From 9dbac148cc3c6d0c0d61f241eee9eaf913e51f10 Mon Sep 17 00:00:00 2001 From: gnmahanth Date: Fri, 1 Sep 2023 10:54:12 +0000 Subject: [PATCH] update console helm chart, change minio->fileserver --- .../minio.yaml => fileserver/fileserver.yaml} | 44 +++++++++---------- .../{minio => fileserver}/secret.yaml | 6 +-- .../database/postgresql/postgresql.yaml | 2 +- .../{minio.yaml => fileserver.yaml} | 8 ++-- .../templates/deepfence-ingester.yaml | 4 +- .../templates/deepfence-router.yaml | 4 +- .../templates/deepfence-scheduler.yaml | 4 +- .../templates/deepfence-server.yaml | 18 +++++--- .../templates/deepfence-ui.yaml | 14 ++++-- .../templates/deepfence-worker.yaml | 4 +- .../helm-charts/deepfence-console/values.yaml | 4 +- 11 files changed, 62 insertions(+), 50 deletions(-) rename deployment-scripts/helm-charts/deepfence-console/templates/database/{minio/minio.yaml => fileserver/fileserver.yaml} (72%) rename deployment-scripts/helm-charts/deepfence-console/templates/database/{minio => fileserver}/secret.yaml (65%) rename deployment-scripts/helm-charts/deepfence-console/templates/deepfence-console-secrets/{minio.yaml => fileserver.yaml} (56%) diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/database/minio/minio.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/database/fileserver/fileserver.yaml similarity index 72% rename from deployment-scripts/helm-charts/deepfence-console/templates/database/minio/minio.yaml rename to deployment-scripts/helm-charts/deepfence-console/templates/database/fileserver/fileserver.yaml index c99bfac3ec..dd2e28bfe2 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/database/minio/minio.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/database/fileserver/fileserver.yaml @@ -1,4 +1,4 @@ -{{- if .Values.minio.create }} +{{- if .Values.fileserver.create }} --- apiVersion: apps/v1 kind: StatefulSet @@ -6,7 +6,7 @@ metadata: name: deepfence-file-server labels: {{- include "deepfence-console.labels" . | nindent 4 }} - component: minio + component: fileserver name: deepfence-file-server spec: serviceName: deepfence-file-server @@ -14,28 +14,28 @@ spec: selector: matchLabels: {{- include "deepfence-console.selectorLabels" . | nindent 6 }} - component: minio + component: fileserver name: deepfence-file-server template: metadata: - {{- with .Values.minio.podAnnotations }} + {{- with .Values.fileserver.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "deepfence-console.selectorLabels" . | nindent 8 }} - component: minio + component: fileserver name: deepfence-file-server spec: serviceAccountName: {{ include "deepfence-console.serviceAccountName" . }} securityContext: - {{- toYaml .Values.minio.podSecurityContext | nindent 8 }} + {{- toYaml .Values.fileserver.podSecurityContext | nindent 8 }} containers: - - name: minio + - name: fileserver securityContext: - {{- toYaml .Values.minio.securityContext | nindent 12 }} - image: "{{ .Values.global.imageRepoPrefix }}/{{ .Values.minio.image.repository }}:{{ default .Values.global.imageTag .Values.minio.image.tag }}" - imagePullPolicy: {{ .Values.minio.image.pullPolicy }} + {{- toYaml .Values.fileserver.securityContext | nindent 12 }} + image: "{{ .Values.global.imageRepoPrefix }}/{{ .Values.fileserver.image.repository }}:{{ default .Values.global.imageTag .Values.fileserver.image.tag }}" + imagePullPolicy: {{ .Values.fileserver.image.pullPolicy }} envFrom: - secretRef: name: "deepfence-file-server" @@ -48,36 +48,36 @@ spec: protocol: TCP livenessProbe: httpGet: - path: /minio/health/live + path: /status port: http - initialDelaySeconds: 120 + initialDelaySeconds: 60 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 5 successThreshold: 1 readinessProbe: httpGet: - path: /minio/health/live + path: /status port: http initialDelaySeconds: 60 - periodSeconds: 20 + periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 5 successThreshold: 1 resources: - {{- toYaml .Values.minio.resources | nindent 12 }} + {{- toYaml .Values.fileserver.resources | nindent 12 }} volumeMounts: - mountPath: /data name: "file-server-{{ .Release.Name }}" - {{- with .Values.minio.nodeSelector }} + {{- with .Values.fileserver.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.minio.affinity }} + {{- with .Values.fileserver.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.minio.tolerations }} + {{- with .Values.fileserver.