From 492e67fddd236a783e35d684395b6ca6d6c6e493 Mon Sep 17 00:00:00 2001 From: mparram Date: Fri, 8 Oct 2021 09:28:10 +0200 Subject: [PATCH] added sno-helm-charts --- charts/sno-helm-charts/Chart.yaml | 6 + .../templates/amq-broker-broker.yaml | 45 +++++ .../templates/amq-broker-ns.yaml | 4 + .../templates/amq-broker-operatorgroup.yaml | 8 + .../templates/amq-broker-subscription.yaml | 12 ++ .../templates/gitops-appproject.yaml | 160 ++++++++++++++++++ .../templates/gitops-argocd.yaml | 160 ++++++++++++++++++ .../sno-helm-charts/templates/gitops-crb.yaml | 14 ++ .../sno-helm-charts/templates/gitops-ns.yaml | 6 + .../templates/gitops-subscription.yaml | 12 ++ .../sno-helm-charts/templates/hostpath.yaml | 51 ++++++ .../templates/mongo-deployment.yaml | 58 +++++++ .../sno-helm-charts/templates/mongo-ns.yaml | 4 + .../sno-helm-charts/templates/mongo-pv.yaml | 15 ++ .../sno-helm-charts/templates/mongo-pvc.yaml | 12 ++ .../sno-helm-charts/templates/mongo-rb.yaml | 13 ++ .../sno-helm-charts/templates/mongo-sa.yaml | 5 + .../templates/mongo-secret.yaml | 11 ++ .../templates/mongo-service.yaml | 19 +++ .../templates/postgresql-deployment.yaml | 64 +++++++ .../templates/postgresql-ns.yaml | 4 + .../templates/postgresql-pv.yaml | 15 ++ .../templates/postgresql-pvc.yaml | 12 ++ .../templates/postgresql-rb.yaml | 13 ++ .../templates/postgresql-sa.yaml | 5 + .../templates/postgresql-secret.yaml | 10 ++ .../templates/postgresql-service.yaml | 18 ++ charts/sno-helm-charts/values.yaml | 26 +++ 28 files changed, 782 insertions(+) create mode 100644 charts/sno-helm-charts/Chart.yaml create mode 100644 charts/sno-helm-charts/templates/amq-broker-broker.yaml create mode 100644 charts/sno-helm-charts/templates/amq-broker-ns.yaml create mode 100644 charts/sno-helm-charts/templates/amq-broker-operatorgroup.yaml create mode 100644 charts/sno-helm-charts/templates/amq-broker-subscription.yaml create mode 100644 charts/sno-helm-charts/templates/gitops-appproject.yaml create mode 100644 charts/sno-helm-charts/templates/gitops-argocd.yaml create mode 100644 charts/sno-helm-charts/templates/gitops-crb.yaml create mode 100644 charts/sno-helm-charts/templates/gitops-ns.yaml create mode 100644 charts/sno-helm-charts/templates/gitops-subscription.yaml create mode 100644 charts/sno-helm-charts/templates/hostpath.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-deployment.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-ns.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-pv.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-pvc.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-rb.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-sa.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-secret.yaml create mode 100644 charts/sno-helm-charts/templates/mongo-service.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-deployment.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-ns.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-pv.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-pvc.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-rb.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-sa.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-secret.yaml create mode 100644 charts/sno-helm-charts/templates/postgresql-service.yaml create mode 100644 charts/sno-helm-charts/values.yaml diff --git a/charts/sno-helm-charts/Chart.yaml b/charts/sno-helm-charts/Chart.yaml new file mode 100644 index 0000000..5f5b47a --- /dev/null +++ b/charts/sno-helm-charts/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: sno-helm-charts +description: Helm chart to deploy factory components to SNO +type: application +version: 0.0.1 +appVersion: "1.0.0" diff --git a/charts/sno-helm-charts/templates/amq-broker-broker.yaml b/charts/sno-helm-charts/templates/amq-broker-broker.yaml new file mode 100644 index 0000000..8863851 --- /dev/null +++ b/charts/sno-helm-charts/templates/amq-broker-broker.yaml @@ -0,0 +1,45 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: {{ .Values.amqbroker.namespace }} +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: amq-broker + namespace: {{ .Values.amqbroker.namespace }} +spec: + channel: current + installPlanApproval: Automatic + name: amq-broker + source: redhat-operators + sourceNamespace: openshift-marketplace + startingCSV: {{ .Values.amqbroker.startingCSV }} +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: {{ .Values.amqbroker.namespace }} + namespace: {{ .Values.amqbroker.namespace }} +spec: + targetNamespaces: + - {{ .Values.amqbroker.namespace }} +--- +apiVersion: broker.amq.io/v2alpha4 +kind: ActiveMQArtemis +metadata: + name: {{ .Values.amqbroker.brokerName }} + application: {{ .Values.amqbroker.brokerName }} + namespace: {{ .Values.amqbroker.namespace }} +spec: + adminPassword: {{ .Values.amqbroker.adminPassword }} + deploymentPlan: + size: {{ .Values.amqbroker.size }} + persistenceEnabled: false + requireLogin: false + messageMigration: false + managementRBACEnabled: true + journalType: nio + jolokiaAgentEnabled: false + image: placeholder + adminUser: {{ .Values.amqbroker.adminUser }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/amq-broker-ns.yaml b/charts/sno-helm-charts/templates/amq-broker-ns.yaml new file mode 100644 index 0000000..2bb0290 --- /dev/null +++ b/charts/sno-helm-charts/templates/amq-broker-ns.yaml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: {{ .Values.amqbroker.namespace }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/amq-broker-operatorgroup.yaml b/charts/sno-helm-charts/templates/amq-broker-operatorgroup.yaml new file mode 100644 index 0000000..99fbc44 --- /dev/null +++ b/charts/sno-helm-charts/templates/amq-broker-operatorgroup.yaml @@ -0,0 +1,8 @@ +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: {{ .Values.amqbroker.namespace }} + namespace: {{ .Values.amqbroker.namespace }} +spec: + targetNamespaces: + - {{ .Values.amqbroker.namespace }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/amq-broker-subscription.yaml b/charts/sno-helm-charts/templates/amq-broker-subscription.yaml new file mode 100644 index 0000000..b7ea04a --- /dev/null +++ b/charts/sno-helm-charts/templates/amq-broker-subscription.yaml @@ -0,0 +1,12 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: amq-broker + namespace: {{ .Values.amqbroker.namespace }} +spec: + channel: current + installPlanApproval: Automatic + name: amq-broker + source: redhat-operators + sourceNamespace: openshift-marketplace + startingCSV: {{ .Values.amqbroker.startingCSV }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/gitops-appproject.yaml b/charts/sno-helm-charts/templates/gitops-appproject.yaml new file mode 100644 index 0000000..f49a56f --- /dev/null +++ b/charts/sno-helm-charts/templates/gitops-appproject.yaml @@ -0,0 +1,160 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: openshift-gitops + labels: + project: openshift-gitops +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: openshift-gitops-operator + namespace: openshift-operators +spec: + channel: stable + installPlanApproval: Automatic + name: openshift-gitops-operator + source: redhat-operators + sourceNamespace: openshift-marketplace + startingCSV: {{ .Values.gitops.startingCSV }} +--- +{{ if .Values.gitops.clusterAdminController }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: argocd-application-controller-cluster-admin +subjects: + - kind: ServiceAccount + name: argocd-application-controller + namespace: openshift-gitops +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +{{ end }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: cluster-config + namespace: openshift-gitops +spec: + clusterResourceWhitelist: + - group: '*' + kind: '*' + destinations: + - namespace: '*' + server: '*' + sourceRepos: + - '*' +--- +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: openshift-gitops + namespace: openshift-gitops +spec: + server: + autoscale: + enabled: false + grpc: + ingress: + enabled: false + ingress: + enabled: false + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 125m + memory: 128Mi + route: + enabled: true + service: + type: '' + grafana: + enabled: false + ingress: + enabled: false + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + route: + enabled: false + prometheus: + enabled: false + ingress: + enabled: false + route: + enabled: false + initialSSHKnownHosts: {} + applicationSet: + resources: + limits: + cpu: '2' + memory: 1Gi + requests: + cpu: 250m + memory: 512Mi + rbac: {} + repo: + resources: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 