From e74f76df75ba1167c8aad0631c90f7a272c94731 Mon Sep 17 00:00:00 2001 From: Roi Kramer Date: Thu, 19 Sep 2024 11:30:27 +0300 Subject: [PATCH] Feat/con 28906 metric exporter standalone installation (#155) * support metric exporter standalone installation --- charts/ocean-metric-exporter/Chart.yaml | 2 +- charts/ocean-metric-exporter/README.md | 16 ++- .../templates/_helpers.tpl | 108 ++++++++++++++++-- .../templates/caBundle.secret.yaml | 12 ++ .../templates/configmap.yaml | 9 ++ .../templates/deployment.yaml | 6 +- .../templates/secret.yaml | 11 ++ charts/ocean-metric-exporter/values.yaml | 53 +++++++-- 8 files changed, 192 insertions(+), 25 deletions(-) create mode 100644 charts/ocean-metric-exporter/templates/caBundle.secret.yaml create mode 100644 charts/ocean-metric-exporter/templates/configmap.yaml create mode 100644 charts/ocean-metric-exporter/templates/secret.yaml diff --git a/charts/ocean-metric-exporter/Chart.yaml b/charts/ocean-metric-exporter/Chart.yaml index e1d9117..e4b2578 100644 --- a/charts/ocean-metric-exporter/Chart.yaml +++ b/charts/ocean-metric-exporter/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: ocean-metric-exporter description: A Helm chart for Ocean Metric Exporter type: application -version: 1.0.10 +version: 1.1.0 appVersion: 1.0.4 home: https://github.com/spotinst/charts/tree/main/charts/ocean-metric-exporter icon: https://docs.spot.io/_media/images/spot_mark.png diff --git a/charts/ocean-metric-exporter/README.md b/charts/ocean-metric-exporter/README.md index fe0aca3..735ac73 100644 --- a/charts/ocean-metric-exporter/README.md +++ b/charts/ocean-metric-exporter/README.md @@ -1,6 +1,6 @@ # ocean-metric-exporter -![Version: 1.0.10](https://img.shields.io/badge/Version-1.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.4](https://img.shields.io/badge/AppVersion-1.0.4-informational?style=flat-square) +![Version: 1.1.0](https://img.shields.io/badge/Version-1.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.4](https://img.shields.io/badge/AppVersion-1.0.4-informational?style=flat-square) A Helm chart for Ocean Metric Exporter. @@ -31,6 +31,11 @@ helm install my-release spot/ocean-metric-exporter | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | Optional | `{}` | Pod scheduling preferences. Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity | +| caBundleSecret.create | bool | `false` | Controls whether a CA bundle secret should be created. | +| caBundleSecret.data | string | `""` | Must contain the CA bundle data in case `caBundleSecret.create` is true. For example by using `--set caBundleSecret.data="$(cat ./ca.pem)"` | +| caBundleSecret.key | string | `"userEnvCertificates.pem"` | Key inside the secret to inject the CA bundle from | +| caBundleSecret.name | string | `""` | CA bundle Secret name. (Optional) | +| configMapName | Optional | `""` | ConfigMap name to use. In case spotinst.clusterIdentifier is provided, this overrides the name of the created configMap. | | image.pullPolicy | Optional | `"IfNotPresent"` | Image pull policy. | | image.pullSecrets | Optional | `[]` | Image pull secrets. | | image.repository | Optional | `"gcr.io/spotinst-artifacts/spot-ocean-metric-exporter"` | Image repository. | @@ -42,10 +47,7 @@ helm install my-release spot/ocean-metric-exporter | metricsConfiguration.denyLabels | Array[string] | `nil` | List of Labels to deny - if empty will get everything. Shouldn't be used with `allowLabels`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=labels | | metricsConfiguration.denyMetrics | Array[string] | `nil` | List of Metrics to deny - if empty will get everything. Shouldn't be used with `allowMetrics`. Possible values can be found here: https://docs.spot.io/ocean/tools-and-integrations/prometheus/scrape?id=metrics | | nodeSelector | Optional | `{}` | Node selector. | -| oceanController.caBundleSecretName | Optional | `"spotinst-kubernetes-cluster-controller-ca-bundle"` | Secret name of CA bundle. | -| oceanController.configMapName | Optional | `"spotinst-kubernetes-cluster-controller-config"` | ConfigMap name. | -| oceanController.namespace | Optional | `"kube-system"` | Namespace where components should be installed. | -| oceanController.secretName | Optional | `"spotinst-kubernetes-cluster-controller"` | Secret name. | +| oceanController | object | `{"caBundleSecretName":"","configMapName":"","namespace":"","secretName":""}` | Reference secret and configMap for the Ocean Controller. Deprecated in favor of spotinst object or secretName and configMapName | | podAnnotations | Optional | `{}` | Pod annotations. Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ | | podEnvVariables | Optional | `[]` | Additional environment variables for the exporter container. | | probes.enabled | Bool | `true` | Whether to include both liveness and readiness probe, if this is set to true it will ignore the nested enabled booleans. | @@ -62,7 +64,11 @@ helm install my-release spot/ocean-metric-exporter | probes.readiness.timeoutSeconds | Integer | `1` | Readiness probe timeout. | | replicaCount | Optional | `1` | Replicas. Ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#replicas | | resources | Optional | `{"limits":{"cpu":"500m","memory":"500Mi"},"requests":{"cpu":"100m","memory":"50Mi"}}` | Resource requests and limits. Ref: http://kubernetes.io/docs/user-guide/compute-resources/ | +| secretName | Optional | `""` | Secret name to use. In case spotinst.token, spotinst.account are provided, this overrides the name of the created secret. | | service.create | Optional | `true` | Controls whether a service should be created. | +| spotinst.account | Optional | `""` | Spot Account. Ref: https://docs.spot.io/administration/organizations?id=account | +| spotinst.clusterIdentifier | Optional | `""` | Unique identifier used by the Ocean Controller to connect between the Ocean backend and the Kubernetes cluster. Ref: https://docs.spot.io/ocean/tutorials/spot-kubernetes-controller/ | +| spotinst.token | Optional | `""` | Spot Token. Ref: https://docs.spot.io/administration/api/create-api-token | | tolerations | Optional | `[{"key":"node-role.kubernetes.io/master","operator":"Exists"},{"key":"node-role.kubernetes.io/control-plane","operator":"Exists"}]` | Tolerations for nodes that have taints on them. Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | ---------------------------------------------- diff --git a/charts/ocean-metric-exporter/templates/_helpers.tpl b/charts/ocean-metric-exporter/templates/_helpers.tpl index f3abfa2..27afcaa 100644 --- a/charts/ocean-metric-exporter/templates/_helpers.tpl +++ b/charts/ocean-metric-exporter/templates/_helpers.tpl @@ -34,6 +34,73 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} +{{/* +Namespace. + +Precedence is: +1. --set oceanController.namespace +2. --namespace +3. if none of the above is specified, default is "kube-system" for backwards compatibility. +*/}} +{{- define "ocean-metric-exporter.namespace" -}} +{{- if .Values.oceanController.namespace -}} +{{ .Values.oceanController.namespace }} +{{- else -}} +{{- if eq .Release.Namespace "default" -}} +kube-system +{{- else -}} +{{ .Release.Namespace }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create Secret. +*/}} +{{- define "ocean-metric-exporter.createSecret" -}} +{{- if