diff --git a/charts/ccsm-helm/Chart.yaml b/charts/ccsm-helm/Chart.yaml index a36673b15c..164f4e35dd 100644 --- a/charts/ccsm-helm/Chart.yaml +++ b/charts/ccsm-helm/Chart.yaml @@ -9,6 +9,9 @@ dependencies: - name: zeebe version: 0.0.1 condition: "zeebe.enabled" +- name: zeebe-gateway + version: 0.0.1 + condition: "zeebe.enabled" - name: operate version: 0.0.1 condition: "operate.enabled" diff --git a/charts/ccsm-helm/charts/zeebe-gateway/Chart.yaml b/charts/ccsm-helm/charts/zeebe-gateway/Chart.yaml new file mode 100644 index 0000000000..44e82aeaab --- /dev/null +++ b/charts/ccsm-helm/charts/zeebe-gateway/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +appVersion: "1.3.1" +description: Zeebe Gateway Helm Chart for Kubernetes +name: zeebe-gateway +type: application +version: 0.0.1 +icon: https://helm.camunda.io/imgs/zeebe-logo.png +annotations: + artifacthub.io/changes: | + - add zeebe-gateway sub chart + artifacthub.io/containsSecurityUpdates: "false" diff --git a/charts/ccsm-helm/charts/zeebe-gateway/README.md b/charts/ccsm-helm/charts/zeebe-gateway/README.md new file mode 100644 index 0000000000..050b92cdbf --- /dev/null +++ b/charts/ccsm-helm/charts/zeebe-gateway/README.md @@ -0,0 +1,174 @@ +[![Community Extension](https://img.shields.io/badge/Community%20Extension-An%20open%20source%20community%20maintained%20project-FF4700)](https://github.com/camunda-community-hub/community)[![Lifecycle: Incubating](https://img.shields.io/badge/Lifecycle-Incubating-blue)](https://github.com/Camunda-Community-Hub/community/blob/main/extension-lifecycle.md#incubating-)[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) + +# Camunda Cloud Self-Managed Helm Chart + +This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. + +## Requirements + +* [Helm](https://helm.sh/) >= 3.x + +* Kubernetes >= 1.20+ +* Minimum cluster requirements include the following to run this chart with default settings. All of these settings are configurable. + * Three Kubernetes nodes to respect the default "hard" affinity settings + * 2GB of RAM for the JVM heap + + +## Installing + +* Add the official CCSM helm charts repo + +```shell + helm repo add ccsm https://helm.camunda.io + ``` + +* Install it + +```shell + helm install camunda-cloud ccsm/ccsm-helm +``` + +## Configuration +| Section | Parameter | Description | Default | +|-|-|-|-| +| `global` | `elasticsearch.disableExporter` | Disable [Elasticsearch Exporter](https://github.com/camunda-cloud/zeebe/tree/develop/exporters/elasticsearch-exporter) in Zeebe | `false` | +| | `elasticsearch.host` | ElasticSearch host to use in Elasticsearch Exporter connection | `elasticsearch-master` | +| | `elasticsearch.port` | ElasticSearch port to use in Elasticsearch Exporter connection | `9200` | +| | `elasticsearch.url` | ElasticSearch full url to use in Elasticsearch Exporter connection. This config overrides the `host` and `port` above. | | +| `elasticsearch`| `enabled` | Enable ElasticSearch deployment as part of the Zeebe Cluster | `true` | +| `kibana`| `enabled` | Enable Kibana deployment as part of the Zeebe Cluster | `false` | +| `prometheus`| `enabled` | Enable Prometheus operator as part of the Zeebe Cluster | `false` | +| | `servicemonitor.enabled` | Deploy a `ServiceMonitor` for your Zeebe Cluster | `false` | +| `zeebe` |`labels` | labels to be applied to the StatefulSet and Service | `app: zeebe` | +| | `annotations`| annotations to be applied to the StatefulSet and Service | `{}`| +| |`podAnnotations`| annotations to be applied to the StatefulSet pod Template | `{}`| +| | `clusterSize` | Set the Zeebe Cluster Size and the number of replicas of the replica set | `3` | +| | `partitionCount` | Set the Zeebe Cluster partition count | `3` | +| | `replicationFactor` | Set the Zeebe Cluster replication factor | `3` | +| | `cpuThreadCount` | Set the Zeebe Cluster CPU thread count | `2` | +| | `ioThreadCount` | Set the Zeebe Cluster IO thread count | `2` | +| | `logLevel` | Sets the log level for io.zeebe packages; must be one of: ERROR, WARN, INFO, DEBUG, TRACE | `info` | +| | `log4j2` | Log4J 2.x XML configuration; if provided, the contents given will be written to file and will overwrite the distribution's default `/usr/local/zeebe/config/log4j2.xml` | `` | +| | `JavaOpts` | Set the Zeebe Cluster Broker JavaOpts. This is where you should configure the jvm heap size. | `-XX:MaxRAMPercentage=25.0 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/usr/local/zeebe/data -XX:ErrorFile=/usr/local/zeebe/data/zeebe_error%p.log -XX:+ExitOnOutOfMemoryError` | +| | `resources` | Set the Zeebe Cluster Broker Kubernetes Resource Request and Limits | `requests:`
