added extraVolumes and extraVolumeMounts (datastax#149)

Fixes datastax#147 ### Motivation This gives the helm chart user the ability to specify a secret or other type of volume to be mounted into any of the statefulset pods ### Modifications * Added conditionals to `bookkeeper`, `broker`, `proxy`, `toolset`, and `zookeeper` statefulsets which allow the chart user to specify extraVolumes and extraVolumeMounts for deployed pods. * Added `extraVolumes` and `extraVolumeMounts` parameters to values.yaml
pgier · Aug 26, 2021 · c45813f · c45813f
1 parent 19d6ce6
commit c45813f
Show file tree

Hide file tree

Showing 6 changed files with 97 additions and 2 deletions.
diff --git a/charts/pulsar/templates/bookkeeper-statefulset.yaml b/charts/pulsar/templates/bookkeeper-statefulset.yaml
@@ -187,6 +187,9 @@ spec:
         - name: "{{ template "pulsar.fullname" . }}-{{ .Values.bookkeeper.component }}-{{ .Values.bookkeeper.volumes.ledgers.name }}"
           mountPath: /pulsar/data/bookkeeper/ledgers
         {{- end}}
+        {{- if .Values.bookkeeper.extraVolumeMounts }}
+{{ toYaml .Values.bookkeeper.extraVolumeMounts | indent 8 }}
+        {{- end }}
         {{- include "pulsar.bookkeeper.certs.volumeMounts" . | nindent 8 }}
       volumes:
       {{- if not (and (and .Values.persistence .Values.volumes.persistence) .Values.bookkeeper.volumes.persistence) }}
@@ -197,6 +200,9 @@ spec:
       {{- end }}
       {{- include "pulsar.bookkeeper.certs.volumes" . | nindent 6 }}
       {{- include "pulsar.imagePullSecrets" . | nindent 6}}
+      {{- if .Values.bookkeeper.extraVolumes }}
+{{ toYaml .Values.bookkeeper.extraVolumes | indent 6 }}
+      {{- end }}
 {{- if and (and .Values.persistence .Values.volumes.persistence) .Values.bookkeeper.volumes.persistence}}
   volumeClaimTemplates:
   {{- if .Values.bookkeeper.volumes.useSingleCommonVolume }}

diff --git a/charts/pulsar/templates/broker-statefulset.yaml b/charts/pulsar/templates/broker-statefulset.yaml
@@ -234,13 +234,19 @@ spec:
             name: broker-token
             readOnly: true
           {{- end }}
+          {{- end }}
+          {{- if .Values.broker.extraVolumeMounts }}
+{{ toYaml .Values.broker.extraVolumeMounts | indent 10 }}
           {{- end }}
           {{- include "pulsar.broker.certs.volumeMounts" . | nindent 10 }}
       {{- if and .Values.rbac.enabled .Values.rbac.psp }}
         securityContext:
           readOnlyRootFilesystem: false
       {{- end }}
       volumes:
+      {{- if .Values.broker.extraVolumes }}
+{{ toYaml .Values.broker.extraVolumes | indent 6 }}
+      {{- end }}
       {{- if .Values.auth.authentication.enabled }}
       {{- if eq .Values.auth.authentication.provider "jwt" }}
       - name: token-keys

diff --git a/charts/pulsar/templates/proxy-statefulset.yaml b/charts/pulsar/templates/proxy-statefulset.yaml
@@ -199,7 +199,7 @@ spec:
         envFrom:
         - configMapRef:
             name: "{{ template "pulsar.fullname" . }}-{{ .Values.proxy.component }}"
-        {{- if or .Values.auth.authentication.enabled (and .Values.tls.enabled (or .Values.tls.proxy.enabled .Values.tls.broker.enabled)) }}
+        {{- if or .Values.proxy.extraVolumeMounts .Values.auth.authentication.enabled (and .Values.tls.enabled (or .Values.tls.proxy.enabled .Values.tls.broker.enabled)) }}
         volumeMounts:
           {{- if .Values.auth.authentication.enabled }}
           {{- if eq .Values.auth.authentication.provider "jwt" }}
@@ -221,10 +221,16 @@ spec:
             name: ca
             readOnly: true
           {{- end}}
+          {{- if .Values.proxy.extraVolumeMounts }}
+{{ toYaml .Values.proxy.extraVolumeMounts | indent 10 }}
+          {{- end }}
       {{- end}}
       {{- include "pulsar.imagePullSecrets" . | nindent 6}}
-      {{- if or .Values.auth.authentication.enabled (and .Values.tls.enabled .Values.tls.proxy.enabled) }}
+      {{- if or .Values.proxy.extraVolumes .Values.auth.authentication.enabled (and .Values.tls.enabled .Values.tls.proxy.enabled) }}
       volumes:
+        {{- if .Values.proxy.extraVolumes }}
+{{ toYaml .Values.proxy.extraVolumes | indent 8 }}
+        {{- end }}
         {{- if .Values.auth.authentication.enabled }}
         {{- if eq .Values.auth.authentication.provider "jwt" }}
         - name: token-keys

