Permalink
Browse files

Sentry chart (#1226)

* initial sentry

* missing valueFrom

* added cron and worker deployments

* Added some metadata

* Initial ingress support

* add initial smtp support and volume persistence

* Fixed deployment names (duh)

* Fix ENV and remove liveliness/rediness

* Hard code sentry db and user name until I can figure it out

* Fixed postgresql values

* Add database initialization job

* Add user creation hook

* Add user configuration to values

* Added smtp support, various other options/fixes

* Add resource limits, health check, and random password

* Fix login url and command to show generated password

* Add README and set sane default values

* Clarify using the --wait flag in README

* Consistent labels and component names

* Move sentry to stable folder

* Updated name to github username
  • Loading branch information...
rothgar authored and seanknox committed Jun 15, 2017
1 parent 70dccf7 commit cb0060835763bcdd68fb080ab4799f36a1033fa1
View
@@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
View
@@ -0,0 +1,14 @@
apiVersion: v1
description: Sentry is a cross-platform crash reporting and aggregation platform.
name: sentry
version: 0.1.0
keywords:
- debugging
- logging
sources:
- https://github.com/getsentry/sentry
home: https://sentry.io/
icon: https://a0wx592cvgzripj.global.ssl.fastly.net/_static/6571516f8aed42e4172c9c439ba814c6/getsentry/images/branding/png/sentry-glyph-black.png
maintainers:
- name: rothgar
email: justin@linux.com
View
@@ -0,0 +1,111 @@
# Sentry
[Sentry](https://sentry.io/) is a cross-platform crash reporting and aggregation platform.
## TL;DR;
```console
$ helm install --wait incubator/sentry
```
## Introduction
This chart bootstraps a [Sentry](https://sentry.io/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
It also packages the [PostgreSQL](https://github.com/kubernetes/charts/tree/master/stable/postgresql) and [Redis](https://github.com/kubernetes/charts/tree/master/stable/redis) which are required for Sentry.
> **Warning**: This chart does not yet allow for you to specify your own database host or redis host.
## Prerequisites
- Kubernetes 1.4+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure (with persistence storage enabled)
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm install --name my-release --wait incubator/sentry
```
> **Note**: We have to use the --wait flag for initial creation because the database creationg takes longer than the default 300 seconds
The command deploys Sentry on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
> **Warning**: Jobs are not deleted automatically. They need to be manually deleted
```consule
$ helm delete job/sentry-db-init job/sentry-user-create
```
## Configuration
The following tables lists the configurable parameters of the Sentry chart and their default values.
| Parameter | Description | Default |
| ------------------------------- | ------------------------------- | ---------------------------------------------------------- |
| `image.repository` | Sentry image | `library/sentry:{VERSION}` |
| `image.tag` | Sentry image tag | `8.17` |
| `imagePullPolicy` | Image pull policy | `IfNotPresent` |
| `web.replicacount` | Amount of web pods to run | `1` |
| `user.email` | Username for default admin | `admin@sentry.local` |
| `email.from_address` | Email notifications are from | `smtp` |
| `email.host` | SMTP host for sending email | `smtp` |
| `email.port` | SMTP port | `25` |
| `email.user` | SMTP user | `nil` |
| `email.password` | SMTP password | `nil` |
| `email.use_tls` | SMTP TLS for security | `false` |
| `email.enable_replies` | Allow email replies | `false` |
| `service.type` | Kubernetes service type | `LoadBalancer` |
| `service.name` | Kubernetes service name | `sentry` |
| `service.name` | Kubernetes service name | `sentry` |
| `service.externalPort` | Kubernetes external service port | `9000` |
| `service.internalPort` | Kubernetes internal service port | `9000` |
| `ingress.enabled` | Enable ingress controller resource | `false` |
| `ingress.hostname` | URL to address your Sentry installation | `sentry.local` |
| `ingress.tls` | Ingress TLS configuration | `[]` |
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.storageClass` | PVC Storage Class | `nil` (uses alpha storage class annotation) |
| `persistence.accessMode` | PVC Access Mode | `ReadWriteOnce` |
| `persistence.size` | PVC Storage Request | `10Gi` | |
Dependent charts can also have values overwritten. Preface values with postgresql.* or redis.*
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install --name my-release \
--set persistence.enabled=false,email.host=email \
incubator/sentry
```
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
```console
$ helm install --name my-release -f values.yaml incubator/sentry
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Persistence
The [Sentry](https://github.com/getsentry/docker-sentry) image stores the Sentry data at the `/var/lib/sentry/files` path of the container.
Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube.
See the [Configuration](#configuration) section to configure the PVC or to disable persistence.