`cpu: 500m`
` memory: 1Gi`
`limits:`
` cpu: 1000m`
` memory: 2Gi` | +| | `env` | Pass additional environment variables to the Zeebe broker pods;
variables should be specified using standard Kubernetes raw YAML format. See below for an example.| `[]` | +| | `podDisruptionBudget.enabled` | Create a podDisruptionBudget for the broker pods | `false` | +| | `podDisruptionBudget.minAvailable` | Minimum number of available broker pods for PodDisruptionBudget | | +| | `podDisruptionBudget.maxUnavailable` | Maximum number of unavailable broker pods for PodDisruptionBudget | `1` | +| | `podSecurityContext` | Sets the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for the Zeebe pod. Can hold pod-level security attributes and common container settings. | {} | +| | `pvcSize`| Set the Zeebe Cluster Persistence Volume Claim Request storage size | `10Gi` | +| | `pvcAccessModes` | Set the Zeebe Cluster Persistence Volume Claim Request accessModes | `[ "ReadWriteOnce" ]` | +| | `pvcStorageClassName` | Set the Zeebe Cluster Persistence Volume Claim Request storageClassName | `` | +| | `extraInitContainers` | Add extra initContainers sections to the StatefulSet | `` | +| | `extraVolumes` | Add extra volumnes to the StatefulSet | `{}` | +| | `extraVolumeMounts` | Add extra volumne mounts to the StatefulSet | `{}` | +| | `nodeSelector` | Node selection constraint to schedule Zeebe on specific nodes | `{}` | +| | `priorityClassName` | Name of the priority class to assign on Zeebe pods | `` | +| | `tolerations` | Tolerations to allow Zeebe to run on dedicated nodes | `[]` | +| | `affinity` | Use affinity constraints to schedule Zeebe on specific nodes | `{}` | +| | `serviceType` | The type of cluster service | `ClusterIP` | +| | `serviceHttpPort` | The http port used by the brokers and the gateway| `9600` | +| | `serviceInternalPort` | The internal port used by the brokers and the gateway | `26502` | +| | `serviceCommandPort` | The command port used the brokers | `26501` | +| | `serviceHttpName` | The http port name used by the brokers and the gateway| `http` | +| | `serviceInternalName` | The internal port name used by the brokers and the gateway | `internal` | +| | `serviceCommandName` | The command port name used the brokers | `command` +| `gateway` | `replicas` | The number of standalone gateways that should be deployed, if zero the embedded gateway is used. | `1` | +| | `priorityClassName` | Name of the priority class to assign on Zeebe gateway pods | `` | +| | `logLevel` | The log level of the gateway, one of: ERROR, WARN, INFO, DEBUG, TRACE | `info` | +| | `log4j2` | Log4J 2.x XML configuration; if provided, the contents given will be written to file and will overwrite the distribution's default `/usr/local/zeebe/config/log4j2.xml` | `` | +| | `env` | Pass additional environment variables to the Zeebe broker pods;
variables should be specified using standard Kubernetes raw YAML format. See below for an example. | `[]` | +| | `podAnnotations` | Annotations to be applied to the gateway Deployment pod template | `` | +| | `podDisruptionBudget.enabled` | Create a PodDisruptionBudget for the gateway pods | `false` | +| | `podDisruptionBudget.minAvailable` | minimum number of available gateway pods for PodDisruptionBudget | `1` | +| | `podDisruptionBudget.maxUnavailable` | maximum number of unavailable gateway pods for PodDisruptionBudget | `` | +| | `serviceGatewayType` | The type of cluster gateway service | `ClusterIP` | +| | `serviceGatewayPort` | The gateway port used by the gateway | `26500` | +| | `serviceGatewayName` | The gateway port name used by the gateway | `gateway` | + +## Examples + +### Env Example +```yaml + +env: + - name: ZEEBE_GATEWAY_MONITORING_ENABLED + value: "true" +``` + +## Adding dynamic exporters to Zeebe Brokers + +This chart supports the addition of Zeebe Exporters by using initContainer as shown in the following example: + +``` +extraInitContainers: | + - name: init-exporters-hazelcast + image: busybox:1.28 + command: ['/bin/sh', '-c'] + args: ['wget --no-check-certificate https://repo1.maven.org/maven2/io/zeebe/hazelcast/zeebe-hazelcast-exporter/0.8.0-alpha1/zeebe-hazelcast-exporter-0.8.0-alpha1-jar-with-dependencies.jar -O /exporters/zeebe-hazelcast-exporter.jar; ls -al'] + volumeMounts: + - name: exporters + mountPath: /exporters/ + - name: init-exporters-kafka + image: busybox:1.28 + command: ['/bin/sh', '-c'] + args: ['wget --no-check-certificate https://github.com/zeebe-io/zeebe-kafka-exporter/releases/download/1.1.0/zeebe-kafka-exporter-1.1.0-uber.jar -O /exporters/zeebe-kafka-exporter.jar; ls -al'] + volumeMounts: + - name: exporters + mountPath: /exporters/ +env: + ZEEBE_BROKER_EXPORTERS_HAZELCAST_JARPATH: exporters/zeebe-hazelcast-exporter.jar + ZEEBE_BROKER_EXPORTERS_HAZELCAST_CLASSNAME: io.zeebe.hazelcast.exporter.HazelcastExporter + ZEEBE_HAZELCAST_REMOTE_ADDRESS: "{{ .Release.Name }}-hazelcast" +``` +This example is downloading the exporters Jar from a URL and adding the Jars to the `exporters` directory that will be scanned for jars and added to the zeebe broker classpath. Then with `environment variables` you can configure the exporter parameters. + +## Dependencies + +This chart currently depends on the following charts: + +* [ElasticSearch Helm Chart](https://github.com/elastic/helm-charts/blob/master/elasticsearch/README.md) +* [Kibana Helm Chart](https://github.com/elastic/helm-charts/tree/master/kibana) +* [Prometheus Operator Helm Chart](https://github.com/helm/charts/tree/master/stable/prometheus-operator) + +These dependencies can be turned on or off and parameters can be overiden from these dependent charts by changing the `values.yaml` file. For example: + +```yaml +elasticsearch: + enabled: true + imageTag: +kibana: + enabled: false +``` + +## Development + +For development purpose you might want to deploy and test the charts without creating a new release. In order to do this you can run the following: + +```sh + helm install charts/ccsm-helm/ +``` + +If you see errors like: + +```sh +Error: found in Chart.yaml, but missing in charts/ directory: elasticsearch, kibana, kube-prometheus-stack +``` + +Then you need to download the dependencies first. You can do this via: + +```sh +$ helm dependency update charts/ccsm-helm/ +Getting updates for unmanaged Helm repositories... +...Successfully got an update from the "https://helm.elastic.co" chart repository +...Successfully got an update from the "https://helm.elastic.co" chart repository +...Successfully got an update from the "https://prometheus-community.github.io/helm-charts" chart repository +Hang tight while we grab the latest from your chart repositories... +...Successfully got an update from the "ccsm" chart repository +...Successfully got an update from the "stable" chart repository +Update Complete. ⎈Happy Helming!⎈ +Saving 3 charts +Downloading elasticsearch from repo https://helm.elastic.co +Downloading kibana from repo https://helm.elastic.co +Downloading kube-prometheus-stack from repo https://prometheus-community.github.io/helm-charts +Deleting outdated charts +``` diff --git a/charts/ccsm-helm/charts/zeebe-gateway/templates/_helpers.tpl b/charts/ccsm-helm/charts/zeebe-gateway/templates/_helpers.tpl new file mode 100644 index 0000000000..258d76acde --- /dev/null +++ b/charts/ccsm-helm/charts/zeebe-gateway/templates/_helpers.tpl @@ -0,0 +1,47 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "zeebe-gateway.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-gateway" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- define "zeebe.version" -}} +{{- printf "%s:%s" .Values.global.image.repository .Values.global.image.tag -}} +{{- end -}} + +{{- define "zeebe.labels.gateway" -}} +{{- template "zeebe.labels" . }} +app.kubernetes.io/component: gateway +{{- end -}} + +{{/* +Creates a valid DNS name for the gateway +*/}} +{{- define "zeebe.names.gateway" -}} +{{- $name := default .Release.Name (tpl .Values.global.zeebeClusterName .) -}} +{{- printf "%s-gateway" $name | trunc 63 | trimSuffix "-" | quote -}} +{{- end -}} + +{{/* +[zeebe-gateway] Create the name of the service account to use +*/}} +{{- define "zeebe-gateway.serviceAccountName" -}} +{{- if .Values.serviceAccount.enabled }} +{{- default (include "zeebe-gateway.