250m + memory: 256Mi + resourceExclusions: | + - apiGroups: + - tekton.dev + clusters: + - '*' + kinds: + - TaskRun + - PipelineRun + dex: + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + ha: + enabled: false + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + tls: + ca: {} + redis: + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + controller: + processors: {} + resources: + limits: + cpu: '1' + memory: 2Gi + requests: + cpu: 250m + memory: 1Gi + initialRepositories: | + - name: cluster-config + type: git + url: {{ .Values.gitops.initialRepository }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/gitops-argocd.yaml b/charts/sno-helm-charts/templates/gitops-argocd.yaml new file mode 100644 index 0000000..f49a56f --- /dev/null +++ b/charts/sno-helm-charts/templates/gitops-argocd.yaml @@ -0,0 +1,160 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: openshift-gitops + labels: + project: openshift-gitops +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: openshift-gitops-operator + namespace: openshift-operators +spec: + channel: stable + installPlanApproval: Automatic + name: openshift-gitops-operator + source: redhat-operators + sourceNamespace: openshift-marketplace + startingCSV: {{ .Values.gitops.startingCSV }} +--- +{{ if .Values.gitops.clusterAdminController }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: argocd-application-controller-cluster-admin +subjects: + - kind: ServiceAccount + name: argocd-application-controller + namespace: openshift-gitops +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +{{ end }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: cluster-config + namespace: openshift-gitops +spec: + clusterResourceWhitelist: + - group: '*' + kind: '*' + destinations: + - namespace: '*' + server: '*' + sourceRepos: + - '*' +--- +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: openshift-gitops + namespace: openshift-gitops +spec: + server: + autoscale: + enabled: false + grpc: + ingress: + enabled: false + ingress: + enabled: false + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 125m + memory: 128Mi + route: + enabled: true + service: + type: '' + grafana: + enabled: false + ingress: + enabled: false + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + route: + enabled: false + prometheus: + enabled: false + ingress: + enabled: false + route: + enabled: false + initialSSHKnownHosts: {} + applicationSet: + resources: + limits: + cpu: '2' + memory: 1Gi + requests: + cpu: 250m + memory: 512Mi + rbac: {} + repo: + resources: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 250m + memory: 256Mi + resourceExclusions: | + - apiGroups: + - tekton.dev + clusters: + - '*' + kinds: + - TaskRun + - PipelineRun + dex: + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + ha: + enabled: false + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + tls: + ca: {} + redis: + resources: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 250m + memory: 128Mi + controller: + processors: {} + resources: + limits: + cpu: '1' + memory: 2Gi + requests: + cpu: 250m + memory: 1Gi + initialRepositories: | + - name: cluster-config + type: git + url: {{ .Values.gitops.initialRepository }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/gitops-crb.yaml b/charts/sno-helm-charts/templates/gitops-crb.yaml new file mode 100644 index 0000000..05d92ec --- /dev/null +++ b/charts/sno-helm-charts/templates/gitops-crb.yaml @@ -0,0 +1,14 @@ +{{ if .Values.gitops.clusterAdminController }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: argocd-application-controller-cluster-admin +subjects: + - kind: ServiceAccount + name: argocd-application-controller + namespace: openshift-gitops +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +{{ end }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/gitops-ns.yaml b/charts/sno-helm-charts/templates/gitops-ns.yaml new file mode 100644 index 0000000..daa5fde --- /dev/null +++ b/charts/sno-helm-charts/templates/gitops-ns.yaml @@ -0,0 +1,6 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: openshift-gitops + labels: + project: openshift-gitops \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/gitops-subscription.yaml b/charts/sno-helm-charts/templates/gitops-subscription.yaml new file mode 100644 index 