## Ingress
This chart provides support for Ingress resource. If you have available an Ingress Controller such as Nginx or Traefik you maybe want to set up `ingress.enabled` to true and choose a `ingress.hostname` for the URL. Then, you should be able to access the installation using that address.
@@ -0,0 +1,17 @@
dependencies:
- condition: ""
enabled: false
import-values: null
name: postgresql
repository: https://kubernetes-charts.storage.googleapis.com/
tags: null
version: 0.7.1
- condition: ""
enabled: false
import-values: null
name: redis
repository: https://kubernetes-charts.storage.googleapis.com/
tags: null
version: 0.6.0
digest: sha256:dbaa80dbd8326dc559176f3bb5c97723b5a9c6378cd5b01fe3d0787825de9bac
generated: 2017-06-05T06:21:22.946750149Z
@@ -0,0 +1,7 @@
dependencies:
- name: postgresql
version: 0.7.1
repository: https://kubernetes-charts.storage.googleapis.com/
- name: redis
version: 0.6.0
repository: https://kubernetes-charts.storage.googleapis.com/
@@ -0,0 +1,21 @@
1. Get the application URL by running these commands:
{{- if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT/auth/login/sentry
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ template "fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:{{ .Values.service.externalPort }}
{{- end }}
2. Log in with
USER: {{ .Values.user.email }}
Get login password with
kubectl get secret --namespace {{ .Release.Namespace }} {{ template "fullname" . }} -o jsonpath="{.data.user-password}" | base64 --decode
@@ -0,0 +1,30 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "postgresql.fullname" -}}
{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "redis.fullname" -}}
{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "smtp.fullname" -}}
{{- printf "%s-%s" .Release.Name "smtp" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
@@ -0,0 +1,66 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "fullname" . }}-cron
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: {{ .Values.cron.replicacount }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
release: "{{ .Release.Name }}"
role: cron
spec:
containers:
- name: {{ .Chart.Name }}-cron
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
args: ["run", "cron"]
ports:
- containerPort: {{ .Values.service.internalPort }}
env:
- name: SENTRY_SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}
key: sentry-secret
- name: SENTRY_DB_USER
value: {{ default "sentry" .Values.postgresUser | quote }}
- name: SENTRY_DB_NAME
value: {{ default "sentry" .Values.postgresDatabase | quote }}
- name: SENTRY_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "postgresql.fullname" . }}
key: postgres-password
- name: SENTRY_POSTGRES_HOST
value: {{ template "postgresql.fullname" .}}
- name: SENTRY_POSTRGES_PORT
value: "5432"
- name: SENTRY_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.fullname" . }}
key: redis-password
- name: SENTRY_REDIS_HOST
value: {{ template "redis.fullname" .}}
- name: SENTRY_REDIS_PORT
value: "6379"
- name: SENTRY_EMAIL_HOST
value: {{ default "" .Values.email.host | quote }}
- name: SENTRY_EMAIL_PORT
value: {{ default "" .Values.email.port | quote }}
- name: SENTRY_EMAIL_USER
value: {{ default "" .Values.email.user | quote }}
- name: SENTRY_EMAIL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}
key: smtp-password
resources:
{{ toYaml .Values.cron.resources | indent 12 }}
@@ -0,0 +1,67 @@
# https://docs.sentry.io/server/installation/docker/#running-migrations
apiVersion: batch/v1
kind: Job
metadata:
name: "{{.Release.Name}}-db-init"
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
# This is what defines this resource as a hook. Without this line, the
# job is considered part of the release.
"helm.sh/hook": post-install
"helm.sh/hook-weight": "-5"
spec:
template:
metadata:
name: "{{.Release.Name}}-db-init"
labels:
app: {{ template "fullname" . }}
release: "{{ .Release.Name }}"
spec:
restartPolicy: Never
containers:
- name: db-init-job
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command: ["sentry","upgrade","--noinput"]
env:
- name: SENTRY_SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}
key: sentry-secret
- name: SENTRY_DB_USER
value: {{ default "sentry" .Values.postgresUser | quote }}
- name: SENTRY_DB_NAME
value: {{ default "sentry" .Values.postgresDatabase | quote }}
- name: SENTRY_DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "postgresql.fullname" . }}
key: postgres-password
- name: SENTRY_POSTGRES_HOST
value: {{ template "postgresql.fullname" .}}
- name: SENTRY_POSTRGES_PORT
value: "5432"
- name: SENTRY_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.fullname" . }}
key: redis-password
- name: SENTRY_REDIS_HOST
value: {{ template "redis.fullname" .}}
- name: SENTRY_REDIS_PORT
value: "6379"
- name: SENTRY_EMAIL_HOST
value: {{ default "" .Values.smtpHost | quote }}
- name: SENTRY_EMAIL_PORT
value: {{ default "" .Values.smtpPort | quote }}
- name: SENTRY_EMAIL_USER
value: {{ default "" .Values.smtpUser | quote }}
- name: SENTRY_EMAIL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}
key: smtp-password
Oops, something went wrong.

0 comments on commit cb00608

Please sign in to comment.