From 5cabf68e0e6b273a2ce4f90823197ab4baad1344 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Thu, 23 Jun 2022 11:56:40 -0400 Subject: [PATCH 01/16] WIP: internal documentation for values.yaml --- values.yaml | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/values.yaml b/values.yaml index be28295..5d7180c 100644 --- a/values.yaml +++ b/values.yaml @@ -1,31 +1,44 @@ -# Default values for optimizely-agent. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. +# These are the default values for running Optimizely Agent in Kubernetes. +# Copy this file renaming it. Then, install Agent into your K8s cluster using the `-f`iles flag eg +# `helm install -f <./path-to/your-custom-values.yaml> optimizely-agent/agent --version ` + +################# + +# Initial number of replica pods to run. We recommend a minimum of 2 replicas. replicaCount: 2 image: + # Use `optimizely/agent` unless you have a specific usecase; Pulls from https://hub.docker.com/r/optimizely/agent repository: optimizely/agent + # Use `IfNotPresent` to get the image if not available locally. Alternatives (https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) pullPolicy: IfNotPresent +# TODO: Do we need to confuse with implementors by adding this? (https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) +# Would a client be pulling an out-of-band image from a private container registry? imagePullSecrets: [] + +# Use name overrides to adjust the name of this Chart [optional] and/or... nameOverride: "" +# overriding the fully qualified name [optional] of the app once deployed fullnameOverride: "" serviceAccount: - # Specifies whether a service account should be created + # Specifies whether a service account (https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template + # Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account [optional] + annotations: {} # 👈 Remember: remove the empty object `{}` and place sub-properties indented on the next lines + # The name of the service account to use. If not set and `create` is true, a name is generated using the fullname template [optional] name: "" +# Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to each pod [optional] podAnnotations: {} + +# Pod-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) podSecurityContext: {} # fsGroup: 2000 - +# Container-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) securityContext: {} # capabilities: # drop: @@ -34,14 +47,18 @@ securityContext: {} # runAsNonRoot: true # runAsUser: 1000 +# Environmental values used to fill... env: + # ...the ConfigMap (https://kubernetes.io/docs/concepts/configuration/configmap/) to store non-confidential data in key-value pairs variables: {} # OPTIMIZELY_SDKKEYS: sdk_keys # OPTIMIZELY_CLIENT_FLUSHINTERVAL: flush_interval + # ...the Secrets configuration. Be sure to follow the proper encoding for the `data` field (https://kubernetes.io/docs/concepts/configuration/secret/#editing-a-secret) secrets: {} # OPTIMIZELY_ADMIN_AUTH_HMACSECRETS: hmac_secrets # OPTIMIZELY_API_AUTH_HMACSECRETS: hmac_secrets + service: type: ClusterIP ports: From d3875409e2b60a22bf51505768f873e647ae4334 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Thu, 23 Jun 2022 13:49:33 -0400 Subject: [PATCH 02/16] WIP: pause unplanned work :-( --- values.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/values.yaml b/values.yaml index 5d7180c..8c9c7ac 100644 --- a/values.yaml +++ b/values.yaml @@ -58,9 +58,12 @@ env: # OPTIMIZELY_ADMIN_AUTH_HMACSECRETS: hmac_secrets # OPTIMIZELY_API_AUTH_HMACSECRETS: hmac_secrets - +# Service configuration for exposing pods to network traffic (https://kubernetes.io/docs/concepts/services-networking/service/) service: + # `ClusterIP` is default allowing access using the K8s' cluster IP address on the network. Change the `type` based on your network's + # requirements (https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) type: ClusterIP + # These are 3 ports on which the Agent's functinoality is exposed. Please do not adjust the `targetPort`s. You may adjust the external port as you need. ports: - port: 8080 protocol: TCP @@ -75,6 +78,7 @@ service: name: admin targetPort: 8088 + ingress: enabled: false # annotations: {} From a6f6a02a9d1c5c4ba35718f163e2b5155ad47a9b Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Fri, 24 Jun 2022 09:58:01 -0400 Subject: [PATCH 03/16] Finished internal documentation of values.yaml --- values.yaml | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/values.yaml b/values.yaml index 8c9c7ac..6863eaa 100644 --- a/values.yaml +++ b/values.yaml @@ -1,6 +1,6 @@ # These are the default values for running Optimizely Agent in Kubernetes. -# Copy this file renaming it. Then, install Agent into your K8s cluster using the `-f`iles flag eg +# Copy this file and rename it. Then, install Agent into your K8s cluster using the `-f`iles flag eg # `helm install -f <./path-to/your-custom-values.yaml> optimizely-agent/agent --version ` ################# @@ -63,7 +63,8 @@ service: # `ClusterIP` is default allowing access using the K8s' cluster IP address on the network. Change the `type` based on your network's # requirements (https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) type: ClusterIP - # These are 3 ports on which the Agent's functinoality is exposed. Please do not adjust the `targetPort`s. You may adjust the external port as you need. + # These are the 3 ports on which the Agent's functinoality is exposed. + # Please do not adjust the `targetPort`s. You may adjust the external port as you need. ports: - port: 8080 protocol: TCP @@ -78,9 +79,11 @@ service: name: admin targetPort: 8088 - +# Allow for exposing inbound traffic to the cluster (https://kubernetes.io/docs/concepts/services-networking/ingress/) ingress: + # Set `enabled` to `true` then ... enabled: false + # .. uncomment the following lines and configure the ingress values below # annotations: {} # hosts: # - host: api.optimizely-agent.local @@ -98,35 +101,45 @@ ingress: # - port: 8088 # path: / # pathType: Prefix + # TODO: Can we provide examples of what values should be added in this collection? I can't tell from looking at the `ingress.yaml` + # (https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) # tls: [] -resources: {} # set your own resources +# Set custom Container (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#example-1) compute resources +resources: {} +# Configure how auto-scaling of pod counts should occur autoscaling: + # First, set `enabled` to `true` then... enabled: false + # ...configure the following values to meet your traffic requirements [consumed in the hpa.yaml for HorizontalPodAutoscaler when enabled] minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 +# Constrain pods to be scheduled on a particular node with a given spec (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) +# TODO: can we add some commented examples? nodeSelector: {} +# Set expanded types of constraints for scheduling on nodes (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) +affinity: {} + +# Set pod toleration of given taints on the node (https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) tolerations: [] - # - key: "key1" - # operator: "Equal" - # value: "value1" + # - key: "example-key" + # operator: "Exists" # effect: "NoSchedule" - -affinity: {} - +# Configure logging level for Optimizely-specific `config` below logs: + # Set `level` to panic, fatal, error, warn, info, or debug level: debug pretty: true includeSdkKey: true -# -- Config file contents -# @default -- See https://github.com/optimizely/agent/blob/master/config.yaml +# Config file contents (https://github.com/optimizely/agent/blob/master/config.yaml) to be consumed by Agent directly as a +# scalar value after Helm template interpretation config: | ## config.yaml provides a default set of configuration options From 7673eb3e8cb430082d80237be4c8650c6c316105 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 28 Jun 2022 14:31:58 -0400 Subject: [PATCH 04/16] Refactor; correct notes --- values.yaml | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/values.yaml b/values.yaml index 6863eaa..94e568e 100644 --- a/values.yaml +++ b/values.yaml @@ -5,8 +5,10 @@ ################# -# Initial number of replica pods to run. We recommend a minimum of 2 replicas. -replicaCount: 2 +# Use name overrides to adjust the name of this Chart [optional] and/or... +nameOverride: "" +# overriding the fully qualified name [optional] of the app once deployed +fullnameOverride: "" image: # Use `optimizely/agent` unless you have a specific usecase; Pulls from https://hub.docker.com/r/optimizely/agent @@ -14,15 +16,10 @@ image: # Use `IfNotPresent` to get the image if not available locally. Alternatives (https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) pullPolicy: IfNotPresent -# TODO: Do we need to confuse with implementors by adding this? (https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) -# Would a client be pulling an out-of-band image from a private container registry? +# TODO: Would a client be pulling an out-of-band Agent image from a