0000000..d3716ae --- /dev/null +++ b/charts/sno-helm-charts/templates/gitops-subscription.yaml @@ -0,0 +1,12 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: openshift-gitops-operator + namespace: openshift-operators +spec: + channel: stable + installPlanApproval: Automatic + name: openshift-gitops-operator + source: redhat-operators + sourceNamespace: openshift-marketplace + startingCSV: {{ .Values.gitops.startingCSV }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/hostpath.yaml b/charts/sno-helm-charts/templates/hostpath.yaml new file mode 100644 index 0000000..b0eb728 --- /dev/null +++ b/charts/sno-helm-charts/templates/hostpath.yaml @@ -0,0 +1,51 @@ +apiVersion: machineconfiguration.openshift.io/v1 +kind: MachineConfig +metadata: + name: 50-set-selinux-for-hostpath-volumes-sno + labels: + machineconfiguration.openshift.io/role: master +spec: + config: + ignition: + version: 2.2.0 + systemd: + units: + - contents: | + [Unit] + Description=Create directory for mongodb + Before=kubelet.service + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStartPre=mkdir -p {{ .Values.mongo.path }} + ExecStart=chown core:core {{ .Values.mongo.path }} + [Install] + WantedBy=multi-user.target + enabled: true + name: hostpath-mongodb.service + - contents: | + [Unit] + Description=Create directory for PostgreSQL + Before=kubelet.service + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStartPre=mkdir -p {{ .Values.postgresql.path }} + ExecStart=chown core:core {{ .Values.postgresql.path }} + [Install] + WantedBy=multi-user.target + enabled: true + name: hostpath-postgresql.service + - contents: | + [Unit] + Description=Set SELinux chcon for hostpath provisioner + Before=kubelet.service + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStartPre=mkdir -p /mnt/hpvolumes + ExecStart=/usr/bin/chcon -Rt container_file_t /mnt/hpvolumes + [Install] + WantedBy=multi-user.target + enabled: true + name: hostpath-provisioner.service diff --git a/charts/sno-helm-charts/templates/mongo-deployment.yaml b/charts/sno-helm-charts/templates/mongo-deployment.yaml new file mode 100644 index 0000000..5d80a0c --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-deployment.yaml @@ -0,0 +1,58 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: mongodb + namespace: {{ .Values.mongo.namespace }} + labels: + app: mongodb +spec: + replicas: 1 + selector: + matchLabels: + app: mongodb + template: + metadata: + creationTimestamp: null + labels: + app: mongodb + deploymentconfig: mongodb + spec: + restartPolicy: Always + serviceAccountName: mongodb + schedulerName: default-scheduler + terminationGracePeriodSeconds: 30 + securityContext: + runAsUser: 0 + containers: + - resources: + limits: + cpu: 500m + memory: 2Gi + terminationMessagePath: /dev/termination-log + name: mongodb + ports: + - containerPort: 27017 + protocol: TCP + imagePullPolicy: IfNotPresent + volumeMounts: + - name: mongodb-1 + mountPath: /var/lib/mongodb/data + terminationMessagePolicy: File + envFrom: + - secretRef: + name: mongodb + image: >- + registry.redhat.io/rhscl/mongodb-36-rhel7@sha256:8dc9932eabd30f2ee4d0b882500c65b48f3c2fbbd85bfd51d0d18410af404a39 + serviceAccount: mongodb + volumes: + - name: mongodb-1 + persistentVolumeClaim: + claimName: mongodb-pvc + dnsPolicy: ClusterFirst + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 25% + maxSurge: 25% + revisionHistoryLimit: 10 + progressDeadlineSeconds: 600 \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/mongo-ns.yaml b/charts/sno-helm-charts/templates/mongo-ns.yaml new file mode 100644 index 0000000..6eb63bd --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-ns.yaml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: {{ .Values.mongo.namespace }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/mongo-pv.yaml b/charts/sno-helm-charts/templates/mongo-pv.yaml new file mode 100644 index 0000000..ed48140 --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-pv.