From e9fee55e43b4af4ac2dd7848d88459ca0f22d8e2 Mon Sep 17 00:00:00 2001 From: Pugal-k1 Date: Mon, 2 Aug 2021 17:46:36 +0530 Subject: [PATCH 1/2] updated-config --- Jenkinsfile | 3 +-- deployments/k8s/deployment.yaml | 2 +- helm/templates/deployment.yaml | 22 +++++++++++------ helm/templates/dev-config.yaml | 2 +- helm/templates/hpa.yaml | 33 +++++++++++++++++++++++++ helm/templates/service.yaml | 12 ++++----- helm/values-dev.yaml | 37 ++++++++++++++-------------- helm/values-prod.yaml | 39 +++++++++++++++--------------- helm/values-verify.yaml | 40 +++++++++++++++--------------- helm/values.yaml | 43 ++++++++++++++++----------------- resources/build-info.yaml | 16 +++++------- 11 files changed, 140 insertions(+), 109 deletions(-) create mode 100644 helm/templates/hpa.yaml diff --git a/Jenkinsfile b/Jenkinsfile index fc008466..bc6bdf8d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -3,5 +3,4 @@ pipelineExecute app_config: 'resources/build-info.yaml', dev_branch: "dev", verify_branch: "verify", prod_branch: "prod", -deployment_configs: "deployment", -jenkins_node_label: "jenkins-slave-01" +jenkins_node_label: "jenkins-slave-02" diff --git a/deployments/k8s/deployment.yaml b/deployments/k8s/deployment.yaml index d4d65352..9e2432f5 100644 --- a/deployments/k8s/deployment.yaml +++ b/deployments/k8s/deployment.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: knoxautopolicy + name: {{ .Values.labels.app }} labels: deployment: knoxautopolicy spec: diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 01b6c8d9..37d7575c 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -1,25 +1,31 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: knoxautopolicy + name: {{ .Values.labels.app }} labels: - deployment: knoxautopolicy +{{ toYaml .Values.labels | indent 4 }} spec: selector: matchLabels: - container: knoxautopolicy + container: {{ .Values.labels.app }} template: metadata: labels: - container: knoxautopolicy + container: {{ .Values.labels.app }} + annotations: + checksum.helm.kubernetes.io/configmap: {{ include (print $.Chart.Name "/templates/dev-config.yaml") . | sha256sum }} + checksum.helm.kubernetes.io/secret: {{ include (print $.Chart.Name "/templates/secret.yaml") . | sha256sum }} spec: + imagePullSecrets: containers: - - image: "{{ .Values.knoxautopolicy.image.repository }}:{{ .Values.knoxautopolicy.image.tag | default .Chart.AppVersion }}" + - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" name: knoxautopolicy ports: - containerPort: 9089 protocol: TCP volumeMounts: - {{- toYaml .Values.volumeMounts | nindent 12 }} - volumes: - {{- toYaml .Values.volumes | nindent 12 }} \ No newline at end of file +{{ toYaml .Values.volumeMounts | indent 10 }} + resources: +{{ toYaml .Values.volumes | indent 10 }} + volumes: +{{ toYaml .Values.resources | indent 8 }} \ No newline at end of file diff --git a/helm/templates/dev-config.yaml b/helm/templates/dev-config.yaml index e2e3c1d6..467b63ce 100644 --- a/helm/templates/dev-config.yaml +++ b/helm/templates/dev-config.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: knoxautopolicy-config + name: {{ .Values.labels.app }}-config #namespace: {{ .Release.Namespace }} data: conf.yaml: |- diff --git a/helm/templates/hpa.yaml b/helm/templates/hpa.yaml new file mode 100644 index 00000000..57250aff --- /dev/null +++ b/helm/templates/hpa.yaml @@ -0,0 +1,33 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ .Values.labels.app }} + labels: +{{ toYaml .Values.labels | indent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ .Values.labels.app }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml index a1e9684c..b43e3518 100644 --- a/helm/templates/service.yaml +++ b/helm/templates/service.yaml @@ -1,13 +1,13 @@ apiVersion: v1 kind: Service metadata: - name: knoxautopolicy + name: {{ .Values.labels.app }}-service labels: - service: knoxautopolicy +{{ toYaml .Values.labels | indent 4 }} spec: ports: - - port: 9089 - targetPort: 9089 - protocol: TCP + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} # Port in microservice + protocol: {{ .Values.service.protocol }} selector: - container: knoxautopolicy \ No newline at end of file + app: {{ .Values.labels.app }} diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 63b24258..c40d3e13 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -3,12 +3,16 @@ # Declare variables to be passed into your templates. replicaCount: 1 -knoxautopolicy: - image: - repository: us.gcr.io/mimetic-kit-294408/accuknox-agents/dev/knoxautopolicy - pullPolicy: Always - # Overrides the image tag whose default is the chart appVersion. - tag: "" + +image: + repository: agents.accuknox.com/repository/docker-dev/knoxautopolicy + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +labels: + app: knoxautopolicy + env: dev namespace: accuknox-dev-knoxautopolicy @@ -70,21 +74,16 @@ ingress: # hosts: # - chart-example.local - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi +resources: + requests: + cpu: 400m + memory: 450Mi + limits: + cpu: 200m + memory: 250Mi autoscaling: - enabled: false + enabled: true minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index d3d651c8..d6d74683 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -3,12 +3,16 @@ # Declare variables to be passed into your templates. replicaCount: 1 -knoxautopolicy: - image: - repository: gcr.io/mimetic-kit-294408/prod/knoxautopolicy - pullPolicy: Always - # Overrides the image tag whose default is the chart appVersion. - tag: "" + +image: + repository: agents.accuknox.com/repository/knoxautopolicy + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +labels: + app: knoxautopolicy + env: prod namespace: accuknox-prod-knoxautopolicy @@ -65,21 +69,16 @@ ingress: # hosts: # - chart-example.local - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi +resources: + requests: + cpu: 400m + memory: 450Mi + limits: + cpu: 200m + memory: 250Mi autoscaling: - enabled: false + enabled: true minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 @@ -133,7 +132,7 @@ config: broker-address-family: v4 session-timeout-ms: 6000 auto-offset-reset: "earliest" - bootstrap-servers: "dev-kafka-kafka-bootstrap.accuknox-dev-kafka.svc.cluster.local:9092" + bootstrap-servers: "accuknox-prod-kafka-kafka-bootstrap.accuknox-prod-kafka.svc.cluster.local:9092" group-id: policy.cilium topics: - cilium-telemetry diff --git a/helm/values-verify.yaml b/helm/values-verify.yaml index 0a22ce1b..f9295e7c 100644 --- a/helm/values-verify.yaml +++ b/helm/values-verify.yaml @@ -3,12 +3,16 @@ # Declare variables to be passed into your templates. replicaCount: 1 -knoxautopolicy: - image: - repository: gcr.io/mimetic-kit-294408/verify/knoxautopolicy - pullPolicy: Always - # Overrides the image tag whose default is the chart appVersion. - tag: "" + +image: + repository: agents.accuknox.com/repository/docker-verify/knoxautopolicy + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +labels: + app: knoxautopolicy + env: verify namespace: accuknox-verify-knoxautopolicy @@ -66,24 +70,20 @@ ingress: # - chart-example.local -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi +resources: + requests: + cpu: 400m + memory: 450Mi + limits: + cpu: 200m + memory: 250Mi autoscaling: - enabled: false + enabled: true minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 nodeSelector: {} @@ -133,7 +133,7 @@ config: broker-address-family: v4 session-timeout-ms: 6000 auto-offset-reset: "earliest" - bootstrap-servers: "dev-kafka-kafka-bootstrap.accuknox-dev-kafka.svc.cluster.local:9092" + bootstrap-servers: "accuknox-verify-kafka-kafka-bootstrap.accuknox-verify-kafka.svc.cluster.local:9092" group-id: policy.cilium topics: - cilium-telemetry diff --git a/helm/values.yaml b/helm/values.yaml index 3faa35cf..3c441f60 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -1,14 +1,17 @@ # Default values for helm. # This is a YAML-formatted file. # Declare variables to be passed into your templates. - replicaCount: 1 -knoxautopolicy: - image: - repository: gcr.io/mimetic-kit-294408/snapshot/knoxautopolicy - pullPolicy: Always - # Overrides the image tag whose default is the chart appVersion. - tag: "1.0" + +image: + repository: gcr.io/accuknox/dev/knoxautopolicy + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +labels: + app: knoxautopolicy + env: dev namespace: accuknox-dev-knoxautopolicy @@ -49,8 +52,9 @@ securityContext: {} # runAsUser: 1000 service: - type: ClusterIP port: 9089 + targetPort: 9089 + protocol: TCP ingress: enabled: false @@ -65,25 +69,20 @@ ingress: # hosts: # - chart-example.local - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi +resources: + requests: + cpu: 200m + memory: 250Mi + limits: + cpu: 400m + memory: 450Mi autoscaling: - enabled: false + enabled: true minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 nodeSelector: {} diff --git a/resources/build-info.yaml b/resources/build-info.yaml index f20b1ab6..4b2b4edb 100644 --- a/resources/build-info.yaml +++ b/resources/build-info.yaml @@ -153,28 +153,24 @@ publish_config: docker: snapshot: agents.accuknox.com/repository/docker-snapshot dev: agents.accuknox.com/repository/docker-dev - verify: agents.accuknox.com/repository/accu-docker - prod: agents.accuknox.com/repository/accu-docker + verify: agents.accuknox.com/repository/docker-verify + prod: agents.accuknox.com/repository helm: snapshot: https://agents.accuknox.com/repository/helm-snapshot/ dev: https://agents.accuknox.com/repository/helm-dev/ verify: https://agents.accuknox.com/repository/helm-verify/ prod: https://agents.accuknox.com/repository/helm-prod/ - -gcr_agent_properties: - agent: true - gcr_config: dev: project: 'mimetic-kit-294408' - gcr_credentials: 'gcr-prod' + gcr_credentials: 'gcr-creds' verify: project: 'mimetic-kit-294408' - gcr_credentials: 'gcr-prod' + gcr_credentials: 'gcr-creds' prod: project: 'mimetic-kit-294408' - gcr_credentials: 'gcr-prod' + gcr_credentials: 'gcr-creds' deploy_config: cd_credentials: "github-token" @@ -190,7 +186,7 @@ argocd: #*********************************************************************************************# # Argocd Configuration for dev Environment. #*********************************************************************************************# - enable: true + enable: false dev: server: "argocd-dev.accuknox.com" #Argocd server name or url credentials: "argocdcred" #Credentials for Argocd From d74bb84c1695eac4e2030d34480b066e3ec03a6d Mon Sep 17 00:00:00 2001 From: Pugal-k1 Date: Mon, 2 Aug 2021 17:55:33 +0530 Subject: [PATCH 2/2] updated-cicd --- resources/build-info.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/build-info.yaml b/resources/build-info.yaml index 4b2b4edb..08fffd4c 100644 --- a/resources/build-info.yaml +++ b/resources/build-info.yaml @@ -97,7 +97,7 @@ sonar_properties: status: enabled: "true" quality_gate: - enabled: "false" + enabled: "true" timeout: "3" sonarqube_server_name: "sonar-scan" sonar_runnner_tools_name: "SonarQubeScanner"