: /netfilter - name: netfilter - {{- end }} - {{- if .Values.networkCosts.config }} - - mountPath: /network-costs/config - name: network-costs-config - {{- end }} - securityContext: - privileged: true - ports: - - name: http-server - containerPort: {{ .Values.networkCosts.port | default 3001 }} - hostPort: {{ .Values.networkCosts.port | default 3001 }} -{{- if .Values.networkCosts.priorityClassName }} - priorityClassName: "{{ .Values.networkCosts.priorityClassName }}" -{{- end }} - {{- with .Values.networkCosts.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 10 }} - {{- end }} -{{- if .Values.networkCosts.tolerations }} - tolerations: -{{ toYaml .Values.networkCosts.tolerations | indent 8 }} - {{- end }} - {{- with .Values.networkCosts.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - {{- if .Values.networkCosts.config }} - - name: network-costs-config - configMap: - name: network-costs-config - {{- end }} - {{- if .Values.networkCosts.hostProc }} - - name: host-proc - hostPath: - path: {{ default "/proc" .Values.networkCosts.hostProc.hostPath }} - {{- else }} - - name: nf-conntrack - hostPath: - path: /proc/net - - name: netfilter - hostPath: - path: /proc/sys/net/netfilter - {{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy-template.yaml deleted file mode 100644 index 2cfa39c20d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy-template.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{- if .Values.networkPolicy -}} -{{- if .Values.networkPolicy.costAnalyzer.enabled -}} -kind: NetworkPolicy -apiVersion: {{ include "cost-analyzer.networkPolicy.apiVersion" . }} -metadata: - name: {{ template "cost-analyzer.fullname" . }} -{{- if .Values.networkPolicy.costAnalyzer.annotations }} - annotations: -{{ toYaml .Values.networkPolicy.costAnalyzer.annotations | indent 4}} -{{- end }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "cost-analyzer.commonLabels" . | nindent 4 }} -{{- if .Values.networkPolicy.costAnalyzer.additionalLabels }} -{{ toYaml .Values.networkPolicy.costAnalyzer.additionalLabels | indent 4 }} -{{- end }} -spec: - podSelector: - matchLabels: - {{- include "cost-analyzer.selectorLabels" . | nindent 6 }} - policyTypes: -{{- if .Values.networkPolicy.costAnalyzer.ingressRules }} - - Ingress -{{- end }} -{{- if .Values.networkPolicy.costAnalyzer.egressRules }} - - Egress -{{- end }} -{{- if .Values.networkPolicy.costAnalyzer.egressRules }} - egress: -{{- range $rule := .Values.networkPolicy.costAnalyzer.egressRules }} - - to: -{{ toYaml $rule.selectors | indent 7 }} - ports: -{{ toYaml $rule.ports | indent 9 }} -{{- end }} -{{- end }} -{{- if .Values.networkPolicy.costAnalyzer.ingressRules }} - ingress: -{{- range $rule := .Values.networkPolicy.costAnalyzer.ingressRules }} - - from: -{{ toYaml $rule.selectors | indent 7 }} - ports: -{{ toYaml $rule.ports | indent 9 }} -{{- end }} -{{- end }} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy.yaml deleted file mode 100644 index c806c3d511..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-network-policy.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if .Values.networkPolicy -}} -{{- if .Values.networkPolicy.enabled -}} -apiVersion: {{ include "cost-analyzer.networkPolicy.apiVersion" . }} -kind: NetworkPolicy -{{- if .Values.networkPolicy.denyEgress }} -metadata: - name: deny-egress - labels: - {{- include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - podSelector: - matchLabels: - {{- include "cost-analyzer.selectorLabels" . | nindent 6 }} - policyTypes: - - Egress - egress: - - to: - - namespaceSelector: {} -{{- else }} -{{- if .Values.networkPolicy.sameNamespace}} -metadata: - name: shared-namespace - namespace: {{ default "kubecost" .Values.networkPolicy.namespace}} -spec: - podSelector: - matchLabels: - app: prometheus - component: server -{{- else }} -metadata: - name: closed-traffic - namespace: {{ default "kubecost" .Values.networkPolicy.namespace}} -spec: - podSelector: - matchLabels: - app.kubernetes.io/name: cost-analyzer -{{- end }} - policyTypes: - - Ingress - ingress: - - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: cost-analyzer - - namespaceSelector: - matchLabels: - name: k8s-kubecost -{{- end }} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-oidc-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-oidc-config-map-template.yaml deleted file mode 100644 index 3c95e11a31..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-oidc-config-map-template.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.oidc }} -{{- if .Values.oidc.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "cost-analyzer.fullname" . }}-oidc - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: -{{- $root := . }} - oidc.json: |- - { - "enabled" : {{ .Values.oidc.enabled }}, - "clientID" : "{{ .Values.oidc.clientID }}", - "secretName" : "{{ .Values.oidc.secretName }}", - "authURL" : "{{ .Values.oidc.authURL }}", - "loginRedirectURL" : "{{ .Values.oidc.loginRedirectURL }}", - "discoveryURL" : "{{ .Values.oidc.discoveryURL }}", - "hostedDomain" : "{{ .Values.oidc.hostedDomain }}" - } -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pkey-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pkey-configmap.yaml deleted file mode 100644 index 6e47e09386..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pkey-configmap.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.kubecostProductConfigs }} -{{- if .Values.kubecostProductConfigs.productKey }} -{{- if .Values.kubecostProductConfigs.productKey.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ default "product-configs" .Values.productConfigmapName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - {{- if .Values.kubecostProductConfigs.productKey.key }} - key: {{ .Values.kubecostProductConfigs.productKey.key | quote }} - {{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pricing-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pricing-configmap.yaml deleted file mode 100644 index 12ccb38b36..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pricing-configmap.yaml +++ /dev/null @@ -1,137 +0,0 @@ -{{- if .Values.kubecostProductConfigs }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ default "pricing-configs" .Values.pricingConfigmapName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - {{- if .Values.kubecostProductConfigs.defaultModelPricing }} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.enabled }} - {{- if .Values.kubecostProductConfigs.customPricesEnabled }} - customPricesEnabled: "{{ .Values.kubecostProductConfigs.customPricesEnabled }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.CPU }} - CPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.CPU | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.spotCPU }} - spotCPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.spotCPU | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.RAM }} - RAM: "{{ .Values.kubecostProductConfigs.defaultModelPricing.RAM | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.spotRAM }} - spotRAM: "{{ .Values.kubecostProductConfigs.defaultModelPricing.spotRAM | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.GPU }} - GPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.GPU | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.spotGPU }} - spotGPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.spotGPU | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.storage }} - storage: "{{ .Values.kubecostProductConfigs.defaultModelPricing.storage | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.zoneNetworkEgress }} - zoneNetworkEgress: "{{ .Values.kubecostProductConfigs.defaultModelPricing.zoneNetworkEgress | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.regionNetworkEgress }} - regionNetworkEgress: "{{ .Values.kubecostProductConfigs.defaultModelPricing.regionNetworkEgress | toString }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultModelPricing.internetNetworkEgress }} - internetNetworkEgress: "{{ .Values.kubecostProductConfigs.defaultModelPricing.internetNetworkEgress | toString }}" - {{- end -}} - {{- end -}} - {{- end -}} - {{- if .Values.kubecostProductConfigs.clusterName }} - clusterName: "{{ .Values.kubecostProductConfigs.clusterName }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.currencyCode }} - currencyCode: "{{ .Values.kubecostProductConfigs.currencyCode }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.azureBillingRegion }} - azureBillingRegion: "{{ .Values.kubecostProductConfigs.azureBillingRegion }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.azureSubscriptionID }} - azureSubscriptionID: "{{ .Values.kubecostProductConfigs.azureSubscriptionID }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.azureClientID }} - azureClientID: "{{ .Values.kubecostProductConfigs.azureClientID }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.azureTenantID }} - azureTenantID: "{{ .Values.kubecostProductConfigs.azureTenantID }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.azureOfferDurableID }} - azureOfferDurableID: "{{ .Values.kubecostProductConfigs.azureOfferDurableID }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.discount }} - discount: "{{ .Values.kubecostProductConfigs.discount }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.negotiatedDiscount }} - negotiatedDiscount: "{{ .Values.kubecostProductConfigs.negotiatedDiscount }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.defaultIdle }} - defaultIdle: "{{ .Values.kubecostProductConfigs.defaultIdle }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.sharedNamespaces }} - sharedNamespaces: "{{ .Values.kubecostProductConfigs.sharedNamespaces }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.sharedOverhead }} - sharedOverhead: "{{ .Values.kubecostProductConfigs.sharedOverhead }}" - {{- end -}} - {{- if gt (len (toString .Values.kubecostProductConfigs.shareTenancyCosts)) 0 }} - {{- if eq (toString .Values.kubecostProductConfigs.shareTenancyCosts) "false" }} - shareTenancyCosts: "false" - {{- else if eq (toString .Values.kubecostProductConfigs.shareTenancyCosts) "true" }} - shareTenancyCosts: "true" - {{- end -}} - {{- end -}} - {{- if .Values.kubecostProductConfigs.spotLabel }} - spotLabel: "{{ .Values.kubecostProductConfigs.spotLabel }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.spotLabelValue }} - spotLabelValue: "{{ .Values.kubecostProductConfigs.spotLabelValue }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.awsSpotDataRegion }} - spotDataRegion: "{{ .Values.kubecostProductConfigs.awsSpotDataRegion }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.awsSpotDataBucket }} - spotDataBucket: "{{ .Values.kubecostProductConfigs.awsSpotDataBucket }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.awsSpotDataPrefix }} - spotDataPrefix: "{{ .Values.kubecostProductConfigs.awsSpotDataPrefix }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.projectID }} - projectID: "{{ .Values.kubecostProductConfigs.projectID }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.bigQueryBillingDataDataset }} - billingDataDataset: "{{ .Values.kubecostProductConfigs.bigQueryBillingDataDataset }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.athenaProjectID }} - athenaProjectID: "{{ .Values.kubecostProductConfigs.athenaProjectID }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.athenaBucketName }} - athenaBucketName: "{{ .Values.kubecostProductConfigs.athenaBucketName }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.athenaRegion }} - athenaRegion: "{{ .Values.kubecostProductConfigs.athenaRegion }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.athenaDatabase }} - athenaDatabase: "{{ .Values.kubecostProductConfigs.athenaDatabase }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.athenaTable }} - athenaTable: "{{ .Values.kubecostProductConfigs.athenaTable }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.athenaWorkgroup }} - athenaWorkgroup: "{{ .Values.kubecostProductConfigs.athenaWorkgroup }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.masterPayerARN}} - masterPayerARN: "{{ .Values.kubecostProductConfigs.masterPayerARN }}" - {{- end }} - {{- if .Values.kubecostProductConfigs.gpuLabel }} - gpuLabel: "{{ .Values.kubecostProductConfigs.gpuLabel }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.gpuLabelValue }} - gpuLabelValue: "{{ .Values.kubecostProductConfigs.gpuLabelValue }}" - {{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-deployment.yaml deleted file mode 100644 index 2d6cfc387e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-deployment.yaml +++ /dev/null @@ -1,57 +0,0 @@ -{{- if .Values.remoteWrite -}} -{{- if .Values.remoteWrite.postgres -}} -{{- if .Values.remoteWrite.postgres.enabled -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "cost-analyzer.fullname" . }}-adapter - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - selector: - matchLabels: - app: adapter - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - app: adapter - spec: - initContainers: - - name: kubecost-sql-init - image: {{ .Values.remoteWrite.postgres.initImage }}:prod-{{ $.Chart.AppVersion }} - {{- if .Values.remoteWrite.postgres.initImagePullPolicy }} - imagePullPolicy: {{ .Values.remoteWrite.postgres.initImagePullPolicy }} - {{- else }} - imagePullPolicy: Always - {{- end }} - env: - - name: PROMETHEUS_SERVER_ENDPOINT - valueFrom: - configMapKeyRef: - name: {{ template "cost-analyzer.fullname" . }} - key: prometheus-server-endpoint - containers: - - image: timescale/prometheus-postgresql-adapter:latest - name: pgprometheusadapter - ports: - - containerPort: 9201 - args: - {{- if .Values.remoteWrite.postgres.installLocal }} - - "-pg-host=pgprometheus" - {{- else }} - - "-pg-host={{ .Values.remoteWrite.postgres.remotePostgresAddress }}" - {{- end }} - - "-pg-prometheus-log-samples=true" - - "-pg-password={{ .Values.remoteWrite.postgres.auth.password }}" - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 10 }} - {{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-service.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-service.yaml deleted file mode 100644 index d36479439c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheus-postgres-adapter-service.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.remoteWrite -}} -{{- if .Values.remoteWrite.postgres -}} -{{- if .Values.remoteWrite.postgres.enabled -}} -kind: Service -apiVersion: v1 -metadata: - name: pgprometheus-adapter - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - selector: - app: adapter - type: ClusterIP - ports: - - name: server - port: 9201 - targetPort: 9201 -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheusrule-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheusrule-template.yaml deleted file mode 100644 index 61380b4243..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-prometheusrule-template.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.prometheus }} -{{- if .Values.prometheus.serverFiles }} -{{- if .Values.prometheus.serverFiles.rules }} -{{- if .Values.prometheusRule }} -{{- if .Values.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "cost-analyzer.fullname" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if .Values.prometheusRule.additionalLabels }} - {{ toYaml .Values.prometheusRule.additionalLabels | nindent 4 }} - {{- end }} -spec: - {{ toYaml .Values.prometheus.serverFiles.rules | nindent 2 }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-role.template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-role.template.yaml deleted file mode 100644 index ab17b95c9d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-role.template.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.podSecurityPolicy }} -{{- if .Values.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "cost-analyzer.fullname" . }}-psp - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - annotations: -{{- if .Values.podSecurityPolicy.annotations }} -{{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }} -{{- end }} -rules: -- apiGroups: ['extensions'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "cost-analyzer.fullname" . }}-psp -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-rolebinding.template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-rolebinding.template.yaml deleted file mode 100644 index 6b7d1c3147..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp-rolebinding.template.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.podSecurityPolicy }} -{{- if .Values.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "cost-analyzer.fullname" . }}-psp - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 6 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "cost-analyzer.fullname" . }}-psp -subjects: -- kind: ServiceAccount - name: {{ template "cost-analyzer.serviceAccountName" . }} - namespace: {{ .Values.namespace }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp.template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp.template.yaml deleted file mode 100644 index 6d2178d733..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-psp.template.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.podSecurityPolicy }} -{{- if .Values.podSecurityPolicy.enabled }} -apiVersion: {{ include "cost-analyzer.podSecurityPolicy.apiVersion" . }} -kind: PodSecurityPolicy -metadata: - name: {{ template "cost-analyzer.fullname" . }}-psp - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 6 }} -spec: - privileged: false - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - runAsUser: - rule: RunAsAny - fsGroup: - rule: RunAsAny - volumes: - - '*' -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pvc-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pvc-template.yaml deleted file mode 100755 index 75dfe242a8..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-pvc-template.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if .Values.persistentVolume -}} -{{- if not .Values.persistentVolume.existingClaim -}} -{{- if .Values.persistentVolume.enabled -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ template "cost-analyzer.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - {{- if .Values.persistentVolume.storageClass }} - storageClassName: {{ .Values.persistentVolume.storageClass }} - {{ end }} - resources: - requests: - {{- if .Values.persistentVolume }} - storage: {{ .Values.persistentVolume.size }} - {{- else }} - storage: 32.0Gi - {{ end }} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saml-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saml-config-map-template.yaml deleted file mode 100644 index 71ac8659c2..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saml-config-map-template.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.saml }} -{{- if .Values.saml.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "cost-analyzer.fullname" . }}-saml - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: -{{- $root := . }} - saml.json: '{{ toJson .Values.saml }}' -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saved-reports-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saved-reports-configmap.yaml deleted file mode 100644 index 165f27bce2..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-saved-reports-configmap.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.global.savedReports }} -{{- if .Values.global.savedReports.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{default "saved-report-configs" .Values.savedReportConfigmapName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - saved-reports.json: '{{ toJson .Values.global.savedReports.reports }}' -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-server-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-server-configmap.yaml deleted file mode 100644 index 1a522d0422..