diff --git a/.helmignore b/.helmignore new file mode 100644 index 0000000..c13e3c8 --- /dev/null +++ b/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj \ No newline at end of file diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 39c9824..0d27481 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -1,26 +1,107 @@ -{{- if .Values.ingress.enabled }} -1. Map ingress Address to Application URL's in /etc/hosts. -2. Application URL's: -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} +*** Configuration Summary *** + +Name Override: + {{ default "[no name override; using generated name]" .Values.nameOverride }} +Full Name Override: + {{ default "[no full name override; using generated full name]" .Values.fullnameOverride }} + +Image Used: + {{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }} + +Service Account: +{{- if .Values.serviceAccount.create }} + {{ default "[account name will be generated]" .Values.serviceAccount.name }} +{{- else }} + [no service account used] {{- end }} -{{ else }} -1. Get the application URL by running these commands: -{{- if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "optimizely-agent.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "optimizely-agent.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "optimizely-agent.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT + +Replica Count: {{ .Values.replicaCount }} + +Auto-Scaling: +{{- if .Values.autoscaling.enabled }} + Replicas between {{ .Values.autoscaling.minReplicas }} to {{ .Values.autoscaling.maxReplicas }} + Target CPU at {{ .Values.autoscaling.targetCPUUtilizationPercentage }}% + Target Memory at {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}% +{{- else }} + [auto-scaling is disabled] {{- end }} + +Node Selector: + {{ default "[no node selectors applied]" .Values.nodeSelector }} + +Node Affinity: + {{ default "[no node affinity applied]" .Values.affinity }} + +Node Tolerations: +{{- if .Values.tolerations }} + {{- range $toleration := .Values.tolerations }} + Key: {{ $toleration.key }} + Operator: {{ $toleration.operator }} + Effect: {{ $toleration.effect }} + {{- end }} +{{- else }} + [no node tolarations applied] {{- end }} + +Pod Annotations Applied: + {{ default "[no annotations applied]" .Values.podAnnotations }} + +Pod Security Context: + {{ default "[no pod security context applied]" .Values.podSecurityContext }} + +Container Security Context: + {{ default "[no container security context applied]" .Values.securityContext }} + +Network Service: + Type: {{ .Values.service.type }} + Ports: + {{- range $port := .Values.service.ports }} + {{ $port.name }}: {{ $port.targetPort }} [internal] <== {{ $port.port }} [external] + {{- end }} + +Network Ingress: + {{- if .Values.ingress.enabled }} + Application URLs: + {{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} + {{- end }} + Ingress Annotations: + {{ default "[no ingress annotations applied]" .Values.ingress.annotations }} + {{- else }} + Run the following in a *nix terminal to access the running + {{- if contains "NodePort" .Values.service.type }} + {{- " NodePort service endpoint" }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "optimizely-agent.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT + {{- else if contains "LoadBalancer" .Values.service.type }} + {{- " LoadBalancer service endpoint" }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "optimizely-agent.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} + {{- else if contains "ClusterIP" .Values.service.type }} + {{- " ClusterIP service IP address" }} + export CLUSTER_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} -o jsonpath='{.spec.clusterIP}') + echo http://$CLUSTER_IP:8080 + {{- end }} + {{- end }} + +Resources: + {{ default "[no resources declarations applied]" .Values.resources }} + +Logging: + Level set to {{ .Values.logs.level | upper }} with friendly formatting {{ if $.Values.logs.pretty }}ON{{ else }}OFF{{ end }}. + SDK Key WILL {{- if not .Values.logs.includeSdkKey }} NOT {{- end }} be included in logs. + +Environment Variables: + {{ default "[no environment variables applied]" .Values.env.variables }} + +Secrets: +{{- if .Values.env.secrets }} + *** Secrets were applied *** +{{- else }} + [no secrets applied] +{{- end }} \ No newline at end of file diff --git a/values.yaml b/values.yaml index be28295..0db905e 100644 --- a/values.yaml +++ b/values.yaml @@ -1,31 +1,71 @@ -# Default values for optimizely-agent. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. +# These are the default values for running Optimizely Agent in Kubernetes. -replicaCount: 2 +# Copy this file. Then, install Agent into your K8s cluster using the `-f`ile flag eg +# `helm install -f <./path-to/your-custom-values.yaml> optimizely-agent/agent --version ` + +################# + +# Use name overrides to adjust the name of this Chart [optional] and/or... +nameOverride: "" +# overriding the fully qualified name [optional] of the app once deployed +fullnameOverride: "" image: + # Use `optimizely/agent` unless you have a specific usecase; Pulls from https://hub.docker.com/r/optimizely/agent repository: optimizely/agent + # If you wish to use a specific image tag set that here (https://kubernetes.io/docs/concepts/containers/images/#image-names) + tag: "" + # Use `IfNotPresent` to get the image if not available locally. Alternatives (https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) pullPolicy: IfNotPresent -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" +# Set image pull secrets if you use a private container registry (https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) +imagePullSecrets: [] # 👈 Remember: remove the empty object `[]` and place collection values indented on the next lines serviceAccount: - # Specifies whether a service account should be created + # Specifies whether a service account (https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template + # The name of the service account to use. If not set and `create` is true, a name is generated using the fullname template [optional] name: "" + # Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account [optional] + annotations: {} # 👈 Remember: remove the empty object `{}` and place sub-properties indented on the next lines + +# Set the number of replica pods to run >= 1. +# For dynamic load balancing use the autoscaling section below. +replicaCount: 1 + +# Configure how auto-scaling of pod counts should occur +autoscaling: + # First, set `enabled` to `true` then... + enabled: false + # ...configure the following values to meet your traffic requirements [consumed in the hpa.yaml for HorizontalPodAutoscaler when enabled] + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 +# Constrain pods to be scheduled on a particular node with a given spec (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) [optional] +nodeSelector: {} + +# Set expanded types of constraints for scheduling on nodes (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) [optional] +affinity: {} + +# Set pod toleration of given taints on the node (https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) [optional] +tolerations: [] + # - key: "example-key-1" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "example-key-2" + # operator: "Exists" + # effect: "NoSchedule" + +# Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to each pod [optional] podAnnotations: {} +# Pod-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) [optional] podSecurityContext: {} # fsGroup: 2000 +# Container-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) [optional] securityContext: {} # capabilities: # drop: @@ -34,16 +74,13 @@ securityContext: {} # runAsNonRoot: true # runAsUser: 1000 -env: - variables: {} - # OPTIMIZELY_SDKKEYS: sdk_keys - # OPTIMIZELY_CLIENT_FLUSHINTERVAL: flush_interval - secrets: {} - # OPTIMIZELY_ADMIN_AUTH_HMACSECRETS: hmac_secrets - # OPTIMIZELY_API_AUTH_HMACSECRETS: hmac_secrets - +# Service configuration for exposing pods to network traffic (https://kubernetes.io/docs/concepts/services-networking/service/) service: + # `ClusterIP` is default allowing access only from within the cluster. Change the `type` based on your network's + # requirements (https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) type: ClusterIP + # These are the 3 ports on which the Agent's functinoality is exposed. + # Please do not adjust the `targetPort`s. You may adjust the external port as you need. ports: - port: 8080 protocol: TCP @@ -58,8 +95,11 @@ service: name: admin targetPort: 8088 +# Allow for exposing inbound traffic to the cluster (https://kubernetes.io/docs/concepts/services-networking/ingress/) ingress: + # Set `enabled` to `true` then ... enabled: false + # .. uncomment the following lines and configure the ingress values below # annotations: {} # hosts: # - host: api.optimizely-agent.local @@ -77,35 +117,33 @@ ingress: # - port: 8088 # path: / # pathType: Prefix + # Set any TLS configurations in a collection below (https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) # tls: [] -resources: {} # set your own resources - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - # - key: "key1" - # operator: "Equal" - # value: "value1" - # effect: "NoSchedule" - - -affinity: {} +# Set custom Container (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#example-1) compute resources [optional] +resources: {} +# Configure logging level for Optimizely-specific `config` below logs: + # Set `level` to panic, fatal, error, warn, info, or debug level: debug pretty: true includeSdkKey: true -# -- Config file contents -# @default -- See https://github.com/optimizely/agent/blob/master/config.yaml +# Environmental values for... +env: + # The ConfigMap (https://kubernetes.io/docs/concepts/configuration/configmap/) to store non-confidential data in key-value pairs + # Alternatively or in addition, you can use a `config` section below (https://github.com/optimizely/agent#configuration-options) + variables: {} + # OPTIMIZELY_SDKKEYS: sdk_keys + # OPTIMIZELY_CLIENT_FLUSHINTERVAL: flush_interval + # ...the Secrets configuration. Be sure to follow the proper encoding for the `data` field (https://kubernetes.io/docs/concepts/configuration/secret/#editing-a-secret) + secrets: {} + # OPTIMIZELY_ADMIN_AUTH_HMACSECRETS: hmac_secrets + # OPTIMIZELY_API_AUTH_HMACSECRETS: hmac_secrets + +# Config file contents (https://github.com/optimizely/agent/blob/master/config.yaml) to be consumed by Agent directly as a +# scalar value after Helm template interpretation config: | ## config.yaml provides a default set of configuration options