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} @@ -89,8 +89,8 @@ spec: - "ReadWriteOnce" resources: requests: - storage: "{{ .Values.minio.volumeSize }}" - storageClassName: {{ default .Values.global.storageClass .Values.minio.storageClass }} + storage: "{{ .Values.fileserver.volumeSize }}" + storageClassName: {{ default .Values.global.storageClass .Values.fileserver.storageClass }} --- apiVersion: v1 kind: Service @@ -98,7 +98,7 @@ metadata: name: deepfence-file-server labels: {{- include "deepfence-console.labels" . | nindent 4 }} - component: minio + component: fileserver name: deepfence-file-server spec: type: ClusterIP @@ -113,6 +113,6 @@ spec: protocol: TCP selector: {{- include "deepfence-console.selectorLabels" . | nindent 4 }} - component: minio + component: fileserver name: deepfence-file-server {{- end }} \ No newline at end of file diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/database/minio/secret.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/database/fileserver/secret.yaml similarity index 65% rename from deployment-scripts/helm-charts/deepfence-console/templates/database/minio/secret.yaml rename to deployment-scripts/helm-charts/deepfence-console/templates/database/fileserver/secret.yaml index 68ab641550..e465ddac6b 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/database/minio/secret.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/database/fileserver/secret.yaml @@ -1,4 +1,4 @@ -{{- if .Values.minio.create }} +{{- if .Values.fileserver.create }} --- kind: Secret apiVersion: v1 @@ -7,9 +7,9 @@ metadata: name: "deepfence-file-server" labels: {{- include "deepfence-console.labels" . | nindent 4 }} - component: minio + component: fileserver stringData: - {{- range $k, $v := .Values.minio.secrets }} + {{- range $k, $v := .Values.fileserver.secrets }} {{ $k }}: {{ $v }} {{- end }} {{- end }} \ No newline at end of file diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/database/postgresql/postgresql.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/database/postgresql/postgresql.yaml index bba69c629d..80d82e8400 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/database/postgresql/postgresql.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/database/postgresql/postgresql.yaml @@ -50,7 +50,7 @@ spec: - -c - exec pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB} initialDelaySeconds: 60 - periodSeconds: 20 + periodSeconds: 30 timeoutSeconds: 5 failureThreshold: 5 successThreshold: 1 diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-console-secrets/minio.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-console-secrets/fileserver.yaml similarity index 56% rename from deployment-scripts/helm-charts/deepfence-console/templates/deepfence-console-secrets/minio.yaml rename to deployment-scripts/helm-charts/deepfence-console/templates/deepfence-console-secrets/fileserver.yaml index 68795ced6f..ceb8aa4978 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-console-secrets/minio.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-console-secrets/fileserver.yaml @@ -1,10 +1,10 @@ -{{- if .Values.minio.create }} +{{- if .Values.fileserver.create }} --- kind: Secret apiVersion: v1 type: Opaque metadata: - name: "deepfence-console-secrets-minio" + name: "deepfence-console-secrets-fileserver" labels: {{- include "deepfence-console.labels" . | nindent 4 }} component: file-server @@ -13,7 +13,7 @@ stringData: DEEPFENCE_MINIO_PORT: "9000" DEEPFENCE_MINIO_SECURE: "false" DEEPFENCE_MINIO_BUCKET: deepfence - DEEPFENCE_MINIO_PASSWORD: {{ .Values.minio.secrets.MINIO_ROOT_PASSWORD | quote }} - DEEPFENCE_MINIO_USER: {{ .Values.minio.secrets.MINIO_ROOT_USER | quote }} + DEEPFENCE_MINIO_PASSWORD: {{ .Values.fileserver.secrets.MINIO_ROOT_PASSWORD | quote }} + DEEPFENCE_MINIO_USER: {{ .Values.fileserver.secrets.MINIO_ROOT_USER | quote }} {{- end }} diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ingester.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ingester.yaml index c54e596208..56516b7d0b 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ingester.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ingester.yaml @@ -48,8 +48,8 @@ spec: name: {{ .Values.redis.secretName }} {{- end }} - secretRef: - {{- if .Values.minio.create }} - name: "deepfence-console-secrets-minio" + {{- if .Values.fileserver.create }} + name: "deepfence-console-secrets-fileserver" {{- else }} name: {{ .Values.minio.secretName }} {{- end }} diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-router.