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-server-configmap.yaml +++ /dev/null @@ -1,72 +0,0 @@ -{{- if .Values.kubecostProductConfigs }} -{{- if or .Values.kubecostProductConfigs.grafanaURL .Values.kubecostProductConfigs.labelMappingConfigs }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ default "app-configs" .Values.appConfigmapName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: -{{- if .Values.kubecostProductConfigs.labelMappingConfigs }} -{{- if .Values.kubecostProductConfigs.labelMappingConfigs.enabled }} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.owner_label }} - owner_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.owner_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.team_label }} - team_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.team_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.department_label }} - department_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.department_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.product_label }} - product_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.product_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.environment_label }} - environment_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.environment_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.namespace_external_label }} - namespace_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.namespace_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.cluster_external_label }} - cluster_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.cluster_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.controller_external_label }} - controller_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.controller_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.product_external_label }} - product_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.product_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.service_external_label }} - service_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.service_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.deployment_external_label }} - deployment_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.deployment_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.team_external_label }} - team_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.team_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.environment_external_label }} - environment_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.environment_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.department_external_label }} - department_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.department_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.statefulset_external_label }} - statefulset_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.statefulset_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.daemonset_external_label }} - daemonset_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.daemonset_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.pod_external_label }} - pod_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.pod_external_label }}" - {{- end -}} - {{- if .Values.kubecostProductConfigs.labelMappingConfigs.owner_external_label }} - owner_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.owner_external_label }}" - {{- end -}} -{{- end -}} -{{- end -}} - {{- if .Values.kubecostProductConfigs.grafanaURL }} - grafanaURL: "{{ .Values.kubecostProductConfigs.grafanaURL }}" - {{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-account-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-account-template.yaml deleted file mode 100755 index 6fc9e21e97..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-account-template.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "cost-analyzer.serviceAccountName" . }} - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -{{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-template.yaml deleted file mode 100755 index 4ac7902fdd..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-service-template.yaml +++ /dev/null @@ -1,69 +0,0 @@ -{{- if not .Values.agent }} -{{- $nginxPort := .Values.service.targetPort | default 9090 -}} -{{- $servicePort := .Values.service.port | default 9090 -}} -kind: Service -apiVersion: v1 -metadata: - name: {{ .Chart.Name }} - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -{{- if .Values.service.labels }} -{{ toYaml .Values.service.labels | indent 4 }} -{{- end }} -{{- if .Values.service.annotations }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} -{{- end }} -spec: - selector: - {{ include "cost-analyzer.selectorLabels" . | nindent 4 }} -{{- if .Values.service -}} -{{- if .Values.service.type }} - type: "{{ .Values.service.type }}" -{{- else }} - type: ClusterIP -{{- end }} -{{- else }} - type: ClusterIP -{{- end }} - ports: - - name: tcp-model - port: 9003 - targetPort: 9003 - - name: tcp-frontend - {{- if .Values.kubecostFrontend.tls }} - {{- if .Values.kubecostFrontend.tls.enabled }} - port: 443 - targetPort: 443 - {{- if (eq .Values.service.type "NodePort") }} - {{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - {{- end }} - {{- else }} - port: {{ $servicePort }} - targetPort: {{ $nginxPort }} - {{- if (eq .Values.service.type "NodePort") }} - {{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - {{- end }} - {{- end}} - {{- else }} - port: {{ $servicePort }} - targetPort: {{ $nginxPort }} - {{- if (eq .Values.service.type "NodePort") }} - {{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.saml }} - {{- if .Values.saml.enabled }} - - name: apiserver - port: 9004 - targetPort: 9004 - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-servicemonitor-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-servicemonitor-template.yaml deleted file mode 100644 index 648c6b2722..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/cost-analyzer-servicemonitor-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.serviceMonitor }} -{{- if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "cost-analyzer.fullname" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if .Values.serviceMonitor.additionalLabels }} - {{ toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: tcp-model - honorLabels: true - interval: 1m - scrapeTimeout: 10s - path: /metrics - scheme: http - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{ include "cost-analyzer.selectorLabels" . | nindent 6 }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/external-grafana-config-map-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/external-grafana-config-map-template.yaml deleted file mode 100644 index 5e81ed3598..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/external-grafana-config-map-template.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if eq .Values.global.grafana.proxy false -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: external-grafana-config-map - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - grafanaURL: {{ .Values.global.grafana.scheme | default "http" }}://{{- .Values.global.grafana.domainName }} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-attached-disk-metrics-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-attached-disk-metrics-template.yaml deleted file mode 100644 index fb56c03d1e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-attached-disk-metrics-template.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: attached-disk-metrics-dashboard - namespace: {{ .Values.namespace }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - attached-disks.json: |- -{{ .Files.Get "attached-disks.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-metrics-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-metrics-template.yaml deleted file mode 100644 index 640b6bd312..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-metrics-template.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: cluster-metrics-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - cluster-metrics.json: |- -{{ .Files.Get "cluster-metrics.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} - - diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-utilization-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-utilization-template.yaml deleted file mode 100644 index 3b12e5f091..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-cluster-utilization-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: cluster-utilization-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - cluster-utilization.json: |- -{{ .Files.Get "cluster-utilization.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-deployment-utilization-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-deployment-utilization-template.yaml deleted file mode 100644 index 644a8ea6cf..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-deployment-utilization-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: deployment-utilization-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - deployment-utilization.json: |- -{{ .Files.Get "deployment-utilization.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-label-cost-utilization-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-label-cost-utilization-template.yaml deleted file mode 100644 index 6ba7163fd0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-label-cost-utilization-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: label-cost-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - label-cost-utilization.json: |- -{{ .Files.Get "label-cost-utilization.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-namespace-utilization-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-namespace-utilization-template.yaml deleted file mode 100644 index 33524b7a65..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-namespace-utilization-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: namespace-utilization-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - namespace-utilization.json: |- -{{ .Files.Get "namespace-utilization.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-node-utilization-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-node-utilization-template.yaml deleted file mode 100644 index aafed64fbc..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-node-utilization-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: node-utilization-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - node-utilization.json: |- -{{ .Files.Get "node-utilization.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-pod-utilization-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-pod-utilization-template.yaml deleted file mode 100644 index 8058c4cc98..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-pod-utilization-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: pod-utilization-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - pod-utilization.json: |- -{{ .Files.Get "pod-utilization.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-prometheus-metrics-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-prometheus-metrics-template.yaml deleted file mode 100644 index bee726f296..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-dashboard-prometheus-metrics-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.dashboards -}} -{{- if .Values.grafana.sidecar.dashboards.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: prom-benchmark-dashboard - {{- if $.Values.grafana.namespace_dashboards }} - namespace: {{ $.Values.grafana.namespace_dashboards }} - {{- end }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.dashboards.label }} - {{ $.Values.grafana.sidecar.dashboards.label }}: "1" - {{- else }} - grafana_dashboard: "1" - {{- end }} - annotations: -{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }} -data: - prom-benchmark.json: |- -{{ .Files.Get "prom-benchmark.json" | indent 8 }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-datasource-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-datasource-template.yaml deleted file mode 100644 index d92a95023c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/grafana-datasource-template.yaml +++ /dev/null @@ -1,56 +0,0 @@ -{{- if .Values.grafana -}} -{{- if .Values.grafana.sidecar -}} -{{- if .Values.grafana.sidecar.datasources -}} -{{- if .Values.grafana.sidecar.datasources.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: grafana-datasource - {{- if $.Values.grafana.namespace_datasources }} - namespace: {{ $.Values.grafana.namespace_datasources }} - {{- end }} - labels: - {{- include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if $.Values.grafana.sidecar.datasources.label }} - {{ $.Values.grafana.sidecar.datasources.label }}: "1" - {{- else }} - {{- if .Values.global.grafana.enabled }} - kubecost_grafana_datasource: "1" - {{- else }} - grafana_datasource: "1" - {{- end }} - {{- end }} -data: - {{ default "datasource.yaml" .Values.grafana.sidecar.datasources.dataSourceFilename }}: |- - apiVersion: 1 - datasources: - - access: proxy - name: default-kubecost - type: prometheus -{{- if .Values.grafana.sidecar.datasources.defaultDatasourceEnabled }} - isDefault: true -{{- else }} - isDefault: false -{{- end }} -{{- if .Values.global.thanos }} -{{- if .Values.global.thanos.enabled }} -{{- if .Values.global.prometheus.enabled }} - url: http://{{ .Release.Name }}-thanos-query-http.{{ .Release.Namespace }}:{{ .Values.thanos.query.http.port }} -{{- else }} - url: {{ .Values.global.thanos.queryService }} -{{- end }} - - access: proxy - name: {{ default "Prometheus" .Values.grafana.sidecar.datasources.dataSourceName}} - isDefault: false - type: prometheus -{{- end }} -{{- if .Values.global.prometheus.enabled }} - url: http://{{ template "cost-analyzer.prometheus.server.name" . }}.{{ .Release.Namespace }} -{{- else }} - url: {{ .Values.global.prometheus.fqdn }} -{{- end }} -{{- end }} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-agent-secret-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-agent-secret-template.yaml deleted file mode 100644 index fbc6034afe..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-agent-secret-template.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if .Values.agentKey }} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ .Values.agentKeySecretName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - object-store.yaml: {{ .Values.agentKey }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-controller-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-controller-template.yaml deleted file mode 100644 index e85e7de3a7..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-controller-template.yaml +++ /dev/null @@ -1,301 +0,0 @@ -{{- if .Values.clusterController }} -{{- if .Values.clusterController.enabled }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "kubecost.clusterControllerName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} ---- -# -# NOTE: -# The following ClusterRole permissions are only created and assigned for the -# cluster controller feature. They will not be added to any clusters by default. -# -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "kubecost.clusterControllerName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -rules: - - apiGroups: - - kubecost.com - resources: - - turndownschedules - - turndownschedules/status - verbs: - - get - - list - - watch - - create - - patch - - update - - delete - - apiGroups: - - "" - - events.k8s.io - resources: - - events - verbs: - - create - - patch - - update - - apiGroups: - - '' - resources: - - deployments - - nodes - - pods - - resourcequotas - - replicationcontrollers - - limitranges - - pods/eviction - verbs: - - get - - list - - watch - - create - - patch - - update - - delete - - apiGroups: - - '' - resources: - - configmaps - - namespaces - - persistentvolumeclaims - - persistentvolumes - - endpoints - - events - - services - verbs: - - get - - list - - watch - - apiGroups: - - extensions - resources: - - daemonsets - - deployments - - replicasets - verbs: - - get - - list - - watch - - create - - patch - - update - - delete - - apiGroups: - - apps - resources: - - statefulsets - - deployments - - daemonsets - - replicasets - verbs: - - get - - list - - watch - - create - - patch - - update - - delete - - apiGroups: - - batch - resources: - - cronjobs - - jobs - verbs: - - get - - list - - watch - - create - - patch - - update - - delete - - apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - get - - list - - watch - - apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - get - - list - - watch - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - verbs: - - get - - list - - watch - - apiGroups: - - events.k8s.io - resources: - - events - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "kubecost.clusterControllerName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "kubecost.clusterControllerName" . }} -subjects: - - kind: ServiceAccount - name: {{ template "kubecost.clusterControllerName" . }} - namespace: {{ .Release.Namespace }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "kubecost.clusterControllerName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 1 - type: RollingUpdate - selector: - matchLabels: - app: {{ template "kubecost.clusterControllerName" . }} - template: - metadata: - labels: - app: {{ template "kubecost.clusterControllerName" . }} - spec: - containers: - - name: {{ template "kubecost.clusterControllerName" . }} - image: {{ .Values.clusterController.image }} - imagePullPolicy: {{ .Values.clusterController.imagePullPolicy }} - volumeMounts: - - name: cluster-controller-keys - mountPath: /var/keys - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: CLUSTER_ID - value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} - - name: TURNDOWN_NAMESPACE - value: {{ .Release.Namespace }} - - name: TURNDOWN_DEPLOYMENT - value: {{ template "kubecost.clusterControllerName" . }} - {{- if .Values.kubecostProductConfigs.gcpSecretName }} - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /var/keys/service-key.json - {{- end }} - ports: - - name: http-server - containerPort: 9731 - hostPort: 9731 - serviceAccount: {{ template "kubecost.clusterControllerName" . }} - serviceAccountName: {{ template "kubecost.clusterControllerName" . }} - volumes: - - name: cluster-controller-keys - secret: - secretName: {{ .Values.clusterController.secretName | default "cluster-controller-service-key" }} - # The secret is optional because not all of cluster controller's - # functionality requires this secret. Cluster controller will - # partially or fully initialize based on the presence of these keys - # and their validity. - optional: true ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ template "kubecost.clusterControllerName" . }}-service - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - type: ClusterIP - ports: - - name: http - protocol: TCP - port: 9731 - targetPort: 9731 - selector: - app: {{ template "kubecost.clusterControllerName" . }} ---- -# TurndownSchedule Custom Resource Definition for persistence -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: turndownschedules.kubecost.com - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -spec: - group: kubecost.com - names: - kind: TurndownSchedule - singular: turndownschedule - plural: turndownschedules - shortNames: - - td - - tds - scope: Cluster - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - start: - type: string - format: date-time - end: - type: string - format: date-time - repeat: - type: string - enum: [none, daily, weekly] - additionalPrinterColumns: - - name: State - type: string - description: The state of the turndownschedule - jsonPath: .status.state - - name: Next Turndown - type: string - description: The next turndown date-time - jsonPath: .status.nextScaleDownTime - - name: Next Turn Up - type: string - description: The next turn up date-time - jsonPath: .status.nextScaleUpTime -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-manager-configmap-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-manager-configmap-template.yaml deleted file mode 100644 index 907252f93d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-cluster-manager-configmap-template.