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: mongodb-pv + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: {{ .Values.mongo.storageCapacity }} + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + hostPath: + path: {{ .Values.mongo.path }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/mongo-pvc.yaml b/charts/sno-helm-charts/templates/mongo-pvc.yaml new file mode 100644 index 0000000..b4d0de0 --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongodb-pvc + namespace: {{ .Values.mongo.namespace }} +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.mongo.storageCapacity }} + storageClassName: manual \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/mongo-rb.yaml b/charts/sno-helm-charts/templates/mongo-rb.yaml new file mode 100644 index 0000000..1e52de5 --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-rb.yaml @@ -0,0 +1,13 @@ +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: 'system:openshift:scc:privileged' + namespace: {{ .Values.mongo.namespace }} +subjects: + - kind: ServiceAccount + name: mongodb + namespace: {{ .Values.mongo.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: 'system:openshift:scc:privileged' \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/mongo-sa.yaml b/charts/sno-helm-charts/templates/mongo-sa.yaml new file mode 100644 index 0000000..901490d --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-sa.yaml @@ -0,0 +1,5 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: mongodb + namespace: {{ .Values.mongo.namespace }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/mongo-secret.yaml b/charts/sno-helm-charts/templates/mongo-secret.yaml new file mode 100644 index 0000000..1814134 --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-secret.yaml @@ -0,0 +1,11 @@ +kind: Secret +apiVersion: v1 +metadata: + name: mongodb + namespace: {{ .Values.mongo.namespace }} +stringData: + MONGODB_ADMIN_PASSWORD: {{ .Values.mongo.MONGODB_ADMIN_PASSWORD }} + MONGODB_DATABASE: {{ .Values.mongo.MONGODB_DATABASE }} + MONGODB_PASSWORD: {{ .Values.mongo.MONGODB_PASSWORD }} + MONGODB_USER: {{ .Values.mongo.MONGODB_USER }} +type: Opaque \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/mongo-service.yaml b/charts/sno-helm-charts/templates/mongo-service.yaml new file mode 100644 index 0000000..4fcd414 --- /dev/null +++ b/charts/sno-helm-charts/templates/mongo-service.yaml @@ -0,0 +1,19 @@ +kind: Service +apiVersion: v1 +metadata: + name: mongodb + namespace: {{ .Values.mongo.namespace }} +spec: + ports: + - name: 27017-tcp + protocol: TCP + port: 27017 + targetPort: 27017 + selector: + app: mongodb + deploymentconfig: mongodb + type: ClusterIP + sessionAffinity: None + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-deployment.yaml b/charts/sno-helm-charts/templates/postgresql-deployment.yaml new file mode 100644 index 0000000..f432a45 --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-deployment.yaml @@ -0,0 +1,64 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: postgresql + namespace: {{ .Values.postgresql.namespace }} + labels: + app: postgresql + app.kubernetes.io/component: postgresql + app.kubernetes.io/instance: postgresql + app.kubernetes.io/name: postgresql + app.kubernetes.io/part-of: postgresql + app.openshift.io/runtime: postgresql + app.openshift.io/runtime-namespace: openshift + app.openshift.io/runtime-version: '12' +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + template: + metadata: + creationTimestamp: null + labels: + app: postgresql + deploymentconfig: postgresql + annotations: + openshift.io/generated-by: OpenShiftWebConsole + spec: + restartPolicy: Always + serviceAccountName: postgresql + schedulerName: default-scheduler + terminationGracePeriodSeconds: 30 + securityContext: + runAsUser: 1000 + containers: + - resources: {} + terminationMessagePath: /dev/termination-log + name: postgresql + ports: + - containerPort: 5432 + protocol: TCP + imagePullPolicy: IfNotPresent + volumeMounts: + - name: postgresql-1 + mountPath: /var/lib/pgsql/data + terminationMessagePolicy: File + envFrom: + - secretRef: + name: postgresql + image: >- + registry.redhat.io/rhscl/postgresql-12-rhel7@sha256:e0c8dbecd0b6bdc345742b5bca7b62ad39173d38f019b8c6d54b32a23074fcff + serviceAccount: postgresql + volumes: + - name: postgresql-1 + persistentVolumeClaim: + claimName: postgresql-pvc + dnsPolicy: ClusterFirst + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 25% + maxSurge: 25% + revisionHistoryLimit: 10 + progressDeadlineSeconds: 600 \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-ns.yaml b/charts/sno-helm-charts/templates/postgresql-ns.yaml new file mode 100644 index 0000000..a147d1e --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-ns.yaml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: {{ .Values.postgresql.namespace }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-pv.yaml b/charts/sno-helm-charts/templates/postgresql-pv.yaml new file mode 100644 index 0000000..9cafa36 --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-pv.