private container registry? +# (https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) imagePullSecrets: [] -# Use name overrides to adjust the name of this Chart [optional] and/or... -nameOverride: "" -# overriding the fully qualified name [optional] of the app once deployed -fullnameOverride: "" - serviceAccount: # Specifies whether a service account (https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created create: true @@ -31,10 +28,12 @@ serviceAccount: # The name of the service account to use. If not set and `create` is true, a name is generated using the fullname template [optional] name: "" +# Initial number of replica pods to run. We recommend a minimum of 2 replicas. +replicaCount: 2 + # Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to each pod [optional] podAnnotations: {} - # Pod-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) podSecurityContext: {} # fsGroup: 2000 @@ -60,7 +59,7 @@ env: # Service configuration for exposing pods to network traffic (https://kubernetes.io/docs/concepts/services-networking/service/) service: - # `ClusterIP` is default allowing access using the K8s' cluster IP address on the network. Change the `type` based on your network's + # `ClusterIP` is default allowing access only from within the cluster. Change the `type` based on your network's # requirements (https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) type: ClusterIP # These are the 3 ports on which the Agent's functinoality is exposed. @@ -101,7 +100,7 @@ ingress: # - port: 8088 # path: / # pathType: Prefix - # TODO: Can we provide examples of what values should be added in this collection? I can't tell from looking at the `ingress.yaml` + # TODO: Can we provide examples of what values should be added in TLS collection? It's unclear from the `ingress.yaml` # (https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) # tls: [] @@ -119,7 +118,7 @@ autoscaling: targetMemoryUtilizationPercentage: 80 # Constrain pods to be scheduled on a particular node with a given spec (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) -# TODO: can we add some commented examples? +# TODO: add commented examples? nodeSelector: {} # Set expanded types of constraints for scheduling on nodes (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) From 31cbbf58e3c9013436c39f64cbfbaec8f80efca8 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 28 Jun 2022 14:32:15 -0400 Subject: [PATCH 05/16] WIP: adding NOTES.txt to this branch --- templates/NOTES.txt | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 39c9824..d2f957b 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -1,3 +1,36 @@ +*** Configuration Summary *** + +Name Override: {{ .Values.nameOverride }} +Full Name Override: {{ .Values.fullnameOverride }} + +Replica Count: {{ .Values.replicaCount }} + +Service Account: +{{- if .Values.serviceAccount.create }} + {{ .Values.serviceAccount.name }} +{{- else }} + [no service account used] +{{- end }} + +Pod Annotations Applied: + {{ default "[no annotations applied]" .Values.podAnnotations }} + +Pod Security Context: + {{ default "[no pod security context applied]" .Values.podSecurityContext }} + +Container Security Context: + {{ default "[no container security context applied]" .Values.securityContext }} + +Environment Variables: + {{ default "[no environment variables applied]" .Values.env.variables }} + +Secrets: +{{- if .Values.env.secrets }} + *** Secrets were applied *** +{{- else }} + [no secrets applied] +{{- end }} + {{- if .Values.ingress.enabled }} 1. Map ingress Address to Application URL's in /etc/hosts. 2. Application URL's: From c6261a1bb06e2297ceae607ab13dd945ecf8be6b Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 28 Jun 2022 14:50:11 -0400 Subject: [PATCH 06/16] Applying code review suggestions --- values.yaml | 92 ++++++++++++++++++++++++++--------------------------- 1 file changed, 46 insertions(+), 46 deletions(-) diff --git a/values.yaml b/values.yaml index 94e568e..827f532 100644 --- a/values.yaml +++ b/values.yaml @@ -1,6 +1,6 @@ # These are the default values for running Optimizely Agent in Kubernetes. -# Copy this file and rename it. Then, install Agent into your K8s cluster using the `-f`iles flag eg +# Copy this file. Then, install Agent into your K8s cluster using the `-f`ile flag eg # `helm install -f <./path-to/your-custom-values.yaml> optimizely-agent/agent --version ` ################# @@ -16,28 +16,51 @@ image: # Use `IfNotPresent` to get the image if not available locally. Alternatives (https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) pullPolicy: IfNotPresent -# TODO: Would a client be pulling an out-of-band Agent image from a private container registry? -# (https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) +# Set image pull secrets if you use a private container registry (https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) imagePullSecrets: [] serviceAccount: # Specifies whether a service account (https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created create: true - # Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account [optional] - annotations: {} # 👈 Remember: remove the empty object `{}` and place sub-properties indented on the next lines # The name of the service account to use. If not set and `create` is true, a name is generated using the fullname template [optional] name: "" + # Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to the service account [optional] + annotations: {} # 👈 Remember: remove the empty object `{}` and place sub-properties indented on the next lines + +# Set the number of replica pods to run >= 1. +# For dynamic load balancing use the autoscaling section below. +replicaCount: 1 + +# Configure how auto-scaling of pod counts should occur +autoscaling: + # First, set `enabled` to `true` then... + enabled: false + # ...configure the following values to meet your traffic requirements [consumed in the hpa.yaml for HorizontalPodAutoscaler when enabled] + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 -# Initial number of replica pods to run. We recommend a minimum of 2 replicas. -replicaCount: 2 +# Constrain pods to be scheduled on a particular node with a given spec (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) [optional] +nodeSelector: {} + +# Set expanded types of constraints for scheduling on nodes (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) [optional] +affinity: {} + +# Set pod toleration of given taints on the node (https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) [optional] +tolerations: [] + # - key: "example-key" + # operator: "Exists" + # effect: "NoSchedule" # Annotations (https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) to add to each pod [optional] podAnnotations: {} -# Pod-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) +# Pod-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) [optional] podSecurityContext: {} # fsGroup: 2000 -# Container-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) + +# Container-level security context (https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) [optional] securityContext: {} # capabilities: # drop: @@ -46,17 +69,6 @@ securityContext: {} # runAsNonRoot: true # runAsUser: 1000 -# Environmental values used to fill... -env: - # ...the ConfigMap (https://kubernetes.io/docs/concepts/configuration/configmap/) to store non-confidential data in key-value pairs - variables: {} - # OPTIMIZELY_SDKKEYS: sdk_keys - # OPTIMIZELY_CLIENT_FLUSHINTERVAL: flush_interval - # ...the Secrets configuration. Be sure to follow the proper encoding for the `data` field (https://kubernetes.io/docs/concepts/configuration/secret/#editing-a-secret) - secrets: {} - # OPTIMIZELY_ADMIN_AUTH_HMACSECRETS: hmac_secrets - # OPTIMIZELY_API_AUTH_HMACSECRETS: hmac_secrets - # Service configuration for exposing pods to network traffic (https://kubernetes.io/docs/concepts/services-networking/service/) service: # `ClusterIP` is default allowing access only from within the cluster. Change the `type` based on your network's @@ -100,36 +112,12 @@ ingress: # - port: 8088 # path: / # pathType: Prefix - # TODO: Can we provide examples of what values should be added in TLS collection? It's unclear from the `ingress.yaml` - # (https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) + # Set any TLS configurations in a collection below (https://kubernetes.io/docs/concepts/services-networking/ingress/#tls) # tls: [] -# Set custom Container (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#example-1) compute resources +# Set custom Container (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#example-1) compute resources [optional] resources: {} -# Configure how auto-scaling of pod counts should occur -autoscaling: - # First, set `enabled` to `true` then... - enabled: false - # ...configure the following values to meet your traffic requirements [consumed in the hpa.yaml for HorizontalPodAutoscaler when enabled] - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 - -# Constrain pods to be scheduled on a particular node with a given spec (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) -# TODO: add commented examples? -nodeSelector: {} - -# Set expanded types of constraints for scheduling on nodes (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) -affinity: {} - -# Set pod toleration of given taints on the node (https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) -tolerations: [] - # - key: "example-key" - # operator: "Exists" - # effect: "NoSchedule" - # Configure logging level for Optimizely-specific `config` below logs: # Set `level` to panic, fatal, error, warn, info, or debug @@ -137,6 +125,18 @@ logs: pretty: true includeSdkKey: true +# Environmental values for... +env: + # The ConfigMap (https://kubernetes.io/docs/concepts/configuration/configmap/) to store non-confidential data in key-value pairs + # Alternatively or in addition, you can use a `config` section below (https://github.com/optimizely/agent#configuration-options) + variables: {} + # OPTIMIZELY_SDKKEYS: sdk_keys + # OPTIMIZELY_CLIENT_FLUSHINTERVAL: flush_interval + # ...the Secrets configuration. Be sure to follow the proper encoding for the `data` field (https://kubernetes.io/docs/concepts/configuration/secret/#editing-a-secret) + secrets: {} + # OPTIMIZELY_ADMIN_AUTH_HMACSECRETS: hmac_secrets + # OPTIMIZELY_API_AUTH_HMACSECRETS: hmac_secrets + # Config file contents (https://github.com/optimizely/agent/blob/master/config.yaml) to be consumed by Agent directly as a # scalar value after Helm template interpretation config: | From 0254e1c0720a3d3cf97b8c93539d262011cee883 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 28 Jun 2022 14:55:50 -0400 Subject: [PATCH 07/16] Add image tag to values --- values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/values.yaml b/values.yaml index 827f532..52c4a05 100644 --- a/values.yaml +++ b/values.yaml @@ -13,6 +13,8 @@ fullnameOverride: "" image: # Use `optimizely/agent` unless you have a specific usecase; Pulls from https://hub.docker.com/r/optimizely/agent repository: optimizely/agent + # If you wish to use a specific image tag set that here (https://kubernetes.io/docs/concepts/containers/images/#image-names) + tag: "" # Use `IfNotPresent` to get the image if not available locally. Alternatives (https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) pullPolicy: IfNotPresent From 7c5e7340df0e2df4656f8fea89d7cf6249f8d905 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 28 Jun 2022 15:44:27 -0400 Subject: [PATCH 08/16] Complete edits ot NOTES.txt post-install info --- templates/NOTES.txt | 94 ++++++++++++++++++++++++++++++--------------- 1 file changed, 64 insertions(+), 30 deletions(-) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index d2f957b..0827cee 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -3,15 +3,33 @@ Name Override: {{ .Values.nameOverride }} Full Name Override: {{ .Values.fullnameOverride }} -Replica Count: {{ .Values.replicaCount }} +Image Used: {{ .Values.image.repository }}:{{ .Values.image.tag }} Service Account: {{- if .Values.serviceAccount.create }} - {{ .Values.serviceAccount.name }} + {{ default "[account name will be generated]" .Values.serviceAccount.name }} {{- else }} [no service account used] {{- end }} +Replica Count: {{ .Values.replicaCount }} + +Auto-Scaling: +{{- if .Values.autoscaling.enabled }} + Replicas between {{ .Values.autoscaling.minReplicas }} to {{ .Values.autoscaling.maxReplicas }} + Target CPU at {{ .Values.autoscaling.targetCPUUtilizationPercentage }}% + Target Memory at {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}% +{{- end }} + +Node Selector: + {{ default "[no node selectors applied]" .Values.nodeSelector }} + +Node Affinity: + {{ default "[no node affinity applied]" .Values.affinity }} + +Node Tolerations: + {{ default "[no node tolarations applied]" .Values.tolerations }} + Pod Annotations Applied: {{ default "[no annotations applied]" .Values.podAnnotations }} @@ -21,6 +39,49 @@ Pod Security Context: Container Security Context: {{ default "[no container security context applied]" .Values.securityContext }} +Network Service: + Type: {{ .Values.service.type }} + Ports: + {{- range $port := .Values.service.ports }} + {{ $port.name }}: {{ $port.targetPort }} [internal] <== {{ $port.port }} [external] + {{- end }} + +Network Ingress: + {{- if .Values.ingress.enabled }} + Application URLs: + {{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} + {{- end }} + Ingress Annotations: + {{ default "[no ingress annotations applied]" .Values.ingress.annotations }} + {{- else }} + Access the application by running these commands in a bash terminal + {{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "optimizely-agent.