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.kubecostProductConfigs }} -{{- if .Values.kubecostProductConfigs.clusters }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: kubecost-clusters - labels: - {{- include "cost-analyzer.commonLabels" . | nindent 4 }} -data: - default-clusters.yaml: | -{{- toYaml .Values.kubecostProductConfigs.clusters | nindent 4 }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-deployment-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-deployment-template.yaml deleted file mode 100644 index 680ded31ce..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-deployment-template.yaml +++ /dev/null @@ -1,280 +0,0 @@ -{{- if .Values.kubecostMetrics }} -{{- if .Values.kubecostMetrics.exporter }} -{{- if or .Values.kubecostMetrics.exporter.enabled .Values.agent }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "kubecost.kubeMetricsName" . }} - labels: - {{ unset (include "cost-analyzer.commonLabels" . | fromYaml) "app" | toYaml | nindent 4 }} - app: {{ template "kubecost.kubeMetricsName" . }} -{{- with .Values.kubecostMetrics.exporter.labels }} -{{ toYaml . | indent 4 }} -{{- end }} -spec: - replicas: {{ .Values.kubecostMetrics.exporter.replicas | default 1 }} - selector: - matchLabels: - app: {{ include "kubecost.kubeMetricsName" . }} - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - app: {{ template "kubecost.kubeMetricsName" . }} - {{- if .Values.global.additionalLabels }} - {{ toYaml .Values.global.additionalLabels | nindent 8 }} - {{- end }} -{{- with .Values.kubecostMetrics.exporter.labels }} -{{ toYaml . | indent 8 }} -{{- end }} -{{- if .Values.global.podAnnotations }} - annotations: -{{- with .Values.global.podAnnotations }} -{{ toYaml . | indent 8 }} -{{- end }} -{{- end }} - spec: - restartPolicy: Always - serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} - volumes: - {{- if .Values.agent }} - - name: config-store - secret: - secretName: {{ .Values.agentKeySecretName }} - {{- end }} - {{- if .Values.kubecostProductConfigs }} - {{- if .Values.kubecostProductConfigs.gcpSecretName }} - - name: gcp-key-secret - secret: - secretName: {{ .Values.kubecostProductConfigs.gcpSecretName }} - items: - - key: compute-viewer-kubecost-key.json - path: service-key.json - {{- end }} - {{- if .Values.kubecostProductConfigs.serviceKeySecretName }} - - name: service-key-secret - secret: - secretName: {{ .Values.kubecostProductConfigs.serviceKeySecretName }} - {{- else if .Values.kubecostProductConfigs.createServiceKeySecret }} - - name: service-key-secret - secret: - secretName: cloud-service-key - {{- end }} - {{- if .Values.kubecostProductConfigs.azureStorageSecretName }} - - name: azure-storage-config - secret: - secretName: {{ .Values.kubecostProductConfigs.azureStorageSecretName }} - items: - - key: azure-storage-config.json - path: azure-storage-config.json - {{- else if .Values.kubecostProductConfigs.azureStorageCreateSecret }} - - name: azure-storage-config - secret: - secretName: azure-storage-config - {{- end }} - {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }} - - name: cloud-integration - secret: - secretName: {{ .Values.kubecostProductConfigs.cloudIntegrationSecret }} - items: - - key: cloud-integration.json - path: cloud-integration.json - {{- end }} - {{- end }} - - name: persistent-configs -{{- if .Values.persistentVolume }} -{{- if .Values.persistentVolume.enabled }} - persistentVolumeClaim: -{{- if .Values.persistentVolume.existingClaim }} - claimName: {{ .Values.persistentVolume.existingClaim }} -{{- else }} - claimName: {{ template "cost-analyzer.fullname" . }} -{{- end -}} -{{- else }} - emptyDir: {} -{{- end -}} -{{- else }} - persistentVolumeClaim: - claimName: {{ template "cost-analyzer.fullname" . }} -{{- end }} - initContainers: -{{- if .Values.supportNFS }} - - name: config-db-perms-fix - {{- if .Values.initChownDataImage }} - image: {{ .Values.initChownDataImage }} - {{- else }} - image: busybox - {{- end }} - resources: -{{ toYaml .Values.initChownData.resources | indent 12 }} - command: ["sh", "-c", "/bin/chmod -R 777 /var/configs"] - volumeMounts: - - name: persistent-configs - mountPath: /var/configs - securityContext: - runAsUser: 0 -{{- end }} - containers: - {{- if .Values.kubecostModel }} - {{- if .Values.kubecostModel.fullImageName }} - - image: {{ .Values.kubecostModel.fullImageName }} - {{- else if .Values.imageVersion }} - - image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} - {{- else }} - - image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} - {{ end }} - {{- else }} - - image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} - {{ end }} - {{- if .Values.kubecostModel.imagePullPolicy }} - imagePullPolicy: {{ .Values.kubecostModel.imagePullPolicy }} - {{- else }} - imagePullPolicy: Always - {{- end }} - name: {{ template "kubecost.kubeMetricsName" . }} - ports: - - name: tcp-metrics - protocol: TCP - containerPort: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} - resources: -{{ toYaml .Values.kubecostMetrics.exporter.resources | indent 12 }} - readinessProbe: - httpGet: - path: /healthz - port: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 200 - volumeMounts: - - name: persistent-configs - mountPath: /var/configs - {{- if .Values.agent }} - - name: config-store - mountPath: /var/secrets - {{- end }} - {{- if .Values.kubecostProductConfigs }} - {{- if .Values.kubecostProductConfigs.gcpSecretName }} - - name: gcp-key-secret - mountPath: /var/secrets - {{- end }} - {{- if or .Values.kubecostProductConfigs.azureStorageSecretName .Values.kubecostProductConfigs.azureStorageCreateSecret}} - - name: azure-storage-config - mountPath: /var/azure-storage-config - {{- end }} - {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret}} - - name: cloud-integration - mountPath: /var/cloud-integration - {{- end }} - {{- if or .Values.kubecostProductConfigs.serviceKeySecretName .Values.kubecostProductConfigs.createServiceKeySecret }} - - name: service-key-secret - mountPath: /var/secrets - {{- end }} - {{- end }} - args: - - agent - {{- if .Values.kubecostMetrics.exporter.extraArgs }} - {{ toYaml .Values.kubecostMetrics.exporter.extraArgs | nindent 12 }} - {{- end }} - env: - - name: PROMETHEUS_SERVER_ENDPOINT - valueFrom: - configMapKeyRef: - name: {{ template "cost-analyzer.fullname" . }} - key: prometheus-server-endpoint - - name: CLOUD_PROVIDER_API_KEY - value: "AIzaSyDXQPG_MHUEy9neR7stolq6l0ujXmjJlvk" # The GCP Pricing API requires a key. - {{- if .Values.kubecostProductConfigs.gcpSecretName }} - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /var/configs/key.json - {{- end }} - - name: CONFIG_PATH - value: /var/configs/ - - name: KUBECOST_METRICS_PORT - value: {{ (quote .Values.kubecostMetrics.exporter.port) | default (quote 9005) }} - {{- if .Values.agent }} - - name: KUBECOST_CONFIG_BUCKET - value: /var/secrets/object-store.yaml - - name: EXPORT_CLUSTER_INFO_ENABLED - value: {{ (quote .Values.kubecostMetrics.exporter.exportClusterInfo) | default (quote true) }} - - name: EXPORT_CLUSTER_CACHE_ENABLED - value: {{ (quote .Values.kubecostMetrics.exporter.exportClusterCache) | default (quote true) }} - {{- end }} - - name: EMIT_POD_ANNOTATIONS_METRIC - value: {{ (quote .Values.kubecostMetrics.emitPodAnnotations) | default (quote false) }} - - name: EMIT_NAMESPACE_ANNOTATIONS_METRIC - value: {{ (quote .Values.kubecostMetrics.emitNamespaceAnnotations) | default (quote false) }} - - name: EMIT_KSM_V1_METRICS - value: {{ (quote .Values.kubecostMetrics.emitKsmV1Metrics) | default (quote true) }} - - name: EMIT_KSM_V1_METRICS_ONLY # ONLY emit KSM v1 metrics that do not exist in KSM 2 by default - value: {{ (quote .Values.kubecostMetrics.emitKsmV1MetricsOnly) | default (quote false) }} - - name: MAX_QUERY_CONCURRENCY - value: {{ (quote .Values.kubecostModel.maxQueryConcurrency) | default (quote 5) }} - {{- if .Values.global.prometheus.queryServiceBasicAuthSecretName}} - - name: DB_BASIC_AUTH_USERNAME - valueFrom: - secretKeyRef: - name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} - key: USERNAME - - name: DB_BASIC_AUTH_PW - valueFrom: - secretKeyRef: - name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} - key: PASSWORD - {{- end }} - {{- if .Values.global.prometheus.queryServiceBearerTokenSecretName }} - - name: DB_BEARER_TOKEN - valueFrom: - secretKeyRef: - name: {{ .Values.global.prometheus.queryServiceBearerTokenSecretName }} - key: TOKEN - {{- end }} - {{- if .Values.global.prometheus.insecureSkipVerify }} - - name: INSECURE_SKIP_VERIFY - value: {{ (quote .Values.global.prometheus.insecureSkipVerify) }} - {{- end }} - {{- if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }} - - name: CLUSTER_ID - value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} - {{- end }} - {{- if .Values.prometheus.server.clusterIDConfigmap }} - - name: CLUSTER_ID - valueFrom: - configMapKeyRef: - name: {{ .Values.prometheus.server.clusterIDConfigmap }} - key: CLUSTER_ID - {{- end }} - {{- if .Values.kubecostModel.promClusterIDLabel }} - - name: PROM_CLUSTER_ID_LABEL - value: {{ .Values.kubecostModel.promClusterIDLabel }} - {{- end }} - - name: RELEASE_NAME - value: {{ .Release.Name }} - - name: KUBECOST_NAMESPACE - value: {{ .Release.Namespace }} - - name: KUBECOST_TOKEN - valueFrom: - configMapKeyRef: - name: {{ template "cost-analyzer.fullname" . }} - key: kubecost-token - {{- if .Values.kubecostMetrics.exporter.priorityClassName }} - priorityClassName: {{ .Values.kubecostMetrics.exporter.priorityClassName }} - {{- end }} - {{- with .Values.kubecostMetrics.exporter.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.kubecostMetrics.exporter.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.kubecostMetrics.exporter.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-monitor-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-monitor-template.yaml deleted file mode 100644 index 493f200ffb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-monitor-template.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- if .Values.kubecostMetrics }} -{{- if .Values.kubecostMetrics.exporter }} -{{- if .Values.kubecostMetrics.exporter.enabled }} -{{- if .Values.kubecostMetrics.exporter.serviceMonitor }} -{{- if .Values.kubecostMetrics.exporter.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "kubecost.kubeMetricsName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if .Values.kubecostMetrics.exporter.serviceMonitor.additionalLabels }} - {{ toYaml .Values.kubecostMetrics.exporter.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: tcp-metrics - honorLabels: true - interval: 1m - scrapeTimeout: 10s - path: /metrics - scheme: http - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - app: {{ include "kubecost.kubeMetricsName" . }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} - diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-template.yaml deleted file mode 100644 index e18c5264d8..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-metrics-service-template.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if .Values.kubecostMetrics }} -{{- if .Values.kubecostMetrics.exporter }} -{{- if .Values.kubecostMetrics.exporter.enabled }} -{{- $prometheusScrape := ternary .Values.kubecostMetrics.exporter.prometheusScrape true (kindIs "bool" .Values.kubecostMetrics.exporter.prometheusScrape) }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "kubecost.kubeMetricsName" . }} - labels: -{{ include "cost-analyzer.commonLabels" . | nindent 4 }} -{{- if (or .Values.kubecostMetrics.exporter.service.annotations $prometheusScrape) }} - annotations: -{{- if .Values.kubecostMetrics.exporter.service.annotations }} -{{ toYaml .Values.kubecostMetrics.exporter.service.annotations | indent 4 }} -{{- end }} -{{- if $prometheusScrape }} - prometheus.io/scrape: "true" - prometheus.io/port: {{ (quote .Values.kubecostMetrics.exporter.port) | default (quote 9005) }} -{{- end }} -{{- end }} -spec: - ports: - - name: tcp-metrics - port: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} - protocol: TCP - targetPort: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} - selector: - app: {{ template "kubecost.kubeMetricsName" . }} - type: ClusterIP -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-oidc-secret-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-oidc-secret-template.yaml deleted file mode 100644 index 17072a6cbc..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-oidc-secret-template.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.oidc }} -{{- if .Values.oidc.secretName }} -{{- if .Values.oidc.clientSecret }} -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ .Values.oidc.secretName }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -stringData: - clientSecret: {{ .Values.oidc.clientSecret }} -{{- end -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-priority-class-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-priority-class-template.yaml deleted file mode 100644 index 41c4fd7a9d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/kubecost-priority-class-template.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.priority }} -{{- if .Values.priority.enabled }} -{{- if eq (len .Values.priority.name) 0 }} -apiVersion: {{ include "cost-analyzer.priorityClass.apiVersion" . }} -kind: PriorityClass -metadata: - name: {{ template "cost-analyzer.fullname" . }}-priority - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} -value: {{ .Values.priority.value | default "1000000" }} -globalDefault: false -description: "Priority class for scheduling the cost-analyzer pod" -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-psp.template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-psp.template.yaml deleted file mode 100644 index 6b285ddcd4..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-psp.template.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if .Values.networkCosts }} -{{- if .Values.networkCosts.enabled }} -{{- if .Values.networkCosts.podSecurityPolicy }} -{{- if .Values.networkCosts.podSecurityPolicy.enabled }} -apiVersion: {{ include "cost-analyzer.podSecurityPolicy.apiVersion" . }} -kind: PodSecurityPolicy -metadata: - name: {{ template "cost-analyzer.fullname" . }}-network-costs - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 6 }} -spec: - privileged: true - hostNetwork: true - allowedHostPaths: - {{- if .Values.networkCosts.hostProc }} - - pathPrefix: {{ default "/proc" .Values.networkCosts.hostProc.hostPath }} - readOnly: false - {{- else }} - - pathPrefix: /proc - readOnly: false - {{- end }} - hostPorts: - - min: 1 - max: 65535 - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - runAsUser: - rule: RunAsAny - fsGroup: - rule: RunAsAny - volumes: - - '*' -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-role.template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-role.template.yaml deleted file mode 100644 index 9687607de5..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-role.template.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if .Values.networkCosts }} -{{- if .Values.networkCosts.enabled }} -{{- if .Values.networkCosts.podSecurityPolicy }} -{{- if .Values.networkCosts.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "cost-analyzer.fullname" . }}-network-costs - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - annotations: -{{- if .Values.networkCosts.podSecurityPolicy.annotations }} -{{ toYaml .Values.networkCosts.podSecurityPolicy.annotations | indent 4 }} -{{- end }} -rules: -- apiGroups: ['extensions'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "cost-analyzer.fullname" . }}-network-costs -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-rolebinding.template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-rolebinding.template.yaml deleted file mode 100644 index 964c5b7783..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-rolebinding.template.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.networkCosts }} -{{- if .Values.networkCosts.enabled }} -{{- if .Values.networkCosts.podSecurityPolicy }} -{{- if .Values.networkCosts.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "cost-analyzer.fullname" . }}-network-costs - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 6 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "cost-analyzer.fullname" . }}-network-costs -subjects: -- kind: ServiceAccount - name: {{ template "cost-analyzer.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-servicemonitor-template.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-servicemonitor-template.yaml deleted file mode 100644 index dfc7cfecc5..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/templates/network-costs-servicemonitor-template.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.serviceMonitor.networkCosts.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "cost-analyzer.networkCostsName" . }} - labels: - {{ include "cost-analyzer.commonLabels" . | nindent 4 }} - {{- if .Values.serviceMonitor.networkCosts.additionalLabels }} - {{ toYaml .Values.serviceMonitor.networkCosts.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - honorLabels: true - interval: 1m - scrapeTimeout: {{ .Values.serviceMonitor.networkCosts.scrapeTimeout }} - path: /metrics - scheme: http - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - app: {{ include "cost-analyzer.networkCostsName" . }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-agent.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-agent.yaml deleted file mode 100644 index a09462dc34..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-agent.yaml +++ /dev/null @@ -1,82 +0,0 @@ -# Kubecost running as an Agent is designed for external hosting. The current setup deploys a -# kubecost-agent pod, low data retention prometheus server + thanos sidecar, and node-exporter. -global: - thanos: - enabled: false - grafana: - enabled: false - proxy: false - -# Agent enables specific features designed to enhance the metrics exporter deployment -# with enhancements designed for external hosting. -agent: true -# agentKeySecretName: kubecost-agent-object-store - -# No Grafana configuration is required. -grafana: - sidecar: - dashboards: - enabled: false - datasources: - defaultDatasourceEnabled: false - -# Exporter Pod -kubecostMetrics: - exporter: - enabled: true - exportClusterInfo: true - exportClusterCache: true - -# Prometheus defaults to low rentention (10h), disables KSM, and attaches a thanos-sidecar -# for exporting metrics. -prometheus: - kube-state-metrics: - enabled: false - disabled: true - - server: - extraArgs: - storage.tsdb.min-block-duration: 2h - storage.tsdb.max-block-duration: 2h - storage.tsdb.retention: 10h - securityContext: - runAsNonRoot: true - runAsUser: 1001 - extraSecretMounts: - - name: object-store-volume - mountPath: /etc/thanos/config - readOnly: true - secretName: kubecost-agent-object-store - enableAdminApi: true - sidecarContainers: - - name: thanos-sidecar - image: thanosio/thanos:v0.22.0 - securityContext: - runAsNonRoot: true - runAsUser: 1001 - args: - - sidecar - - --log.level=debug - - --tsdb.path=/data/ - - --prometheus.url=http://127.0.0.1:9090 - - --objstore.config-file=/etc/thanos/config/object-store.yaml - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - name: sidecar-http - containerPort: 10902 - - name: grpc - containerPort: 10901 - - name: cluster - containerPort: 10900 - volumeMounts: - - name: config-volume - mountPath: /etc/prometheus - - name: storage-volume - mountPath: /data - subPath: "" - - name: object-store-volume - mountPath: /etc/thanos/config diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-amp.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-amp.yaml deleted file mode 100644 index 4242ba3002..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-amp.yaml +++ /dev/null @@ -1,20 +0,0 @@ -global: - amp: - enabled: true - prometheusServerEndpoint: http://localhost:8005/workspaces/$ - remoteWriteService: https://aps-workspaces.us-west-2.amazonaws.com/workspaces/$/api/v1/remote_write - sigv4: - region: us-west-2 - -sigV4Proxy: - region: us-west-2 - host: aps-workspaces.us-west-2.amazonaws.com - -kubecostProductConfigs: - clusterName: AWS-cluster-one - -prometheus: - server: - global: - external_labels: - cluster_id: AWS-cluster-one \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-eks-cost-monitoring.