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-router.yaml index baa02b8197..32bf54577d 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-router.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-router.yaml @@ -48,8 +48,8 @@ spec: name: {{ .Values.redis.secretName }} {{- end }} - secretRef: - {{- if .Values.minio.create }} - name: "deepfence-console-secrets-minio" + {{- if .Values.fileserver.create }} + name: "deepfence-console-secrets-fileserver" {{- else }} name: {{ .Values.minio.secretName }} {{- end }} diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-scheduler.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-scheduler.yaml index 158ab84ecf..62337e5fa7 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-scheduler.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-scheduler.yaml @@ -46,8 +46,8 @@ spec: name: {{ .Values.redis.secretName }} {{- end }} - secretRef: - {{- if .Values.minio.create }} - name: "deepfence-console-secrets-minio" + {{- if .Values.fileserver.create }} + name: "deepfence-console-secrets-fileserver" {{- else }} name: {{ .Values.minio.secretName }} {{- end }} diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-server.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-server.yaml index 47a3a5e09e..44b20759a7 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-server.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-server.yaml @@ -55,8 +55,8 @@ spec: name: {{ .Values.redis.secretName }} {{- end }} - secretRef: - {{- if .Values.minio.create }} - name: "deepfence-console-secrets-minio" + {{- if .Values.fileserver.create }} + name: "deepfence-console-secrets-fileserver" {{- else }} name: {{ .Values.minio.secretName }} {{- end }} @@ -89,14 +89,20 @@ spec: httpGet: path: /deepfence/ping port: http - initialDelaySeconds: 120 - periodSeconds: 20 + initialDelaySeconds: 90 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 readinessProbe: httpGet: path: /deepfence/ping port: http - initialDelaySeconds: 120 - periodSeconds: 20 + initialDelaySeconds: 90 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 resources: {{- toYaml .Values.server.resources | nindent 12 }} {{- with .Values.server.nodeSelector }} diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ui.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ui.yaml index 96bab23c98..f58397677e 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ui.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-ui.yaml @@ -45,8 +45,8 @@ spec: name: {{ .Values.redis.secretName }} {{- end }} - secretRef: - {{- if .Values.minio.create }} - name: "deepfence-console-secrets-minio" + {{- if .Values.fileserver.create }} + name: "deepfence-console-secrets-fileserver" {{- else }} name: {{ .Values.minio.secretName }} {{- end }} @@ -76,14 +76,20 @@ spec: httpGet: path: /health port: http - initialDelaySeconds: 120 + initialDelaySeconds: 60 periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 readinessProbe: httpGet: path: /health port: http initialDelaySeconds: 60 - periodSeconds: 20 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 5 + successThreshold: 1 resources: {{- toYaml .Values.ui.resources | nindent 12 }} {{- with .Values.ui.nodeSelector }} diff --git a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-worker.yaml b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-worker.yaml index cb3950d269..0e2d9c55f0 100644 --- a/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-worker.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/templates/deepfence-worker.yaml @@ -48,8 +48,8 @@ spec: name: {{ .Values.redis.secretName }} {{- end }} - secretRef: - {{- if .Values.minio.create }} - name: "deepfence-console-secrets-minio" + {{- if .Values.fileserver.create }} + name: "deepfence-console-secrets-fileserver" {{- else }} name: {{ .Values.minio.secretName }} {{- end }} diff --git a/deployment-scripts/helm-charts/deepfence-console/values.yaml b/deployment-scripts/helm-charts/deepfence-console/values.yaml index b837c4a97c..5bf546ee8f 100644 --- a/deployment-scripts/helm-charts/deepfence-console/values.yaml +++ b/deployment-scripts/helm-charts/deepfence-console/values.yaml @@ -122,8 +122,8 @@ redis: tolerations: [] affinity: {} -minio: - # Specifies whether a postgres database instance should be created +fileserver: + # Specifies whether a file server instance should be created create: true # if create false provide name of the existing secret # secret format refer templates/console-secrets/minio.yaml