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT + {{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "optimizely-agent.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} + {{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "optimizely-agent.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT + {{- end }} + {{- end }} + +Resources: + {{ default "[no resources declarations applied]" .Values.resources }} + +Logging: + Level set to {{ .Values.logs.level | upper }} with friendly formatting {{ if $.Values.logs.pretty }}ON{{ else }}OFF{{ end }}. + SDK Key WILL {{- if not .Values.logs.includeSdkKey }} NOT {{- end }} be included in logs. + Environment Variables: {{ default "[no environment variables applied]" .Values.env.variables }} @@ -29,31 +90,4 @@ Secrets: *** Secrets were applied *** {{- else }} [no secrets applied] -{{- end }} - -{{- if .Values.ingress.enabled }} -1. Map ingress Address to Application URL's in /etc/hosts. -2. Application URL's: -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{ else }} -1. Get the application URL by running these commands: -{{- if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "optimizely-agent.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "optimizely-agent.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "optimizely-agent.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT -{{- end }} -{{- end }} +{{- end }} \ No newline at end of file From 588cb16a56e1cefbb773d5527b677ee8a0084165 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Thu, 30 Jun 2022 11:30:29 -0400 Subject: [PATCH 09/16] Conditionally include secrets.yaml --- templates/secrets.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/secrets.yaml b/templates/secrets.yaml index 46ae0f5..89af77e 100644 --- a/templates/secrets.yaml +++ b/templates/secrets.yaml @@ -1,3 +1,4 @@ +{{- if .Values.env.secrets }} apiVersion: v1 kind: Secret metadata: @@ -7,3 +8,4 @@ data: {{- range $k, $v := .Values.env.secrets }} {{ $k }}: {{ $v | b64enc }} {{- end }} +{{- end }} \ No newline at end of file From 1aa28be386282c5c3de9bf158c24fe2aa42bbecd Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Thu, 30 Jun 2022 11:30:41 -0400 Subject: [PATCH 10/16] Add .helmignore --- .helmignore | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 .helmignore diff --git a/.helmignore b/.helmignore new file mode 100644 index 0000000..c13e3c8 --- /dev/null +++ b/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj \ No newline at end of file From 59e560728985ea16ccb830b0f6f86d2c80cf19c4 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 5 Jul 2022 13:59:09 -0400 Subject: [PATCH 11/16] Add disabled message for auto-scaling --- templates/NOTES.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 0827cee..643530b 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -20,6 +20,9 @@ Auto-Scaling: Target CPU at {{ .Values.autoscaling.targetCPUUtilizationPercentage }}% Target Memory at {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}% {{- end }} +{{- else }} + [auto-scaling is disabled] +{{- end }} Node Selector: {{ default "[no node selectors applied]" .Values.nodeSelector }} From 28cdae08410f53c2e1af80c1427b8872c299630c Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 5 Jul 2022 13:59:42 -0400 Subject: [PATCH 12/16] Bug fix for autoscaling NOTE --- templates/NOTES.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 643530b..8b0154c 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -19,7 +19,6 @@ Auto-Scaling: Replicas between {{ .Values.autoscaling.minReplicas }} to {{ .Values.autoscaling.maxReplicas }} Target CPU at {{ .Values.autoscaling.targetCPUUtilizationPercentage }}% Target Memory at {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}% -{{- end }} {{- else }} [auto-scaling is disabled] {{- end }} From 5c5ec3705787bce9b1075d0e71dbd9ba75e7f4d0 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 5 Jul 2022 16:07:03 -0400 Subject: [PATCH 13/16] Corrections to toleration, names --- templates/NOTES.txt | 17 +++++++++++++---- values.yaml | 7 +++++-- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 8b0154c..930d649 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -1,9 +1,12 @@ *** Configuration Summary *** -Name Override: {{ .Values.nameOverride }} -Full Name Override: {{ .Values.fullnameOverride }} +Name Override: + {{ default "[no name override; using generated name]" .Values.nameOverride }} +Full Name Override: + {{ default "[no full name override; using generated full name]" .Values.fullnameOverride }} -Image Used: {{ .Values.image.repository }}:{{ .Values.image.tag }} +Image Used: + {{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }} Service Account: {{- if .Values.serviceAccount.create }} @@ -30,7 +33,13 @@ Node Affinity: {{ default "[no node affinity applied]" .Values.affinity }} Node Tolerations: - {{ default "[no node tolarations applied]" .Values.tolerations }} +{{- if .Values.tolerations }} + {{- range $toleration := .Values.tolerations }} + {{ $toleration.key }} {{ $toleration.operator }} {{ $toleration.effect }} + {{- end }} +{{- else }} + [no node tolarations applied] +{{- end }} Pod Annotations Applied: {{ default "[no annotations applied]" .Values.podAnnotations }} diff --git a/values.yaml b/values.yaml index 52c4a05..0db905e 100644 --- a/values.yaml +++ b/values.yaml @@ -19,7 +19,7 @@ image: pullPolicy: IfNotPresent # Set image pull secrets if you use a private container registry (https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) -imagePullSecrets: [] +imagePullSecrets: [] # 👈 Remember: remove the empty object `[]` and place collection values indented on the next lines serviceAccount: # Specifies whether a service account (https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) should be created @@ -51,7 +51,10 @@ affinity: {} # Set pod toleration of given taints on the node (https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) [optional] tolerations: [] - # - key: "example-key" + # - key: "example-key-1" + # operator: "Exists" + # effect: "NoSchedule" + # - key: "example-key-2" # operator: "Exists" # effect: "NoSchedule" From 52ce521d62767527e4f073a2dd3e974d0dd938e6 Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Tue, 5 Jul 2022 17:14:14 -0400 Subject: [PATCH 14/16] Reformat tolerations NOTES output --- templates/NOTES.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 930d649..3444a1f 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -35,7 +35,9 @@ Node Affinity: Node Tolerations: {{- if .Values.tolerations }} {{- range $toleration := .Values.tolerations }} - {{ $toleration.key }} {{ $toleration.operator }} {{ $toleration.effect }} + Key: {{ $toleration.key }} + Operator: {{ $toleration.operator }} + Effect: {{ $toleration.effect }} {{- end }} {{- else }} [no node tolarations applied] From 9c680962c10c273621908d95604b3eb06a53683c Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Wed, 6 Jul 2022 07:57:38 -0400 Subject: [PATCH 15/16] Unconditionally generate secrets.yaml --- templates/secrets.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/templates/secrets.yaml b/templates/secrets.yaml index 89af77e..46ae0f5 100644 --- a/templates/secrets.yaml +++ b/templates/secrets.yaml @@ -1,4 +1,3 @@ -{{- if .Values.env.secrets }} apiVersion: v1 kind: Secret metadata: @@ -8,4 +7,3 @@ data: {{- range $k, $v := .Values.env.secrets }} {{ $k }}: {{ $v | b64enc }} {{- end }} -{{- end }} \ No newline at end of file From 87fd0e2cb8f8de03ad19d772f8359be0172e2c9e Mon Sep 17 00:00:00 2001 From: Mike Chu Date: Wed, 6 Jul 2022 09:03:04 -0400 Subject: [PATCH 16/16] Get/display ClusterIP address + better doc --- templates/NOTES.txt | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 3444a1f..0d27481 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -70,21 +70,22 @@ Network Ingress: Ingress Annotations: {{ default "[no ingress annotations applied]" .Values.ingress.annotations }} {{- else }} - Access the application by running these commands in a bash terminal + Run the following in a *nix terminal to access the running {{- if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "optimizely-agent.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT + {{- " NodePort service endpoint" }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "optimizely-agent.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "optimizely-agent.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} - {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "optimizely-agent.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT + {{- " LoadBalancer service endpoint" }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "optimizely-agent.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} + {{- else if contains "ClusterIP" .Values.service.type }} + {{- " ClusterIP service IP address" }} + export CLUSTER_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "optimizely-agent.fullname" . }} -o jsonpath='{.spec.clusterIP}') + echo http://$CLUSTER_IP:8080 {{- end }} {{- end }}