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-eks-cost-monitoring.yaml deleted file mode 100644 index f431790e28..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-eks-cost-monitoring.yaml +++ /dev/null @@ -1,181 +0,0 @@ -global: - grafana: - enabled: false - proxy: false - -pricingCsv: - enabled: false - location: - provider: "AWS" - region: "us-east-1" - URI: s3://kc-csv-test/pricing_schema.csv # a valid file URI - csvAccessCredentials: pricing-schema-access-secret - -nodeSelector: {} - -tolerations: [] -# - key: "key" -# operator: "Equal|Exists" -# value: "value" -# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - -affinity: {} - -# If true, creates a PriorityClass to be used by the cost-analyzer pod -priority: - enabled: false - # value: 1000000 - -# If true, enable creation of NetworkPolicy resources. -networkPolicy: - enabled: false - -podSecurityPolicy: - enabled: false - -imageVersion: prod-1.97.0 -kubecostFrontend: - image: public.ecr.aws/kubecost/frontend - imagePullPolicy: Always - resources: - requests: - cpu: "10m" - memory: "55Mi" - #limits: - # cpu: "100m" - # memory: "256Mi" - -kubecostModel: - image: public.ecr.aws/kubecost/cost-model - imagePullPolicy: Always - warmCache: true - warmSavingsCache: true - etl: true - # The total number of days the ETL storage will build - etlStoreDurationDays: 120 - maxQueryConcurrency: 5 - # utcOffset represents a timezone in hours and minutes east (+) or west (-) - # of UTC, itself, which is defined as +00:00. - # See the tz database of timezones to look up your local UTC offset: - # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - utcOffset: "+00:00" - resources: - requests: - cpu: "200m" - memory: "55Mi" - #limits: - # cpu: "800m" - # memory: "256Mi" - -serviceAccount: - create: true # Set this to false if you're bringing your own service account. - annotations: {} - # name: kc-test - -# Define persistence volume for cost-analyzer -persistentVolume: - size: 32Gi - dbSize: 32.0Gi - enabled: true # Note that setting this to false means configurations will be wiped out on pod restart. - # storageClass: "-" # - # existingClaim: kubecost-cost-analyzer # a claim in the same namespace as kubecost - -ingress: - enabled: false - # className: nginx - annotations: - kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - paths: ["/"] # There's no need to route specifically to the pods-- we have an nginx deployed that handles routing - hosts: - - cost-analyzer.local - tls: [] - # - secretName: cost-analyzer-tls - # hosts: - # - cost-analyzer.local - -service: - type: ClusterIP - port: 9090 - targetPort: 9090 - # nodePort: - labels: {} - annotations: {} - -prometheus: - server: - # If clusterIDConfigmap is defined, instead use user-generated configmap with key CLUSTER_ID - # to use as unique cluster ID in kubecost cost-analyzer deployment. - # This overrides the cluster_id set in prometheus.server.global.external_labels. - # NOTE: This does not affect the external_labels set in prometheus config. - # clusterIDConfigmap: cluster-id-configmap - image: - repository: public.ecr.aws/kubecost/prometheus - tag: v2.35.0 - resources: {} - # limits: - # cpu: 500m - # memory: 512Mi - # requests: - # cpu: 500m - # memory: 512Mi - global: - scrape_interval: 1m - scrape_timeout: 10s - evaluation_interval: 1m - external_labels: - cluster_id: cluster-one # Each cluster should have a unique ID - persistentVolume: - size: 32Gi - enabled: true - extraArgs: - query.max-concurrency: 1 - query.max-samples: 100000000 - tolerations: [] - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - - configmapReload: - prometheus: - ## If false, the configmap-reload container will not be deployed - ## - enabled: true - - ## configmap-reload container name - ## - name: configmap-reload - ## configmap-reload container image - ## - image: - repository: public.ecr.aws/bitnami/configmap-reload - tag: 0.7.1 - pullPolicy: IfNotPresent - ## Additional configmap-reload container arguments - ## - extraArgs: {} - ## Additional configmap-reload volume directories - ## - extraVolumeDirs: [] - ## Additional configmap-reload mounts - ## - extraConfigmapMounts: [] - # - name: prometheus-alerts - # mountPath: /etc/alerts.d - # subPath: "" - # configMap: prometheus-alerts - # readOnly: true - ## configmap-reload resource requests and limits - ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: {} - - kube-state-metrics: - disabled: false - nodeExporter: - enabled: false - - -reporting: - productAnalytics: false diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-thanos.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-thanos.yaml deleted file mode 100644 index 3ea765ea15..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-thanos.yaml +++ /dev/null @@ -1,144 +0,0 @@ -global: - thanos: - enabled: true - -# For Thanos Installs, Allow Higher Concurrency from Cost-Model -# Still may require tweaking for some installs, but the thanos-query-frontend -# will greatly assist in reduction memory bloat in query. -kubecostModel: - maxQueryConcurrency: 5 - # This configuration is applied to thanos only. Expresses the resolution to - # use for longer query ranges. Options: raw, 5m, 1h - Default: raw - maxSourceResolution: 5m - -prometheus: - server: - extraArgs: - storage.tsdb.min-block-duration: 2h - storage.tsdb.max-block-duration: 2h - storage.tsdb.retention: 2w - securityContext: - runAsNonRoot: true - runAsUser: 1001 - extraVolumes: - - name: object-store-volume - secret: - # Ensure this secret name matches thanos.storeSecretName - secretName: kubecost-thanos - enableAdminApi: true - sidecarContainers: - - name: thanos-sidecar - image: thanosio/thanos:v0.24.0 - securityContext: - runAsNonRoot: true - runAsUser: 1001 - args: - - sidecar - - --log.level=debug - - --tsdb.path=/data/ - - --prometheus.url=http://127.0.0.1:9090 - - --objstore.config-file=/etc/config/object-store.yaml - # Start of time range limit to serve. Thanos sidecar will serve only metrics, which happened - # later than this value. Option can be a constant time in RFC3339 format or time duration - # relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y. - - --min-time=-3h - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - ports: - - name: http - containerPort: 10902 - - name: grpc - containerPort: 10901 - - name: cluster - containerPort: 10900 - volumeMounts: - - name: config-volume - mountPath: /etc/prometheus - - name: storage-volume - mountPath: /data - subPath: "" - - name: object-store-volume - mountPath: /etc/config - -thanos: - store: - enabled: true - grpcSeriesMaxConcurrency: 20 - blockSyncConcurrency: 20 - extraEnv: - - name: GOGC - value: "100" - - name: GODEBUG - value: "madvdontneed=1" - resources: - requests: - memory: "2.5Gi" - query: - enabled: true - timeout: 3m - # Maximum number of queries processed concurrently by query node. - maxConcurrent: 8 - # Maximum number of select requests made concurrently per a query. - maxConcurrentSelect: 2 - resources: - requests: - memory: "2.5Gi" - autoDownsampling: false - extraEnv: - - name: GOGC - value: "100" - - name: GODEBUG - value: "madvdontneed=1" - - # Thanos Query Frontend - queryFrontend: - enabled: true - compressResponses: true - # Downstream Tripper Configuration - downstreamTripper: - enabled: true - idleConnectionTimeout: 90s - responseHeaderTimeout: 2m - tlsHandshakeTimeout: 10s - expectContinueTimeout: 1s - maxIdleConnections: 200 - maxIdleConnectionsPerHost: 100 - maxConnectionsPerHost: 0 - # Response Cache Configuration - # Configure either a max size constraint or max items. - responseCache: - enabled: true - # Maximum memory size of the cache in bytes. A unit suffix (KB, MB, GB) may be applied. - maxSize: 1.25GB - # Maximum number of entries in the cache. - maxSizeItems: 0 - # The expiry duration for the cache. - validity: 2m - extraEnv: - - name: GOGC - value: "100" - - name: GODEBUG - value: "madvdontneed=1" - resources: - requests: - memory: "1.5Gi" - - # Thanos Sidecar Service Discovery - # Disabling removes the prometheus sidecar from querier store discovery. This ensures - # that all clusters read from the same data in remote store. - sidecar: - enabled: true - bucket: - enabled: false - compact: - enabled: true - dataVolume: - persistentVolumeClaim: - claimName: compact-data-volume - storage: 100Gi - # This secret name should match the sidecar configured secret name volume - # in the prometheus.server.extraVolumes entry - storeSecretName: kubecost-thanos diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-windows-node-affinity.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-windows-node-affinity.yaml deleted file mode 100644 index 0cb1047302..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values-windows-node-affinity.yaml +++ /dev/null @@ -1,50 +0,0 @@ -kubecostMetrics: - exporter: - nodeSelector: - kubernetes.io/os: linux - -nodeSelector: - kubernetes.io/os: linux - -networkCosts: - nodeSelector: - kubernetes.io/os: linux - -prometheus: - server: - nodeSelector: - kubernetes.io/os: linux - kube-state-metrics: - nodeSelector: - kubernetes.io/os: linux - nodeExporter: - enabled: true - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/os - operator: In - values: - - linux -grafana: - nodeSelector: - kubernetes.io/os: linux - -thanos: - store: - nodeSelector: - kubernetes.io/os: linux - queryFrontend: - nodeSelector: - kubernetes.io/os: linux - query: - nodeSelector: - kubernetes.io/os: linux - compact: - nodeSelector: - kubernetes.io/os: linux - bucket: - nodeSelector: - kubernetes.io/os: linux \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values.yaml b/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values.yaml deleted file mode 100755 index 5b92f3556e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cost-analyzer/values.yaml +++ /dev/null @@ -1,869 +0,0 @@ -namespace: monitoring - -global: - # zone: cluster.local (use only if your DNS server doesn't live in the same zone as kubecost) - prometheus: - enabled: false # If false, Prometheus will not be installed -- please read this before disabling: https://github.com/kubecost/docs/blob/main/custom-prom.md - fqdn: http://prometheus-prometheus.monitoring:9090 #example address of a prometheus to connect to. Include protocol (http:// or https://) Ignored if enabled: true - # insecureSkipVerify : false # If true, kubecost will not check the TLS cert of prometheus - # queryServiceBasicAuthSecretName: dbsecret # kubectl create secret generic dbsecret -n kubecost --from-file=USERNAME --from-file=PASSWORD - # queryServiceBearerTokenSecretName: mcdbsecret # kubectl create secret generic mcdbsecret -n kubecost --from-file=TOKEN - - # Durable storage option, product key required - thanos: - enabled: false - # queryService: http://kubecost-thanos-query-frontend-http.kubecost:{{ .Values.thanos.queryFrontend.http.port }} # an address of the thanos query-frontend endpoint, if different from installed thanos - # queryServiceBasicAuthSecretName: mcdbsecret # kubectl create secret generic mcdbsecret -n kubecost --from-file=USERNAME --from-file=PASSWORD <---enter basic auth credentials like that - # queryServiceBearerTokenSecretName mcdbsecret # kubectl create secret generic mcdbsecret -n kubecost --from-file=TOKEN - # queryOffset: 3h # The offset to apply to all thanos queries in order to achieve syncronization on all cluster block stores - - grafana: - enabled: false # If false, Grafana will not be installed - domainName: cost-analyzer-grafana.default.svc #example grafana domain Ignored if enabled: true - scheme: "http" # http or https, for the domain name above. - proxy: false # If true, the kubecost frontend will route to your grafana through its service endpoint -# fqdn: cost-analyzer-grafana.default.svc - - # Amazon Managed Service for Prometheus - amp: - enabled: false # If true, kubecost will be configured to remote_write and query from Amazon Managed Service for Prometheus. - prometheusServerEndpoint: https://localhost:8085// # The prometheus service endpoint used by kubecost. The calls are forwarded through the SigV4Proxy side car to the AMP workspace. - remoteWriteService: https://aps-workspaces.us-west-2.amazonaws.com/workspaces//api/v1/remote_write # The remote_write endpoint for the AMP workspace. - sigv4: - region: us-west-2 - # access_key: ACCESS_KEY # AWS Access key - # secret_key: SECRET_KEY # AWS Secret key - # role_arn: ROLE_ARN # AWS role arn - # profile: PROFILE # AWS profile - - notifications: - # Kubecost alerting configuration - # Ref: http://docs.kubecost.com/alerts - # alertConfigs: - # frontendUrl: http://localhost:9090 # optional, used for linkbacks - # globalSlackWebhookUrl: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX # optional, used for Slack alerts - # globalAlertEmails: - # - recipient@example.com - # - additionalRecipient@example.com - # Alerts generated by kubecost, about cluster data - # alerts: - # Daily namespace budget alert on namespace `kubecost` - # - type: budget # supported: budget, recurringUpdate - # threshold: 50 # optional, required for budget alerts - # window: daily # or 1d - # aggregation: namespace - # filter: kubecost - # ownerContact: # optional, overrides globalAlertEmails default - # - owner@example.com - # - owner2@example.com - # # optional, used for alert-specific Slack alerts - # slackWebhookUrl: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX - - # Daily cluster budget alert on cluster `cluster-one` - # - type: budget - # threshold: 200.8 # optional, required for budget alerts - # window: daily # or 1d - # aggregation: cluster - # filter: cluster-one # does not accept csv - - # Recurring weekly update (weeklyUpdate alert) - # - type: recurringUpdate - # window: weekly # or 7d - # aggregation: namespace - # filter: '*' - - # Recurring weekly namespace update on kubecost namespace - # - type: recurringUpdate - # window: weekly # or 7d - # aggregation: namespace - # filter: kubecost - - # Spend Change Alert - # - type: spendChange # change relative to moving avg - # relativeThreshold: 0.20 # Proportional change relative to baseline. Must be greater than -1 (can be negative) - # window: 1d # accepts ‘d’, ‘h’ - # baselineWindow: 30d # previous window, offset by window - # aggregation: namespace - # filter: kubecost, default # accepts csv - - # Health Score Alert - # - type: health # Alerts when health score changes by a threshold - # window: 10m - # threshold: 5 # Send Alert if health scores changes by 5 or more - - # Kubecost Health Diagnostic - # - type: diagnostic # Alerts when kubecost is is unable to compute costs - ie: Prometheus unreachable - # window: 10m - - alertmanager: # Supply an alertmanager FQDN to receive notifications from the app. - enabled: false # If true, allow kubecost to write to your alertmanager - fqdn: http://prometheus-alertmanager.monitoring:9093 #example fqdn. Ignored if prometheus.enabled: true - - # Set saved report(s) accessible from reports.html - # Ref: http://docs.kubecost.com/saved-reports - savedReports: - enabled: false # If true, overwrites report parameters set through UI - reports: - - title: "Example Saved Report 0" - window: "today" - aggregateBy: "namespace" - idle: "separate" - accumulate: false # daily resolution - filters: - - property: "cluster" - value: "cluster-one,cluster*" # supports wildcard filtering and multiple comma separated values - - property: "namespace" - value: "kubecost" - - title: "Example Saved Report 1" - window: "month" - aggregateBy: "controllerKind" - idle: "share" - accumulate: false - filters: - - property: "label" - value: "app:cost*,environment:kube*" - - property: "namespace" - value: "kubecost" - - title: "Example Saved Report 2" - window: "2020-11-11T00:00:00Z,2020-12-09T23:59:59Z" - aggregateBy: "service" - idle: "hide" - accumulate: true # entire window resolution - filters: [] # if no filters, specify empty array - - # Set saved report(s) accessible from reports.html - # Ref: http://docs.kubecost.com/saved-reports - assetReports: - enabled: false # If true, overwrites report parameters set through UI - reports: - - title: "Example Asset Report 0" - window: "today" - aggregateBy: "type" - accumulate: false # daily resolution - filters: - - property: "cluster" - value: "cluster-one" - - podAnnotations: {} - # iam.amazonaws.com/role: role-arn - additionalLabels: {} - -# generated at http://kubecost.com/install, used for alerts tracking and free trials -kubecostToken: # "" - -# Advanced pipeline for custom prices, enterprise key required -pricingCsv: - enabled: false - location: - provider: "AWS" - region: "us-east-1" - URI: s3://kc-csv-test/pricing_schema.csv # a valid file URI - csvAccessCredentials: pricing-schema-access-secret - -# SAML integration for user management and RBAC, enterprise key required -# Ref: https://github.com/kubecost/docs/blob/master/user-management.md -saml: - enabled: false - secretName: "kubecost-authzero" - #metadataSecretName: "kubecost-authzero-metadata" # One of metadataSecretName or idpMetadataURL must be set. defaults to metadataURL if set - idpMetadataURL: "https://dev-elu2z98r.auth0.com/samlp/metadata/c6nY4M37rBP0qSO1IYIqBPPyIPxLS8v2" - appRootURL: "http://localhost:9090" # sample URL - authTimeout: 1440 # number of minutes the JWT will be valid - redirectURL: "https://dev-elu2z98r.auth0.com/v2/logout" # callback URL redirected to after logout - # audienceURI: "http://localhost:9090" # by convention, the same as the appRootURL, but any string uniquely identifying kubecost to your samp IDP. Optional if you follow the convention - # nameIDFormat: "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" If your SAML provider requires a specific nameid format - # isGLUUProvider: false # An additional URL parameter must be appended for GLUU providers - rbac: - enabled: false - groups: - - name: admin - enabled: false # if admin is disabled, all SAML users will be able to make configuration changes to the kubecost frontend - assertionName: "http://schemas.auth0.com/userType" # a SAML Assertion, one of whose elements has a value that matches on of the values in assertionValues - assertionValues: - - "admin" - - "superusers" - - name: readonly - enabled: false # if readonly is disabled, all users authorized on SAML will default to readonly - assertionName: "http://schemas.auth0.com/userType" - assertionvalues: - - "readonly" - - name: editor - enabled: true # if editor is enabled, editors will be allowed to edit reports/alerts scoped to them, and act as readers otherwise. Users will never default to editor. - assertionName: "http://schemas.auth0.com/userType" - assertionValues: - - "editor" - -oidc: - enabled: false - clientID: "" # application/client client_id paramter obtained from provider, used to make requests to server - clientSecret: "" # application/client client_secret paramter obtained from provider, used to make requests to server - secretName: "kubecost-oidc-secret" # k8s secret where clientsecret will be stored - authURL: "https://my.auth.server/authorize" # endpoint for login to auth server - loginRedirectURL: "http://my.kubecost.url/model/oidc/authorize" # Kubecost url configured in provider for redirect after authentication - discoveryURL: "https://my.auth.server/.well-known/openid-configuration" # url for OIDC endpoint discovery -# hostedDomain: "example.com" # optional, blocks access to the auth domain specified in the hd claim of the provider ID token - -# Adds an httpProxy as an environment variable. systemProxy.enabled must be `true`to have any effect. -# Ref: https://www.oreilly.com/library/view/security-with-go/9781788627917/5ea6a02b-3d96-44b1-ad3c-6ab60fcbbe4f.xhtml -systemProxy: - enabled: false - httpProxyUrl: "" - httpsProxyUrl: "" - noProxy: "" - -# imagePullSecrets: -# - name: "image-pull-secret" - -kubecostFrontend: - image: "gcr.io/kubecost1/frontend" - imagePullPolicy: Always - # extraEnv: - # - name: NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE - # value: "1" - # securityContext: - # readOnlyRootFilesystem: true - resources: - requests: - cpu: "10m" - memory: "55Mi" - #limits: - # cpu: "100m" - # memory: "256Mi" - ipv6: - enabled: true # disable if the cluster does not support ipv6 -# api: -# fqdn: kubecost-api.kubecost.svc.cluster.local:9001 -# model: -# fqdn: kubecost-model.kubecost.svc.cluster.local:9003 - -# Kubecost Metrics deploys a separate pod which will emit kubernetes specific metrics required -# by the cost-model. This pod is designed to remain active and decoupled from the cost-model itself. -# However, disabling this service/pod deployment will flag the cost-model to emit the metrics instead. -kubecostMetrics: - # emitPodAnnotations: false - # emitNamespaceAnnotations: false - # emitKsmV1Metrics: true # emit all KSM metrics in KSM v1. - # emitKsmV1MetricsOnly: false # emit only the KSM metrics missing from KSM v2. Advanced users only. - - # Optional - # The metrics exporter is a separate deployment and service (for prometheus scrape auto-discovery) - # which emits metrics cost-model relies on. Enabling this deployment also removes the KSM dependency - # from the cost-model. If the deployment is not enabled, the metrics will continue to be emitted from - # the cost-model. - exporter: - enabled: false - port: 9005 - # Adds the default Prometheus scrape annotations to the metrics exporter service. - # Set to false and use service.annotations (below) to set custom scrape annotations. - prometheusScrape: true - resources: {} - # requests: - # cpu: "200m" - # memory: "55Mi" - ## Node tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - tolerations: [] - - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - affinity: {} - - service: - annotations: {} - - # Service Monitor for Kubecost Metrics - serviceMonitor: # the kubecost included prometheus uses scrapeConfigs and does not support service monitors. The following options assume an existing prometheus that supports serviceMonitors. - enabled: false - additionalLabels: {} - networkCosts: - enabled: false - scrapeTimeout: 10s - additionalLabels: {} - ## PriorityClassName - ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass - priorityClassName: [] - additionalLabels: {} - nodeSelector: {} - extraArgs: [] - -sigV4Proxy: - image: public.ecr.aws/aws-observability/aws-sigv4-proxy:latest - imagePullPolicy: Always - name: aps - port: 8005 - region: us-west-2 # The AWS region - host: aps-workspaces.us-west-2.amazonaws.com # The hostname for AMP service. - # role_arn: arn:aws:iam:::role/role-name # The AWS IAM role to assume. - extraEnv: # Pass extra env variables to sigV4Proxy - # - name: AWS_ACCESS_KEY_ID - # value: - # - name: AWS_SECRET_ACCESS_KEY - # value: - -kubecostModel: - image: "gcr.io/kubecost1/cost-model" - imagePullPolicy: Always - # extraEnv: - # - name: SOME_VARIABLE - # value: "some_value" - # securityContext: - # readOnlyRootFilesystem: true - # Enables the emission of the kubecost_cloud_credit_total and - # kubecost_cloud_expense_total metrics - outOfClusterPromMetricsEnabled: false - # Build local cost allocation cache - warmCache: false - # Build local savings cache - warmSavingsCache: true - # Run allocation ETL pipelines - etl: true - # Enable the ETL filestore backing storage - etlFileStoreEnabled: true - # The total number of days the ETL pipelines will build - # Set to 0 to disable daily ETL (not recommended) - etlDailyStoreDurationDays: 91 - # The total number of hours the ETL pipelines will build - # Set to 0 to disable hourly ETL (not recommended) - etlHourlyStoreDurationHours: 49 - # For deploying kubecost in a cluster that does not self-monitor - etlReadOnlyMode: false - - # Enables or disables the ContainerStats pipeline, used for quantile-based - # queries like for request sizing recommendations. - # ContainerStats provides support for quantile-based request right-sizing - # recommendations. - # - # It is disabled by default to avoid problems in extremely high-scale Thanos - # environments. If you would like to try quantile-based request-sizing - # recommendations, enable this! If you are in a high-scale environment, - # please monitor Kubecost logs, Thanos query logs, and Thanos load closely. - # We hope to make major improvements at scale here soon! - # - # containerStatsEnabled: false - - # max number of concurrent Prometheus queries - maxQueryConcurrency: 5 - resources: - requests: - cpu: "200m" - memory: "55Mi" - #limits: - # cpu: "800m" - # memory: "256Mi" - extraArgs: [] - -# Basic Kubecost ingress, more examples available at https://github.com/kubecost/docs/blob/master/ingress-examples.md -ingress: - enabled: false - # className: nginx - annotations: - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - paths: ["/"] # There's no need to route specifically to the pods-- we have an nginx deployed that handles routing - pathType: ImplementationSpecific - hosts: - - cost-analyzer.local - tls: [] - # - secretName: cost-analyzer-tls - # hosts: - # - cost-analyzer.local - -nodeSelector: {} - -tolerations: [] -# - key: "key" -# operator: "Equal|Exists" -# value: "value" -# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - -affinity: {} - -# If true, creates a PriorityClass to be used by the cost-analyzer pod -priority: - enabled: false - name: "" # Provide name of existing priority class only. If left blank, upstream chart will create one from default template. - # value: 1000000 - -# If true, enable creation of NetworkPolicy resources. -networkPolicy: - enabled: false - denyEgress: true # create a network policy that denies egress from kubecost - sameNamespace: true # Set to true if cost analyser and prometheus are on the same namespace -# namespace: kubecost # Namespace where prometheus is installed - - # Cost-analyzer specific vars using the new template - costAnalyzer: - enabled: false # If true, create a newtork policy for cost-analzyer - annotations: {} # annotations to be added to the network policy - additionalLabels: {} # additional labels to be added to the network policy - # Examples rules: - # ingressRules: - # - selectors: # allow ingress from self on all ports - # - podSelector: - # matchLabels: - # app.kubernetes.io/name: cost-analyzer - # - selectors: # allow egress access to prometheus - # - namespaceSelector: - # matchLabels: - # name: prometheus - # podSelector: - # matchLabels: - # app: prometheus - # ports: - # - protocol: TCP - # port: 9090 - # egressRules: - # - selectors: # restrict egress to inside cluster - # - namespaceSelector: {} - -podSecurityPolicy: - enabled: true - -## @param extraVolumes A list of volumes to be added to the pod -## -extraVolumes: [] -## @param extraVolumeMounts A list of volume mounts to be added to the pod -## -extraVolumeMounts: [] - -# Define persistence volume for cost-analyzer, more information at https://github.com/kubecost/docs/blob/master/storage.md -persistentVolume: - size: 10Gi - dbSize: 32.0Gi - enabled: true # Note that setting this to false means configurations will be wiped out on pod restart. - # storageClass: "-" # - # existingClaim: kubecost-cost-analyzer # a claim in the same namespace as kubecost - -service: - type: ClusterIP - port: 9090 - targetPort: 9090 - # nodePort: - labels: {} - annotations: {} - -# Enabling long-term durable storage with Postgres requires an enterprise license -remoteWrite: - postgres: - enabled: false - initImage: "gcr.io/kubecost1/sql-init" - initImagePullPolicy: Always - installLocal: true - remotePostgresAddress: "" # ignored if installing locally - persistentVolume: - size: 200Gi - auth: - password: admin # change me - -prometheus: - extraScrapeConfigs: | - - job_name: kubecost - honor_labels: true - scrape_interval: 1m - scrape_timeout: 60s - metrics_path: /metrics - scheme: http - dns_sd_configs: - - names: - - {{ template "cost-analyzer.serviceName" . }} - type: 'A' - port: 9003 - - job_name: kubecost-networking - kubernetes_sd_configs: - - role: pod - relabel_configs: - # Scrape only the the targets matching the following metadata - - source_labels: [__meta_kubernetes_pod_label_app] - action: keep - regex: {{ template "cost-analyzer.networkCostsName" . }} - server: - # If clusterIDConfigmap is defined, instead use user-generated configmap with key CLUSTER_ID - # to use as unique cluster ID in kubecost cost-analyzer deployment. - # This overrides the cluster_id set in prometheus.server.global.external_labels. - # NOTE: This does not affect the external_labels set in prometheus config. - # clusterIDConfigmap: cluster-id-configmap - - resources: {} - # limits: - # cpu: 500m - # memory: 512Mi - # requests: - # cpu: 500m - # memory: 512Mi - global: - scrape_interval: 1m - scrape_timeout: 60s - evaluation_interval: 1m - external_labels: - cluster_id: cluster-one # Each cluster should have a unique ID - persistentVolume: - size: 32Gi - enabled: true - extraArgs: - query.max-concurrency: 1 - query.max-samples: 100000000 - tolerations: [] - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - alertmanager: - enabled: false - persistentVolume: - enabled: true - # node-export must be disabled if there is an existing daemonset: https://guide.kubecost.com/hc/en-us/articles/4407601830679-Troubleshoot-Install#a-name-node-exporter-a-issue-failedscheduling-kubecost-prometheus-node-exporter - nodeExporter: - enabled: true - # kubecost emits pre-2.0 KSM metrics, KSM is enabled by default here for backwards compatibity, but can be disabled to save resources without concern to kubecost metrics - kubeStateMetrics: - enabled: true - kube-state-metrics: - disabled: false - pushgateway: - enabled: false - persistentVolume: - enabled: true - serverFiles: - # prometheus.yml: # Sample block -- enable if using an in cluster durable store. - # remote_write: - # - url: "http://pgprometheus-adapter:9201/write" - # write_relabel_configs: - # - source_labels: [__name__] - # regex: 'container_.*_allocation|container_.*_allocation_bytes|.*_hourly_cost|kube_pod_container_resource_requests{resource="memory", unit="byte"}|container_memory_working_set_bytes|kube_pod_container_resource_requests{resource="cpu", unit="core"}|kube_pod_container_resource_requests|pod_pvc_allocation|kube_namespace_labels|kube_pod_labels' - # action: keep - # queue_config: - # max_samples_per_send: 1000 - #remote_read: - # - url: "http://pgprometheus-adapter:9201/read" - rules: - groups: - - name: CPU - rules: - - expr: sum(rate(container_cpu_usage_seconds_total{container_name!=""}[5m])) - record: cluster:cpu_usage:rate5m - - expr: rate(container_cpu_usage_seconds_total{container_name!=""}[5m]) - record: cluster:cpu_usage_nosum:rate5m - - expr: avg(irate(container_cpu_usage_seconds_total{container_name!="POD", container_name!=""}[5m])) by (container_name,pod_name,namespace) - record: kubecost_container_cpu_usage_irate - - expr: sum(container_memory_working_set_bytes{container_name!="POD",container_name!=""}) by (container_name,pod_name,namespace) - record: kubecost_container_memory_working_set_bytes - - expr: sum(container_memory_working_set_bytes{container_name!="POD",container_name!=""}) - record: kubecost_cluster_memory_working_set_bytes - - name: Savings - rules: - - expr: sum(avg(kube_pod_owner{owner_kind!="DaemonSet"}) by (pod) * sum(container_cpu_allocation) by (pod)) - record: kubecost_savings_cpu_allocation - labels: - daemonset: "false" - - expr: sum(avg(kube_pod_owner{owner_kind="DaemonSet"}) by (pod) * sum(container_cpu_allocation) by (pod)) / sum(kube_node_info) - record: kubecost_savings_cpu_allocation - labels: - daemonset: "true" - - expr: sum(avg(kube_pod_owner{owner_kind!="DaemonSet"}) by (pod) * sum(container_memory_allocation_bytes) by (pod)) - record: kubecost_savings_memory_allocation_bytes - labels: - daemonset: "false" - - expr: sum(avg(kube_pod_owner{owner_kind="DaemonSet"}) by (pod) * sum(container_memory_allocation_bytes) by (pod)) / sum(kube_node_info) - record: kubecost_savings_memory_allocation_bytes - labels: - daemonset: "true" - -## Module for measuring network costs -## Ref: https://github.com/kubecost/docs/blob/master/network-allocation.md -networkCosts: - enabled: false - podSecurityPolicy: - enabled: false - image: gcr.io/kubecost1/kubecost-network-costs:v16.2 - imagePullPolicy: Always - updateStrategy: - type: RollingUpdate - # For existing Prometheus Installs, annotates the Service which generates Endpoints for each of the network-costs pods. - # The Service is annotated with prometheus.io/scrape: "true" to automatically get picked up by the prometheus config. - # NOTE: Setting this option to true and leaving the above extraScrapeConfig "job_name: kubecost-networking" configured will cause the - # NOTE: pods to be scraped twice. - prometheusScrape: false - # Traffic Logging will enable logging the top 5 destinations for each source - # every 30 minutes. - trafficLogging: true - # Port will set both the containerPort and hostPort to this value. - # These must be identical due to network-costs being run on hostNetwork - port: 3001 - resources: {} - #requests: - # cpu: "50m" - # memory: "20Mi" - extraArgs: [] - config: - # Configuration for traffic destinations, including specific classification - # for IPs and CIDR blocks. This configuration will act as an override to the - # automatic classification provided by network-costs. - destinations: - # In Zone contains a list of address/range that will be - # classified as in zone. - in-zone: - # Loopback Addresses in "IANA IPv4 Special-Purpose Address Registry" - - "127.0.0.0/8" - # IPv4 Link Local Address Space - - "169.254.0.0/16" - # Private Address Ranges in RFC-1918 - - "10.0.0.0/8" # Remove this entry if using Multi-AZ Kubernetes - - "172.16.0.0/12" - - "192.168.0.0/16" - - # In Region contains a list of address/range that will be - # classified as in region. This is synonymous with cross - # zone traffic, where the regions between source and destinations - # are the same, but the zone is different. - in-region: [] - - # Cross Region contains a list of address/range that will be - # classified as non-internet egress from one region to another. - cross-region: [] - - # Direct Classification specifically maps an ip address or range - # to a region (required) and/or zone (optional). This classification - # takes priority over in-zone, in-region, and cross-region configurations. - direct-classification: [] - # - region: "us-east1" - # zone: "us-east1-c" - # ips: - # - "10.0.0.0/24" - services: - # google-cloud-services: when set to true, enables labeling traffic metrics with google cloud - # service endpoints - google-cloud-services: false - # amazon-web-services: when set to true, enables labeling traffic metrics with amazon web service - # endpoints. - amazon-web-services: false - # azure-cloud-services: when set to true, enables labeling traffic metrics with azure cloud service - # endpoints - azure-cloud-services: false - # user defined services provide a way to define custom service endpoints which will label traffic metrics - # falling within the defined address range. - #services: - # - service: "test-service-1" - # ips: - # - "19.1.1.2" - # - service: "test-service-2" - # ips: - # - "15.128.15.2" - # - "20.0.0.0/8" - - ## Node tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - tolerations: [] - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - - affinity: {} - - service: - annotations: {} - - ## PriorityClassName - ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass - priorityClassName: [] - ## PodMonitor - ## Allows scraping of network metrics from a dedicated prometheus operator setup - podMonitor: - enabled: false - additionalLabels: {} - additionalLabels: {} - nodeSelector: {} - annotations: {} - -# Kubecost Deployment Configuration -# Used for HA mode in Business & Enterprise tier -kubecostDeployment: - replicas: 1 - leaderFollower: - enabled: false - # deploymentStrategy: - # rollingUpdate: - # maxSurge: 1 - # maxUnavailable: 1 - # type: RollingUpdate - -# Kubecost Cluster Controller for Right Sizing and Cluster Turndown -clusterController: - enabled: false - image: gcr.io/kubecost1/cluster-controller:v0.1.0 - imagePullPolicy: Always -# fqdn: kubecost-cluster-controller.kubecost.svc.cluster.local:9731 - -reporting: - # Kubecost bug report feature: Logs access/collection limited to .Release.Namespace - # Ref: http://docs.kubecost.com/bug-report - logCollection: true - # Basic frontend analytics - productAnalytics: true - - # Report Javascript errors - errorReporting: true - valuesReporting: true - # googleAnalyticsTag allows you to embed your Google Global Site Tag to track usage of Kubecost. - # googleAnalyticsTag is only included in our Enterprise offering. - # googleAnalyticsTag: G-XXXXXXXXX - -serviceMonitor: # the kubecost included prometheus uses scrapeConfigs and does not support service monitors. The following options assume an existing prometheus that supports serviceMonitors. - enabled: false - additionalLabels: {} - networkCosts: - enabled: false - scrapeTimeout: 10s - additionalLabels: {} - -prometheusRule: - enabled: false - additionalLabels: {} - -supportNFS: false -# initChownDataImage ensures all Kubecost filepath permissions on PV or local storage are set up correctly. -initChownDataImage: "busybox" # Supports a fully qualified Docker image, e.g. registry.hub.docker.com/library/busybox:latest -initChownData: - resources: {} - #requests: - # cpu: "50m" - # memory: "20Mi" - - -serviceAccount: - create: true # Set this to false if you're bringing your own service account. - annotations: {} - # name: kc-test -awsstore: - useAwsStore: false - createServiceAccount: false - -federatedETL: - # federatedCluster indicates whether this cluster should push data to the Federated store - federatedCluster: false - # primaryCluster indicates whether this cluster should load data from the combined section of the Federated store - primaryCluster: false - # redirectS3Backup changes the dir of S3 backup to the Federated combined store, for using Thanos-federated data in the Federated ETL - # Note S3 backup should be enabled separately for this. - redirectS3Backup: false - # useExistingS3Config will attempt to use existing object-store.yaml configs for S3 backup/Thanos as config for the Federated store - useExistingS3Config: false - federator: - # federationCutoffDate is an RFC 3339-formatted string. All ETL files with windows that fall before this time are not processed by the Federator. - # If this is not set, the Federator will process all files regardless of date. - # federationCutoffDate: "2022-10-18T00:00:00.000Z" - # federator.enabled enables the federator to run inside the costmodel container, federating the data in the Federated store - enabled: false - # federator.clusters is an optional whitelist of clusters by cluster id. - # If not set, the federator will attempt to federated all clusters pushing to the federated storage. - clusters: [] - -# readonly: false # disable updates to kubecost from the frontend UI and via POST request - -# These configs can also be set from the Settings page in the Kubecost product UI -# Values in this block override config changes in the Settings UI on pod restart -# -# kubecostProductConfigs: -# An optional list of cluster definitions that can be added for frontend access. The local -# cluster is *always* included by default, so this list is for non-local clusters. -# Ref: https://github.com/kubecost/docs/blob/master/multi-cluster.md -# clusters: -# - name: "Cluster A" -# address: http://cluster-a.kubecost.com:9090 -# # Optional authentication credentials - only basic auth is currently supported. -# auth: -# type: basic -# # Secret name should be a secret formatted based on: https://github.com/kubecost/docs/blob/master/ingress-examples.md -# secretName: cluster-a-auth -# # Or pass auth directly as base64 encoded user:pass -# data: YWRtaW46YWRtaW4= -# # Or user and pass directly -# user: admin -# pass: admin -# - name: "Cluster B" -# address: http://cluster-b.kubecost.com:9090 -# defaultModelPricing: # default monthly resource prices, used predominately for on-prem clusters -# CPU: 28.0 -# spotCPU: 4.86 -# RAM: 3.09 -# spotRAM: 0.65 -# GPU: 693.50 -# spotGPU: 225.0 -# storage: 0.04 -# zoneNetworkEgress: 0.01 -# regionNetworkEgress: 0.01 -# internetNetworkEgress: 