diff --git a/charts/pulsar/templates/toolset-statefulset.yaml b/charts/pulsar/templates/toolset-statefulset.yaml
@@ -94,6 +94,9 @@ spec:
           name: proxy-ca
           readOnly: true
         {{- end}}
+        {{- if .Values.toolset.extraVolumeMounts }}
+{{ toYaml .Values.toolset.extraVolumeMounts | indent 8 }}
+        {{- end }}
         {{- include "pulsar.toolset.certs.volumeMounts" . | nindent 8 }}
       volumes:
       {{- if .Values.auth.authentication.enabled }}
@@ -114,6 +117,9 @@ spec:
             - key: ca.crt
               path: ca.crt
       {{- end}}
+      {{- if .Values.toolset.extraVolumes }}
+{{ toYaml .Values.toolset.extraVolumes | indent 6 }}
+      {{- end }}
       {{- include "pulsar.toolset.certs.volumes" . | nindent 6 }}
       {{- include "pulsar.imagePullSecrets" . | nindent 6}}
 {{- end }}
diff --git a/charts/pulsar/templates/zookeeper-statefulset.yaml b/charts/pulsar/templates/zookeeper-statefulset.yaml
@@ -183,11 +183,17 @@ spec:
           mountPath: "/pulsar/keytool/keytool.sh"
           subPath: keytool.sh
         {{- end }}
+        {{- if .Values.zookeeper.extraVolumeMounts }}
+{{ toYaml .Values.zookeeper.extraVolumeMounts | indent 8 }}
+        {{- end }}
       volumes:
       {{- if not (and (and .Values.volumes.persistence .Values.volumes.persistence) .Values.zookeeper.volumes.persistence) }}
       - name: "{{ template "pulsar.fullname" . }}-{{ .Values.zookeeper.component }}-{{ .Values.zookeeper.volumes.data.name }}"
         emptyDir: {}
       {{- end }}
+      {{- if .Values.zookeeper.extraVolumes }}
+{{ toYaml .Values.zookeeper.extraVolumes | indent 6 }}
+      {{- end }}
       {{- if and .Values.tls.enabled .Values.tls.zookeeper.enabled }}
       - name: zookeeper-certs
         secret:

diff --git a/charts/pulsar/values.yaml b/charts/pulsar/values.yaml
@@ -330,6 +330,19 @@ zookeeper:
     requests:
       memory: 256Mi
       cpu: 0.1
+  # extraVolumes and extraVolumeMounts allows you to mount other volumes
+  # Example Use Case: mount ssl certificates
+  # extraVolumes:
+  #   - name: ca-certs
+  #     secret:
+  #       defaultMode: 420
+  #       secretName: ca-certs
+  # extraVolumeMounts:
+  #   - name: ca-certs
+  #     mountPath: /certs
+  #     readOnly: true
+  extraVolumes: []
+  extraVolumeMounts: []
   volumes:
     # use a persistent volume or emptyDir
     persistence: true
@@ -439,6 +452,19 @@ bookkeeper:
     requests:
       memory: 512Mi
       cpu: 0.2
+  # extraVolumes and extraVolumeMounts allows you to mount other volumes
+  # Example Use Case: mount ssl certificates
+  # extraVolumes:
+  #   - name: ca-certs
+  #     secret:
+  #       defaultMode: 420
+  #       secretName: ca-certs
+  # extraVolumeMounts:
+  #   - name: ca-certs
+  #     mountPath: /certs
+  #     readOnly: true
+  extraVolumes: []
+  extraVolumeMounts: []
   volumes:
     # use a persistent volume or emptyDir
     persistence: true
@@ -637,6 +663,19 @@ broker:
     requests:
       memory: 512Mi
       cpu: 0.2
+  # extraVolumes and extraVolumeMounts allows you to mount other volumes
+  # Example Use Case: mount ssl certificates
+  # extraVolumes:
+  #   - name: ca-certs
+  #     secret:
+  #       defaultMode: 420
+  #       secretName: ca-certs
+  # extraVolumeMounts:
+  #   - name: ca-certs
+  #     mountPath: /certs
+  #     readOnly: true
+  extraVolumes: []
+  extraVolumeMounts: []
   ## Broker configmap
   ## templates/broker-configmap.yaml
   ##
@@ -730,6 +769,19 @@ proxy:
     requests:
       memory: 128Mi
       cpu: 0.2
+  # extraVolumes and extraVolumeMounts allows you to mount other volumes
+  # Example Use Case: mount ssl certificates
+  # extraVolumes:
+  #   - name: ca-certs
+  #     secret:
+  #       defaultMode: 420
+  #       secretName: ca-certs
+  # extraVolumeMounts:
+  #   - name: ca-certs
+  #     mountPath: /certs
+  #     readOnly: true
+  extraVolumes: []
+  extraVolumeMounts: []
   ## Proxy configmap
   ## templates/proxy-configmap.yaml
   ##
@@ -844,6 +896,19 @@ toolset:
     requests:
       memory: 256Mi
       cpu: 0.1
+  # extraVolumes and extraVolumeMounts allows you to mount other volumes
+  # Example Use Case: mount ssl certificates
+  # extraVolumes:
+  #   - name: ca-certs
+  #     secret:
+  #       defaultMode: 420
+  #       secretName: ca-certs
+  # extraVolumeMounts:
+  #   - name: ca-certs
+  #     mountPath: /certs
+  #     readOnly: true
+  extraVolumes: []
+  extraVolumeMounts: []
   ## Bastion configmap
   ## templates/bastion-configmap.yaml
   ##