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: postgresql-pv + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: {{ .Values.postgresql.storageCapacity }} + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + hostPath: + path: {{ .Values.postgresql.path }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-pvc.yaml b/charts/sno-helm-charts/templates/postgresql-pvc.yaml new file mode 100644 index 0000000..6038158 --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgresql-pvc + namespace: {{ .Values.postgresql.namespace }} +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.postgresql.storageCapacity }} + storageClassName: manual \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-rb.yaml b/charts/sno-helm-charts/templates/postgresql-rb.yaml new file mode 100644 index 0000000..1409d48 --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-rb.yaml @@ -0,0 +1,13 @@ +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: 'system:openshift:scc:privileged' + namespace: {{ .Values.postgresql.namespace }} +subjects: + - kind: ServiceAccount + name: postgresql + namespace: {{ .Values.postgresql.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: 'system:openshift:scc:privileged' \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-sa.yaml b/charts/sno-helm-charts/templates/postgresql-sa.yaml new file mode 100644 index 0000000..ee66406 --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-sa.yaml @@ -0,0 +1,5 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: postgresql + namespace: {{ .Values.postgresql.namespace }} \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-secret.yaml b/charts/sno-helm-charts/templates/postgresql-secret.yaml new file mode 100644 index 0000000..fc9b125 --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-secret.yaml @@ -0,0 +1,10 @@ +kind: Secret +apiVersion: v1 +metadata: + name: postgresql + namespace: {{ .Values.postgresql.namespace }} +stringData: + POSTGRESQL_DATABASE: {{ .Values.postgresql.POSTGRESQL_DATABASE }} + POSTGRESQL_PASSWORD: {{ .Values.postgresql.POSTGRESQL_PASSWORD }} + POSTGRESQL_USER: {{ .Values.postgresql.POSTGRESQL_USER }} +type: Opaque \ No newline at end of file diff --git a/charts/sno-helm-charts/templates/postgresql-service.yaml b/charts/sno-helm-charts/templates/postgresql-service.yaml new file mode 100644 index 0000000..e5b851c --- /dev/null +++ b/charts/sno-helm-charts/templates/postgresql-service.yaml @@ -0,0 +1,18 @@ +kind: Service +apiVersion: v1 +metadata: + name: postgresql + namespace: {{ .Values.postgresql.namespace }} +spec: + ports: + - name: postgresql + protocol: TCP + port: 5432 + targetPort: 5432 + selector: + app: postgresql + type: ClusterIP + sessionAffinity: None + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack diff --git a/charts/sno-helm-charts/values.yaml b/charts/sno-helm-charts/values.yaml new file mode 100644 index 0000000..d3cb8cc --- /dev/null +++ b/charts/sno-helm-charts/values.yaml @@ -0,0 +1,26 @@ +name: sno-helm-charts +amqbroker: + namespace: factory-amq-broker + startingCSV: amq-broker-operator.v7.8.1-opr-3 + brokerName: factory01-broker + adminPassword: qiotmanufacturingpassword + adminUser: qiotmanufacturing +gitops: + clusterAdminController: true + startingCSV: openshift-gitops-operator.v1.2.1 + initialRepository: https://github.com/qiot-project/qiot-manufacturing-factory-gitops.git +mongo: + namespace: "factory-mongo" + path: "/mnt/hpvolumes/mongodb" + storageCapacity: 5Gi + MONGODB_ADMIN_PASSWORD: qiotmanufacturingmongoadminpass + MONGODB_DATABASE: qiotmongo + MONGODB_PASSWORD: mongopass + MONGODB_USER: mongouser +postgresql: + namespace: factory-postgresql + path: "/mnt/hpvolumes/mongodb" + storageCapacity: 5Gi + POSTGRESQL_DATABASE: qiot_manufacturing + POSTGRESQL_PASSWORD: qiotmanufacturingpassword + POSTGRESQL_USER: qiotmanufacturing \ No newline at end of file