0.12 -# enabled: true -# # The cluster profile represents a predefined set of parameters to use when calculating savings. -# # Possible values are: [ development, production, high-availability ] -# clusterProfile: production -# customPricesEnabled: false # This makes the default view custom prices-- generally used for on-premises clusters -# spotLabel: lifecycle -# spotLabelValue: Ec2Spot -# gpuLabel: gpu -# gpuLabelValue: true -# awsServiceKeyName: ACCESSKEYID -# awsServiceKeyPassword: fakepassword # Only use if your values.yaml are stored encrypted. Otherwise provide an existing secret via serviceKeySecretName -# awsSpotDataRegion: us-east-1 -# awsSpotDataBucket: spot-data-feed-s3-bucket -# awsSpotDataPrefix: dev -# athenaProjectID: "530337586277" # The AWS AccountID where the Athena CUR is. Generally your masterpayer account -# athenaBucketName: "s3://aws-athena-query-results-530337586277-us-east-1" -# athenaRegion: us-east-1 -# athenaDatabase: athenacurcfn_athena_test1 -# athenaTable: "athena_test1" -# athenaWorkgroup: "primary" # The default workgroup in AWS is 'primary' -# masterPayerARN: "" -# projectID: "123456789" # Also known as AccountID on AWS -- the current account/project that this instance of Kubecost is deployed on. -# gcpSecretName: gcp-secret # Name of a secret representing the gcp service key -# bigQueryBillingDataDataset: billing_data.gcp_billing_export_v1_01AC9F_74CF1D_5565A2 -# labelMappingConfigs: # names of k8s labels or annotations used to designate different allocation concepts -# enabled: true -# owner_label: "owner" -# team_label: "team" -# department_label: "dept" -# product_label: "product" -# environment_label: "env" -# namespace_external_label: "kubernetes_namespace" # external labels/tags are used to map external cloud costs to kubernetes concepts -# cluster_external_label: "kubernetes_cluster" -# controller_external_label: "kubernetes_controller" -# product_external_label: "kubernetes_label_app" -# service_external_label: "kubernetes_service" -# deployment_external_label: "kubernetes_deployment" -# owner_external_label: "kubernetes_label_owner" -# team_external_label: "kubernetes_label_team" -# environment_external_label: "kubernetes_label_env" -# department_external_label: "kubernetes_label_department" -# statefulset_external_label: "kubernetes_statefulset" -# daemonset_external_label: "kubernetes_daemonset" -# pod_external_label: "kubernetes_pod" -# grafanaURL: "" -# clusterName: "" # clusterName is the default context name in settings. -# currencyCode: "USD" # official support for USD, AUD, BRL, CAD, CHF, CNY, DKK, EUR, GBP, INR, JPY, NOK, PLN, SEK -# azureBillingRegion: US # Represents 2-letter region code, e.g. West Europe = NL, Canada = CA. ref: https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes -# azureSubscriptionID: 0bd50fdf-c923-4e1e-850c-196dd3dcc5d3 -# azureClientID: f2ef6f7d-71fb-47c8-b766-8d63a19db017 -# azureTenantID: 72faf3ff-7a3f-4597-b0d9-7b0b201bb23a -# azureClientPassword: fake key # Only use if your values.yaml are stored encrypted. Otherwise provide an existing secret via serviceKeySecretName -# azureOfferDurableID: "MS-AZR-0003p" -# azureStorageSecretName: "azure-storage-config" # Name of Kubernetes Secret where Azure Storage Configuration is stored -# discount: "" # percentage discount applied to compute -# negotiatedDiscount: "" # custom negotiated cloud provider discount -# defaultIdle: false -# serviceKeySecretName: "" # Use an existing AWS or Azure secret with format as in aws-service-key-secret.yaml or azure-service-key-secret.yaml. Leave blank if using createServiceKeySecret -# createServiceKeySecret: true # Creates a secret representing your cloud service key based on data in values.yaml. If you are storing unencrypted values, add a secret manually -# sharedNamespaces: "" # namespaces with shared workloads, example value: "kube-system\,ingress-nginx\,kubecost\,monitoring" -# sharedOverhead: "" # value representing a fixed external cost per month to be distributed among aggregations. -# shareTenancyCosts: true # enable or disable sharing costs such as cluster management fees (defaults to "true" on Settings page) -# metricsConfigs: # configuration for metrics emitted by Kubecost -# disabledMetrics: [] # list of metrics that Kubecost will not emit. Note that disabling metrics can lead to unexpected behavior in the cost-model. -# productKey: # apply business or enterprise product license -# key: "" -# enabled: false -# secretname: productkeysecret # create a secret out of a file named productkey.json of format { "key": "kc-b1325234" } -# mountPath: "/some/custom/path/productkey.json" # (use instead of secretname) declare the path at which the product key file is mounted (eg. by a secrets provisioner). The file must be of format { "key": "kc-b1325234" } -# cloudIntegrationSecret: "cloud-integration" -# ingestPodUID: false # Enables using UIDs to uniquely ID pods. This requires either Kubecost's replicated KSM metrics, or KSM v2.1.0+. This may impact performance, and changes the default cost-model allocation behavior. diff --git a/deploy-as-code/helm/charts/backbone-services/efs/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/efs/Chart.yaml deleted file mode 100644 index 032e0cc692..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: efs -description: A Helm chart for cert-manager on Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: v0.10.1 diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/efs/templates/_helpers.tpl deleted file mode 100644 index c3b5dfbae6..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/_helpers.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrole.yaml deleted file mode 100644 index b8f6bbe4df..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrole.yaml +++ /dev/null @@ -1,17 +0,0 @@ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "name" . }}-client-provisioner-runner -rules: -- apiGroups: [""] - resources: ["persistentvolumes"] - verbs: ["get", "list", "watch", "create", "delete"] -- apiGroups: [""] - resources: ["persistentvolumeclaims"] - verbs: ["get", "list", "watch", "update"] -- apiGroups: ["storage.k8s.io"] - resources: ["storageclasses"] - verbs: ["get", "list", "watch"] -- apiGroups: [""] - resources: ["events"] - verbs: ["create", "update", "patch"] \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrolebinding.yaml deleted file mode 100644 index a4b7141128..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: run-{{ template "name" . }}-client-provisioner -subjects: -- kind: ServiceAccount - name: {{ template "name" . }}-client-provisioner - namespace: {{ .Values.namespace }} -roleRef: - kind: ClusterRole - name: {{ template "name" . }}-client-provisioner-runner - apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/efs/templates/deployment.yaml deleted file mode 100644 index 492538c35d..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/deployment.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "name" . }}-client-provisioner - namespace: {{ .Values.namespace }} -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app: {{ template "name" . }}-client-provisioner - template: - metadata: - labels: - app: {{ template "name" . }}-client-provisioner - spec: - serviceAccountName: {{ template "name" . }}-client-provisioner - containers: - - name: {{ template "name" . }}-client-provisioner - image: quay.io/external_storage/nfs-client-provisioner:latest - volumeMounts: - - name: {{ template "name" . }}-client-root - mountPath: /persistentvolumes - env: - - name: PROVISIONER_NAME - value: efs-storage - - name: NFS_SERVER - value: {{ .Values.nfs_server }} - - name: NFS_PATH - value: {{ .Values.nfs_path }} - volumes: - - name: {{ template "name" . }}-client-root - nfs: - server: {{ .Values.nfs_server }} - path: {{ .Values.nfs_path }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/role.yaml b/deploy-as-code/helm/charts/backbone-services/efs/templates/role.yaml deleted file mode 100644 index 300669fdc5..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/role.yaml +++ /dev/null @@ -1,9 +0,0 @@ -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: leader-locking-{{ template "name" . }}-client-provisioner - namespace: {{ .Values.namespace }} -rules: -- apiGroups: [""] - resources: ["endpoints"] - verbs: ["get", "list", "watch", "create", "update", "patch"] \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/efs/templates/rolebinding.yaml deleted file mode 100644 index 517ef8f419..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - namespace: {{ .Values.namespace }} - name: leader-locking-{{ template "name" . }}-client-provisioner -subjects: -- kind: ServiceAccount - name: {{ template "name" . }}-client-provisioner - namespace: {{ .Values.namespace }} -roleRef: - kind: Role - name: leader-locking-{{ template "name" . }}-client-provisioner - apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/service-account.yaml b/deploy-as-code/helm/charts/backbone-services/efs/templates/service-account.yaml deleted file mode 100644 index 4f46cbdffb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/service-account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "name" . }}-client-provisioner - namespace: {{ .Values.namespace }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/templates/storage-class.yaml b/deploy-as-code/helm/charts/backbone-services/efs/templates/storage-class.yaml deleted file mode 100644 index 31a24202dd..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/templates/storage-class.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: {{ template "name" . }} -provisioner: {{ template "name" . }}-storage -parameters: - archiveOnDelete: "false" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/efs/values.yaml b/deploy-as-code/helm/charts/backbone-services/efs/values.yaml deleted file mode 100644 index 2857679667..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/efs/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -name: efs -namespace: backbone - -nfs_server: "10.1.9.132" -nfs_path: "/" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml deleted file mode 100644 index 213170f04f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: A Helm chart for Confluent Kafka on Kubernetes -name: elasticsearch -version: 0.1.0 \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml deleted file mode 100644 index 9975f3f427..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml +++ /dev/null @@ -1,301 +0,0 @@ - -name: elasticsearch-data-infra-v1 -namespace: es-cluster-infra -replicas: 3 - -image: - pullPolicy: IfNotPresent - repository: docker.elastic.co/elasticsearch/elasticsearch - tag: 6.4.2 - -clusterName: "elasticsearch-infra-v1" -nodeGroup: "data" - -# The service that non master groups will try to connect to when joining the cluster -# This should be set to clusterName + "-" + nodeGroup for your master group -masterService: "elasticsearch-master-infra-v1" - -# Elasticsearch roles that will be applied to this nodeGroup -# These will be set as environment variables. E.g. node.master=true -roles: - master: "false" - ingest: "true" - data: "true" - -minimumMasterNodes: 2 - -esMajorVersion: "" - -# Allows you to add any config files in /usr/share/elasticsearch/config/ -# such as elasticsearch.yml and log4j2.properties -esConfig: {} -# elasticsearch.yml: | -# key: -# nestedkey: value -# log4j2.properties: | -# key = value - -# Extra environment variables to append to this nodeGroup -# This will be appended to the current 'env:' key. You can use any of the kubernetes env -# syntax here -extraEnvs: -# - name: MY_ENVIRONMENT_VAR -# value: the_value_goes_here - - name: path.data - value: "/usr/share/elasticsearch/data" - - name: path.logs - value: "/usr/share/elasticsearch/logs" - - name: gateway.expected_master_nodes - value: "2" - - name: gateway.expected_data_nodes - value: "1" - - name: gateway.recover_after_time - value: "5m" - - name: gateway.recover_after_master_nodes - value: "2" - - name: gateway.recover_after_data_nodes - value: "1" - -# Allows you to load environment variables from kubernetes secret or config map -envFrom: [] -# - secretRef: -# name: env-secret -# - configMapRef: -# name: config-map - -# A list of secrets and their paths to mount inside the pod -# This is useful for mounting certificates for security and for mounting -# the X-Pack license -secretMounts: [] -# - name: elastic-certificates -# secretName: elastic-certificates -# path: /usr/share/elasticsearch/config/certs - -podAnnotations: {} - # iam.amazonaws.com/role: es-cluster - -# additionals labels -labels: {} - -esJavaOpts: "-Xmx1g -Xms1g" - -resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -initResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -sidecarResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -networkHost: "0.0.0.0" - -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: 25Gi - -rbac: - create: false - serviceAccountName: "" - -podSecurityPolicy: - create: false - name: "" - spec: - privileged: true - fsGroup: - rule: RunAsAny - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - secret - - configMap - - persistentVolumeClaim - -persistence: - enabled: false - # aws: - # - volumeId: value - # zone: ap-south-1a - # - volumeId: value - # zone: ap-south-1b - # - volumeId: value - # zone: ap-south-1c - - # azure: - # - diskName: zookeeper-0 - # diskUri: value - # - diskName: zookeeper-1 - # diskUri: value - # - diskName: zookeeper-2 - # diskUri: value - dataDirSize: "25Gi" - annotations: {} - -extraVolumes: [] - # - name: extras - # emptyDir: {} - -extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -extraContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -extraInitContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -# This is the PriorityClass settings as defined in -# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass -priorityClassName: "" - -# By default this will make sure two pods don't end up on the same node -# Changing this to a region would allow you to spread pods across regions -antiAffinityTopologyKey: "kubernetes.io/hostname" - -# Hard means that by default pods will only be scheduled if there are enough nodes for them -# and that they will never end up on the same node. Setting this to soft will do this "best effort" -antiAffinity: "hard" - -# This is the node affinity settings as defined in -# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -nodeAffinity: {} - -# The default is to deploy all pods serially. By setting this to parallel all pods are started at -# the same time when bootstrapping the cluster -podManagementPolicy: "Parallel" - -protocol: http -httpPort: 9200 -transportPort: 9300 - -service: - labels: {} - labelsHeadless: {} - type: ClusterIP - nodePort: "" - annotations: {} - httpPortName: http - transportPortName: transport - loadBalancerIP: "" - loadBalancerSourceRanges: [] - -updateStrategy: OnDelete - -# This is the max unavailable setting for the pod disruption budget -# The default value of 1 will make sure that kubernetes won't allow more than 1 -# of your pods to be unavailable during maintenance -maxUnavailable: 1 - -podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - -securityContext: - capabilities: - drop: - - ALL - # readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - -# How long to wait for elasticsearch to stop gracefully -terminationGracePeriod: 120 - -sysctlVmMaxMapCount: 262144 - -readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 3 - timeoutSeconds: 5 - -# https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status -clusterHealthCheckParams: "wait_for_status=green&timeout=1s" - -## Use an alternate scheduler. -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" - -imagePullSecrets: [] -nodeSelector: {} -tolerations: [] - -# Enabling this will publically expose your Elasticsearch instance. -# Only enable this if you have security enabled on your cluster -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - path: / - hosts: - - chart-example.local - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -nameOverride: "" -fullnameOverride: "" - -# https://github.com/elastic/helm-charts/issues/63 -masterTerminationFix: false - -lifecycle: {} - # preStop: - # exec: - # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] - # postStart: - # exec: - # command: - # - bash - # - -c - # - | - # #!/bin/bash - # # Add a template to adjust number of shards/replicas - # TEMPLATE_NAME=my_template - # INDEX_PATTERN="logstash-*" - # SHARD_COUNT=8 - # REPLICA_COUNT=1 - # ES_URL=http://localhost:9200 - # while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done - # curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}' - -sysctlInitContainer: - enabled: true - -keystore: [] - -# Deprecated -# please use the above podSecurityContext.fsGroup instead -fsGroup: "" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml deleted file mode 100644 index a4373b91b2..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml +++ /dev/null @@ -1,286 +0,0 @@ - -name: elasticsearch-data-v1 -namespace: es-cluster -replicas: 3 - -image: - pullPolicy: IfNotPresent - repository: docker.elastic.co/elasticsearch/elasticsearch - tag: 6.4.2 - -clusterName: "elasticsearch-v1" -nodeGroup: "data" - -# The service that non master groups will try to connect to when joining the cluster -# This should be set to clusterName + "-" + nodeGroup for your master group -masterService: "elasticsearch-master-v1" - -# Elasticsearch roles that will be applied to this nodeGroup -# These will be set as environment variables. E.g. node.master=true -roles: - master: "false" - ingest: "true" - data: "true" - -minimumMasterNodes: 2 - -esMajorVersion: "" - -# Allows you to add any config files in /usr/share/elasticsearch/config/ -# such as elasticsearch.yml and log4j2.properties -esConfig: {} -# elasticsearch.yml: | -# key: -# nestedkey: value -# log4j2.properties: | -# key = value - -# Extra environment variables to append to this nodeGroup -# This will be appended to the current 'env:' key. You can use any of the kubernetes env -# syntax here -extraEnvs: -# - name: MY_ENVIRONMENT_VAR -# value: the_value_goes_here - - name: path.data - value: "/usr/share/elasticsearch/data" - - name: path.logs - value: "/usr/share/elasticsearch/logs" - - name: gateway.expected_master_nodes - value: "2" - - name: gateway.expected_data_nodes - value: "1" - - name: gateway.recover_after_time - value: "5m" - - name: gateway.recover_after_master_nodes - value: "2" - - name: gateway.recover_after_data_nodes - value: "1" - -# Allows you to load environment variables from kubernetes secret or config map -envFrom: [] -# - secretRef: -# name: env-secret -# - configMapRef: -# name: config-map - -# A list of secrets and their paths to mount inside the pod -# This is useful for mounting certificates for security and for mounting -# the X-Pack license -secretMounts: [] -# - name: elastic-certificates -# secretName: elastic-certificates -# path: /usr/share/elasticsearch/config/certs - -podAnnotations: {} - # iam.amazonaws.com/role: es-cluster - -# additionals labels -labels: {} - -esJavaOpts: "-Xmx1g -Xms1g" - -resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -initResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -sidecarResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -networkHost: "0.0.0.0" - -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: 25Gi - -rbac: - create: false - serviceAccountName: "" - -podSecurityPolicy: - create: false - name: "" - spec: - privileged: true - fsGroup: - rule: RunAsAny - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - secret - - configMap - - persistentVolumeClaim - -persistence: - enabled: true - dataDirSize: "25Gi" - annotations: {} - -extraVolumes: [] - # - name: extras - # emptyDir: {} - -extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -extraContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -extraInitContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -# This is the PriorityClass settings as defined in -# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass -priorityClassName: "" - -# By default this will make sure two pods don't end up on the same node -# Changing this to a region would allow you to spread pods across regions -antiAffinityTopologyKey: "kubernetes.io/hostname" - -# Hard means that by default pods will only be scheduled if there are enough nodes for them -# and that they will never end up on the same node. Setting this to soft will do this "best effort" -antiAffinity: "hard" - -# This is the node affinity settings as defined in -# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -nodeAffinity: {} - -# The default is to deploy all pods serially. By setting this to parallel all pods are started at -# the same time when bootstrapping the cluster -podManagementPolicy: "Parallel" - -protocol: http -httpPort: 9200 -transportPort: 9300 - -service: - labels: {} - labelsHeadless: {} - type: ClusterIP - nodePort: "" - annotations: {} - httpPortName: http - transportPortName: transport - loadBalancerIP: "" - loadBalancerSourceRanges: [] - -updateStrategy: OnDelete - -# This is the max unavailable setting for the pod disruption budget -# The default value of 1 will make sure that kubernetes won't allow more than 1 -# of your pods to be unavailable during maintenance -maxUnavailable: 1 - -podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - -securityContext: - capabilities: - drop: - - ALL - # readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - -# How long to wait for elasticsearch to stop gracefully -terminationGracePeriod: 120 - -sysctlVmMaxMapCount: 262144 - -readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 3 - timeoutSeconds: 5 - -# https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status -clusterHealthCheckParams: "wait_for_status=green&timeout=1s" - -## Use an alternate scheduler. -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" - -imagePullSecrets: [] -nodeSelector: {} -tolerations: [] - -# Enabling this will publically expose your Elasticsearch instance. -# Only enable this if you have security enabled on your cluster -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - path: / - hosts: - - chart-example.local - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -nameOverride: "" -fullnameOverride: "" - -# https://github.com/elastic/helm-charts/issues/63 -masterTerminationFix: false - -lifecycle: {} - # preStop: - # exec: - # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] - # postStart: - # exec: - # command: - # - bash - # - -c - # - | - # #!