and .Values.spotinst (or .Values.spotinst.token .Values.spotinst.account) -}} +{{- include "ocean-metric-exporter.standaloneParamCheck" . -}} +{{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Create ConfigMap. +*/}} +{{- define "ocean-metric-exporter.createConfigMap" -}} +{{- if and .Values.spotinst .Values.spotinst.clusterIdentifier -}} +{{- include "ocean-metric-exporter.standaloneParamCheck" . -}} +{{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Standalone parameter checks +*/}} +{{- define "ocean-metric-exporter.standaloneParamCheck" -}} +{{- if not .Values.spotinst.account -}} +{{- fail "Standalone installation detected (either 'spotinst.clusterIdentifier' or 'spotinst.token' specified), but 'spotinst.account' was not specified" -}} +{{- end -}} +{{- if not .Values.spotinst.token -}} +{{- fail "Standalone installation detected (either 'spotinst.clusterIdentifier' or 'spotinst.account' specified), but 'spotinst.token' was not specified" -}} +{{- end -}} +{{- if not .Values.spotinst.clusterIdentifier -}} +{{- fail "Standalone installation detected (either 'spotinst.token' or 'spotinst.account' specified), but 'spotinst.clusterIdentifier' was not specified" -}} +{{- end -}} +{{- if .Values.oceanController.namespace -}} +{{- fail (printf "Value 'oceanController.namespace' is not allowed in standalone installation mode ('spotinst.*' values used). Use '--namespace=%s' instead" .Values.oceanController.namespace) -}} +{{- end -}} +{{- if .Values.oceanController.secretName -}} +{{- fail (printf "Value 'oceanController.secretName' is not allowed in standalone installation mode ('spotinst.*' values used). Use '--set secretName=%s' instead" .Values.oceanController.secretName) -}} +{{- end -}} +{{- if .Values.oceanController.configMapName -}} +{{- fail (printf "Value 'oceanController.configMapName' is not allowed in standalone installation mode ('spotinst.*' values used). Use '--set configMapName=%s' instead" .Values.oceanController.configMapName) -}} +{{- end -}} +{{- if .Values.oceanController.caBundleSecretName -}} +{{- fail (printf "Value 'oceanController.caBundleSecretName' is not allowed in standalone installation mode ('spotinst.*' values used). Use '--set caBundleSecret.name=%s' instead" .Values.oceanController.caBundleSecretName) -}} +{{- end -}} +{{- end -}} + {{/* Common labels. */}} @@ -58,28 +125,55 @@ app.kubernetes.io/instance: {{ .Release.Name }} Secret name. */}} {{- define "ocean-metric-exporter.secretName" -}} -{{ default (include "ocean-metric-exporter.name" .) .Values.oceanController.secretName }} +{{- if (include "ocean-metric-exporter.createSecret" .) -}} +{{ default (include "ocean-metric-exporter.name" .) .Values.secretName }} +{{- else -}} +{{ default "spotinst-kubernetes-cluster-controller" .Values.oceanController.secretName }} +{{- end }} {{- end }} {{/* ConfigMap name. */}} {{- define "ocean-metric-exporter.configMapName" -}} -{{ default (include "ocean-metric-exporter.name" .) .Values.oceanController.configMapName }} +{{- if (include "ocean-metric-exporter.createConfigMap" .) -}} +{{ default (include "ocean-metric-exporter.name" .) .Values.configMapName }} +{{- else -}} +{{ default "spotinst-kubernetes-cluster-controller-config" .Values.oceanController.configMapName }} +{{- end }} {{- end }} +{{/* +Check CA bundle secret conflict +*/}} +{{- define "ocean-metric-exporter.checkCaBundleSecretConflict" -}} +{{- if .Values.oceanController.caBundleSecretName -}} +{{- fail "Value 'oceanController.caBundleSecretName' should not be used when 'caBundleSecret.create=true'" -}} +{{- end -}} +{{- end -}} + {{/* CA bundle secret name. */}} {{- define "ocean-metric-exporter.caBundleSecretName" -}} -{{ default (include "ocean-metric-exporter.name" .) .Values.oceanController.caBundleSecretName }} +{{- if and .Values.caBundleSecret .Values.caBundleSecret.create -}} +{{- include "ocean-metric-exporter.checkCaBundleSecretConflict" . -}} +{{ default (printf "%s-ca-bundle" (include "ocean-metric-exporter.name" .)) .Values.caBundleSecret.name }} +{{- else -}} +{{ default "spotinst-kubernetes-cluster-controller-ca-bundle" .Values.oceanController.caBundleSecretName }} +{{- end }} {{- end }} {{/* -Namespace. +CA bundle secret key. */}} -{{- define "ocean-metric-exporter.namespace" -}} -{{ default (include "ocean-metric-exporter.name" .) .Values.oceanController.namespace }} +{{- define "ocean-metric-exporter.caBundleSecretKey" -}} +{{- if and .Values.caBundleSecret .Values.caBundleSecret.create -}} +{{- include "ocean-metric-exporter.checkCaBundleSecretConflict" . -}} +{{ default "userEnvCertificates.pem" .Values.caBundleSecret.key }} +{{- else -}} +userEnvCertificates.pem +{{- end }} {{- end }} {{/* @@ -107,7 +201,7 @@ Container command. probes. */}} {{- define "ocean-metric-exporter.probes" -}} -{{- if or .Values.probes.liveness.enabled .Values.probes.enabled }} +{{- if or .Values.probes.liveness.enabled .Values.probes.enabled -}} livenessProbe: httpGet: path: /health/liveness diff --git a/charts/ocean-metric-exporter/templates/caBundle.secret.yaml b/charts/ocean-metric-exporter/templates/caBundle.secret.yaml new file mode 100644 index 0000000..5107252 --- /dev/null +++ b/charts/ocean-metric-exporter/templates/caBundle.secret.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.caBundleSecret .Values.caBundleSecret.create }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "ocean-metric-exporter.caBundleSecretName" . }} + namespace: {{ include "ocean-metric-exporter.namespace" . }} + labels: + {{- include "ocean-metric-exporter.labels" . | nindent 4 }} +type: Opaque +data: + {{- include "ocean-metric-exporter.caBundleSecretKey" . | nindent 2 -}}: {{ required "`caBundleSecret.data` must be specified if `caBundleSecret.create` is `true`" .Values.caBundleSecret.data | b64enc }} +{{- end }} diff --git a/charts/ocean-metric-exporter/templates/configmap.yaml b/charts/ocean-metric-exporter/templates/configmap.yaml new file mode 100644 index 0000000..ef70e1d --- /dev/null +++ b/charts/ocean-metric-exporter/templates/configmap.yaml @@ -0,0 +1,9 @@ +{{ if include "ocean-metric-exporter.createConfigMap" . }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "ocean-metric-exporter.configMapName" . }} + namespace: {{ include "ocean-metric-exporter.namespace" . }} +data: + spotinst.cluster-identifier: "{{ .Values.spotinst.clusterIdentifier }}" +{{- end }} diff --git a/charts/ocean-metric-exporter/templates/deployment.yaml b/charts/ocean-metric-exporter/templates/deployment.yaml index 0903100..5b73f7c 100644 --- a/charts/ocean-metric-exporter/templates/deployment.yaml +++ b/charts/ocean-metric-exporter/templates/deployment.yaml @@ -34,7 +34,6 @@ spec: secretKeyRef: name: {{ include "ocean-metric-exporter.secretName" . }} key: token - optional: true - name: SPOTINST_TOKEN_LEGACY valueFrom: configMapKeyRef: @@ -46,7 +45,6 @@ spec: secretKeyRef: name: {{ include "ocean-metric-exporter.secretName" . }} key: account - optional: true - name: SPOTINST_ACCOUNT_LEGACY valueFrom: configMapKeyRef: @@ -74,7 +72,7 @@ spec: valueFrom: secretKeyRef: name: {{ include "ocean-metric-exporter.caBundleSecretName" . }} - key: userEnvCertificates.pem + key: {{ .Values.caBundleSecret.key }} optional: true {{- with .Values.podEnvVariables }} {{- toYaml . | nindent 8 }} @@ -89,7 +87,7 @@ spec: - --allow-labels={{ join "," .Values.metricsConfiguration.allowLabels }} - --deny-labels={{ join "," .Values.metricsConfiguration.denyLabels }} resources: - {{- toYaml .Values.resources | nindent 12 }} + {{- toYaml .Values.resources | nindent 12 -}} {{- include "ocean-metric-exporter.probes" . | nindent 8 }} {{- with .Values.nodeSelector }} nodeSelector: diff --git a/charts/ocean-metric-exporter/templates/secret.yaml b/charts/ocean-metric-exporter/templates/secret.yaml new file mode 100644 index 0000000..cc06013 --- /dev/null +++ b/charts/ocean-metric-exporter/templates/secret.yaml @@ -0,0 +1,11 @@ +{{ if include "ocean-metric-exporter.createSecret" . }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "ocean-metric-exporter.secretName" . }} + namespace: {{ include "ocean-metric-exporter.namespace" . }} +type: Opaque +data: + token: {{ .Values.spotinst.token | b64enc }} + account: {{ .Values.spotinst.account | b64enc }} +{{- end }} \ No newline at end of file diff --git a/charts/ocean-metric-exporter/values.yaml b/charts/ocean-metric-exporter/values.yaml index be049d2..e70ad55 100644 --- a/charts/ocean-metric-exporter/values.yaml +++ b/charts/ocean-metric-exporter/values.yaml @@ -1,12 +1,49 @@ +# Spot Configuration. +# Will create secret and configMap objects. +spotinst: + # -- (Optional) Spot Token. + # Ref: https://docs.spot.io/administration/api/create-api-token + token: "" + # -- (Optional) Spot Account. + # Ref: https://docs.spot.io/administration/organizations?id=account + account: "" + # -- (Optional) Unique identifier used by the Ocean Controller to connect + # between the Ocean backend and the Kubernetes cluster. + # Ref: https://docs.spot.io/ocean/tutorials/spot-kubernetes-controller/ + clusterIdentifier: "" + +# -- (Optional) Secret name to use. +# In case spotinst.token, spotinst.account are provided, this overrides the name of the created secret. +secretName: "" + +# -- (Optional) ConfigMap name to use. +# In case spotinst.clusterIdentifier is provided, this overrides the name of the created configMap. +configMapName: "" + +# -- Reference secret and configMap for the Ocean Controller. +# Deprecated in favor of spotinst object or secretName and configMapName oceanController: - # -- (Optional) Namespace where components should be installed. - namespace: kube-system - # -- (Optional) Secret name. - secretName: spotinst-kubernetes-cluster-controller - # -- (Optional) ConfigMap name. - configMapName: spotinst-kubernetes-cluster-controller-config - # -- (Optional) Secret name of CA bundle. - caBundleSecretName: spotinst-kubernetes-cluster-controller-ca-bundle + # -- (Optional) Namespace where components should be installed. Deprecated. Use: --namespace= instead. + namespace: "" + # -- (Optional) Secret name. Deprecated. Use: --set secretName= instead. + secretName: "" + # -- (Optional) ConfigMap name. Deprecated. Use: --set configMapName= instead. + configMapName: "" + # -- (Optional) Secret name of CA bundle. Deprecated. Use: --set caBundleSecret.name= instead. + caBundleSecretName: "" + +# CA bundle. +# Ref: https://kubernetes.io/docs/concepts/configuration/secret/ +caBundleSecret: + # -- Controls whether a CA bundle secret should be created. + create: false + # -- CA bundle Secret name. (Optional) + name: "" + # -- Key inside the secret to inject the CA bundle from + key: "userEnvCertificates.pem" + # -- Must contain the CA bundle data in case `caBundleSecret.create` is true. + # For example by using `--set caBundleSecret.data="$(cat ./ca.pem)"` + data: "" # -- (Optional) Replicas. # Ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#replicas