Merge pull request #57 from bpineau/helm_tuning

Complete Helm Chart

assets/helm-chart/katafygio/Chart.yaml

@@ -1,11 +1,17 @@
 apiVersion: v1
 appVersion: 0.5.0
-description: Continuously backup Kubernetes objets as yaml files in git
+description: Continuously backup Kubernetes objets as YAML files in git.
 name: katafygio
 home: https://github.com/bpineau/katafygio
 sources:
 - https://github.com/bpineau/katafygio
-version: 0.2.0
+version: 0.4.0
+keywords:
+- backup
+- dump
+- backups
+- katafygio
+- git
 maintainers:
 - name: bpineau
   email: ben.pineau@gmail.com

assets/helm-chart/katafygio/README.md

@@ -0,0 +1,81 @@
+# Katafygio
+
+[Katafygio](https://github.com/bpineau/katafygio) discovers Kubernetes objects (deployments, services, ...), and continuously save them as YAML files in a git repository. This provides real time, continuous backups, and keeps detailed changes history.
+
+## TL;DR;
+
+```bash
+$ helm install assets/helm-chart/katafygio/
+```
+
+## Introduction
+
+This chart installs a [Katafygio](https://github.com/bpineau/katafygio) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Kubernetes 1.8+
+
+## Chart Details
+
+If your backups are flooded by commits from uninteresting changes, you may filter out irrelevant objects using the `excludeKind` and `excludeObject` options.
+
+By default, the chart will dump (and version) the clusters content in /tmp/kf-dump (configurable with `localDir`).
+This can be useful as is, to keep a local and ephemeral changes history. To benefit from long term, out of cluster, and centrally reachable persistence, you may provide the address of a remote git repository (with `gitUrl`), where all changes will be pushed.
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```bash
+$ helm install --name my-release assets/helm-chart/katafygio/
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```console
+$ helm delete my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Configuration
+
+The following table lists the configurable parameters of the Katafygio chart and their default values.
+
+| Parameter               | Description                                                 | Default                              |
+|-------------------------|-------------------------------------------------------------|--------------------------------------|
+| `replicaCount`          | Desired number of pods                                      | `1`                                  |
+| `image.repository`      | Katafygio container image name                              | `bpineau/katafygio`                  |
+| `image.tag`             | Katafygio container image tag                               | `v0.5.0`                             |
+| `image.pullPolicy`      | Katafygio container image pull policy                       | `IfNotPresent`                       |
+| `localDir`              | Container's local path where Katafygio will dump and commit | `/tmp/kf-dump`                       |
+| `gitUrl`                | Optional remote repository where changes will be pushed     | `nil`                                |
+| `noGit`                 | Disable git versioning                                      | `false`                              |
+| `filter`                | Label selector to dump only matched objects                 | `nil`                                |
+| `healthcheckPort`       | The port Katafygio will listen for health checks requests   | `8080`                               |
+| `excludeKind`           | Object kinds to ignore                                      | `{"replicaset","endpoints","event"}` |
+| `excludeObject`         | Specific objects to ignore (eg. "configmap:default/foo")    | `nil`                                |
+| `rbac.create`           | Enable or disable RBAC roles and bindings                   | `true`                               |
+| `rbac.apiVersion`       | RBAC API version                                            | `v1`                                 |
+| `serviceAccount.create` | Whether a ServiceAccount should be created                  | `true`                               |
+| `serviceAccount.name`   | Service account to be used                                  | `nil`                                |
+| `resyncInterval`        | Seconds between full catch-up resyncs. 0 to disable         | `300`                                |
+| `logLevel`              | Log verbosity (ie. info, warning, error)                    | `warning`                            |
+| `logOutput`             | Logs destination (stdout, stderr or syslog)                 | `stdout`                             |
+| `logServer`             | Syslog server address (eg. "rsyslog:514")                   | `nil`                                |
+| `resources`             | CPU/Memory resource requests/limits                         | `{}`                                 |
+| `tolerations`           | List of node taints to tolerate                             | `[]`                                 |
+| `affinity`              | Node affinity for pod assignment                            | `{}`                                 |
+| `nodeSelector`          | Node labels for pod assignment                              | `{}`                                 |
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
+
+```bash
+$ helm install --name my-release -f values.yaml assets/helm-chart/katafygio/
+```
+> **Tip**: You can use the default [values.yaml](values.yaml)

assets/helm-chart/katafygio/templates/NOTES.txt

@@ -1,11 +1,11 @@
 Katafygio is dumping and versioning the cluster's content as
-yaml files in {{ default "/tmp/kf-dump" .Values.localDir }}.
+YAML files in {{ .Values.localDir }}.
 