/bin/bash - # # Add a template to adjust number of shards/replicas - # TEMPLATE_NAME=my_template - # INDEX_PATTERN="logstash-*" - # SHARD_COUNT=8 - # REPLICA_COUNT=1 - # ES_URL=http://localhost:9200 - # while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done - # curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}' - -sysctlInitContainer: - enabled: true - -keystore: [] - -# Deprecated -# please use the above podSecurityContext.fsGroup instead -fsGroup: "" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml deleted file mode 100644 index abbbe5a8f1..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml +++ /dev/null @@ -1,284 +0,0 @@ - -name: elasticsearch-master-infra-v1 -namespace: es-cluster-infra -replicas: 3 - -image: - pullPolicy: IfNotPresent - repository: docker.elastic.co/elasticsearch/elasticsearch - tag: 6.4.2 - -clusterName: "elasticsearch-infra-v1" -nodeGroup: "master" - -# The service that non master groups will try to connect to when joining the cluster -# This should be set to clusterName + "-" + nodeGroup for your master group -masterService: "elasticsearch-master-infra-v1" - -# Elasticsearch roles that will be applied to this nodeGroup -# These will be set as environment variables. E.g. node.master=true -roles: - master: "true" - ingest: "false" - data: "false" - -minimumMasterNodes: 2 - -esMajorVersion: "" - -# Allows you to add any config files in /usr/share/elasticsearch/config/ -# such as elasticsearch.yml and log4j2.properties -esConfig: {} -# elasticsearch.yml: | -# key: -# nestedkey: value -# log4j2.properties: | -# key = value - -# Extra environment variables to append to this nodeGroup -# This will be appended to the current 'env:' key. You can use any of the kubernetes env -# syntax here -extraEnvs: -# - name: MY_ENVIRONMENT_VAR -# value: the_value_goes_here - - name: path.data - value: "/usr/share/elasticsearch/data" - - name: path.logs - value: "/usr/share/elasticsearch/logs" - - name: gateway.expected_master_nodes - value: "2" - - name: gateway.expected_data_nodes - value: "1" - - name: gateway.recover_after_time - value: "5m" - - name: gateway.recover_after_master_nodes - value: "2" - - name: gateway.recover_after_data_nodes - value: "1" - -# Allows you to load environment variables from kubernetes secret or config map -envFrom: [] -# - secretRef: -# name: env-secret -# - configMapRef: -# name: config-map - -# A list of secrets and their paths to mount inside the pod -# This is useful for mounting certificates for security and for mounting -# the X-Pack license -secretMounts: [] -# - name: elastic-certificates -# secretName: elastic-certificates -# path: /usr/share/elasticsearch/config/certs - -podAnnotations: {} - # iam.amazonaws.com/role: es-cluster - -# additionals labels -labels: {} - -esJavaOpts: "-Xmx448m -Xms448m" - -resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -initResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -sidecarResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -networkHost: "0.0.0.0" - -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: 2Gi - -rbac: - create: false - serviceAccountName: "" - -podSecurityPolicy: - create: false - name: "" - spec: - privileged: true - fsGroup: - rule: RunAsAny - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - secret - - configMap - - persistentVolumeClaim - -persistence: - enabled: true - dataDirSize: "2Gi" - annotations: {} - -extraVolumes: [] - # - name: extras - # emptyDir: {} - -extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -extraContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -extraInitContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -# This is the PriorityClass settings as defined in -# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass -priorityClassName: "" - -# By default this will make sure two pods don't end up on the same node -# Changing this to a region would allow you to spread pods across regions -antiAffinityTopologyKey: "kubernetes.io/hostname" - -# Hard means that by default pods will only be scheduled if there are enough nodes for them -# and that they will never end up on the same node. Setting this to soft will do this "best effort" -antiAffinity: "hard" - -# This is the node affinity settings as defined in -# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -nodeAffinity: {} - -# The default is to deploy all pods serially. By setting this to parallel all pods are started at -# the same time when bootstrapping the cluster -podManagementPolicy: "Parallel" - -protocol: http -httpPort: 9200 -transportPort: 9300 - -service: - labels: {} - labelsHeadless: {} - type: ClusterIP - nodePort: "" - annotations: {} - httpPortName: http - transportPortName: transport - loadBalancerIP: "" - loadBalancerSourceRanges: [] - -updateStrategy: OnDelete - -# This is the max unavailable setting for the pod disruption budget -# The default value of 1 will make sure that kubernetes won't allow more than 1 -# of your pods to be unavailable during maintenance -maxUnavailable: 1 - -podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - -securityContext: - capabilities: - drop: - - ALL - # readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - -# How long to wait for elasticsearch to stop gracefully -terminationGracePeriod: 120 - -sysctlVmMaxMapCount: 262144 - -readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 3 - timeoutSeconds: 5 - -# https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status -clusterHealthCheckParams: "wait_for_status=green&timeout=1s" - -## Use an alternate scheduler. -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" - -imagePullSecrets: [] -nodeSelector: {} -tolerations: [] - -# Enabling this will publically expose your Elasticsearch instance. -# Only enable this if you have security enabled on your cluster -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - path: / - hosts: - - chart-example.local - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -nameOverride: "" -fullnameOverride: "" - -# https://github.com/elastic/helm-charts/issues/63 -masterTerminationFix: true - -lifecycle: {} - # preStop: - # exec: - # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] - # postStart: - # exec: - # command: - # - bash - # - -c - # - | - # #!/bin/bash - # # Add a template to adjust number of shards/replicas - # TEMPLATE_NAME=my_template - # INDEX_PATTERN="logstash-*" - # SHARD_COUNT=8 - # REPLICA_COUNT=1 - # ES_URL=http://localhost:9200 - # while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done - # curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}' - -sysctlInitContainer: - enabled: true - -keystore: [] - -# Deprecated -# please use the above podSecurityContext.fsGroup instead -fsGroup: "" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml deleted file mode 100644 index e2874bfdb7..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml +++ /dev/null @@ -1,284 +0,0 @@ - -name: elasticsearch-master-v1 -namespace: es-cluster -replicas: 3 - -image: - pullPolicy: IfNotPresent - repository: docker.elastic.co/elasticsearch/elasticsearch - tag: 6.4.2 - -clusterName: "elasticsearch-v1" -nodeGroup: "master" - -# The service that non master groups will try to connect to when joining the cluster -# This should be set to clusterName + "-" + nodeGroup for your master group -masterService: "elasticsearch-master-v1" - -# Elasticsearch roles that will be applied to this nodeGroup -# These will be set as environment variables. E.g. node.master=true -roles: - master: "true" - ingest: "false" - data: "false" - -minimumMasterNodes: 2 - -esMajorVersion: "" - -# Allows you to add any config files in /usr/share/elasticsearch/config/ -# such as elasticsearch.yml and log4j2.properties -esConfig: {} -# elasticsearch.yml: | -# key: -# nestedkey: value -# log4j2.properties: | -# key = value - -# Extra environment variables to append to this nodeGroup -# This will be appended to the current 'env:' key. You can use any of the kubernetes env -# syntax here -extraEnvs: -# - name: MY_ENVIRONMENT_VAR -# value: the_value_goes_here - - name: path.data - value: "/usr/share/elasticsearch/data" - - name: path.logs - value: "/usr/share/elasticsearch/logs" - - name: gateway.expected_master_nodes - value: "2" - - name: gateway.expected_data_nodes - value: "1" - - name: gateway.recover_after_time - value: "5m" - - name: gateway.recover_after_master_nodes - value: "2" - - name: gateway.recover_after_data_nodes - value: "1" - -# Allows you to load environment variables from kubernetes secret or config map -envFrom: [] -# - secretRef: -# name: env-secret -# - configMapRef: -# name: config-map - -# A list of secrets and their paths to mount inside the pod -# This is useful for mounting certificates for security and for mounting -# the X-Pack license -secretMounts: [] -# - name: elastic-certificates -# secretName: elastic-certificates -# path: /usr/share/elasticsearch/config/certs - -podAnnotations: {} - # iam.amazonaws.com/role: es-cluster - -# additionals labels -labels: {} - -esJavaOpts: "-Xmx448m -Xms448m" - -resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -initResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -sidecarResources: {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -networkHost: "0.0.0.0" - -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: 2Gi - -rbac: - create: false - serviceAccountName: "" - -podSecurityPolicy: - create: false - name: "" - spec: - privileged: true - fsGroup: - rule: RunAsAny - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - secret - - configMap - - persistentVolumeClaim - -persistence: - enabled: true - dataDirSize: "2Gi" - annotations: {} - -extraVolumes: [] - # - name: extras - # emptyDir: {} - -extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -extraContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -extraInitContainers: [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -# This is the PriorityClass settings as defined in -# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass -priorityClassName: "" - -# By default this will make sure two pods don't end up on the same node -# Changing this to a region would allow you to spread pods across regions -antiAffinityTopologyKey: "kubernetes.io/hostname" - -# Hard means that by default pods will only be scheduled if there are enough nodes for them -# and that they will never end up on the same node. Setting this to soft will do this "best effort" -antiAffinity: "hard" - -# This is the node affinity settings as defined in -# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -nodeAffinity: {} - -# The default is to deploy all pods serially. By setting this to parallel all pods are started at -# the same time when bootstrapping the cluster -podManagementPolicy: "Parallel" - -protocol: http -httpPort: 9200 -transportPort: 9300 - -service: - labels: {} - labelsHeadless: {} - type: ClusterIP - nodePort: "" - annotations: {} - httpPortName: http - transportPortName: transport - loadBalancerIP: "" - loadBalancerSourceRanges: [] - -updateStrategy: OnDelete - -# This is the max unavailable setting for the pod disruption budget -# The default value of 1 will make sure that kubernetes won't allow more than 1 -# of your pods to be unavailable during maintenance -maxUnavailable: 1 - -podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - -securityContext: - capabilities: - drop: - - ALL - # readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - -# How long to wait for elasticsearch to stop gracefully -terminationGracePeriod: 120 - -sysctlVmMaxMapCount: 262144 - -readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 3 - timeoutSeconds: 5 - -# https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status -clusterHealthCheckParams: "wait_for_status=green&timeout=1s" - -## Use an alternate scheduler. -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" - -imagePullSecrets: [] -nodeSelector: {} -tolerations: [] - -# Enabling this will publically expose your Elasticsearch instance. -# Only enable this if you have security enabled on your cluster -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - path: / - hosts: - - chart-example.local - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -nameOverride: "" -fullnameOverride: "" - -# https://github.com/elastic/helm-charts/issues/63 -masterTerminationFix: true - -lifecycle: {} - # preStop: - # exec: - # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] - # postStart: - # exec: - # command: - # - bash - # - -c - # - | - # #!/bin/bash - # # Add a template to adjust number of shards/replicas - # TEMPLATE_NAME=my_template - # INDEX_PATTERN="logstash-*" - # SHARD_COUNT=8 - # REPLICA_COUNT=1 - # ES_URL=http://localhost:9200 - # while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done - # curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}' - -sysctlInitContainer: - enabled: true - -keystore: [] - -# Deprecated -# please use the above podSecurityContext.fsGroup instead -fsGroup: "" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl deleted file mode 100644 index 3e7ac57fbd..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl +++ /dev/null @@ -1,61 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{- define "name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} - - -{{- define "elasticsearch.endpoints" -}} -{{- $replicas := int (toString (.Values.replicas)) }} -{{- $uname := printf "%s-%s" .Values.clusterName .Values.nodeGroup }} - {{- range $i, $e := untilStep 0 $replicas 1 -}} -{{ $uname }}-{{ $i }}, - {{- end -}} -{{- end -}} - -{{- define "elasticsearch.esMajorVersion" -}} -{{- if .Values.esMajorVersion -}} -{{ .Values.esMajorVersion }} -{{- else -}} -{{- $version := int (index (.Values.image.tag | splitList ".") 0) -}} - {{- if and (contains "docker.elastic.co/elasticsearch/elasticsearch" .Values.image.repository) (not (eq $version 0)) -}} -{{ $version }} - {{- else -}} -7 - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for statefulset. -*/}} -{{- define "elasticsearch.statefulset.apiVersion" -}} -{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "apps/v1beta2" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "elasticsearch.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} - -{{- define "common.image" -}} -{{- if contains "/" .repository -}} -{{- printf "%s:%s" .repository ( required "Tag is mandatory" .tag ) -}} -{{- else -}} -{{- printf "%s/%s:%s" $.Values.global.containerRegistry .repository ( required "Tag is mandatory" .tag ) -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml deleted file mode 100644 index 857fe87949..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml +++ /dev/null @@ -1,27 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: -{{- if eq .Values.nodeGroup "master" }} - name: {{ template "name" . }}-headless -{{- else }} - name: {{ template "name" . }}-headless -{{- end }} - namespace: {{ .Values.namespace }} - labels: - app: "{{ template "name" . }}" -{{- if .Values.service.labelsHeadless }} -{{ toYaml .Values.service.labelsHeadless | indent 4 }} -{{- end }} - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -spec: - clusterIP: None # This is needed for statefulset hostnames like elasticsearch-0 to resolve - # Create endpoints also if the related pod isn't ready - publishNotReadyAddresses: true - selector: - app: "{{ template "name" . }}" - ports: - - name: {{ .Values.service.httpPortName | default "http" }} - port: {{ .Values.httpPort }} - - name: {{ .Values.service.transportPortName | default "transport" }} - port: {{ .Values.transportPort }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml deleted file mode 100644 index be2fa2a2ac..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml +++ /dev/null @@ -1,55 +0,0 @@ -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- if .Values.persistence.enabled }} -{{- range $idx, $v := until (int .Values.replicas) }} -apiVersion: v1 -kind: PersistentVolume -metadata: - name: "es-storage-{{ template "name" $ }}-{{ $idx }}" - labels: - app: {{ template "name" $ }} -{{- if $.Values.persistence.aws }} - failure-domain.beta.kubernetes.io/zone: {{ index $.Values "persistence" "aws" $idx "zone" }} - topology.kubernetes.io/zone: {{ index $.Values "persistence" "aws" $idx "zone" }} -{{- end }} -spec: - capacity: - storage: {{ $.Values.persistence.dataDirSize | quote }} - accessModes: - - ReadWriteOnce - persistentVolumeReclaimPolicy: Retain - claimRef: - namespace: {{ $.Values.namespace }} - name: "es-storage-{{ template "name" $ }}-{{ $idx }}" -{{- if $.Values.persistence.aws }} - awsElasticBlockStore: - volumeID: {{ index $.Values "persistence" "aws" $idx "volumeId" }} - fsType: ext4 -{{- end }} -{{- if $.Values.persistence.azure }} - azureDisk: - cachingMode: ReadWrite - diskName: {{ index $.Values "persistence" "azure" $idx "diskName" }} - diskURI: {{ index $.Values "persistence" "azure" $idx "diskUri" }} - kind: Managed - fsType: ext4 -{{- end }} -{{- if $.Values.persistence.openstack }} - cinder: - fsType: "ext4" - volumeID: {{ index $.Values "persistence" "openstack" $idx }} -{{- end }} -{{- if $.Values.persistence.iscsi }} - iscsi: - targetPortal: {{ index $.Values "persistence" "iscsi" "targetPortal" }} - iqn: {{ index $.Values "persistence" "iscsi" "iqn" $idx }} - lun: 0 - fsType: 'ext4' - readOnly: true -{{- end }} ---- -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml deleted file mode 100644 index 317137fad0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.maxUnavailable }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: "{{ template "name" . }}-pdb" - namespace: {{ .Values.namespace }} -spec: - maxUnavailable: {{ .Values.maxUnavailable }} - selector: - matchLabels: - app: "{{ template "name" . }}" -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml deleted file mode 100644 index 3a2c57c755..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml +++ /dev/null @@ -1,30 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: -{{- if eq .Values.nodeGroup "master" }} - name: {{ template "name" . }} -{{- else }} - name: {{ template "name" . }} -{{- end }} - namespace: {{ .Values.namespace }} - labels: - app: "{{ template "name" . }}" -{{- if .Values.service.labels }} -{{ toYaml .Values.service.labels | indent 4}} -{{- end }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} -spec: - type: {{ .Values.service.type }} - selector: - app: "{{ template "name" . }}" - ports: - - name: {{ .Values.service.httpPortName | default "http" }} - protocol: TCP - port: {{ .Values.httpPort }} -{{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} -{{- end }} - - name: {{ .Values.service.transportPortName | default "transport" }} - protocol: TCP - port: {{ .Values.transportPort }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml deleted file mode 100644 index 9668e77919..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml +++ /dev/null @@ -1,398 +0,0 @@ ---- -apiVersion: {{ template "elasticsearch.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - labels: - app: "{{ template "name" . }}" - {{- range $key, $value := .Values.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - annotations: - esMajorVersion: "{{ include "elasticsearch.esMajorVersion" . }}" -spec: - serviceName: {{ template "name" . }}-headless - selector: - matchLabels: - app: "{{ template "name" . }}" - replicas: {{ .Values.replicas }} - podManagementPolicy: {{ .Values.podManagementPolicy }} - updateStrategy: - type: {{ .Values.updateStrategy }} - {{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: es-storage - {{- with .Values.persistence.annotations }} - annotations: -{{ toYaml . | indent 8 }} - {{- end }} - spec: -{{ toYaml .Values.volumeClaimTemplate | indent 6 }} - {{- end }} - template: - metadata: - name: "{{ template "name" . }}" - labels: - app: "{{ template "name" . }}" - {{- range $key, $value := .Values.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - annotations: - {{- range $key, $value := .Values.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{/* This forces a restart if the configmap has changed */}} - {{- if .Values.esConfig }} - configchecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} - {{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - securityContext: -{{ toYaml .Values.podSecurityContext | indent 8 }} - {{- if .Values.fsGroup }} - fsGroup: {{ .Values.fsGroup }} # Deprecated value, please use .Values.podSecurityContext.fsGroup - {{- end }} - {{- if .Values.rbac.create }} - serviceAccountName: "{{ template "name" . }}" - {{- else if not (eq .Values.rbac.serviceAccountName "") }} - serviceAccountName: {{ .Values.rbac.serviceAccountName | quote }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: -{{ toYaml . | indent 6 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: -{{ toYaml . | indent 8 }} - {{- end }} - {{- if or (eq .Values.antiAffinity "hard") (eq .Values.antiAffinity "soft") .Values.nodeAffinity }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - affinity: - {{- end }} - {{- if eq .Values.antiAffinity "hard" }} - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - "{{ template "name" .}}" - topologyKey: {{ .Values.antiAffinityTopologyKey }} - {{- else if eq .Values.antiAffinity "soft" }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - topologyKey: {{ .Values.antiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - "{{ template "name" . }}" - {{- end }} - {{- with .Values.nodeAffinity }} - nodeAffinity: -{{ toYaml . | indent 10 }} - {{- end }} - terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} - volumes: - {{- range .Values.secretMounts }} - - name: {{ .name }} - secret: - secretName: {{ .secretName }} - {{- end }} - {{- if .Values.esConfig }} - - name: esconfig - configMap: - name: {{ template "name" . }}-config - {{- end }} -{{- if .Values.keystore }} - - name: keystore - emptyDir: {} - {{- range .Values.keystore }} - - name: keystore-{{ .secretName }} - secret: {{ toYaml . | nindent 12 }} - {{- end }} -{{ end }} - {{- if .Values.extraVolumes }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraVolumes) }} -{{ tpl .Values.extraVolumes . | indent 8 }} - {{- else }} -{{ toYaml .Values.extraVolumes | indent 8 }} - {{- end }} - {{- end }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.imagePullSecrets | indent 8 }} - {{- end }} - initContainers: - {{- if .Values.sysctlInitContainer.enabled }} - - name: configure-sysctl - securityContext: - runAsUser: 0 - privileged: true - image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} - imagePullPolicy: "{{ .Values.image.pullPolicy }}" - command: ["sysctl", "-w", "vm.max_map_count={{ .Values.sysctlVmMaxMapCount}}"] - resources: -{{ toYaml .Values.initResources | indent 10 }} - {{- end }} -{{ if .Values.keystore }} - - name: keystore - image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} - imagePullPolicy: "{{ .Values.image.pullPolicy }}" - command: - - sh - - -c - - | - #!/usr/bin/env bash - set -euo pipefail - - elasticsearch-keystore create - - for i in /tmp/keystoreSecrets/*/*; do - key=$(basename $i) - echo "Adding file $i to keystore key $key" - elasticsearch-keystore add-file "$key" "$i" - done - - # Add the bootstrap password since otherwise the Elasticsearch entrypoint tries to do this on startup - if [ ! -z ${ELASTIC_PASSWORD+x} ]; then - echo 'Adding env $ELASTIC_PASSWORD to keystore as key bootstrap.password' - echo "$ELASTIC_PASSWORD" | elasticsearch-keystore add -x bootstrap.password - fi - - cp -a /usr/share/elasticsearch/config/elasticsearch.keystore /tmp/keystore/ - env: {{ toYaml .Values.extraEnvs | nindent 10 }} - envFrom: {{ toYaml .Values.envFrom | nindent 10 }} - resources: {{ toYaml .Values.initResources | nindent 10 }} - volumeMounts: - - name: keystore - mountPath: /tmp/keystore - {{- range .Values.keystore }} - - name: keystore-{{ .secretName }} - mountPath: /tmp/keystoreSecrets/{{ .secretName }} - {{- end }} -{{ end }} - {{- if .Values.extraInitContainers }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraInitContainers) }} -{{ tpl .Values.extraInitContainers . | indent 6 }} - {{- else }} -{{ toYaml .Values.extraInitContainers | indent 6 }} - {{- end }} - {{- end }} - containers: - - name: "elasticsearch" - securityContext: -{{ toYaml .Values.securityContext | indent 10 }} - image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} - imagePullPolicy: "{{ .Values.image.pullPolicy }}" - readinessProbe: - exec: - command: - - sh - - -c - - | - #!/usr/bin/env bash -e - # If the node is starting up wait for the cluster to be ready (request params: '{{ .Values.clusterHealthCheckParams }}' ) - # Once it has started only check that the node itself is responding - START_FILE=/tmp/.es_start_file - - if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then - BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" - else - BASIC_AUTH='' - fi - - if [ -f "${START_FILE}" ]; then - echo 'Elasticsearch is already running, lets check the node is healthy' - HTTP_CODE=$(curl -XGET -s -k ${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/) - RC=$? - if [[ ${RC} -ne 0 ]]; then - echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with RC ${RC}" - exit ${RC} - fi - # ready if HTTP code 200, 503 is tolerable if ES version is 6.x - if [[ ${HTTP_CODE} == "200" ]]; then - exit 0 - elif [[ ${HTTP_CODE} == "503" && "{{ include "elasticsearch.esMajorVersion" . }}" == "6" ]]; then - exit 0 - else - echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with HTTP code ${HTTP_CODE}" - exit 1 - fi - - else - echo 'Waiting for elasticsearch cluster to become ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - if curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/_cluster/health?{{ .Values.clusterHealthCheckParams }} ; then - touch ${START_FILE} - exit 0 - else - echo 'Cluster is not yet ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - exit 1 - fi - fi -{{ toYaml .Values.readinessProbe | indent 10 }} - ports: - - name: http - containerPort: {{ .Values.httpPort }} - - name: transport - containerPort: {{ .Values.transportPort }} - resources: -{{ toYaml .Values.resources | indent 10 }} - env: - - name: node.name - valueFrom: - fieldRef: - fieldPath: metadata.name - {{- if eq .Values.roles.master "true" }} - {{- if ge (int (include "elasticsearch.esMajorVersion" .)) 7 }} - - name: cluster.initial_master_nodes - value: "{{ template "elasticsearch.endpoints" . }}" - {{- else }} - - name: discovery.zen.minimum_master_nodes - value: "{{ .Values.minimumMasterNodes }}" - {{- end }} - {{- end }} - {{- if lt (int (include "elasticsearch.esMajorVersion" .)) 7 }} - - name: discovery.zen.ping.unicast.hosts - value: {{ .Values.masterService | quote }} - {{- else }} - - name: discovery.seed_hosts - value: {{ .Values.masterService | quote }} - {{- end }} - - name: cluster.name - value: {{ .Values.clusterName | quote }} - - name: network.host - value: {{ .Values.networkHost | quote }} - - name: ES_JAVA_OPTS - value: {{ .Values.esJavaOpts | quote }} - {{- range $role, $enabled := .Values.roles }} - - name: node.{{ $role }} - value: {{ $enabled | quote }} - {{- end }} -{{- if .Values.extraEnvs }} -{{ toYaml .Values.extraEnvs | indent 10 }} -{{- end }} -{{- if .Values.envFrom }} - envFrom: -{{ toYaml .Values.envFrom | indent 10 }} -{{- end }} - volumeMounts: - {{- if .Values.persistence.enabled }} - - name: "es-storage" - mountPath: /usr/share/elasticsearch/data - {{- end }} -{{ if .Values.keystore }} - - name: keystore - mountPath: /usr/share/elasticsearch/config/elasticsearch.keystore - subPath: elasticsearch.keystore -{{ end }} - {{- range .Values.secretMounts }} - - name: {{ .name }} - mountPath: {{ .path }} - {{- if .subPath }} - subPath: {{ .subPath }} - {{- end }} - {{- end }} - {{- range $path, $config := .Values.esConfig }} - - name: esconfig - mountPath: /usr/share/elasticsearch/config/{{ $path }} - subPath: {{ $path }} - {{- end -}} - {{- if .Values.extraVolumeMounts }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraVolumeMounts) }} -{{ tpl .Values.extraVolumeMounts . | indent 10 }} - {{- else }} -{{ toYaml .Values.extraVolumeMounts | indent 10 }} - {{- end }} - {{- end }} - {{- if .Values.masterTerminationFix }} - {{- if eq .Values.roles.master "true" }} - # This sidecar will prevent slow master re-election - # https://github.com/elastic/helm-charts/issues/63 - - name: elasticsearch-master-graceful-termination-handler - image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} - imagePullPolicy: "{{ .Values.image.pullPolicy }}" - command: - - "sh" - - -c - - | - #!/usr/bin/env bash - set -eo pipefail - - http () { - local path="${1}" - if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then - BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" - else - BASIC_AUTH='' - fi - curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://{{ .Values.masterService }}:{{ .Values.httpPort }}${path} - } - - cleanup () { - while true ; do - local master="$(http "/_cat/master?h=node" || echo "")" - if [[ $master == "{{ .Values.masterService }}"* && $master != "${NODE_NAME}" ]]; then - echo "This node is not master." - break - fi - echo "This node is still master, waiting gracefully for it to step down" - sleep 1 - done - - exit 0 - } - - trap cleanup SIGTERM - - sleep infinity & - wait $! - resources: -{{ toYaml .Values.sidecarResources | indent 10 }} - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - {{- if .Values.extraEnvs }} -{{ toYaml .Values.extraEnvs | indent 10 }} - {{- end }} - {{- if .Values.envFrom }} - envFrom: -{{ toYaml .Values.envFrom | indent 10 }} - {{- end }} - {{- end }} - {{- end }} -{{- if .Values.lifecycle }} - lifecycle: -{{ toYaml .Values.lifecycle | indent 10 }} -{{- end }} - {{- if .Values.extraContainers }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraContainers) }} -{{ tpl .Values.extraContainers . | indent 6 }} - {{- else }} -{{ toYaml .Values.extraContainers | indent 6 }} - {{- end }} - {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml deleted file mode 100644 index 6c6bc09269..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: es-curator -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml deleted file mode 100644 index f1c8f218bb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml +++ /dev/null @@ -1,59 +0,0 @@ -# Common Labels -labels: - group: "es-curator-infra" - -cron: - schedule: "45 18 * * *" -# Container Configs -namespace: es-cluster-infra -image: - repository: "bobrik/curator" - tag: 5.6.0 -logs-cleanup-enabled: true -jaeger-cleanup-enabled: true -logs-to-retain-in-days: 7 -memory_limits: 512Mi -args: -- --config -- /etc/config/config.yml -- /etc/config/action_file.yml - -# Additional Container Envs -env: | - - name: SERVER_PORT - value: "8080" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: ES_CLIENT_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: es-infra-host - - name: ES_CLIENT_PORT - value: "9200" - - name: LOG_LEVEL - value: "DEBUG" - {{- if index .Values "logs-cleanup-enabled" }} - - name: LOGS_CLEANUP_DISABLED - value: "False" - - name: RETAIN_LOGS_IN_DAYS - value: {{ index .Values "logs-to-retain-in-days" | quote }} - {{- end }} - {{- if index .Values "jaeger-cleanup-enabled" }} - - name: JAEGER_CLEANUP_DISABLED - value: "False" - - name: RETAIN_JAEGER_DATA_IN_DAYS - value: "14" - {{- end }} -extraVolumes: | - - name: config-volume - configMap: - name: {{ template "name" . }}-config -extraVolumeMounts: | - - mountPath: /etc/config - name: config-volume -resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl deleted file mode 100644 index c3b5dfbae6..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml deleted file mode 100644 index 57f099a0fb..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "name" . }}-config - namespace: {{ .Values.namespace }} -data: - action_file.yml: |- - --- - # Remember, leave a key empty if there is no value. None will be a string, - # not a Python "NoneType" - # - # Also remember that all examples have 'disable_action' set to True. If you - # want to use this action as a template, be sure to set this to False after - # copying it. - actions: - 1: - action: delete_indices - description: "Clean up ES by deleting old logs" - options: - timeout_override: 300 - continue_if_exception: False - disable_action: ${LOGS_CLEANUP_DISABLED:True} - ignore_empty_list: True - filters: - - filtertype: pattern - kind: regex - value: '^(egov-services-logs-|egov-infra-logs-|pbprod-logstash-|pbuat-logstash-).*$' - - filtertype: age - source: creation_date - direction: older - unit: days - unit_count: ${RETAIN_LOGS_IN_DAYS} - # - filtertype: age - # source: name - # direction: older - # timestring: '%Y.%m.%d' - # unit: days - # unit_count: 3 - # field: - # stats_result: - # epoch: - # exclude: False - 2: - action: delete_indices - description: "Clean up ES by deleting old jaeger data" - options: - timeout_override: 300 - continue_if_exception: False - disable_action: ${JAEGER_CLEANUP_DISABLED:True} - ignore_empty_list: True - filters: - - filtertype: pattern - kind: regex - value: '^(jaeger-service-|jaeger-span-|jaeger-dependencies-).*$' - - filtertype: age - source: creation_date - direction: older - unit: days - unit_count: ${RETAIN_JAEGER_DATA_IN_DAYS} - config.yml: |- - --- - # Remember, leave a key empty if there is no value. None will be a string, - # not a Python "NoneType" - client: - hosts: - - ${ES_CLIENT_HOST} - port: ${ES_CLIENT_PORT} - url_prefix: - use_ssl: False - certificate: - client_cert: - client_key: - ssl_no_validate: False - http_auth: - timeout: 30 - master_only: False - logging: - loglevel: ${LOG_LEVEL:INFO} - logfile: - logformat: default - blacklist: ['elasticsearch', 'urllib3'] \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml deleted file mode 100644 index 74d9de7ea4..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# cronjob.yaml -{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml deleted file mode 100644 index 5ba5a24626..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -name: fluent-bit -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl deleted file mode 100644 index c3b5dfbae6..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl +++ /dev/null @@ -1,8 +0,0 @@ -{{- define "name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml deleted file mode 100644 index 1b07fda847..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-read -rules: -- apiGroups: [""] - resources: - - namespaces - - pods - verbs: ["get", "list", "watch"] diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml deleted file mode 100644 index a0ec73bb33..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-read -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-read -subjects: -- kind: ServiceAccount - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml deleted file mode 100644 index c5123d528e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml +++ /dev/null @@ -1,133 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "name" . }}-config - namespace: {{ .Values.namespace }} - labels: - app: {{ template "name" . }} -data: - # Configuration files: server, input, filters and output - # ====================================================== - fluent-bit.conf: | - [SERVICE] - Flush 1 - Log_Level info - Daemon off - Parsers_File parsers.conf - HTTP_Server On - HTTP_Listen 0.0.0.0 - HTTP_Port 2020 - @INCLUDE input-egov-services.conf - @INCLUDE input-egov-infra.conf - @INCLUDE filter-kubernetes.conf - @INCLUDE output-kafka-egov-services.conf - @INCLUDE output-kafka-infra.conf - input-egov-services.conf: | - [INPUT] - Name tail - Tag kube_egov_services.* - Path /var/log/containers/*_egov_*.log - DB /var/log/flb_egov_services_log_offsets.db - Buffer_Max_Size 10MB - Mem_Buf_Limit 30MB - Refresh_Interval 60 - input-egov-infra.conf: | - [INPUT] - Name tail - Tag kube_egov_infra.* - Path /var/log/containers/*.log - Exclude_Path *.gz,*.1,/var/log/containers/*_egov_*.log,/var/log/containers/*_ispirit_*.log,/var/log/containers/*_kube-system_*.log - DB /var/log/flb_egov_infra_log_offsets.db - Mem_Buf_Limit 3MB - Skip_Long_Lines On - Refresh_Interval 60 - filter-kubernetes.conf: | - [FILTER] - Name parser - Match kube_egov_services.* - Key_Name log - Parser json - Reserve_Data True - [FILTER] - Name kubernetes - Match * - Kube_URL https://kubernetes.default.svc.cluster.local:443 - Merge_Log On - Annotations Off - output-kafka-egov-services.conf: | - [OUTPUT] - Name kafka - Match kube_egov_services.* - Brokers ${KAFKA_BROKERS} - Topics ${KAFKA_EGOV_SERVICES_LOGS_TOPIC} - Timestamp_Key @ts - # hides errors "Receive failed: Disconnected" when kafka kills idle connections - rdkafka.log.connection.close false - # producer buffer is not included in http://fluentbit.io/documentation/0.12/configuration/memory_usage.html#estimating - rdkafka.queue.buffering.max.kbytes 10240 - # for logs you'll probably want this ot be 0 or 1, not more - rdkafka.request.required.acks 1 - rdkafka.max.in.flight.requests.per.connection 5 - rdkafka.retry.backoff.ms 500 - rdkafka.linger.ms 500 - output-kafka-infra.conf: | - [OUTPUT] - Name kafka - Match kube_egov_infra.* - Brokers ${KAFKA_BROKERS} - Topics ${KAFKA_EGOV_INFRA_LOGS_TOPIC} - Timestamp_Key @ts - # hides errors "Receive failed: Disconnected" when kafka kills idle connections - rdkafka.log.connection.close false - # producer buffer is not included in http://fluentbit.io/documentation/0.12/configuration/memory_usage.html#estimating - rdkafka.queue.buffering.max.kbytes 10240 - # for logs you'll probably want this ot be 0 or 1, not more - rdkafka.request.required.acks 1 - rdkafka.max.in.flight.requests.per.connection 5 - rdkafka.retry.backoff.ms 500 - rdkafka.linger.ms 500 - parsers.conf: | - [PARSER] - Name apache - Format regex - Regex ^(?[^ ]*) [^ ]* (?[^ ]*) \[(?