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/ccsm-helm/charts/zeebe-gateway/templates/configmap.yaml b/charts/ccsm-helm/charts/zeebe-gateway/templates/configmap.yaml new file mode 100644 index 0000000000..a7564ad1db --- /dev/null +++ b/charts/ccsm-helm/charts/zeebe-gateway/templates/configmap.yaml @@ -0,0 +1,41 @@ +kind: ConfigMap +metadata: + name: {{ include "zeebe-gateway.fullname" . }} + labels: + {{- include "zeebe.labels.gateway" . | nindent 4 }} +apiVersion: v1 +data: + startup.sh: | + #!/usr/bin/env bash + set -eux -o pipefail + + export ZEEBE_BROKER_NETWORK_ADVERTISEDHOST=${ZEEBE_BROKER_NETWORK_ADVERTISEDHOST:-$(hostname -f)} + export ZEEBE_BROKER_CLUSTER_NODEID=${ZEEBE_BROKER_CLUSTER_NODEID:-${K8S_POD_NAME##*-}} + + # As the number of replicas or the DNS is not obtainable from the downward API yet, + # defined them here based on conventions + export ZEEBE_BROKER_CLUSTER_CLUSTERSIZE=${ZEEBE_BROKER_CLUSTER_CLUSTERSIZE:-1} + contactPointPrefix=${K8S_POD_NAME%-*} + contactPoints=${ZEEBE_BROKER_CLUSTER_INITIALCONTACTPOINTS:-""} + if [[ -z "${contactPoints}" ]]; then + for ((i=0; i<${ZEEBE_BROKER_CLUSTER_CLUSTERSIZE}; i++)) + do + contactPoints="${contactPoints},${contactPointPrefix}-$i.$(hostname -d):{{ .Values.service.internalPort }}" + done + + export ZEEBE_BROKER_CLUSTER_INITIALCONTACTPOINTS="${contactPoints}" + fi + + if [ "$(ls -A /exporters/)" ]; then + mkdir /usr/local/zeebe/exporters/ + cp -a /exporters/*.jar /usr/local/zeebe/exporters/ + else + echo "No exporters available." + fi + + exec /usr/local/zeebe/bin/broker + + gateway-log4j2.xml: | +{{- if .Values.log4j2 }} + {{ .Values.log4j2 | indent 4 | trim }} +{{- end }} diff --git a/charts/ccsm-helm/charts/zeebe/templates/gateway-deployment.yaml b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-deployment.yaml similarity index 58% rename from charts/ccsm-helm/charts/zeebe/templates/gateway-deployment.yaml rename to charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-deployment.yaml index 9e82d05652..05165c9642 100644 --- a/charts/ccsm-helm/charts/zeebe/templates/gateway-deployment.yaml +++ b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-deployment.yaml @@ -5,11 +5,11 @@ metadata: labels: {{- include "zeebe.labels.gateway" . | nindent 4 }} annotations: - {{- range $key, $value := .Values.gateway.annotations }} + {{- range $key, $value := .Values.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} spec: - replicas: {{ .Values.gateway.replicas }} + replicas: {{ .Values.replicas }} selector: matchLabels: {{- include "zeebe.labels.gateway" . | nindent 6 }} @@ -17,16 +17,16 @@ spec: metadata: labels: {{- include "zeebe.labels.gateway" . | nindent 8 }} - {{- if .Values.gateway.podLabels }} - {{- toYaml .Values.gateway.podLabels | nindent 8 }} + {{- if .Values.podLabels }} + {{- toYaml .Values.podLabels | nindent 8 }} {{- end }} annotations: - {{- range $key, $value := .Values.gateway.podAnnotations }} + {{- range $key, $value := .Values.podAnnotations }} {{ $key }}: {{ $value | quote }} {{- end }} spec: - {{- if .Values.gateway.priorityClassName }} - priorityClassName: {{ .Values.gateway.priorityClassName | quote }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName | quote }} {{- end }} {{- if .Values.global.image.pullSecrets }} imagePullSecrets: @@ -37,12 +37,12 @@ spec: image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag }}" imagePullPolicy: {{ .Values.global.image.pullPolicy }} ports: - - containerPort: {{ .Values.gateway.service.httpPort }} - name: {{ default "http" .Values.gateway.service.httpName }} - - containerPort: {{ .Values.gateway.service.gatewayPort }} - name: {{ default "gateway" .Values.gateway.service.gatewayName }} - - containerPort: {{ .Values.gateway.service.internalPort }} - name: {{ default "internal" .Values.gateway.service.internalName }} + - containerPort: {{ .Values.service.httpPort }} + name: {{ default "http" .Values.service.httpName }} + - containerPort: {{ .Values.service.gatewayPort }} + name: {{ default "gateway" .Values.service.gatewayName }} + - containerPort: {{ .Values.service.internalPort }} + name: {{ default "internal" .Values.service.internalName }} env: - name: ZEEBE_STANDALONE_GATEWAY value: "true" @@ -53,7 +53,7 @@ spec: fieldRef: fieldPath: metadata.name - name: ZEEBE_LOG_LEVEL - value: {{ .Values.gateway.logLevel | quote }} + value: {{ .Values.logLevel | quote }} - name: JAVA_TOOL_OPTIONS value: {{ .Values.javaOpts | quote }} - name: ZEEBE_GATEWAY_CLUSTER_CONTACTPOINT @@ -61,60 +61,60 @@ spec: - name: ZEEBE_GATEWAY_NETWORK_HOST value: 0.0.0.0 - name: ZEEBE_GATEWAY_NETWORK_PORT - value: {{ .Values.gateway.service.gatewayPort | quote }} + value: {{ .Values.service.gatewayPort | quote }} - name: ZEEBE_GATEWAY_CLUSTER_HOST valueFrom: fieldRef: fieldPath: status.podIP - name: ZEEBE_GATEWAY_CLUSTER_PORT - value: {{ .Values.gateway.service.internalPort | quote }} + value: {{ .Values.service.internalPort | quote }} - name: ZEEBE_GATEWAY_MONITORING_HOST value: 0.0.0.0 - name: ZEEBE_GATEWAY_MONITORING_PORT - value: {{ .Values.gateway.service.httpPort | quote }} - {{- if .Values.gateway.env }} - {{ toYaml .Values.gateway.env | indent 12 | trim }} + value: {{ .Values.service.httpPort | quote }} + {{- if .Values.env }} + {{ toYaml .Values.env | indent 12 | trim }} {{- end }} volumeMounts: - {{- if .Values.gateway.log4j2 }} + {{- if .Values.log4j2 }} - name: config mountPath: /usr/local/zeebe/config/log4j2.xml subPath: gateway-log4j2.xml {{- end }} - {{- if .Values.gateway.extraVolumeMounts}} - {{ .Values.gateway.extraVolumeMounts | toYaml | nindent 12 }} + {{- if .Values.extraVolumeMounts}} + {{ .Values.extraVolumeMounts | toYaml | nindent 12 }} {{- end }} securityContext: {{ toYaml .Values.podSecurityContext | indent 12 | trim }} readinessProbe: tcpSocket: - port: {{ default "gateway" .Values.gateway.service.gatewayName }} + port: {{ default "gateway" .Values.service.gatewayName }} initialDelaySeconds: 20 periodSeconds: 5 - {{- if .Values.gateway.resources}} + {{- if .Values.resources}} resources: - {{- toYaml .Values.gateway.resources | nindent 12 }} + {{- toYaml .Values.resources | nindent 12 }} {{- end }} volumes: - name: config configMap: - name: {{ include "zeebe.fullname" . }} + name: {{ include "zeebe-gateway.fullname" . }} defaultMode: 0744 - {{- if .Values.gateway.extraVolumes}} - {{ .Values.gateway.extraVolumes | toYaml | nindent 8 }} + {{- if .Values.extraVolumes}} + {{ .Values.extraVolumes | toYaml | nindent 8 }} {{- end }} - {{- if .Values.gateway.serviceAccount.name}} - serviceAccountName: {{ .Values.gateway.serviceAccount.name }} + {{- if .Values.serviceAccount.name}} + serviceAccountName: {{ .Values.serviceAccount.name }} {{- end }} -{{- with .Values.gateway.nodeSelector }} +{{- with .Values.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} {{- end }} -{{- with .Values.gateway.affinity }} +{{- with .Values.affinity }} affinity: {{ toYaml . | indent 8 }} {{- end }} -{{- with .Values.gateway.tolerations }} +{{- with .Values.tolerations }} tolerations: {{ toYaml . | indent 8 }} {{- end }} diff --git a/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-poddisruptionbudget.yaml b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-poddisruptionbudget.yaml new file mode 100644 index 0000000000..5d72f1116f --- /dev/null +++ b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-poddisruptionbudget.yaml @@ -0,0 +1,14 @@ +{{ if .Values.podDisruptionBudget.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ printf "%s-gateway" (tpl .Values.global.zeebeClusterName .) | quote }} + labels: + {{- include "zeebe.labels.gateway" . | nindent 4 }} +spec: + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + selector: + matchLabels: + {{- include "zeebe.labels.gateway" . | nindent 6 }} +{{ end }} diff --git a/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-service.yaml b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-service.yaml new file mode 100644 index 0000000000..c1cee90f20 --- /dev/null +++ b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "zeebe.names.gateway" . }} + labels: + {{- include "zeebe.labels.gateway" . | nindent 4 }} + annotations: + {{- toYaml .Values.annotations | nindent 4 }} +spec: + type: {{ .Values.service.type }} + selector: + {{- include "zeebe.labels.gateway" . | nindent 6 }} + ports: + - port: {{ .Values.service.httpPort }} + protocol: TCP + name: {{ default "http" .Values.service.httpName }} + - port: {{ .Values.service.gatewayPort }} + protocol: TCP + name: {{ default "gateway" .Values.service.gatewayName }} diff --git a/charts/ccsm-helm/charts/zeebe/templates/gateway-serviceaccount.yaml b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-serviceaccount.yaml similarity index 69% rename from charts/ccsm-helm/charts/zeebe/templates/gateway-serviceaccount.yaml rename to charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-serviceaccount.yaml index 55645b8e52..738007569f 100644 --- a/charts/ccsm-helm/charts/zeebe/templates/gateway-serviceaccount.yaml +++ b/charts/ccsm-helm/charts/zeebe-gateway/templates/gateway-serviceaccount.yaml @@ -1,11 +1,11 @@ -{{- if .Values.gateway.serviceAccount.enabled -}} +{{- if .Values.serviceAccount.enabled -}} apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "zeebe-gateway.serviceAccountName" . }} labels: {{- include "zeebe.labels.gateway" . | nindent 4 }} - {{- with .Values.gateway.serviceAccount.annotations }} + {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/ccsm-helm/charts/zeebe-gateway/values.yaml b/charts/ccsm-helm/charts/zeebe-gateway/values.yaml new file mode 100644 index 0000000000..915fa19e42 --- /dev/null +++ b/charts/ccsm-helm/charts/zeebe-gateway/values.yaml @@ -0,0 +1,7 @@ +# Default values for zeebe-helm. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: + image: + # global.image.repository overwrites the default repository to the operate image + repository: camunda/zeebe diff --git a/charts/ccsm-helm/charts/zeebe/templates/_helpers.tpl b/charts/ccsm-helm/charts/zeebe/templates/_helpers.tpl index a3726616ca..68b63958dc 100644 --- a/charts/ccsm-helm/charts/zeebe/templates/_helpers.tpl +++ b/charts/ccsm-helm/charts/zeebe/templates/_helpers.tpl @@ -83,13 +83,6 @@ Common names {{- end -}} {{- end -}} -{{/* -Creates a valid DNS name for the gateway -*/}} -{{- define "zeebe.names.gateway" -}} -{{- $name := default .Release.Name (tpl .Values.global.zeebeClusterName .) -}} -{{- printf "%s-gateway" $name | trunc 63 | trimSuffix "-" | quote -}} -{{- end -}} {{/* [zeebe] Create the name of the service account to use */}} @@ -100,14 +93,3 @@ Creates a valid DNS name for the gateway {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} - -{{/* -[zeebe-gateway] Create the name of the service account to use -*/}} -{{- define "zeebe-gateway.serviceAccountName" -}} -{{- if .Values.gateway.serviceAccount.enabled }} -{{- default (include "zeebe-gateway.fullname" .) .Values.gateway.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.gateway.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/ccsm-helm/charts/zeebe/templates/configmap.yaml b/charts/ccsm-helm/charts/zeebe/templates/configmap.yaml index c83ed4f006..43709dbcda 100644 --- a/charts/ccsm-helm/charts/zeebe/templates/configmap.yaml +++ b/charts/ccsm-helm/charts/zeebe/templates/configmap.yaml @@ -20,7 +20,7 @@ data: if [[ -z "${contactPoints}" ]]; then for ((i=0; i<${ZEEBE_BROKER_CLUSTER_CLUSTERSIZE}; i++)) do - contactPoints="${contactPoints},${contactPointPrefix}-$i.$(hostname -d):{{ .Values.serviceInternalPort }}" + contactPoints="${contactPoints},${contactPointPrefix}-$i.$(hostname -d):{{ .Values.service.internalPort }}" done export ZEEBE_BROKER_CLUSTER_INITIALCONTACTPOINTS="${contactPoints}" @@ -46,8 +46,3 @@ data: {{- if .Values.log4j2 }} {{ .Values.log4j2 | indent 4 | trim }} {{- end }} - - gateway-log4j2.xml: | -{{- if .Values.gateway.log4j2 }} - {{ .Values.gateway.log4j2 | indent 4 | trim }} -{{- end }} diff --git a/charts/ccsm-helm/charts/zeebe/templates/gateway-poddisruptionbudget.yaml b/charts/ccsm-helm/charts/zeebe/templates/gateway-poddisruptionbudget.yaml deleted file mode 100644 index 5c0a24f0f9..0000000000 --- a/charts/ccsm-helm/charts/zeebe/templates/gateway-poddisruptionbudget.