 You can access this repository by entering the pod:
-kubectl exec -i -t --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "katafygio.name" . }} -o jsonpath='{.items[0].metadata.name}') /bin/sh
+kubectl exec -i -t --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "katafygio.name" . }} -o jsonpath='{.items[0].metadata.name}') ls {{ .Values.localDir }}
 
 {{ if .Values.gitUrl }}
 This local repository is pushed in real time to {{ .Values.gitUrl }}.
 {{ else -}}
-You can configure gitUrl to get this pushed to a remote repository.
-{{- end -}}
+You can configure gitUrl to get the dumps pushed to a remote repository.
+{{- end }}

assets/helm-chart/katafygio/templates/_helpers.tpl

@@ -41,3 +41,16 @@ Create the name of the service account to use
     {{ default "default" .Values.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
+
+{{- /*
+Credit: @technosophos
+https://github.com/technosophos/common-chart/
+labels.standard prints the standard Helm labels.
+The standard labels are frequently used in metadata.
+*/ -}}
+{{- define "katafygio.labels.standard" -}}
+app: {{ template "katafygio.name" . }}
+heritage: {{ .Release.Service | quote }}
+release: {{ .Release.Name | quote }}
+chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+{{- end -}}

assets/helm-chart/katafygio/templates/deployment.yaml

@@ -3,10 +3,7 @@ kind: Deployment
 metadata:
   name: {{ template "katafygio.fullname" . }}
   labels:
-    app: {{ template "katafygio.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
+{{ include "katafygio.labels.standard" . | indent 4 }}
 spec:
   replicas: {{ .Values.replicaCount }}
   selector:
@@ -16,8 +13,7 @@ spec:
   template:
     metadata:
       labels:
-        app: {{ template "katafygio.name" . }}
-        release: {{ .Release.Name }}
+{{ include "katafygio.labels.standard" . | indent 8 }}
     spec:
       serviceAccountName: {{ template "katafygio.serviceAccountName" . }}
       containers:
@@ -26,8 +22,8 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           command:
             - /usr/bin/katafygio
-            - --local-dir={{ default "/tmp/kf-dump" .Values.localDir }}
-            - --healthcheck-port={{ default 8080 .Values.healthcheckPort }}
+            - --local-dir={{ .Values.localDir }}
+            - --healthcheck-port={{ .Values.healthcheckPort }}
           {{- if .Values.gitUrl }}
             - --git-url={{ .Values.gitUrl }}
           {{- end }}
@@ -61,7 +57,7 @@ spec:
           {{- end }}
           ports:
             - name: http
-              containerPort: {{ default 8080 .Values.healthcheckPort }}
+              containerPort: {{ .Values.healthcheckPort }}
               protocol: TCP
           livenessProbe:
             httpGet:

assets/helm-chart/katafygio/templates/rbac.yaml

@@ -4,10 +4,7 @@ kind: ClusterRole
 metadata:
   name: {{ template "katafygio.fullname" . }}
   labels:
-    app: {{ template "katafygio.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
+{{ include "katafygio.labels.standard" . | indent 4 }}
 rules:
   - apiGroups: ["*"]
     resources: ["*"]
@@ -16,15 +13,12 @@ rules:
       - list
       - watch
 ---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/{{ required "A valid .Values.rbac.apiVersion entry required!" .Values.rbac.apiVersion }}
 kind: ClusterRoleBinding
 metadata:
   name: {{ template "katafygio.fullname" . }}
   labels:
-    app: {{ template "katafygio.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
+{{ include "katafygio.labels.standard" . | indent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

assets/helm-chart/katafygio/templates/service-account.yaml

@@ -4,8 +4,5 @@ kind: ServiceAccount
 metadata:
   name: {{ template "katafygio.serviceAccountName" . }}
   labels:
-    app: {{ template "katafygio.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
+{{ include "katafygio.labels.standard" . | indent 4 }}
 {{- end }}

assets/helm-chart/katafygio/values.yaml

@@ -1,8 +1,11 @@
+# Default values for the katafygio chart.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
 
-# Where we'll dump cluster objects
+# Where we'll dump and commit cluster objects before pushing them to a remote git repository.
 localDir: "/tmp/kf-dump"
 
-# The port we'll listen for health checks requests
+# The port we'll listen for health checks requests.
 healthcheckPort: 8080
 
 # Frequency (in seconds) between full catch-up resyncs. 0 to disable.
@@ -12,29 +15,33 @@ resyncInterval: 300
 logLevel: warning
 logOutput: stdout
 
-# Optional repository where Katafygio would push local changes
+# Optional. Repository where Katafygio would push changes.
 #gitUrl: https://user:token@github.com/myorg/myrepos.git
 
-# Optional label selector to match only certain objects
+# Set to true to disable git versioning.
+noGit: false
+
+# Optional. Label selector to restrict dump to certain objets.
 #filter: "app in (foo, bar)"
 
 # Optional. Address of a remote syslog server (if logOutput is "syslog").
 # logServer: "localhost:514"
 
-# Kubernetes object kinds to exclude from the dumps
+# Optional. Kubernetes object kinds we want to exclude from the dumps.
 excludeKind:
   - replicaset
   - endpoints
   - event
 
-# Specific Kubernetes objets to exclude from the dumps
+# Optional. Specific Kubernetes objets to exclude from the dumps.
 # excludeObject:
 #  - "configmap:kube-system/leader-elector"
 
+# Katafygio needs read-only access to all Kubernetes API groups and resources.
 rbac:
   # Specifies whether RBAC resources should be created
   create: true
-  apiVersion: v1beta1
+  apiVersion: v1
 
 serviceAccount:
   # Specifies whether a ServiceAccount should be created