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{ if .Values.gateway.podDisruptionBudget.enabled }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ printf "%s-gateway" (tpl .Values.global.zeebe .) | quote }} - labels: - {{- include "zeebe.labels.gateway" . | nindent 4 }} -spec: - minAvailable: {{ .Values.gateway.podDisruptionBudget.minAvailable }} - maxUnavailable: {{ .Values.gateway.podDisruptionBudget.maxUnavailable }} - selector: - matchLabels: - {{- include "zeebe.labels.gateway" . | nindent 6 }} -{{ end }} diff --git a/charts/ccsm-helm/charts/zeebe/templates/gateway-service.yaml b/charts/ccsm-helm/charts/zeebe/templates/gateway-service.yaml deleted file mode 100644 index be94afd85e..0000000000 --- a/charts/ccsm-helm/charts/zeebe/templates/gateway-service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "zeebe.names.gateway" . }} - labels: - {{- include "zeebe.labels.gateway" . | nindent 4 }} - annotations: - {{- toYaml .Values.gateway.annotations | nindent 4 }} -spec: - type: {{ .Values.gateway.service.type }} - selector: - {{- include "zeebe.labels.gateway" . | nindent 6 }} - ports: - - port: {{ .Values.gateway.service.httpPort }} - protocol: TCP - name: {{ default "http" .Values.gateway.service.httpName }} - - port: {{ .Values.gateway.service.gatewayPort }} - protocol: TCP - name: {{ default "gateway" .Values.gateway.service.gatewayName }} diff --git a/charts/ccsm-helm/values.yaml b/charts/ccsm-helm/values.yaml index 929b16aa84..3170cedf39 100644 --- a/charts/ccsm-helm/values.yaml +++ b/charts/ccsm-helm/values.yaml @@ -161,76 +161,79 @@ zeebe: # ReadinessProbe.timeoutSeconds defines the seconds after the probe times out timeoutSeconds: 1 - # Gateway configuration to define properties related to the standalone gateway - gateway: - # Gateway.replicas defines how many standalone gateways are deployed - replicas: 1 - # Gateway.podAnnotations can be used to define extra gateway pod annotations - podAnnotations: { } - # Gateway.podLabels can be used to define extra gateway pod labels - podLabels: { } - # Gateway.annotations can be used to define gateway deployment annotations - annotations: { } +# Gateway configuration to define properties related to the standalone gateway +zeebe-gateway: + # Replicas defines how many standalone gateways are deployed + replicas: 1 + # PodAnnotations can be used to define extra gateway pod annotations + podAnnotations: { } + # PodLabels can be used to define extra gateway pod labels + podLabels: { } + # Annotations can be used to define gateway deployment annotations + annotations: { } - # Gateway.logLevel defines the log level which is used by the gateway - logLevel: info - # Gateway.log4j2 can be used to overwrite the log4j2 configuration of the gateway - log4j2: '' + # LogLevel defines the log level which is used by the gateway + logLevel: info + # Log4j2 can be used to overwrite the log4j2 configuration of the gateway + log4j2: '' - # Gateway.env can be used to set extra environment variables in each gateway container - env: [ ] + # Env can be used to set extra environment variables in each gateway container + env: [ ] + + # PodSecurityContext defines the security options the gateway container should be run with + podSecurityContext: { } + # PodDisruptionBudget configuration to configure a pod disruption budget for the gateway pods https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + podDisruptionBudget: + # PodDisruptionBudget.enabled if true a pod disruption budget is defined for the gateways + enabled: false + # PodDisruptionBudget.minAvailable can be used to set how many pods should be available + minAvailable: 1 + # PodDisruptionBudget.maxUnavailable can be used to set how many pods should be at max. unavailable + maxUnavailable: + + # Resources configuration to set request and limit configuration for the container https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits + resources: { } + + # PriorityClassName can be used to define the gateway pods priority https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass + priorityClassName: "" + # NodeSelector can be used to define on which nodes the gateway pods should run + nodeSelector: { } + # Tolerations can be used to define pod toleration's https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + tolerations: [ ] + # Affinity can be used to define pod affinity https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + affinity: { } + + # ExtraVolumeMounts can be used to mount extra volumes for the gateway pods, useful for enabling tls between gateway and broker + extraVolumeMounts: { } + # ExtraVolumes can be used to define extra volumes for the gateway pods, useful for enabling tls between gateway and broker + extraVolumes: { } + + # Service configuration for the gateway service + service: + # Service.type defines the type of the service https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + type: ClusterIP + # Service.httpPort defines the port of the http endpoint, where for example metrics are provided + httpPort: 9600 + # Service.httpName defines the name of the http endpoint, where for example metrics are provided + httpName: "http" + # Service.gatewayPort defines the port of the gateway endpoint, where client commands (grpc) are sent to + gatewayPort: 26500 + # Service.gatewayName defines the name of the gateway endpoint, where client commands (grpc) are sent to + gatewayName: "gateway" + # Service.internalPort defines the port of the internal api endpoint, which is used for internal communication + internalPort: 26502 + # Service.internalName defines the name of the internal api endpoint, which is used for internal communication + internalName: "internal" + + # ServiceAccount configuration for the service account where the gateway pods are assigned to + serviceAccount: + # ServiceAccount.enabled if true, enables the gateway service account + enabled: true + # ServiceAccount.name can be used to set the name of the gateway service account + name: "" + # ServiceAccount.annotations can be used to set the annotations of the gateway service account + annotations: { } - # Gateway.podDisruptionBudget configuration to configure a pod disruption budget for the gateway pods https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - podDisruptionBudget: - # Gateway.podDisruptionBudget.enabled if true a pod disruption budget is defined for the gateways - enabled: false - # Gateway.podDisruptionBudget.minAvailable can be used to set how many pods should be available - minAvailable: 1 - # Gateway.PodDisruptionBudget.maxUnavailable can be used to set how many pods should be at max. unavailable - maxUnavailable: - - # Gateway.resources configuration to set request and limit configuration for the container https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits - resources: { } - - # Gateway.priorityClassName can be used to define the gateway pods priority https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass - priorityClassName: "" - # Gateway.nodeSelector can be used to define on which nodes the gateway pods should run - nodeSelector: { } - # Gateway.tolerations can be used to define pod toleration's https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - tolerations: [ ] - # Gateway.affinity can be used to define pod affinity https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity - affinity: { } - - # Gateway.extraVolumeMounts can be used to mount extra volumes for the gateway pods, useful for enabling tls between gateway and broker - extraVolumeMounts: { } - # Gateway.extraVolumes can be used to define extra volumes for the gateway pods, useful for enabling tls between gateway and broker - extraVolumes: { } - - # Gateway.service configuration for the gateway service - service: - # Gateway.service.type defines the type of the service https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types - type: ClusterIP - # Gateway.Service.httpPort defines the port of the http endpoint, where for example metrics are provided - httpPort: 9600 - # Gateway.Service.httpName defines the name of the http endpoint, where for example metrics are provided - httpName: "http" - # Gateway.Service.gatewayPort defines the port of the gateway endpoint, where client commands (grpc) are sent to - gatewayPort: 26500 - # Gateway.Service.gatewayName defines the name of the gateway endpoint, where client commands (grpc) are sent to - gatewayName: "gateway" - # Gateway.Service.internalPort defines the port of the internal api endpoint, which is used for internal communication - internalPort: 26502 - # Gateway.Service.internalName defines the name of the internal api endpoint, which is used for internal communication - internalName: "internal" - - # Gateway.serviceAccount configuration for the service account where the gateway pods are assigned to - serviceAccount: - # Gateway.serviceAccount.enabled if true, enables the gateway service account - enabled: true - # Gateway.serviceAccount.name can be used to set the name of the gateway service account - name: "" - # Gateway.serviceAccount.annotations can be used to set the annotations of the gateway service account - annotations: { } # Operate configuration for the operate sub chart. operate: