diff --git a/assets/kubecost/cost-analyzer-2.3.5.tgz b/assets/kubecost/cost-analyzer-2.3.5.tgz index 74dba8a7d6..e75367a09e 100644 Binary files a/assets/kubecost/cost-analyzer-2.3.5.tgz and b/assets/kubecost/cost-analyzer-2.3.5.tgz differ diff --git a/assets/kubecost/cost-analyzer-2.4.0.tgz b/assets/kubecost/cost-analyzer-2.4.0.tgz new file mode 100644 index 0000000000..26dd8500a7 Binary files /dev/null and b/assets/kubecost/cost-analyzer-2.4.0.tgz differ diff --git a/assets/redpanda/redpanda-5.9.4.tgz b/assets/redpanda/redpanda-5.9.4.tgz new file mode 100644 index 0000000000..746385140e Binary files /dev/null and b/assets/redpanda/redpanda-5.9.4.tgz differ diff --git a/charts/kubecost/cost-analyzer/2.3.5/Chart.yaml b/charts/kubecost/cost-analyzer/2.3.5/Chart.yaml index 4f047595d9..93d1785c56 100644 --- a/charts/kubecost/cost-analyzer/2.3.5/Chart.yaml +++ b/charts/kubecost/cost-analyzer/2.3.5/Chart.yaml @@ -4,7 +4,6 @@ annotations: url: https://www.kubecost.com catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Kubecost - catalog.cattle.io/featured: "1" catalog.cattle.io/release-name: cost-analyzer apiVersion: v2 appVersion: 2.3.5 diff --git a/charts/kubecost/cost-analyzer/2.4.0/Chart.yaml b/charts/kubecost/cost-analyzer/2.4.0/Chart.yaml new file mode 100644 index 0000000000..41acf6245a --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/Chart.yaml @@ -0,0 +1,14 @@ +annotations: + artifacthub.io/links: | + - name: Homepage + url: https://www.kubecost.com + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kubecost + catalog.cattle.io/featured: "1" + catalog.cattle.io/release-name: cost-analyzer +apiVersion: v2 +appVersion: 2.4.0 +description: Kubecost Helm chart - monitor your cloud costs! +icon: file://assets/icons/cost-analyzer.png +name: cost-analyzer +version: 2.4.0 diff --git a/charts/kubecost/cost-analyzer/2.4.0/README.md b/charts/kubecost/cost-analyzer/2.4.0/README.md new file mode 100644 index 0000000000..72da48c297 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/README.md @@ -0,0 +1,116 @@ +# Kubecost Helm chart + +This is the official Helm chart for [Kubecost](https://www.kubecost.com/), an enterprise-grade application to monitor and manage Kubernetes spend. Please see the [website](https://www.kubecost.com/) for more details on what Kubecost can do for you and the official documentation [here](https://docs.kubecost.com/), or contact [team@kubecost.com](mailto:team@kubecost.com) for assistance. + +To install via Helm, run the following command. + +```sh +helm upgrade --install kubecost -n kubecost --create-namespace \ + --repo https://kubecost.github.io/cost-analyzer/ cost-analyzer \ + --set kubecostToken="aGVsbUBrdWJlY29zdC5jb20=xm343yadf98" +``` + +Alternatively, add the Helm repository first and scan for updates. + +```sh +helm repo add kubecost https://kubecost.github.io/cost-analyzer/ +helm repo update +``` + +Next, install the chart. + +```sh +helm install kubecost kubecost/cost-analyzer -n kubecost --create-namespace \ + --set kubecostToken="aGVsbUBrdWJlY29zdC5jb20=xm343yadf98" +``` + +While Helm is the [recommended install path](http://kubecost.com/install) for Kubecost especially in production, Kubecost can alternatively be deployed with a single-file manifest using the following command. Keep in mind when choosing this method, Kubecost will be installed from a development branch and may include unreleased changes. + +```sh +kubectl apply -f https://raw.githubusercontent.com/kubecost/cost-analyzer-helm-chart/develop/kubecost.yaml +``` + +The following table lists commonly used configuration parameters for the Kubecost Helm chart and their default values. Please see the [values file](values.yaml) for the complete set of definable values. + +| Parameter | Description | Default | +|------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------| +| `global.prometheus.enabled` | If false, use an existing Prometheus install. [More info](http://docs.kubecost.com/custom-prom). | `true` | +| `prometheus.server.persistentVolume.enabled` | If true, Prometheus server will create a Persistent Volume Claim. | `true` | +| `prometheus.server.persistentVolume.size` | Prometheus server data Persistent Volume size. Default set to retain ~6000 samples per second for 15 days. | `32Gi` | +| `prometheus.server.retention` | Determines when to remove old data. | `15d` | +| `prometheus.server.resources` | Prometheus server resource requests and limits. | `{}` | +| `prometheus.nodeExporter.resources` | Node exporter resource requests and limits. | `{}` | +| `prometheus.nodeExporter.enabled` `prometheus.serviceAccounts.nodeExporter.create` | If false, do not crate NodeExporter daemonset. | `true` | +| `prometheus.alertmanager.persistentVolume.enabled` | If true, Alertmanager will create a Persistent Volume Claim. | `true` | +| `prometheus.pushgateway.persistentVolume.enabled` | If true, Prometheus Pushgateway will create a Persistent Volume Claim. | `true` | +| `persistentVolume.enabled` | If true, Kubecost will create a Persistent Volume Claim for product config data. | `true` | +| `persistentVolume.size` | Define PVC size for cost-analyzer | `32.0Gi` | +| `persistentVolume.dbSize` | Define PVC size for cost-analyzer's flat file database | `32.0Gi` | +| `ingress.enabled` | If true, Ingress will be created | `false` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.className` | Ingress class name | `{}` | +| `ingress.paths` | Ingress paths | `["/"]` | +| `ingress.hosts` | Ingress hostnames | `[cost-analyzer.local]` | +| `ingress.tls` | Ingress TLS configuration (YAML) | `[]` | +| `networkPolicy.enabled` | If true, create a NetworkPolicy to deny egress | `false` | +| `networkPolicy.costAnalyzer.enabled` | If true, create a newtork policy for cost-analzyer | `false` | +| `networkPolicy.costAnalyzer.annotations` | Annotations to be added to the network policy | `{}` | +| `networkPolicy.costAnalyzer.additionalLabels` | Additional labels to be added to the network policy | `{}` | +| `networkPolicy.costAnalyzer.ingressRules` | A list of network policy ingress rules | `null` | +| `networkPolicy.costAnalyzer.egressRules` | A list of network policy egress rules | `null` | +| `networkCosts.enabled` | If true, collect network allocation metrics [More info](http://docs.kubecost.com/network-allocation) | `false` | +| `networkCosts.podMonitor.enabled` | If true, a [PodMonitor](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#podmonitor) for the network-cost daemonset is created | `false` | +| `serviceMonitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | +| `serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `serviceMonitor.relabelings` | Sets Prometheus metric_relabel_configs on the scrape job | `[]` | +| `serviceMonitor.metricRelabelings` | Sets Prometheus relabel_configs on the scrape job | `[]` | +| `prometheusRule.enabled` | Set this to `true` to create PrometheusRule for Prometheus operator | `false` | +| `prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `grafana.resources` | Grafana resource requests and limits. | `{}` | +| `grafana.serviceAccount.create` | If true, create a Service Account for Grafana. | `true` | +| `grafana.serviceAccount.name` | Grafana Service Account name. | `{}` | +| `grafana.sidecar.datasources.defaultDatasourceEnabled` | Set this to `false` to disable creation of Prometheus datasource in Grafana | `true` | +| `serviceAccount.create` | Set this to `false` if you want to create the service account `kubecost-cost-analyzer` on your own | `true` | +| `tolerations` | node taints to tolerate | `[]` | +| `affinity` | pod affinity | `{}` | +| `kubecostProductConfigs.productKey.mountPath` | Use instead of `kubecostProductConfigs.productKey.secretname` to declare the path at which the product key file is mounted (eg. by a secrets provisioner) | `N/A` | +| `kubecostFrontend.api.fqdn` | Customize the upstream api FQDN | `computed in terms of the service name and namespace` | +| `kubecostFrontend.model.fqdn` | Customize the upstream model FQDN | `computed in terms of the service name and namespace` | +| `clusterController.fqdn` | Customize the upstream cluster controller FQDN | `computed in terms of the service name and namespace` | +| `global.grafana.fqdn` | Customize the upstream grafana FQDN | `computed in terms of the release name and namespace` | + +## Adjusting Log Output + +The log output can be customized during deployment by using the `LOG_LEVEL` and/or `LOG_FORMAT` environment variables. + +### Adjusting Log Level + +Adjusting the log level increases or decreases the level of verbosity written to the logs. To set the log level to `trace`, the following flag can be added to the `helm` command. + +```sh +--set 'kubecostModel.extraEnv[0].name=LOG_LEVEL,kubecostModel.extraEnv[0].value=trace' +``` + +### Adjusting Log Format + +Adjusting the log format changes the format in which the logs are output making it easier for log aggregators to parse and display logged messages. The `LOG_FORMAT` environment variable accepts the values `JSON`, for a structured output, and `pretty` for a nice, human-readable output. + +| Value | Output | +|--------|----------------------------------------------------------------------------------------------------------------------------| +| `JSON` | `{"level":"info","time":"2006-01-02T15:04:05.999999999Z07:00","message":"Starting cost-model (git commit \"1.91.0-rc.0\")"}` | +| `pretty` | `2006-01-02T15:04:05.999999999Z07:00 INF Starting cost-model (git commit "1.91.0-rc.0")` | + +## Testing +To perform local testing do next: +- install locally [kind](https://github.com/kubernetes-sigs/kind) according to documentation. +- install locally [ct](https://github.com/helm/chart-testing) according to documentation. +- create local cluster using `kind` \ +use image version from https://github.com/kubernetes-sigs/kind/releases e.g. `kindest/node:v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8` +```shell +kind create cluster --image kindest/node:v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8 +``` +- perform ct execution +```shell +ct install --chart-dirs="." --charts="." +``` + diff --git a/charts/kubecost/cost-analyzer/2.4.0/app-readme.md b/charts/kubecost/cost-analyzer/2.4.0/app-readme.md new file mode 100644 index 0000000000..90fd50607a --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/app-readme.md @@ -0,0 +1,25 @@ +# Kubecost + +[Kubecost](https://kubecost.com/) is an open-source Kubernetes cost monitoring solution. + +Kubecost gives teams visibility into current and historical Kubernetes spend and resource allocation. These models provide cost transparency in Kubernetes environments that support multiple applications, teams, departments, etc. + +To see more on the functionality of the full Kubecost product, please visit the [features page](https://kubecost.com/#features) on our website. + +Here is a summary of features enabled by this cost model: + +- Real-time cost allocation by Kubernetes service, deployment, namespace, label, statefulset, daemonset, pod, and container +- Dynamic asset pricing enabled by integrations with AWS, Azure, and GCP billing APIs +- Supports on-prem k8s clusters with custom pricing sheets +- Allocation for in-cluster resources like CPU, GPU, memory, and persistent volumes. +- Allocation for AWS & GCP out-of-cluster resources like RDS instances and S3 buckets with key (optional) +- Easily export pricing data to Prometheus with /metrics endpoint ([learn more](https://github.com/kubecost/cost-model/blob/develop/PROMETHEUS.md)) +- Free and open source distribution (Apache2 license) + +## Requirements + +- Kubernetes 1.8+ +- kube-state-metrics +- Grafana +- Prometheus +- Node Exporter diff --git a/charts/kubecost/cost-analyzer/2.4.0/ci/aggregator-values.yaml b/charts/kubecost/cost-analyzer/2.4.0/ci/aggregator-values.yaml new file mode 100644 index 0000000000..523b9e81b5 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/ci/aggregator-values.yaml @@ -0,0 +1,17 @@ +kubecostAggregator: + enabled: true + cloudCost: + enabled: true + aggregatorDbStorage: + storageRequest: 10Gi +kubecostModel: + federatedStorageConfigSecret: federated-store +kubecostProductConfigs: + cloudIntegrationSecret: cloud-integration + clusterName: CLUSTER_NAME +prometheus: + server: + global: + external_labels: + # cluster_id should be unique for all clusters and the same value as .kubecostProductConfigs.clusterName + cluster_id: CLUSTER_NAME diff --git a/charts/kubecost/cost-analyzer/2.4.0/ci/federatedetl-primary-netcosts-values.yaml b/charts/kubecost/cost-analyzer/2.4.0/ci/federatedetl-primary-netcosts-values.yaml new file mode 100644 index 0000000000..78ad057258 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/ci/federatedetl-primary-netcosts-values.yaml @@ -0,0 +1,35 @@ +kubecostProductConfigs: + clusterName: CLUSTER_NAME + # cloudIntegrationSecret: cloud-integration +federatedETL: + useExistingS3Config: false + federatedCluster: true +kubecostModel: + containerStatsEnabled: true + federatedStorageConfigSecret: federated-store +serviceAccount: # this example uses AWS IRSA, which creates a service account with rights to the s3 bucket. If using keys+secrets in the federated-store, set create: true + create: true +global: + prometheus: + enabled: true + # fqdn: http://prometheus-operated.monitoring:9090 + grafana: # prometheus metrics will be local cluster only, disable grafana to save resources + enabled: false + proxy: false +prometheus: + nodeExporter: + enabled: false + server: + global: + external_labels: + # cluster_id should be unique for all clusters and the same value as .kubecostProductConfigs.clusterName + cluster_id: CLUSTER_NAME +networkCosts: + # optional, see: https://docs.kubecost.com/install-and-configure/advanced-configuration/network-costs-configuration + enabled: true + config: + services: + # set the appropriate cloud provider to true + amazon-web-services: true + # google-cloud-services: true + # azure-cloud-services: true diff --git a/charts/kubecost/cost-analyzer/2.4.0/ci/statefulsets-cc.yaml b/charts/kubecost/cost-analyzer/2.4.0/ci/statefulsets-cc.yaml new file mode 100644 index 0000000000..626a0c2e5e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/ci/statefulsets-cc.yaml @@ -0,0 +1,46 @@ +### This test is to verify that Kubecost aggregator is deployed as a StatefulSet, +### cluster controller is installed, and the various Prometheus components are installed. +global: + podAnnotations: + kubecost.io/test1: value1 + kubecost.io/test2: value2 + additionalLabels: + kubecosttest1: value1 + kubecosttest2: value2 + prometheus: + enabled: true + # fqdn: http://prometheus-operated.monitoring:9090 + grafana: # prometheus metrics will be local cluster only, disable grafana to save resources + enabled: false + proxy: false +kubecostProductConfigs: + clusterName: CLUSTER_NAME +kubecostAggregator: + deployMethod: statefulset +kubecostModel: + federatedStorageConfigSecret: federated-store +clusterController: + enabled: true + actionConfigs: + clusterTurndown: + - name: my-schedule2 + start: "2034-02-09T00:00:00Z" + end: "2034-02-09T01:00:00Z" + repeat: none +prometheus: + nodeExporter: + enabled: true + alertmanager: + enabled: true + configmapReload: + prometheus: + enabled: true + pushgateway: + enabled: true + server: + statefulSet: + enabled: true + global: + external_labels: + # cluster_id should be unique for all clusters and the same value as .kubecostProductConfigs.clusterName + cluster_id: CLUSTER_NAME \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/crds/cluster-turndown-crd.yaml b/charts/kubecost/cost-analyzer/2.4.0/crds/cluster-turndown-crd.yaml new file mode 100644 index 0000000000..8c87644cc9 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/crds/cluster-turndown-crd.yaml @@ -0,0 +1,78 @@ +# TurndownSchedule Custom Resource Definition for persistence +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: turndownschedules.kubecost.com +spec: + group: kubecost.com + names: + kind: TurndownSchedule + singular: turndownschedule + plural: turndownschedules + shortNames: + - td + - tds + scope: Cluster + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + start: + type: string + format: date-time + end: + type: string + format: date-time + repeat: + type: string + enum: [none, daily, weekly] + status: + type: object + properties: + state: + type: string + lastUpdated: + format: date-time + type: string + current: + type: string + scaleDownId: + type: string + nextScaleDownTime: + format: date-time + type: string + scaleDownMetadata: + additionalProperties: + type: string + type: object + scaleUpID: + type: string + nextScaleUpTime: + format: date-time + type: string + scaleUpMetadata: + additionalProperties: + type: string + type: object + additionalPrinterColumns: + - name: State + type: string + description: The state of the turndownschedule + jsonPath: .status.state + - name: Next Turndown + type: string + description: The next turndown date-time + jsonPath: .status.nextScaleDownTime + - name: Next Turn Up + type: string + description: The next turn up date-time + jsonPath: .status.nextScaleUpTime diff --git a/charts/kubecost/cost-analyzer/2.4.0/custom-pricing.csv b/charts/kubecost/cost-analyzer/2.4.0/custom-pricing.csv new file mode 100644 index 0000000000..c3e6d23674 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/custom-pricing.csv @@ -0,0 +1,7 @@ +EndTimestamp,InstanceID,Region,AssetClass,InstanceIDField,InstanceType,MarketPriceHourly,Version +2028-01-06 23:34:45 UTC,,us-east-2,node,metadata.name,g4dn.xlarge,5.55, +2028-01-06 23:34:45 UTC,,,node,metadata.name,R730-type1,1.35, +2028-01-06 23:34:45 UTC,,,pv,metadata.name,standard,0.44, +2028-01-06 23:34:45 UTC,a100,,gpu,gpu.nvidia.com/class,,0.75, +2028-01-06 23:34:45 UTC,RTX3090,,gpu,nvidia.com/gpu_type,,0.65, +2028-01-06 23:34:45 UTC,i-01045ab6d13179700,,,spec.providerID,,1.2, diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/README.md b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/README.md new file mode 100644 index 0000000000..160316ab6c --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/README.md @@ -0,0 +1,45 @@ +# Kubecost Grafana Dashboards + +## Overview + +Kubecost, by default, is bundled with a Grafana instance that already contains the dashboards in this folder. + +The dashboards in this repo are imported into Kubecost, unless disabled with + + +The same dashboards have template versions in [grafana-templates/](grafana-templates/) for those wanting to load the dashboards into an existing Grafana instance. + +## Caveats + +The primary purpose of the dashboards provided is to allow visibility into the metrics used by Kubecost to create the cost-model. + +The networkCosts-metrics dashboard requires the optional networkCosts daemonset to be [enabled](https://docs.kubecost.com/install-and-configure/advanced-configuration/network-costs-configuration). + +## Metrics Required + +`kubecost-container-stats` metrics: + +``` +container_cpu_usage_seconds_total +kube_pod_container_resource_requests +container_memory_working_set_bytes +container_cpu_cfs_throttled_periods_total +container_cpu_cfs_periods_total +``` + +`network-transfer-data` metrics: + +``` +kubecost_pod_network_ingress_bytes_total +kubecost_pod_network_egress_bytes_total +``` + +`disk-usage` metrics: +``` +container_fs_limit_bytes +container_fs_usage_bytes +``` + +## Additional Information + +Kubecost Grafana [Configuration Guide](https://docs.kubecost.com/install-and-configure/advanced-configuration/custom-grafana) \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/attached-disks.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/attached-disks.json new file mode 100644 index 0000000000..49c8d6c1a0 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/attached-disks.json @@ -0,0 +1,549 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 16, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "editorMode": "code", + "expr": "sum(container_fs_limit_bytes{instance=~'$disk', device!=\"tmpfs\", id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}/{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Disk Size", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 1, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "editorMode": "code", + "expr": "sum(container_fs_usage_bytes{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance) / sum(container_fs_limit_bytes{instance=~'$disk',device!=\"tmpfs\", id=\"/\", cluster_id=~'$cluster'}) by (cluster_id,instance)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}-{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Disk Utilization", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 1, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 9 + }, + "id": 5, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "editorMode": "code", + "expr": "1 - sum(container_fs_inodes_free{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance) / sum(container_fs_inodes_total{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}/{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "iNode Utilization", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 9 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "editorMode": "code", + "expr": "sum(container_fs_usage_bytes{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}/{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Disk Usage", + "type": "timeseries" + } + ], + "schemaVersion": 39, + "tags": [ + "kubecost", + "cost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "PBFA97CFB590B2093" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": true, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "definition": "label_values(cluster_id)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "query": "label_values(cluster_id)", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": true, + "text": "ip-192-168-147-146.us-east-2.compute.internal", + "value": "ip-192-168-147-146.us-east-2.compute.internal" + }, + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "definition": "label_values(container_fs_limit_bytes{cluster_id=~\"$cluster\"}, instance)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "disk", + "options": [], + "query": { + "query": "label_values(container_fs_limit_bytes{cluster_id=~\"$cluster\"}, instance)", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-7d", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Attached disk metrics", + "uid": "nBH7qBgMk", + "version": 7, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/cluster-metrics.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/cluster-metrics.json new file mode 100644 index 0000000000..2535560006 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/cluster-metrics.json @@ -0,0 +1,1683 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "description": "Cost metrics from the Kubecost product", + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "id": 7, + "iteration": 1558062099204, + "links": [], + "panels": [ + { + "content": "Deprecated - It is not expected to match Kubecost UI/API.", + "gridPos": { + "h": 2, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 27, + "links": [], + "mode": "markdown", + "title": "", + "transparent": true, + "type": "text" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "${datasource}", + "decimals": 2, + "description": "Monthly run rate of CPU + GPU costs based on currently provisioned resources.", + "format": "currencyUSD", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 6, + "x": 0, + "y": 2 + }, + "hideTimeOverride": true, + "id": 2, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": true, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n)", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "thresholds": "", + "timeFrom": "15m", + "timeShift": null, + "title": "CPU Cost", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "${datasource}", + "decimals": 2, + "description": "Monthly run rate of memory costs based on currently provisioned expenses.", + "format": "currencyUSD", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 6, + "x": 6, + "y": 2 + }, + "hideTimeOverride": true, + "id": 3, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n)", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "thresholds": "", + "timeFrom": "15m", + "timeShift": null, + "title": "Memory Cost", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "${datasource}", + "decimals": 2, + "description": "Monthly run rate of attached storage and PV costs based on currently provisioned resources.", + "format": "currencyUSD", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 6, + "x": 12, + "y": 2 + }, + "hideTimeOverride": true, + "id": 4, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum(avg(pv_hourly_cost) by (persistentvolume) * 730 * avg(kube_persistentvolume_capacity_bytes) by (persistentvolume) / 1024 / 1024 / 1024) \n+\nsum(sum(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "thresholds": "", + "timeFrom": "15m", + "timeShift": null, + "title": "Storage Cost", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "${datasource}", + "decimals": 2, + "description": "Sum of compute, memory, storage and network costs.", + "format": "currencyUSD", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 7, + "w": 6, + "x": 18, + "y": 2 + }, + "hideTimeOverride": true, + "id": 11, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "# Compute\nsum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n\n# Memory\nsum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n# Storage \n\nsum(avg(pv_hourly_cost) by (persistentvolume) * 730 * avg(kube_persistentvolume_capacity_bytes) by (persistentvolume) / 1024 / 1024 / 1024) \n+\nsum(sum(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "thresholds": "", + "timeFrom": "15m", + "timeShift": null, + "title": "Total Cost", + "type": "singlestat", + "valueFontSize": "120%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "datasource": "${datasource}", + "decimals": 2, + "description": "Current CPU use from applications divided by allocatable CPUs", + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 0, + "y": 5 + }, + "height": "180px", + "hideTimeOverride": true, + "id": 13, + "interval": null, + "isNew": true, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "(\n sum(\n count(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n * on (instance) \n sum(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n ) \n / \n (sum (kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}))\n) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "thresholds": "30, 80", + "timeFrom": "", + "title": "CPU Utilization", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "datasource": "${datasource}", + "decimals": 2, + "description": "Current CPU reservation requests from applications vs allocatable CPU", + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 3, + "y": 5 + }, + "height": "180px", + "id": 15, + "interval": null, + "isNew": true, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "SUM(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) / SUM(kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "thresholds": "30, 80", + "title": "CPU Requests", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "datasource": "${datasource}", + "description": "Current RAM use vs RAM available", + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 6, + "y": 5 + }, + "height": "180px", + "hideTimeOverride": true, + "id": 17, + "interval": null, + "isNew": true, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "SUM(container_memory_usage_bytes{namespace!=\"\"}) / SUM(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"}) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + }, + { + "expr": "", + "format": "time_series", + "intervalFactor": 1, + "refId": "B" + } + ], + "thresholds": "30,80", + "timeFrom": "", + "title": "RAM Utilization", + "transparent": false, + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "datasource": "${datasource}", + "description": "Current RAM requests vs RAM available", + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 9, + "y": 5 + }, + "height": "180px", + "id": 19, + "interval": null, + "isNew": true, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"})\n /\n sum(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"})\n) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "thresholds": "30,80", + "title": "RAM Requests", + "transparent": false, + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "datasource": "${datasource}", + "decimals": 2, + "description": "This gauge shows the current standard storage use, including cluster storage, vs storage available", + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 5 + }, + "height": "180px", + "hideTimeOverride": true, + "id": 21, + "interval": null, + "isNew": true, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum (\n sum(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, namespace)\n + on (persistentvolumeclaim, namespace)\n sum(pod_pvc_allocation) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) /\nsum (\n sum(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, namespace)\n + on (persistentvolumeclaim, namespace)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "thresholds": "30, 80", + "timeFrom": "", + "title": "Storage Utilization", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "Monthly run rate of CPU + GPU costs", + "fill": 1, + "gridPos": { + "h": 7, + "w": 6, + "x": 0, + "y": 9 + }, + "id": 6, + "interval": "1m", + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 +\n avg(node_gpu_hourly_cost) by (node) * 730\n)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "compute cost", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Compute Cost", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "currencyUSD", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "Monthly run rate of memory costs", + "fill": 1, + "gridPos": { + "h": 7, + "w": 6, + "x": 6, + "y": 9 + }, + "id": 9, + "interval": "1m", + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730\n)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "memory cost", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Memory Cost", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "currencyUSD", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "Monthly run rate of attached disk + PV storage costs", + "fill": 1, + "gridPos": { + "h": 7, + "w": 6, + "x": 12, + "y": 9 + }, + "id": 10, + "interval": "1m", + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(\n avg(avg_over_time(pv_hourly_cost[$timeRange] offset 1m)) by (persistentvolume) * 730 \n * avg(avg_over_time(kube_persistentvolume_capacity_bytes[$timeRange] offset 1m)) by (persistentvolume) / 1024 / 1024 / 1024\n) +\nsum(avg(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "storage cost", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Storage Cost", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "currencyUSD", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "Sum of compute, memory, and storage costs", + "fill": 1, + "gridPos": { + "h": 7, + "w": 6, + "x": 18, + "y": 9 + }, + "id": 22, + "interval": "1m", + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "# Compute\nsum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n\n# Memory\nsum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n) +\n\n# Storage \n\nsum(avg(pv_hourly_cost) by (persistentvolume) * 730 * avg(kube_persistentvolume_capacity_bytes) by (persistentvolume) / 1024 / 1024 / 1024) \n+\nsum(sum(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "total cost", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Total Cost", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "currencyUSD", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "columns": [], + "datasource": "${datasource}", + "description": "Cost of by resource class of currently provisioned nodes", + "fontSize": "100%", + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 16 + }, + "id": 8, + "links": [], + "pageSize": null, + "scroll": true, + "showHeader": true, + "sort": { + "col": 4, + "desc": false + }, + "styles": [ + { + "alias": "", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "Compute Cost", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value", + "thresholds": [], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Cost", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "Mem Cost", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #B", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "Total", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #C", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "instance", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "GPU", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #D", + "thresholds": [], + "type": "number", + "unit": "short" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "decimals": 2, + "pattern": "/.*/", + "thresholds": [], + "type": "number", + "unit": "short" + } + ], + "targets": [ + { + "expr": "avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost or up * 0) by (node) * 730 * (1-$useDiscount/100)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + }, + { + "expr": "avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "legendFormat": "", + "refId": "B" + }, + { + "expr": "avg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "D" + }, + { + "expr": "# CPU \navg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost or up * 0) by (node) * 730 * (1-$useDiscount/100) +\n# GPU\navg(node_gpu_hourly_cost) by (node) * 730 * (1-$useDiscount/100) +\n# Memory\navg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730 * (1-$useDiscount/100)\n", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "C" + } + ], + "title": "Cost by node", + "transform": "table", + "type": "table" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "Monthly run rate of attached disk + PV storage costs based on currently provisioned resources.", + "fill": 1, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 16 + }, + "id": 25, + "interval": "1m", + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(\n avg(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node) * avg(node_cpu_hourly_cost) by (node) * 730 +\n avg(node_gpu_hourly_cost) by (node) * 730\n)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "cpu", + "refId": "B" + }, + { + "expr": "sum(\n avg(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node) / 1024 / 1024 / 1024 * avg(node_ram_hourly_cost) by (node) * 730\n)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "memory", + "refId": "A" + }, + { + "expr": "sum(\n avg(avg_over_time(pv_hourly_cost[$timeRange] offset 1m)) by (persistentvolume) * 730 \n * avg(avg_over_time(kube_persistentvolume_capacity_bytes[$timeRange] offset 1m)) by (persistentvolume) / 1024 / 1024 / 1024\n) +\nsum(avg(container_fs_limit_bytes{device!=\"tmpfs\", id=\"/\"}) by (instance) / 1024 / 1024 / 1024) * $localStorageGBCost", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "storage", + "refId": "C" + }, + { + "expr": "SUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $percentEgress * $egressCost ", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "network", + "refId": "D" + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Cost by Resource", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "currencyUSD", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + } + ], + "refresh": false, + "schemaVersion": 16, + "style": "dark", + "tags": [ + "kubecost", + "cost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "auto": true, + "auto_count": 1, + "auto_min": "1m", + "current": { + "text": "auto", + "value": "$__auto_interval_timeRange" + }, + "hide": 2, + "label": null, + "name": "timeRange", + "options": [ + { + "selected": true, + "text": "auto", + "value": "$__auto_interval_timeRange" + }, + { + "selected": false, + "text": "1h", + "value": "1h" + }, + { + "selected": false, + "text": "6h", + "value": "6h" + }, + { + "selected": false, + "text": "12h", + "value": "12h" + }, + { + "selected": false, + "text": "1d", + "value": "1d" + }, + { + "selected": false, + "text": "7d", + "value": "7d" + }, + { + "selected": false, + "text": "14d", + "value": "14d" + }, + { + "selected": false, + "text": "30d", + "value": "30d" + }, + { + "selected": false, + "text": "90d", + "value": "90d" + } + ], + "query": "1h,6h,12h,1d,7d,14d,30d,90d", + "refresh": 2, + "skipUrlSync": false, + "type": "interval" + }, + { + "current": { + "text": ".04", + "value": ".04" + }, + "hide": 2, + "label": "Cost per Gb hour for attached disks", + "name": "localStorageGBCost", + "options": [ + { + "selected": true, + "text": ".04", + "value": ".04" + } + ], + "query": ".04", + "skipUrlSync": false, + "type": "constant" + }, + { + "current": { + "tags": [], + "text": "0", + "value": "0" + }, + "hide": 0, + "label": "Sustained Use Discount %", + "name": "useDiscount", + "options": [ + { + "selected": true, + "text": "0", + "value": "0" + } + ], + "query": "0", + "skipUrlSync": false, + "type": "constant" + }, + { + "current": { + "text": ".1", + "value": ".1" + }, + "hide": 2, + "label": null, + "name": "percentEgress", + "options": [ + { + "selected": true, + "text": ".1", + "value": ".1" + } + ], + "query": ".1", + "skipUrlSync": false, + "type": "constant" + }, + { + "current": { + "text": ".12", + "value": ".12" + }, + "hide": 2, + "label": null, + "name": "egressCost", + "options": [ + { + "selected": true, + "text": ".12", + "value": ".12" + } + ], + "query": ".12", + "skipUrlSync": false, + "type": "constant" + }, + { + "current": { + "selected": true, + "text": "default-kubecost", + "value": "default-kubecost" + }, + "error": null, + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time": { + "from": "now-7d", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Deprecated - Kubecost cluster metrics", + "uid": "JOUdHGZZz", + "version": 20 +} diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/cluster-utilization.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/cluster-utilization.json new file mode 100644 index 0000000000..8a17f26c04 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/cluster-utilization.json @@ -0,0 +1,3196 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "A dashboard to help manage Kubernetes cluster costs and resources", + "editable": true, + "fiscalYearStartMonth": 0, + "gnetId": 6873, + "graphTooltip": 0, + "id": 10, + "iteration": 1645112913364, + "links": [], + "liveNow": false, + "panels": [ + { + "gridPos": { + "h": 2, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 86, + "links": [], + "options": { + "content": "Deprecated - It is not expected to match Kubecost UI/API. This dashboard shows monthly cost estimates for the cluster, based on **current** CPU, RAM and storage provisioned.", + "mode": "markdown" + }, + "pluginVersion": "8.3.2", + "transparent": true, + "type": "text" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 0, + "y": 2 + }, + "hideTimeOverride": true, + "id": 75, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "sum(\n (\n (\n sum(kube_node_status_capacity_cpu_cores) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) * $costpcpu\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) * ($costcpu - ($costcpu / 100 * $costDiscount))\n )\n) ", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "CPU Cost", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 6, + "y": 2 + }, + "hideTimeOverride": true, + "id": 77, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "sum(\n (\n (\n sum(kube_node_status_capacity_memory_bytes) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) /1024/1024/1024 * $costpram\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) /1024/1024/1024 * ($costram - ($costram / 100 * $costDiscount))\n)\n) ", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "RAM Cost", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 2 + }, + "hideTimeOverride": true, + "id": 78, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageSSD\n\n+\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageStandard\n\n+ \n\nsum(container_fs_limit_bytes{id=\"/\"}) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "Storage Cost (Cluster and PVC)", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Represents a near worst-case approximation of network costs.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 2 + }, + "hideTimeOverride": true, + "id": 129, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "SUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $costEgress", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "Network Egress Cost", + "type": "stat" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "description": "Current CPU use from applications divided by allocatable CPUs", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "max": 100, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(245, 54, 54, 0.9)", + "value": null + }, + { + "color": "rgba(50, 172, 45, 0.97)", + "value": 30 + }, + { + "color": "#c15c17", + "value": 80 + } + ] + }, + "unit": "percent" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 0, + "y": 6 + }, + "hideTimeOverride": true, + "id": 82, + "links": [], + "maxDataPoints": 100, + "options": { + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "expr": "(\n sum(\n count(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n * on (instance) \n sum(irate(container_cpu_usage_seconds_total{id=\"/\"}[10m])) by (instance)\n ) \n / \n (sum (kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}))\n) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "timeFrom": "", + "title": "CPU Utilization", + "type": "gauge" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "description": "Current CPU reservation requests from applications vs allocatable CPU", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "max": 100, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(245, 54, 54, 0.9)", + "value": null + }, + { + "color": "rgba(50, 172, 45, 0.97)", + "value": 30 + }, + { + "color": "#c15c17", + "value": 80 + } + ] + }, + "unit": "percent" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 3, + "y": 6 + }, + "id": 91, + "links": [], + "maxDataPoints": 100, + "options": { + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "expr": "SUM(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) / SUM(kube_node_status_allocatable{resource=\"cpu\", unit=\"core\"}) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "title": "CPU Requests", + "type": "gauge" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "description": "Current RAM use vs RAM available", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "max": 100, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(245, 54, 54, 0.9)", + "value": null + }, + { + "color": "rgba(50, 172, 45, 0.97)", + "value": 30 + }, + { + "color": "#c15c17", + "value": 80 + } + ] + }, + "unit": "percent" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 6, + "y": 6 + }, + "hideTimeOverride": true, + "id": 80, + "links": [], + "maxDataPoints": 100, + "options": { + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "expr": "SUM(container_memory_working_set_bytes{name!=\"POD\", container!=\"\", namespace!=\"\"}) / SUM(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"}) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + }, + { + "expr": "", + "format": "time_series", + "intervalFactor": 1, + "refId": "B" + } + ], + "timeFrom": "", + "title": "RAM Utilization", + "type": "gauge" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "description": "Current RAM requests vs RAM available", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "max": 100, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(245, 54, 54, 0.9)", + "value": null + }, + { + "color": "rgba(50, 172, 45, 0.97)", + "value": 30 + }, + { + "color": "#c15c17", + "value": 80 + } + ] + }, + "unit": "percent" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 9, + "y": 6 + }, + "id": 92, + "links": [], + "maxDataPoints": 100, + "options": { + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"})\n /\n sum(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"})\n) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "title": "RAM Requests", + "type": "gauge" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "description": "This gauge shows the current standard storage use, including cluster storage, vs storage available", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "max": 100, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(245, 54, 54, 0.9)", + "value": null + }, + { + "color": "rgba(50, 172, 45, 0.97)", + "value": 30 + }, + { + "color": "#c15c17", + "value": 80 + } + ] + }, + "unit": "percent" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 12, + "y": 6 + }, + "hideTimeOverride": true, + "id": 95, + "links": [], + "maxDataPoints": 100, + "options": { + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kubelet_volume_stats_used_bytes) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) /\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n + sum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"})\n) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "timeFrom": "", + "title": "Storage Utilization", + "type": "gauge" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "description": "This gauge shows the current SSD use vs SSD available", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "max": 100, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "rgba(245, 54, 54, 0.9)", + "value": null + }, + { + "color": "rgba(50, 172, 45, 0.97)", + "value": 30 + }, + { + "color": "#c15c17", + "value": 80 + } + ] + }, + "unit": "percent" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 15, + "y": 6 + }, + "hideTimeOverride": true, + "id": 96, + "links": [], + "maxDataPoints": 100, + "options": { + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kubelet_volume_stats_used_bytes) by (persistentvolumeclaim, namespace)\n) /\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace)\n) * 100", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "refId": "A", + "step": 10 + } + ], + "timeFrom": "", + "title": "SSD Utilization", + "type": "gauge" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Expected monthly cost given current CPU, memory storage, and network resource consumption", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 6 + }, + "hideTimeOverride": true, + "id": 93, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "8.3.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "# CPU\nsum(\n (\n (\n sum(kube_node_status_capacity_cpu_cores) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) * $costpcpu\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) * ($costcpu - ($costcpu / 100 * $costDiscount))\n )\n) \n\n+ \n\n# Storage\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageSSD\n\n+\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageStandard\n\n+ \n\nsum(container_fs_limit_bytes{id=\"/\"}) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard \n\n+\n\n# END STORAGE\n# RAM \nsum(\n (\n (\n sum(kube_node_status_capacity_memory_bytes) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) /1024/1024/1024 * $costpram\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) /1024/1024/1024 * ($costram - ($costram / 100 * $costDiscount))\n)\n)\n\n+\n\n#Network \nSUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $costEgress", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "Total Monthly Cost", + "type": "stat" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "description": "Expected monthly CPU, memory and storage costs given provisioned resources", + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 10 + }, + "hiddenSeries": false, + "id": 120, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "# CPU\nsum(\n (\n (\n sum(kube_node_status_capacity_cpu_cores) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) * $costpcpu\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) * ($costcpu - ($costcpu / 100 * $costDiscount))\n )\n) \n\n+ \n\n# Storage\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageSSD\n\n+\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) or up * 0\n) / 1024 / 1024 /1024 * $costStorageStandard\n\n+ \n\nsum(container_fs_limit_bytes{id=\"/\"}) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard \n\n+\n\n# END STORAGE\n# RAM \nsum(\n (\n (\n sum(kube_node_status_capacity_memory_bytes) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible=\"true\"}) by (node)\n ) /1024/1024/1024 * $costpram\n )\n or\n (\n (\n sum(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)\n * on (node) group_left (label_cloud_google_com_gke_preemptible)\n avg(kube_node_labels{label_cloud_google_com_gke_preemptible!=\"true\"}) by (node)\n ) /1024/1024/1024 * ($costram - ($costram / 100 * $costDiscount))\n)\n) \n\n+\n\n#Network \nSUM(rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]) / 1024 / 1024 / 1024 ) * (60 * 60 * 24 * 30) * $costEgress", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "cluster cost", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Total monthly cost", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "currencyUSD", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "columns": [ + { + "text": "Avg", + "value": "avg" + } + ], + "datasource": { + "uid": "${datasource}" + }, + "description": "Resources allocated to namespace based on container requests", + "fontSize": "100%", + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 10 + }, + "hideTimeOverride": false, + "id": 73, + "links": [], + "pageSize": 10, + "repeatDirection": "v", + "scroll": true, + "showHeader": true, + "sort": { + "col": 7, + "desc": true + }, + "styles": [ + { + "alias": "Namespace", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "View namespace cost metrics", + "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", + "pattern": "namespace", + "thresholds": [ + "30", + "80" + ], + "type": "string", + "unit": "currencyUSD" + }, + { + "alias": "RAM", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "Value #B", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "CPU", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "PV Storage", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #C", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "Total", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #D", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "CPU Utilization", + "align": "auto", + "colorMode": "value", + "colors": [ + "#bf1b00", + "rgba(50, 172, 45, 0.97)", + "#ef843c" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #E", + "thresholds": [ + "30", + "80" + ], + "type": "number", + "unit": "percent" + }, + { + "alias": "RAM Utilization", + "align": "auto", + "colorMode": "value", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#ef843c" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #F", + "thresholds": [ + "30", + "80" + ], + "type": "number", + "unit": "percent" + } + ], + "targets": [ + { + "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"}*($costcpu - ($costcpu / 100 * $costDiscount))) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"}*$costpcpu) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)", + "format": "table", + "hide": false, + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{ namespace }}", + "refId": "A" + }, + { + "expr": "(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"} / 1024 / 1024 / 1024*($costram- ($costram / 100 * $costDiscount))) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"} / 1024 / 1024 / 1024 * $costpram ) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "legendFormat": "{{ namespace }}", + "refId": "B" + }, + { + "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageSSD \n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageStandard", + "format": "table", + "instant": true, + "intervalFactor": 1, + "legendFormat": "{{ namespace }}", + "refId": "C" + }, + { + "expr": "# CPU \n(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"}*($costcpu - ($costcpu / 100 * $costDiscount))) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"}*$costpcpu) by(namespace)\n or\n count(\n count(container_spec_cpu_shares{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n#END CPU \n# Memory \n\n(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible!=\"true\"} / 1024 / 1024 / 1024*($costram- ($costram / 100 * $costDiscount))) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n(\n sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\",namespace!=\"kube-system\",cloud_google_com_gke_preemptible=\"true\"} / 1024 / 1024 / 1024 * $costpram ) by (namespace) \n or\n count(\n count(container_spec_memory_limit_bytes{namespace!=\"\",namespace!=\"kube-system\"}) by(namespace)\n ) by(namespace) -1\n)\n\n+\n\n# PV storage\n\n(\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageSSD \n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim, namespace) \n) by (namespace) / 1024 / 1024 /1024 * $costStorageStandard \n)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "legendFormat": "Total", + "refId": "D" + } + ], + "timeFrom": "", + "title": "Namespace cost allocation", + "transform": "table", + "type": "table-old" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 18 + }, + "id": 108, + "panels": [], + "title": "CPU Metrics", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 19 + }, + "hiddenSeries": false, + "id": 116, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "SUM(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"})", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "capacity", + "refId": "A" + }, + { + "expr": "SUM(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"})", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "requests", + "refId": "C" + }, + { + "expr": "SUM(irate(container_cpu_usage_seconds_total{id=\"/\"}[5m]))", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "usage", + "refId": "B" + }, + { + "expr": "SUM(kube_pod_container_resource_limits{resource=\"cpu\", unit=\"core\"}) ", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "limits", + "refId": "D" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Cluster CPUs", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": 1, + "format": "short", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 27 + }, + "hiddenSeries": false, + "id": 130, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "avg(irate(node_cpu_seconds_total{mode!=\"idle\"}[5m])) by (mode) * 100", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "{{mode}}", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "CPU Mode", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "percent", + "logBase": 1, + "show": true + }, + { + "format": "percent", + "logBase": 1, + "show": false + } + ], + "yaxis": { + "align": false + } + }, + { + "columns": [ + { + "text": "Avg", + "value": "avg" + } + ], + "datasource": { + "uid": "${datasource}" + }, + "description": "This table shows the comparison of CPU requests and usage by namespace", + "fontSize": "100%", + "gridPos": { + "h": 10, + "w": 12, + "x": 0, + "y": 35 + }, + "hideTimeOverride": true, + "id": 104, + "links": [], + "pageSize": 8, + "repeatDirection": "v", + "scroll": true, + "showHeader": true, + "sort": { + "col": 1, + "desc": true + }, + "styles": [ + { + "alias": "CPU Requests", + "align": "auto", + "colors": [ + "#fceaca", + "#fce2de", + "rgba(245, 54, 54, 0.9)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [ + "" + ], + "type": "number", + "unit": "short" + }, + { + "alias": "Node", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "node", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "CPU Requests", + "align": "auto", + "colorMode": "value", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#cffaff" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #B", + "thresholds": [ + "" + ], + "type": "number", + "unit": "short" + }, + { + "alias": "24h CPU Usage", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #C", + "thresholds": [ + "30" + ], + "type": "number", + "unit": "none" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "View namespace cost metrics", + "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", + "mappingType": 1, + "pattern": "namespace", + "thresholds": [], + "type": "number", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace!=\"\"}) by (namespace) ", + "format": "table", + "hide": false, + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + }, + { + "expr": "sum (rate (container_cpu_usage_seconds_total{image!=\"\",namespace!=\"\"}[24h])) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "legendFormat": "{{ namespace }}", + "refId": "C" + } + ], + "title": "CPU request utilization by namespace", + "transform": "table", + "type": "table-old" + }, + { + "columns": [ + { + "text": "Avg", + "value": "avg" + } + ], + "datasource": { + "uid": "${datasource}" + }, + "description": "This table shows the comparison of application CPU usage vs the capacity of the node (measured over last 60 minutes)", + "fontSize": "100%", + "gridPos": { + "h": 10, + "w": 12, + "x": 12, + "y": 35 + }, + "hideTimeOverride": true, + "id": 90, + "links": [], + "pageSize": 8, + "repeatDirection": "v", + "scroll": true, + "showHeader": true, + "sort": { + "col": 2, + "desc": true + }, + "styles": [ + { + "alias": "CPU Request Utilization", + "align": "auto", + "colorMode": "value", + "colors": [ + "#ef843c", + "rgba(50, 172, 45, 0.97)", + "rgba(245, 54, 54, 0.9)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [ + ".30", + " .80" + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Node", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "node", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "CPU Utilization", + "align": "auto", + "colorMode": "value", + "colors": [ + "#ef843c", + "rgba(50, 172, 45, 0.97)", + "rgba(245, 54, 54, 0.9)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #B", + "thresholds": [ + ".20", + " .80" + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "24h Utilization ", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value", + "thresholds": [], + "type": "number", + "unit": "percentunit" + } + ], + "targets": [ + { + "expr": "SUM(\nSUM(rate(container_cpu_usage_seconds_total[24h])) by (pod_name)\n* on (pod_name) group_left (node) \nlabel_replace(\n avg(kube_pod_info{}),\n \"pod_name\", \n \"$1\", \n \"pod\", \n \"(.+)\"\n)\n) by (node) \n/ \nsum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "B" + }, + { + "expr": "sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) by (node) / sum(kube_node_status_capacity{resource=\"cpu\", unit=\"core\"}) by (node)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "A" + } + ], + "title": "Cluster cost & utilization by node", + "transform": "table", + "type": "table-old" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 45 + }, + "id": 113, + "panels": [], + "title": "Memory Metrics", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 46 + }, + "id": 117, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"} / 1024 / 1024 / 1024)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "capacity", + "refId": "A" + }, + { + "expr": "SUM(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"} / 1024 / 1024 / 1024)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "requests", + "refId": "C" + }, + { + "expr": "SUM(container_memory_usage_bytes{image!=\"\"} / 1024 / 1024 / 1024)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "usage", + "refId": "B" + }, + { + "expr": "SUM(kube_pod_container_resource_limits{resource=\"memory\", unit=\"byte\", namespace!=\"\"} / 1024 / 1024 / 1024)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "limits", + "refId": "D" + } + ], + "thresholds": [], + "title": "Cluster memory (GB)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "decgbytes", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 54 + }, + "id": 131, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "1 - sum(node_memory_MemAvailable_bytes) by (node) / sum(node_memory_MemTotal_bytes) by (node)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "usage", + "refId": "A" + } + ], + "thresholds": [], + "title": "Cluster Memory Utilization", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "percentunit", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "columns": [ + { + "text": "Avg", + "value": "avg" + } + ], + "datasource": { + "uid": "${datasource}" + }, + "description": "Comparison of memory requests and current usage by namespace", + "fontSize": "100%", + "gridPos": { + "h": 10, + "w": 12, + "x": 0, + "y": 62 + }, + "hideTimeOverride": true, + "id": 109, + "links": [], + "pageSize": 7, + "repeatDirection": "v", + "scroll": true, + "showHeader": true, + "sort": { + "col": 1, + "desc": true + }, + "styles": [ + { + "alias": "Mem Requests (GB)", + "align": "auto", + "colors": [ + "#fceaca", + "#fce2de", + "rgba(245, 54, 54, 0.9)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [ + "" + ], + "type": "number", + "unit": "short" + }, + { + "alias": "Node", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "node", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "CPU Requests", + "align": "auto", + "colorMode": "value", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#cffaff" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #B", + "thresholds": [ + "" + ], + "type": "number", + "unit": "short" + }, + { + "alias": "24h Mem Usage", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "#508642", + "#e5ac0e" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #C", + "thresholds": [ + ".30", + ".75" + ], + "type": "number", + "unit": "none" + }, + { + "alias": "Namespace", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "View namespace cost metrics", + "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", + "mappingType": 1, + "pattern": "namespace", + "thresholds": [], + "type": "number", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"} / 1024 / 1024 / 1024) by (namespace) ", + "format": "table", + "hide": false, + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + }, + { + "expr": "SUM(container_memory_usage_bytes{image!=\"\",namespace!=\"\"} / 1024 / 1024 / 1024) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "legendFormat": "", + "refId": "C" + } + ], + "title": "Memory requests & utilization by namespace", + "transform": "table", + "type": "table-old" + }, + { + "columns": [ + { + "text": "Avg", + "value": "avg" + } + ], + "datasource": { + "uid": "${datasource}" + }, + "description": "Container RAM usage vs node capacity", + "fontSize": "100%", + "gridPos": { + "h": 10, + "w": 12, + "x": 12, + "y": 62 + }, + "hideTimeOverride": true, + "id": 114, + "links": [], + "pageSize": 8, + "repeatDirection": "v", + "scroll": true, + "showHeader": true, + "sort": { + "col": 1, + "desc": true + }, + "styles": [ + { + "alias": "RAM Requests", + "align": "auto", + "colorMode": "value", + "colors": [ + "#ef843c", + "rgba(50, 172, 45, 0.97)", + "rgba(245, 54, 54, 0.9)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [ + "30", + " 80" + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Node", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "node", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "RAM Usage", + "align": "auto", + "colorMode": "value", + "colors": [ + "#ef843c", + "rgba(50, 172, 45, 0.97)", + "rgba(245, 54, 54, 0.9)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #B", + "thresholds": [ + "25", + " 80" + ], + "type": "number", + "unit": "percent" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "", + "thresholds": [], + "type": "number", + "unit": "short" + } + ], + "targets": [ + { + "expr": "SUM(label_replace(container_memory_usage_bytes{namespace!=\"\"}, \"node\", \"$1\", \"instance\",\"(.+)\")) by (node) * 100\n/\nSUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "B" + }, + { + "expr": "sum(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", namespace!=\"\"}) by (node) / SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\"}) by (node)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "A" + } + ], + "title": "Node utilization of allocatable RAM", + "transform": "table", + "type": "table-old" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 72 + }, + "id": 101, + "panels": [], + "title": "Storage Metrics", + "type": "row" + }, + { + "columns": [ + { + "text": "Avg", + "value": "avg" + } + ], + "datasource": { + "uid": "${datasource}" + }, + "fontSize": "100%", + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 73 + }, + "hideTimeOverride": true, + "id": 97, + "links": [], + "pageSize": 8, + "repeatDirection": "v", + "scroll": true, + "showHeader": true, + "sort": { + "col": 4, + "desc": true + }, + "styles": [ + { + "alias": "Node", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "instance", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "PVC Name", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "persistentvolumeclaim", + "thresholds": [], + "type": "number", + "unit": "short" + }, + { + "alias": "Storage Class", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "storageclass", + "thresholds": [], + "type": "number", + "unit": "short" + }, + { + "alias": "Cost", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "Cost", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "Size (GB)", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #B", + "thresholds": [], + "type": "number", + "unit": "short" + }, + { + "alias": "Usage", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #C", + "thresholds": [], + "type": "number", + "unit": "percentunit" + } + ], + "targets": [ + { + "expr": "SUM(container_fs_limit_bytes{id=\"/\"}) by (instance) / 1024 / 1024 / 1024 * 1.03", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "B" + }, + { + "expr": "SUM(container_fs_limit_bytes{id=\"/\"}) by (instance) / 1024 / 1024 / 1024 * 1.03 * $costStorageStandard\n", + "format": "table", + "hide": false, + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{ persistentvolumeclaim }}", + "refId": "A" + }, + { + "expr": "sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"} / container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\"}) by (instance) \n", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "C" + } + ], + "title": "Local Storage", + "transform": "table", + "type": "table-old" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 73 + }, + "id": 128, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "SUM(container_fs_usage_bytes{id=\"/\"}) / SUM(container_fs_limit_bytes{id=\"/\"})", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "reads", + "refId": "D" + } + ], + "thresholds": [], + "title": "Local storage utilization", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "percent", + "label": "IOPS", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "columns": [ + { + "text": "Avg", + "value": "avg" + } + ], + "datasource": { + "uid": "${datasource}" + }, + "fontSize": "100%", + "gridPos": { + "h": 10, + "w": 12, + "x": 0, + "y": 82 + }, + "hideTimeOverride": true, + "id": 94, + "links": [], + "pageSize": 10, + "repeatDirection": "v", + "scroll": true, + "showHeader": true, + "sort": { + "col": 2, + "desc": true + }, + "styles": [ + { + "alias": "Namespace", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "View namespace cost metrics", + "linkUrl": "d/at-cost-analysis-namespace2/namespace-cost-metrics?&var-namespace=$__cell", + "mappingType": 1, + "pattern": "namespace", + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "PVC Name", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "persistentvolumeclaim", + "thresholds": [], + "type": "number", + "unit": "short" + }, + { + "alias": "Storage Class", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "storageclass", + "thresholds": [], + "type": "number", + "unit": "short" + }, + { + "alias": "Cost", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Time", + "thresholds": [], + "type": "hidden", + "unit": "short" + }, + { + "alias": "Cost", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #A", + "thresholds": [], + "type": "number", + "unit": "currencyUSD" + }, + { + "alias": "Usage", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #B", + "thresholds": [], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Size (GB)", + "align": "auto", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "Value #C", + "thresholds": [], + "type": "number", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024\n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024\n\n\n", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "C" + }, + { + "expr": "sum (\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024 * $costStorageSSD\n\nor\n\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024 * $costStorageStandard\n", + "format": "table", + "hide": false, + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{ persistentvolumeclaim }}", + "refId": "A" + }, + { + "expr": "sum(kubelet_volume_stats_used_bytes) by (persistentvolumeclaim, namespace) \n/\nsum (\n sum(kube_persistentvolumeclaim_info{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace, storageclass)\n * on (persistentvolumeclaim, namespace) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{storageclass!~\".*ssd.*\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim)", + "format": "table", + "instant": true, + "intervalFactor": 1, + "refId": "B" + } + ], + "title": "Persistent Volume Claims", + "transform": "table", + "type": "table-old" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "gridPos": { + "h": 10, + "w": 12, + "x": 12, + "y": 82 + }, + "id": 132, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "SUM(rate(node_disk_reads_completed_total[10m])) or SUM(rate(node_disk_reads_completed[10m]))\n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "reads", + "refId": "D" + }, + { + "expr": "SUM(rate(node_disk_writes_completed_total[10m])) or SUM(rate(node_disk_writes_completed[10m]))", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "writes", + "refId": "A" + } + ], + "thresholds": [], + "title": "Disk IOPS", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": "IOPS", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "gridPos": { + "h": 9, + "w": 24, + "x": 0, + "y": 92 + }, + "id": 122, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "SUM( kubelet_volume_stats_inodes_used / kubelet_volume_stats_inodes) by (persistentvolumeclaim) * 100", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "", + "refId": "D" + } + ], + "thresholds": [], + "title": "Inode usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "percent", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 101 + }, + "id": 127, + "panels": [], + "title": "Network", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "gridPos": { + "h": 9, + "w": 24, + "x": 0, + "y": 102 + }, + "id": 123, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "8.3.2", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum (rate (node_network_transmit_bytes_total{}[60m]))\n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "node_out", + "refId": "B" + }, + { + "expr": "SUM ( rate(node_network_transmit_bytes_total{device=\"eth0\"}[60m]))", + "format": "time_series", + "instant": false, + "intervalFactor": 1, + "legendFormat": "eth0 out", + "refId": "C" + } + ], + "thresholds": [], + "title": "Node network transmit", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "decbytes", + "logBase": 1, + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + } + ], + "refresh": "15m", + "schemaVersion": 33, + "style": "dark", + "tags": [ + "cost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "current": { + "selected": true, + "text": "23.076", + "value": "23.076" + }, + "hide": 0, + "label": "CPU", + "name": "costcpu", + "options": [ + { + "selected": true, + "text": "23.076", + "value": "23.076" + } + ], + "query": "23.076", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": true, + "text": "5.10", + "value": "5.10" + }, + "hide": 0, + "label": "PE CPU", + "name": "costpcpu", + "options": [ + { + "selected": true, + "text": "5.10", + "value": "5.10" + } + ], + "query": "5.10", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": true, + "text": "3.25", + "value": "3.25" + }, + "hide": 0, + "label": "RAM", + "name": "costram", + "options": [ + { + "selected": true, + "text": "3.25", + "value": "3.25" + } + ], + "query": "3.25", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": true, + "text": "0.6862", + "value": "0.6862" + }, + "hide": 0, + "label": "PE RAM", + "name": "costpram", + "options": [ + { + "selected": true, + "text": "0.6862", + "value": "0.6862" + } + ], + "query": "0.6862", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": true, + "text": "0.040", + "value": "0.040" + }, + "hide": 0, + "label": "Storage", + "name": "costStorageStandard", + "options": [ + { + "selected": true, + "text": "0.040", + "value": "0.040" + } + ], + "query": "0.040", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": true, + "text": ".17", + "value": ".17" + }, + "hide": 0, + "label": "SSD", + "name": "costStorageSSD", + "options": [ + { + "selected": true, + "text": ".17", + "value": ".17" + } + ], + "query": ".17", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": true, + "text": ".12", + "value": ".12" + }, + "hide": 0, + "label": "Egress", + "name": "costEgress", + "options": [ + { + "selected": true, + "text": ".12", + "value": ".12" + } + ], + "query": ".12", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": true, + "text": "30", + "value": "30" + }, + "hide": 0, + "label": "Discount", + "name": "costDiscount", + "options": [ + { + "selected": true, + "text": "30", + "value": "30" + } + ], + "query": "30", + "skipUrlSync": false, + "type": "textbox" + }, + { + "current": { + "selected": false, + "text": "default-kubecost", + "value": "default-kubecost" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "browser", + "title": "Deprecated - Cluster cost & utilization metrics", + "uid": "cluster-costs", + "version": 1, + "weekStart": "" + } \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/deployment-utilization.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/deployment-utilization.json new file mode 100644 index 0000000000..1fd2b1d9ee --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/deployment-utilization.json @@ -0,0 +1,1386 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "description": "Monitors Kubernetes deployments in cluster using Prometheus and kube-state-metrics. Shows resource utilization of deployments, daemonsets, and statefulsets.", + "editable": true, + "gnetId": 8588, + "graphTooltip": 0, + "id": 2, + "iteration": 1586200623748, + "links": [], + "panels": [ + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(50, 172, 45, 0.97)", + "rgba(237, 129, 40, 0.89)", + "rgba(245, 54, 54, 0.9)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 0, + "y": 0 + }, + "height": "180px", + "id": 1, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum (container_memory_working_set_bytes{container!=\"\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\", pod_name!=\"\"}) / sum (kube_node_status_allocatable{resource=\"memory\", unit=\"byte\", node=~\"^$Node.*$\"}) * 100", + "format": "time_series", + "interval": "10s", + "intervalFactor": 1, + "refId": "A", + "step": 900 + } + ], + "thresholds": "65, 90", + "title": "Deployment memory usage", + "transparent": false, + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(50, 172, 45, 0.97)", + "rgba(237, 129, 40, 0.89)", + "rgba(245, 54, 54, 0.9)" + ], + "datasource": "${datasource}", + "decimals": 2, + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 8, + "y": 0 + }, + "height": "180px", + "id": 2, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum (rate (container_cpu_usage_seconds_total{pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\"}[2m])) / sum (machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100", + "format": "time_series", + "interval": "10s", + "intervalFactor": 1, + "refId": "A", + "step": 900 + } + ], + "thresholds": "65, 90", + "title": "Deployment CPU usage", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": true, + "colors": [ + "rgba(50, 172, 45, 0.97)", + "rgba(237, 129, 40, 0.89)", + "rgba(245, 54, 54, 0.9)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 16, + "y": 0 + }, + "height": "180px", + "id": 3, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "(((sum(kube_deployment_status_replicas{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_desired_number_scheduled{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))) - ((sum(kube_deployment_status_replicas_available{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_status_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_number_ready{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)))) / ((sum(kube_deployment_status_replicas{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_desired_number_scheduled{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))) * 100", + "format": "time_series", + "intervalFactor": 2, + "refId": "A", + "step": 1800 + } + ], + "thresholds": "1,30", + "title": "Unavailable Replicas", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "bytes", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 4, + "x": 0, + "y": 5 + }, + "height": "100px", + "id": 4, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum(container_memory_working_set_bytes{container!=\"\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\", pod_name!=\"\"})", + "format": "time_series", + "intervalFactor": 2, + "refId": "A", + "step": 1800 + } + ], + "thresholds": "", + "title": "Used", + "type": "singlestat", + "valueFontSize": "50%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "bytes", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 4, + "x": 4, + "y": 5 + }, + "height": "100px", + "id": 5, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum (kube_node_status_allocatable{resource=\"memory\", unit=\"byte\", node=~\"^$Node.*$\"})", + "format": "time_series", + "intervalFactor": 2, + "refId": "A", + "step": 1800 + } + ], + "thresholds": "", + "title": "Total", + "type": "singlestat", + "valueFontSize": "50%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 4, + "x": 8, + "y": 5 + }, + "height": "100px", + "id": 6, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": " cores", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum (rate (container_cpu_usage_seconds_total{pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\", kubernetes_io_hostname=~\"^$Node$\"}[5m]))", + "format": "time_series", + "intervalFactor": 2, + "refId": "A", + "step": 1800 + } + ], + "thresholds": "", + "title": "Used", + "type": "singlestat", + "valueFontSize": "50%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 4, + "x": 12, + "y": 5 + }, + "height": "100px", + "id": 7, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": " cores", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum (machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"})", + "intervalFactor": 2, + "refId": "A", + "step": 1800 + } + ], + "thresholds": "", + "title": "Total", + "type": "singlestat", + "valueFontSize": "50%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "avg" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 4, + "x": 16, + "y": 5 + }, + "height": "100px", + "id": 8, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "(sum(kube_deployment_status_replicas_available{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_status_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_number_ready{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))", + "format": "time_series", + "intervalFactor": 2, + "refId": "A", + "step": 1800 + } + ], + "thresholds": "", + "title": "Available (cluster)", + "type": "singlestat", + "valueFontSize": "50%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "${datasource}", + "editable": true, + "error": false, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 4, + "x": 20, + "y": 5 + }, + "height": "100px", + "id": 9, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "(sum(kube_deployment_status_replicas{deployment=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_statefulset_replicas{statefulset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0)) + (sum(kube_daemonset_status_desired_number_scheduled{daemonset=~\".*$Deployment$Statefulset$Daemonset\"}) or vector(0))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{ $Daemonset }}", + "refId": "A", + "step": 1800 + } + ], + "thresholds": "", + "title": "Total (cluster)", + "type": "singlestat", + "valueFontSize": "50%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "decimals": 3, + "editable": true, + "error": false, + "fill": 0, + "grid": {}, + "gridPos": { + "h": 11, + "w": 24, + "x": 0, + "y": 8 + }, + "height": "", + "id": 10, + "legend": { + "alignAsTable": true, + "avg": false, + "current": true, + "hideEmpty": false, + "hideZero": false, + "max": true, + "min": false, + "rightSide": true, + "show": true, + "sideWidth": null, + "sort": "current", + "sortDesc": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "/avlbl.*/", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum (irate (container_cpu_usage_seconds_total{container!=\"\",image!=\"\",name=~\"^k8s_.*\",io_kubernetes_container_name!=\"POD\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}[5m])) by (pod_name,kubernetes_io_hostname)", + "format": "time_series", + "hide": false, + "interval": "10s", + "intervalFactor": 1, + "legendFormat": "usage: {{ kubernetes_io_hostname }} | {{ pod_name }} ", + "metric": "container_cpu", + "refId": "A", + "step": 60 + }, + { + "expr": "sum (kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", pod=~\"^$Deployment$Statefulset$Daemonset.*$\",node=~\"^$Node$\"}) by (pod,node)", + "format": "time_series", + "hide": false, + "intervalFactor": 2, + "legendFormat": "rqst: {{ node }} | {{ pod }}", + "refId": "B", + "step": 120 + }, + { + "expr": "sum ((kube_node_status_allocatable{resource=\"cpu\", unit=\"core\", node=~\"^$Node$\"})) by (node)", + "format": "time_series", + "hide": true, + "intervalFactor": 2, + "legendFormat": "avlbl: {{ node }}", + "refId": "C", + "step": 30 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "CPU usage & requests", + "tooltip": { + "msResolution": true, + "shared": true, + "sort": 2, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": "cores", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "decimals": 2, + "editable": true, + "error": false, + "fill": 0, + "grid": {}, + "gridPos": { + "h": 13, + "w": 24, + "x": 0, + "y": 19 + }, + "id": 11, + "legend": { + "alignAsTable": true, + "avg": false, + "current": true, + "max": true, + "min": false, + "rightSide": true, + "show": true, + "sideWidth": null, + "sort": "current", + "sortDesc": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "/^avlbl.*$/", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max (container_memory_working_set_bytes{container!=\"POD\",container!=\"\",id!=\"/\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}) by (pod_name,kubernetes_io_hostname)", + "format": "time_series", + "hide": false, + "interval": "10s", + "intervalFactor": 1, + "legendFormat": "usage: {{kubernetes_io_hostname }} | {{ pod_name }}", + "metric": "container_memory_usage:sort_desc", + "refId": "A", + "step": 60 + }, + { + "expr": "sum ((kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", pod=~\"^$Deployment$Statefulset$Daemonset.*$\",node=~\"^$Node$\"})) by (pod,node)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "rqst: {{ node }} | {{ pod }}", + "refId": "B", + "step": 120 + }, + { + "expr": "sum ((kube_node_status_allocatable{resource=\"memory\", unit=\"byte\", node=~\"^$Node$\"})) by (node)", + "format": "time_series", + "hide": true, + "intervalFactor": 2, + "legendFormat": "avlbl: {{ node }}", + "refId": "C", + "step": 30 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Memory usage & requests", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 2, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fill": 1, + "gridPos": { + "h": 9, + "w": 24, + "x": 0, + "y": 32 + }, + "id": 12, + "legend": { + "alignAsTable": true, + "avg": false, + "current": true, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "sort": "current", + "sortDesc": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "100 * (kubelet_volume_stats_used_bytes{kubernetes_io_hostname=~\"^$Node$\", persistentvolumeclaim=~\".*$Deployment$Statefulset$Daemonset.*$\"} / kubelet_volume_stats_capacity_bytes{kubernetes_io_hostname=~\"^$Node$\", persistentvolumeclaim=~\".*$Deployment$Statefulset$Daemonset.*$\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{ persistentvolumeclaim }} | {{ kubernetes_io_hostname }}", + "refId": "A", + "step": 120 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Disk Usage", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "percent", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "decimals": 2, + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 13, + "w": 24, + "x": 0, + "y": 41 + }, + "id": 13, + "legend": { + "alignAsTable": true, + "avg": true, + "current": true, + "max": true, + "min": false, + "rightSide": true, + "show": true, + "sideWidth": null, + "sort": "current", + "sortDesc": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum (rate (container_network_receive_bytes_total{id!=\"/\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}[2m])) by (pod_name, kubernetes_io_hostname)", + "format": "time_series", + "interval": "10s", + "intervalFactor": 1, + "legendFormat": "-> {{ kubernetes_io_hostname }} | {{ pod_name }}", + "metric": "network", + "refId": "A", + "step": 60 + }, + { + "expr": "- sum( rate (container_network_transmit_bytes_total{id!=\"/\",pod_name=~\"^$Deployment$Statefulset$Daemonset.*$\",kubernetes_io_hostname=~\"^$Node$\"}[2m])) by (pod_name, kubernetes_io_hostname)", + "format": "time_series", + "interval": "10s", + "intervalFactor": 1, + "legendFormat": "<- {{ kubernetes_io_hostname }} | {{ pod_name }}", + "metric": "network", + "refId": "B", + "step": 60 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "All processes network I/O", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 2, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + } + ], + "refresh": false, + "schemaVersion": 16, + "style": "dark", + "tags": [ + "kubecost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "allValue": "()", + "current": { + "selected": false, + "tags": [], + "text": "All", + "value": "$__all" + }, + "datasource": "${datasource}", + "hide": 0, + "includeAll": true, + "label": null, + "multi": false, + "name": "Deployment", + "options": [], + "query": "label_values(deployment)", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": "()", + "current": { + "text": "All", + "value": "$__all" + }, + "datasource": "${datasource}", + "hide": 0, + "includeAll": true, + "label": null, + "multi": false, + "name": "Statefulset", + "options": [], + "query": "label_values(statefulset)", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": "()", + "current": { + "text": "All", + "value": "$__all" + }, + "datasource": "${datasource}", + "hide": 0, + "includeAll": true, + "label": null, + "multi": false, + "name": "Daemonset", + "options": [], + "query": "label_values(daemonset)", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": ".*", + "current": { + "text": "All", + "value": "$__all" + }, + "datasource": "${datasource}", + "hide": 0, + "includeAll": true, + "label": null, + "multi": false, + "name": "Node", + "options": [], + "query": "label_values(kubernetes_io_hostname)", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": true, + "text": "default-kubecost", + "value": "default-kubecost" + }, + "error": null, + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "browser", + "title": "Deprecated - Deployment/Statefulset/Daemonset utilization metrics", + "uid": "deployment-metrics", + "version": 2 +} diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/aggregator-dashboard.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/aggregator-dashboard.json new file mode 100644 index 0000000000..e7c5b3691b --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/aggregator-dashboard.json @@ -0,0 +1,668 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 7, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(container_fs_writes_bytes_total{pod=~\".+-aggregator-0\",namespace=~\"$namespace\"}[2m])) by (namespace)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Storage Write", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 6, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(container_fs_reads_bytes_total{pod=~\".+-aggregator-0\",namespace=~\"$namespace\"}[2m])) by (namespace)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Storage Read", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 8 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(container_memory_working_set_bytes{container=\"aggregator\",pod!=\"\",namespace=~\"$namespace\"} ) by (namespace)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Memory Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 8 + }, + "id": 5, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate\r\n{container=\"aggregator\",pod!=\"\",namespace=~\"$namespace\"}[2m])) by (namespace)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "CPU Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 16 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(kubelet_volume_stats_available_bytes{persistentvolumeclaim=~\"aggregator.+\",namespace=~\"$namespace\"}) by (namespace)", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "C" + } + ], + "title": "Storage Available", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 16 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(rate(container_network_receive_bytes_total{pod=~\".+aggregator-0\",namespace=~\"$namespace\"}[2m])) by (namespace)", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Network Receive Bytes", + "type": "timeseries" + } + ], + "refresh": "30s", + "schemaVersion": 39, + "tags": [ + "utilization", + "metrics", + "kubecost" + ], + "templating": { + "list": [ + { + "current": { + "selected": true, + "text": "Prometheus", + "value": "prometheus" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(container_memory_working_set_bytes{container=\"aggregator\"},namespace)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(container_memory_working_set_bytes{container=\"aggregator\"},namespace)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-1d", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Kubecost Aggregator Metrics", + "uid": "kubecost_aggregator_metrics", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-container-stats.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-container-stats.json new file mode 100644 index 0000000000..5c592b3399 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-container-stats.json @@ -0,0 +1,787 @@ +{ + "__inputs": [ + { + "name": "DS_THANOS", + "label": "Thanos", + "description": "", + "type": "datasource", + "pluginId": "prometheus", + "pluginName": "Prometheus" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "10.3.1" + }, + { + "type": "datasource", + "id": "prometheus", + "name": "Prometheus", + "version": "1.0.0" + }, + { + "type": "panel", + "id": "timeseries", + "name": "Time series", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "", + "editable": true, + "fiscalYearStartMonth": 0, + "gnetId": 9063, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "description": "Maximum CPU Core Usage vs avg Requested", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 94, + "links": [], + "options": { + "legend": { + "calcs": [ + "max" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "max(irate(container_cpu_usage_seconds_total\r\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container=~\"$container\", container!=\"POD\",container!=\"\"}\r\n [$__rate_interval])) \r\n by (cluster_id, namespace, pod, container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (usage max)", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "avg(kube_pod_container_resource_requests\r\n {cluster_id=\"$cluster\",resource=\"cpu\",unit=\"core\",namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\",container!=\"POD\"}\r\n ) \r\nby (cluster_id,namespace,pod,container)", + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (requested)", + "range": true, + "refId": "B" + } + ], + "timeFrom": "", + "title": "CPU Core Usage vs Requested", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "description": "Max memory used vs avg requested", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 96, + "links": [], + "options": { + "legend": { + "calcs": [ + "max" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "asc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "max(max_over_time(container_memory_working_set_bytes\r\n {namespace=~\"$namespace\",pod=~\"$pod\",cluster_id=\"$cluster\",container=~\"$container\",container!=\"POD\",container!=\"\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (usage max)", + "metric": "container_cpu", + "refId": "MEMORY_USAGE", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "avg(kube_pod_container_resource_requests\n {resource=\"memory\",unit=\"byte\",cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container=~\"$container\",container!=\"POD\"}\n )\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (requested)", + "refId": "MEMORY_REQUESTED" + } + ], + "timeFrom": "", + "title": "Memory Usage vs Requested", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "description": "Network traffic by pod", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Bps", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 7 + }, + "id": 95, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "sum(irate(container_network_receive_bytes_total\n {cluster_id=~\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\"}\n [$__rate_interval])) \nby (cluster_id, namespace, pod)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}<- in", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "- sum(irate(container_network_transmit_bytes_total\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\"}\n [$__rate_interval])) \nby (cluster_id, namespace, pod)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}-> out", + "refId": "B" + } + ], + "timeFrom": "", + "title": "Network IO", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "description": "Disk read writes", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Bps", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 7 + }, + "id": 97, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "sum(irate(container_fs_writes_bytes_total\r\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",container!=\"POD\",pod!=\"\",pod=~\"$pod\",container=~\"$container\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}}<- write", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "- sum(irate(container_fs_reads_bytes_total\r\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",container!=\"POD\",pod!=\"\",pod=~\"$pod\",container=~\"$container\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}}-> read", + "refId": "B" + } + ], + "timeFrom": "", + "title": "Disk IO", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "description": "This graph shows the % of periods where a pod is being throttled. Values range from 0-100", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 1800000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percent", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 14 + }, + "id": 99, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_THANOS}" + }, + "editorMode": "code", + "expr": "100\n * sum by(cluster_id, namespace, pod, container) (increase(container_cpu_cfs_throttled_periods_total{container!=\"\",cluster_id=\"$cluster\", namespace=~\"$namespace\", pod=~\"$pod\", container=~\"$container\", container!=\"POD\"}[$__rate_interval]))\n / sum by(cluster_id,namespace,pod,container) (increase(container_cpu_cfs_periods_total{container!=\"\",cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\",container!=\"POD\"}[$__rate_interval]))", + "format": "time_series", + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "B" + } + ], + "timeFrom": "", + "title": "CPU throttle percent", + "type": "timeseries" + } + ], + "refresh": "", + "revision": 1, + "schemaVersion": 39, + "tags": [ + "utilization", + "metrics", + "kubecost" +], + "templating": { + "list": [ + { + "current": {}, + "definition": "label_values(cluster_id)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "query": "label_values(cluster_id)", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": {}, + "definition": "label_values(kube_namespace_labels{cluster_id=\"$cluster\"}, namespace) ", + "hide": 0, + "includeAll": true, + "label": "", + "multi": false, + "name": "namespace", + "options": [], + "query": { + "query": "label_values(kube_namespace_labels{cluster_id=\"$cluster\"}, namespace) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": {}, + "definition": "label_values(kube_pod_labels{cluster_id=\"$cluster\",namespace=~\"$namespace\"}, pod) ", + "hide": 0, + "includeAll": true, + "label": "pod", + "multi": false, + "name": "pod", + "options": [], + "query": { + "query": "label_values(kube_pod_labels{cluster_id=\"$cluster\",namespace=~\"$namespace\"}, pod) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": {}, + "definition": "label_values(container_memory_working_set_bytes{cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"POD\"}, container) ", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "container", + "options": [], + "query": { + "query": "label_values(container_memory_working_set_bytes{cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"POD\"}, container) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-2d", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "browser", + "title": "Pod utilization metrics (multi-cluster)", + "uid": "at-cost-analysis-pod2", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-disk-usage.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-disk-usage.json new file mode 100644 index 0000000000..6dc0b153c8 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-disk-usage.json @@ -0,0 +1,571 @@ +{ + "__inputs": [ + { + "name": "DS_PROMETHEUS", + "label": "Prometheus", + "description": "", + "type": "datasource", + "pluginId": "prometheus", + "pluginName": "Prometheus" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "10.4.2" + }, + { + "type": "datasource", + "id": "prometheus", + "name": "Prometheus", + "version": "1.0.0" + }, + { + "type": "panel", + "id": "timeseries", + "name": "Time series", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum(container_fs_limit_bytes{instance=~'$disk', device!=\"tmpfs\", id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}/{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Disk Size", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 1, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum(container_fs_usage_bytes{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance) / sum(container_fs_limit_bytes{instance=~'$disk',device!=\"tmpfs\", id=\"/\", cluster_id=~'$cluster'}) by (cluster_id,instance)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}-{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Disk Utilization", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 1, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 9 + }, + "id": 5, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "1 - sum(container_fs_inodes_free{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance) / sum(container_fs_inodes_total{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance)", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}/{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "iNode Utilization", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 9 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "9.0.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum(container_fs_usage_bytes{instance=~'$disk',id=\"/\", cluster_id=~'$cluster'}) by (cluster_id, instance)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}}/{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Disk Usage", + "type": "timeseries" + } + ], + "schemaVersion": 39, + "tags": [ + "kubecost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "definition": "label_values(cluster_id)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "query": "label_values(cluster_id)", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "definition": "label_values(container_fs_limit_bytes{cluster_id=~\"$cluster\"}, instance)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "disk", + "options": [], + "query": { + "query": "label_values(container_fs_limit_bytes{cluster_id=~\"$cluster\"}, instance)", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-7d", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Attached disk metrics (multi-cluster)", + "uid": "nBH7qBgMk", + "version": 2, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-network-transfer-data.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-network-transfer-data.json new file mode 100644 index 0000000000..40bf4e787b --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/grafana-templates/multi-cluster-network-transfer-data.json @@ -0,0 +1,685 @@ +{ + "__inputs": [ + { + "name": "DS_PROMETHEUS", + "label": "Prometheus", + "description": "", + "type": "datasource", + "pluginId": "prometheus", + "pluginName": "Prometheus" + } + ], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "10.4.2" + }, + { + "type": "datasource", + "id": "prometheus", + "name": "Prometheus", + "version": "1.0.0" + }, + { + "type": "panel", + "id": "timeseries", + "name": "Time series", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "https://docs.kubecost.com/install-and-configure/advanced-configuration/network-costs-configuration", + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 12, + "panels": [], + "title": "Network Data Transfers (negative is egress data)", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 11, + "x": 0, + "y": 1 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]\n ))\nby($aggregation) ", + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "-sum(increase(kubecost_pod_network_egress_bytes_total\n {namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]\n ))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "All Data", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 13, + "x": 11, + "y": 1 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {internet=\"true\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]\n))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(increase(kubecost_pod_network_egress_bytes_total\n {internet=\"true\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Internet Data", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Cross region and cross zone subnets must be defined via the configMap. \nSee: \n", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 11, + "x": 0, + "y": 15 + }, + "id": 9, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {internet=\"false\",namespace=~\"$namespace\",cluster_id=~\"$cluster\",pod_name=~\"$pod_name\", sameRegion=\"false\",sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation)", + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(increase(kubecost_pod_network_egress_bytes_total\n {internet=\"false\", namespace=~\"$namespace\",cluster_id=~\"$cluster\",pod_name=~\"$pod_name\",sameRegion=\"false\", sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Cross Region Data", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Cross region and cross zone subnets must be defined via the configMap. \nSee: \n", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 13, + "x": 11, + "y": 15 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {internet=\"false\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", sameRegion=\"true\", sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation)", + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(increase(kubecost_pod_network_egress_bytes_total\n {internet=\"false\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", sameRegion=\"true\", sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation)", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Cross Zone Data", + "type": "timeseries" + } + ], + "refresh": "", + "revision": 1, + "schemaVersion": 39, + "tags": [ + "kubecost" + ], + "templating": { + "list": [ + { + "current": {}, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": false, + "text": "namespace", + "value": "namespace" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "aggregation", + "options": [ + { + "selected": false, + "text": "cluster_id", + "value": "cluster_id" + }, + { + "selected": true, + "text": "namespace", + "value": "namespace" + }, + { + "selected": false, + "text": "pod_name", + "value": "pod_name" + } + ], + "query": "cluster_id, namespace, pod_name", + "queryValue": "", + "skipUrlSync": false, + "type": "custom" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(cluster_id)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "query": "label_values(cluster_id)", + "refId": "StandardVariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": true, + "text": "kubecost", + "value": "kubecost" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels{cluster_id=~\"$cluster\"}, namespace) ", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "query": "label_values(kube_namespace_labels{cluster_id=~\"$cluster\"}, namespace) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": {}, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kubecost_pod_network_egress_bytes_total{cluster_id=~\"$cluster\", namespace=~\"$namespace\"},pod_name)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "pod_name", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kubecost_pod_network_egress_bytes_total{cluster_id=~\"$cluster\", namespace=~\"$namespace\"},pod_name)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "filters": [], + "hide": 0, + "name": "filter", + "skipUrlSync": false, + "type": "adhoc" + }, + { + "current": {}, + "definition": "label_values(kubecost_pod_network_egress_bytes_total{namespace=~\"$namespace\"},service)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "service", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kubecost_pod_network_egress_bytes_total{namespace=~\"$namespace\"},service)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-7d", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Kubecost Network Costs Metrics", + "uid": "kubecost-networkCosts-metrics", + "version": 8, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/kubernetes-resource-efficiency.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/kubernetes-resource-efficiency.json new file mode 100644 index 0000000000..156b3c292f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/kubernetes-resource-efficiency.json @@ -0,0 +1,408 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 29, + "links": [], + "liveNow": false, + "panels": [ + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 2, + "panels": [], + "title": "Requests - Usage (negative values are unused reservations)", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 16, + "w": 24, + "x": 0, + "y": 1 + }, + "id": 4, + "options": { + "legend": { + "calcs": [ + "lastNotNull" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum by ($aggregation) (\n (sum by (cluster_id,namespace,pod,container) (container_memory_usage_bytes{cluster_id=~\"$cluster\",namespace=~\"$namespace\",container=~\"$container\",container!=\"POD\",container!=\"\"}))\n -(sum by (cluster_id,namespace,pod,container) (kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",cluster_id=~\"$cluster\",namespace=~\"$namespace\",container=~\"$container\",container!=\"POD\",container!=\"\"}))\n)", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum by ($aggregation) (\n -(sum by (cluster_id,namespace,pod,container) (kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",cluster_id=~\"$cluster\",namespace=~\"$namespace\",container=~\"$container\",container!=\"POD\",container!=\"\"}))\n)", + "hide": true, + "legendFormat": "{{$aggregation}} Request", + "range": true, + "refId": "B" + } + ], + "title": "Memory Request-Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 24, + "x": 0, + "y": 17 + }, + "id": 6, + "options": { + "legend": { + "calcs": [ + "lastNotNull" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum by ($aggregation)(\n (sum by (cluster_id,namespace,pod,container) (rate(container_cpu_usage_seconds_total{cluster_id=~\"$cluster\", namespace=~\"$namespace\", container=~\"$container\", container!=\"POD\",container!=\"\"}[1h])))\n - \n (sum by (cluster_id,namespace,pod,container) (kube_pod_container_resource_requests{resource=\"cpu\",cluster_id=~\"$cluster\", namespace=~\"$namespace\", container=~\"$container\", container!=\"POD\",container!=\"\"}))\n)\n \n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "-sum by ($aggregation)(\n (sum by (cluster_id,namespace,pod,container) (kube_pod_container_resource_requests{resource=\"cpu\",cluster_id=~\"$cluster\", namespace=~\"$namespace\", container=~\"$container\", container!=\"POD\",container!=\"\"}))\n)", + "hide": true, + "legendFormat": "{{$aggregation}} Request", + "range": true, + "refId": "B" + } + ], + "title": "CPU Request-Usage", + "type": "timeseries" + } + ], + "schemaVersion": 37, + "style": "dark", + "tags": [ + "utilization", + "metrics", + "kubecost" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "default", + "value": "default" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": true, + "text": "namespace", + "value": "namespace" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "aggregation", + "options": [ + { + "selected": false, + "text": "cluster_id", + "value": "cluster_id" + }, + { + "selected": true, + "text": "namespace", + "value": "namespace" + }, + { + "selected": false, + "text": "container", + "value": "container" + } + ], + "query": "cluster_id,namespace,container", + "queryValue": "", + "skipUrlSync": false, + "type": "custom" + }, + { + "current": { + "selected": true, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels, cluster_id)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "query": "label_values(kube_namespace_labels, cluster_id)", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": true, + "text": "kubecost", + "value": "kubecost" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels{cluster_id=~\"$cluster\"}, namespace) ", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "query": "label_values(kube_namespace_labels{cluster_id=~\"$cluster\"}, namespace) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(container_memory_working_set_bytes{cluster_id=~\"$cluster\",namespace=~\"$namespace\", container!=\"POD\"}, container) ", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "container", + "options": [], + "query": { + "query": "label_values(container_memory_working_set_bytes{cluster_id=~\"$cluster\",namespace=~\"$namespace\", container!=\"POD\"}, container) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Kubernetes Resource Efficiency", + "uid": "kubernetes-resource-efficiency", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/label-cost-utilization.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/label-cost-utilization.json new file mode 100644 index 0000000000..dc1963edb3 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/label-cost-utilization.json @@ -0,0 +1,1146 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "iteration": 1645115160709, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Monthly projected CPU cost given last 10m", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 6, + "x": 0, + "y": 0 + }, + "hideTimeOverride": true, + "id": 15, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "sum(\n avg(container_cpu_allocation) by (pod,node)\n\n * on (node) group_left()\n avg(avg_over_time(node_cpu_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "CPU Cost", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Based on CPU usage over last 24 hours", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 6, + "x": 6, + "y": 0 + }, + "hideTimeOverride": true, + "id": 16, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "sum(\n avg(container_memory_allocation_bytes) by (pod,node) / 1024 / 1024 / 1024\n\n * on (node) group_left()\n avg(avg_over_time(node_ram_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "Memory Cost", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 6, + "x": 12, + "y": 0 + }, + "hideTimeOverride": true, + "id": 21, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "sum(\n sum(kube_persistentvolumeclaim_info{storageclass!=\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .04 \n\n+\n\nsum(\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .17 \n", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "Storage Cost", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Cost of memory + CPU usage", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "currencyUSD" + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 6, + "x": 18, + "y": 0 + }, + "hideTimeOverride": true, + "id": 20, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "P0C970EB638C812D0" + }, + "exemplar": false, + "expr": "# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ CPU ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nsum(\n avg(container_cpu_allocation) by (pod,node)\n\n * on (node) group_left()\n avg(avg_over_time(node_cpu_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730\n\n#END CPU\n+\n\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Memory ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nsum(\n avg(container_memory_allocation_bytes) by (pod,node) / 1024 / 1024 / 1024\n\n * on (node) group_left()\n avg(avg_over_time(node_ram_hourly_cost[10m])) by (node)\n\n * on (pod) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n )\n) * 730\n\n# END MEMORY\n\n+\n\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~ STORAGE ~~~~~~~~~~~~~~~~~~~~~~~~~\n\nsum(\n sum(kube_persistentvolumeclaim_info{storageclass!=\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .04 \n\n+\n\nsum(\n sum(kube_persistentvolumeclaim_info{storageclass=~\".*ssd.*\"}) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) / 1024 / 1024 /1024 * .17 \n\n\n# END STORAGE\n", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": " {{ node }}", + "refId": "A" + } + ], + "timeFrom": "15m", + "title": "Total Cost", + "type": "stat" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 0, + "y": 5 + }, + "id": 10, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "expr": "sum(\n sum (kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) by (pod)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod)\n or up * 0\n) ", + "format": "time_series", + "intervalFactor": 1, + "refId": "A" + } + ], + "title": "CPU Request", + "type": "stat" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 2, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 3, + "y": 5 + }, + "id": 17, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "expr": "sum(\n label_replace(\n sum(rate(container_cpu_usage_seconds_total{image!=\"\",container_name!=\"POD\"}[1h])) by (kubernetes_io_hostname,pod_name),\n \"node\",\n \"$1\", \n \"kubernetes_io_hostname\", \n \"(.+)\"\n ) \n * on (pod_name) group_left()\n label_replace(\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod),\n \"pod_name\",\n \"$1\", \n \"pod\", \n \"(.+)\"\n ) or up * 0\n) ", + "format": "time_series", + "intervalFactor": 2, + "refId": "A" + } + ], + "title": "CPU Used", + "type": "stat" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 0, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 6, + "y": 5 + }, + "id": 11, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "expr": "sum(\n sum (kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\"}) by (pod)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod)\n or up * 0\n) ", + "format": "time_series", + "intervalFactor": 1, + "refId": "A" + } + ], + "title": "Memory Request", + "type": "stat" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 3, + "x": 9, + "y": 5 + }, + "id": 18, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "expr": "sum(\n label_replace(\n sum (container_memory_working_set_bytes{pod_name!=\"\",container!=\"POD\",container!=\"\"}) by (pod_name),\n \"pod\",\n \"$1\", \n \"pod_name\", \n \"(.+)\")\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod)\n or up * 0\n)", + "format": "time_series", + "instant": true, + "intervalFactor": 1, + "refId": "A" + } + ], + "title": "Memory Usage", + "type": "stat" + }, + { + "datasource": { + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 0, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 5 + }, + "id": 22, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "none", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "targets": [ + { + "expr": "sum(\n max(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, storageclass)\n * on (persistentvolumeclaim) group_right(storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes) by (persistentvolumeclaim)\n * on (persistentvolumeclaim) group_left(label_app)\n max(kube_persistentvolumeclaim_labels{label_$label=~\"$label_value\"}) by (persistentvolumeclaim) or up * 0\n) \n", + "format": "time_series", + "instant": true, + "intervalFactor": 1, + "refId": "A" + } + ], + "title": "Storage Request", + "type": "stat" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 9 + }, + "hiddenSeries": false, + "id": 8, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_limits{resource=\"cpu\", unit=\"core\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "limit", + "refId": "C" + }, + { + "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "request", + "refId": "B" + }, + { + "expr": "sum(\n label_replace(\n sum (rate (container_cpu_usage_seconds_total{image!=\"\",container!=\"POD\",container!=\"\"}[10m])) by (container,pod),\n \"pod\", \n \"$1\", \n \"pod_name\", \n \"(.+)\"\n )\n * on (pod) group_left (label_$label)\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container)\n)\n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "usage", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "CPU Usage vs Requests vs Limits", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "logBase": 1, + "min": "0", + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "uid": "${datasource}" + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 9 + }, + "hiddenSeries": false, + "id": 23, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_limits{resource=\"memory\", unit=\"byte\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "limit", + "refId": "C" + }, + { + "expr": "sum(\n label_replace(\n sum (kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\"}) by (pod, container)\n * on (pod) group_left()\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container),\n \"container_name\",\n \"$1\", \n \"container\", \n \"(.+)\"\n )\n) \n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "request", + "refId": "B" + }, + { + "expr": "sum(\n label_replace(\n sum (container_memory_working_set_bytes{container!=\"\",container!=\"POD\"}) by (container,pod),\n \"pod\", \n \"$1\", \n \"pod_name\", \n \"(.+)\"\n )\n * on (pod) group_left (label_$label)\n max(kube_pod_labels{label_$label=~\"$label_value\"}) by (pod,container)\n)\n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "usage", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Memory Usage vs Requests vs Limits", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "logBase": 1, + "min": "0", + "show": true + }, + { + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + } + ], + "refresh": false, + "schemaVersion": 34, + "style": "dark", + "tags": [ + "kubecost", + "cost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "filters": [], + "hide": 0, + "label": "", + "name": "Filters", + "skipUrlSync": false, + "type": "adhoc" + }, + { + "current": { + "tags": [], + "text": "app", + "value": "app" + }, + "hide": 0, + "includeAll": false, + "label": "Label", + "multi": false, + "name": "label", + "options": [ + { + "selected": true, + "text": "app", + "value": "app" + }, + { + "selected": false, + "text": "tier", + "value": "tier" + }, + { + "selected": false, + "text": "component", + "value": "component" + }, + { + "selected": false, + "text": "release", + "value": "release" + }, + { + "selected": false, + "text": "name", + "value": "name" + }, + { + "selected": false, + "text": "team", + "value": "team" + }, + { + "selected": false, + "text": "department", + "value": "department" + }, + { + "selected": false, + "text": "owner", + "value": "owner" + }, + { + "selected": false, + "text": "contact", + "value": "contact" + } + ], + "query": "app, tier, component, release, name, team, department, owner, contact", + "skipUrlSync": false, + "type": "custom" + }, + { + "allValue": ".*", + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "", + "hide": 0, + "includeAll": true, + "label": "Value", + "multi": false, + "name": "label_value", + "options": [], + "query": { + "query": "query_result(SUM(kube_pod_labels{label_$label!=\"\",namespace!=\"kube-system\"}) by (label_$label))", + "refId": "default-kubecost-label_value-Variable-Query" + }, + "refresh": 1, + "regex": "/label_$label=\\\"(.*?)(\\\")/", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": "()", + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "", + "hide": 0, + "includeAll": true, + "label": "", + "multi": false, + "name": "Deployments", + "options": [], + "query": { + "query": "label_values(deployment)", + "refId": "default-kubecost-Deployments-Variable-Query" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "Secondary", + "options": [], + "query": { + "query": "query_result(kube_pod_labels)", + "refId": "default-kubecost-Secondary-Variable-Query" + }, + "refresh": 1, + "regex": "/.+?label_([^=]*).*/", + "skipUrlSync": false, + "sort": 1, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": false, + "text": "default-kubecost", + "value": "default-kubecost" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Label costs & utilization", + "uid": "lWMhIA-ik", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/namespace-utilization.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/namespace-utilization.json new file mode 100644 index 0000000000..a2e60c1f20 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/namespace-utilization.json @@ -0,0 +1,1175 @@ +{ + "annotations":{ + "list":[ + { + "builtIn":1, + "datasource":"-- Grafana --", + "enable":true, + "hide":true, + "iconColor":"rgba(0, 211, 255, 1)", + "name":"Annotations & Alerts", + "type":"dashboard" + } + ] + }, + "description":"A dashboard to help with utilization and resource allocation", + "editable":true, + "gnetId":8673, + "graphTooltip":0, + "id":9, + "iteration":1553150922105, + "links":[ + + ], + "panels":[ + { + "columns":[ + { + "text":"Avg", + "value":"avg" + } + ], + "datasource":"${datasource}", + "fontSize":"100%", + "gridPos":{ + "h":9, + "w":16, + "x":0, + "y":0 + }, + "hideTimeOverride":true, + "id":73, + "links":[ + + ], + "pageSize":8, + "repeat":null, + "repeatDirection":"v", + "scroll":true, + "showHeader":true, + "sort":{ + "col":2, + "desc":false + }, + "styles":[ + { + "alias":"Pod", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "link":false, + "linkTooltip":"", + "linkUrl":"", + "pattern":"pod_name", + "thresholds":[ + "30", + "80" + ], + "type":"string", + "unit":"currencyUSD" + }, + { + "alias":"RAM", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "pattern":"Value #B", + "thresholds":[ + + ], + "type":"number", + "unit":"decbytes" + }, + { + "alias":"CPU %", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #A", + "thresholds":[ + + ], + "type":"number", + "unit":"percent" + }, + { + "alias":"", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Time", + "thresholds":[ + + ], + "type":"hidden", + "unit":"short" + }, + { + "alias":"Storage", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #C", + "thresholds":[ + + ], + "type":"number", + "unit":"currencyUSD" + }, + { + "alias":"Total", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #D", + "thresholds":[ + + ], + "type":"number", + "unit":"currencyUSD" + }, + { + "alias":"CPU Utilization", + "colorMode":"value", + "colors":[ + "#bf1b00", + "rgba(50, 172, 45, 0.97)", + "#ef843c" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #E", + "thresholds":[ + "30", + "80" + ], + "type":"number", + "unit":"percent" + }, + { + "alias":"RAM Utilization", + "colorMode":"value", + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#ef843c" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #F", + "thresholds":[ + "30", + "80" + ], + "type":"number", + "unit":"percent" + } + ], + "targets":[ + { + "expr":"sum (rate (container_cpu_usage_seconds_total{namespace=\"$namespace\"}[10m])) by (pod_name) * 100", + "format":"table", + "hide":false, + "instant":true, + "interval":"", + "intervalFactor":1, + "legendFormat":"{{ pod_name }}", + "refId":"A" + }, + { + "expr":"sum (avg_over_time (container_memory_working_set_bytes{namespace=\"$namespace\", container_name!=\"POD\"}[10m])) by (pod_name)", + "format":"table", + "hide":false, + "instant":true, + "intervalFactor":1, + "legendFormat":"{{ pod_name }}", + "refId":"B" + } + ], + "timeFrom":"1M", + "timeShift":null, + "title":"Pod utilization analysis", + "transform":"table", + "transparent":false, + "type":"table" + }, + { + "columns":[ + { + "text":"Avg", + "value":"avg" + } + ], + "datasource":"${datasource}", + "fontSize":"100%", + "gridPos":{ + "h":9, + "w":8, + "x":16, + "y":0 + }, + "hideTimeOverride":true, + "id":90, + "links":[ + + ], + "pageSize":8, + "repeatDirection":"v", + "scroll":true, + "showHeader":true, + "sort":{ + "col":4, + "desc":true + }, + "styles":[ + { + "alias":"Namespace", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"namespace", + "thresholds":[ + + ], + "type":"hidden", + "unit":"short" + }, + { + "alias":"PVC Name", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"persistentvolumeclaim", + "thresholds":[ + + ], + "type":"number", + "unit":"short" + }, + { + "alias":"Storage Class", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"storageclass", + "thresholds":[ + + ], + "type":"number", + "unit":"short" + }, + { + "alias":"Size", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":1, + "mappingType":1, + "pattern":"Value", + "thresholds":[ + + ], + "type":"number", + "unit":"gbytes" + }, + { + "alias":"", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Time", + "thresholds":[ + + ], + "type":"hidden", + "unit":"short" + } + ], + "targets":[ + { + "expr":"sum (\n sum(kube_persistentvolumeclaim_info) by (persistentvolumeclaim, namespace, storageclass)\n + on (persistentvolumeclaim, namespace) group_right (storageclass)\n sum(kube_persistentvolumeclaim_resource_requests_storage_bytes{namespace=~\"$namespace\"}) by (persistentvolumeclaim, namespace)\n) by (namespace,persistentvolumeclaim,storageclass) / 1024 / 1024 /1024 ", + "format":"table", + "hide":false, + "instant":true, + "interval":"", + "intervalFactor":1, + "legendFormat":"{{ persistentvolumeclaim }}", + "refId":"A" + } + ], + "timeFrom":null, + "timeShift":null, + "title":"Persistent Volume Claims", + "transform":"table", + "transparent":false, + "type":"table" + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "description":"CPU requests by pod divided by the rate of CPU usage over the last hour", + "fill":1, + "gridPos":{ + "h":9, + "w":24, + "x":0, + "y":9 + }, + "id":100, + "legend":{ + "avg":false, + "current":false, + "max":false, + "min":false, + "show":true, + "total":false, + "values":false + }, + "lines":true, + "linewidth":1, + "links":[ + + ], + "nullPointMode":"null", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":false, + "targets":[ + { + "expr":"topk(10,\n label_replace(\n sum(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", namespace=\"$namespace\"}) by (pod),\n \"pod_name\", \n \"$1\", \n \"pod\", \n \"(.+)\"\n ) \n/ on (pod_name) sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\",pod_name=~\".+\"}[1h])) by (pod_name))", + "format":"time_series", + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":[ + + ], + "timeFrom":null, + "timeShift":null, + "title":"Ratio of CPU requests to usage (Top 10 pods)", + "tooltip":{ + "shared":true, + "sort":0, + "value_type":"individual" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":true + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":3, + "description":"This panel shows historical utilization as an average across all pods in this namespace. It only accounts for currently deployed pods", + "editable":true, + "error":false, + "fill":0, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":0, + "y":18 + }, + "height":"", + "id":94, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":false, + "current":false, + "hideEmpty":false, + "hideZero":false, + "max":false, + "min":false, + "rightSide":false, + "show":false, + "sideWidth":null, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":true, + "targets":[ + { + "expr":"sum (rate (container_cpu_usage_seconds_total{namespace=\"$namespace\"}[10m])) by (namespace)\n", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"10s", + "intervalFactor":1, + "legendFormat":"cpu utilization", + "metric":"container_cpu", + "refId":"A", + "step":10 + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"Overall CPU Utilization", + "tooltip":{ + "msResolution":true, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "decimals":null, + "format":"percent", + "label":"", + "logBase":1, + "max":"110", + "min":"0", + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":2, + "description":"This panel shows historical utilization as an average across all pods in this namespace. It only accounts for currently deployed pods", + "editable":true, + "error":false, + "fill":0, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":12, + "y":18 + }, + "id":92, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":false, + "current":false, + "max":false, + "min":false, + "rightSide":false, + "show":false, + "sideWidth":200, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":true, + "targets":[ + { + "expr":"sum (container_memory_working_set_bytes{namespace=\"$namespace\"})\n/\nsum(node_memory_MemTotal_bytes)", + "format":"time_series", + "instant":false, + "intervalFactor":1, + "legendFormat":"mem utilization", + "refId":"B" + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"Overall RAM Utilization", + "tooltip":{ + "msResolution":false, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "decimals":null, + "format":"percent", + "label":null, + "logBase":1, + "max":"110", + "min":"0", + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":2, + "description":"Traffic in and out of this namespace, as a sum of the pods within it", + "editable":true, + "error":false, + "fill":1, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":0, + "y":24 + }, + "height":"", + "id":96, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":true, + "current":true, + "hideEmpty":false, + "hideZero":false, + "max":false, + "min":false, + "rightSide":false, + "show":true, + "sideWidth":null, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":false, + "targets":[ + { + "expr":"sum (rate (container_network_receive_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"<- in", + "metric":"container_cpu", + "refId":"A", + "step":10 + }, + { + "expr":"- sum (rate (container_network_transmit_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"-> out", + "refId":"B" + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"Network IO", + "tooltip":{ + "msResolution":true, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "format":"Bps", + "label":"", + "logBase":1, + "max":null, + "min":null, + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":2, + "description":"Disk reads and writes for the namespace, as a sum of the pods within it", + "editable":true, + "error":false, + "fill":1, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":12, + "y":24 + }, + "height":"", + "id":98, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":true, + "current":true, + "hideEmpty":false, + "hideZero":false, + "max":false, + "min":false, + "rightSide":false, + "show":true, + "sideWidth":null, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":false, + "targets":[ + { + "expr":"sum (rate (container_fs_writes_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"<- write", + "metric":"container_cpu", + "refId":"A", + "step":10 + }, + { + "expr":"- sum (rate (container_fs_reads_bytes_total{namespace=\"$namespace\"}[10m])) by (namespace)", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"-> read", + "refId":"B" + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"Disk IO", + "tooltip":{ + "msResolution":true, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "format":"Bps", + "label":"", + "logBase":1, + "max":null, + "min":null, + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + } + ], + "refresh":"10s", + "schemaVersion":16, + "style":"dark", + "tags":[ + "cost", + "utilization", + "metrics" + ], + "templating":{ + "list":[ + { + "current":{ + "text":"23.06", + "value":"23.06" + }, + "hide":0, + "label":"CPU", + "name":"costcpu", + "options":[ + { + "text":"23.06", + "value":"23.06" + } + ], + "query":"23.06", + "skipUrlSync":false, + "type":"constant" + }, + { + "current":{ + "text":"7.28", + "value":"7.28" + }, + "hide":0, + "label":"PE CPU", + "name":"costpcpu", + "options":[ + { + "text":"7.28", + "value":"7.28" + } + ], + "query":"7.28", + "skipUrlSync":false, + "type":"constant" + }, + { + "current":{ + "text":"3.25", + "value":"3.25" + }, + "hide":0, + "label":"RAM", + "name":"costram", + "options":[ + { + "text":"3.25", + "value":"3.25" + } + ], + "query":"3.25", + "skipUrlSync":false, + "type":"constant" + }, + { + "current":{ + "text":"0.6862", + "value":"0.6862" + }, + "hide":0, + "label":"PE RAM", + "name":"costpram", + "options":[ + { + "text":"0.6862", + "value":"0.6862" + } + ], + "query":"0.6862", + "skipUrlSync":false, + "type":"constant" + }, + { + "current":{ + "text":"0.04", + "value":"0.04" + }, + "hide":0, + "label":"Storage", + "name":"costStorageStandard", + "options":[ + { + "text":"0.04", + "value":"0.04" + } + ], + "query":"0.04", + "skipUrlSync":false, + "type":"constant" + }, + { + "current":{ + "text":".17", + "value":".17" + }, + "hide":0, + "label":"SSD", + "name":"costStorageSSD", + "options":[ + { + "text":".17", + "value":".17" + } + ], + "query":".17", + "skipUrlSync":false, + "type":"constant" + }, + { + "current":{ + "text":"30", + "value":"30" + }, + "hide":0, + "label":"Disc.", + "name":"costDiscount", + "options":[ + { + "text":"30", + "value":"30" + } + ], + "query":"30", + "skipUrlSync":false, + "type":"constant" + }, + { + "allValue":null, + "current":{ + "text":"kube-system", + "value":"kube-system" + }, + "datasource":"${datasource}", + "hide":0, + "includeAll":false, + "label":"NS", + "multi":false, + "name":"namespace", + "options":[ + + ], + "query":"query_result(sum(kube_namespace_created{namespace!=\"\"}) by (namespace))", + "refresh":1, + "regex":"/namespace=\\\"(.*?)(\\\")/", + "skipUrlSync":false, + "sort":0, + "tagValuesQuery":"", + "tags":[ + + ], + "tagsQuery":"", + "type":"query", + "useTags":false + }, + { + "datasource":"${datasource}", + "filters":[ + + ], + "hide":0, + "label":"", + "name":"Filters", + "skipUrlSync":false, + "type":"adhoc" + }, + { + "current": { + "selected": true, + "text": "default-kubecost", + "value": "default-kubecost" + }, + "error": null, + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time":{ + "from":"now-15m", + "to":"now" + }, + "timepicker":{ + "hidden":false, + "refresh_intervals":[ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options":[ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone":"browser", + "title":"Namespace utilization metrics", + "uid":"at-cost-analysis-namespace2", + "version":1 +} diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/network-cloud-services.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/network-cloud-services.json new file mode 100644 index 0000000000..2729b6ca7d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/network-cloud-services.json @@ -0,0 +1,408 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "description": "Most used metrics when troubleshooting applications", + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 14, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 80, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 10, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 11, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "sum(\n rate(kubecost_pod_network_ingress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\",service!=\"\",service=~\"$service\"}\n [1h]\n )\n) \nby (namespace,service) ", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "interval": "1h", + "legendFormat": "{{namespace}}/{{service}}", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "- sum(\n rate(kubecost_pod_network_egress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\",service!=\"\",service=~\"$service\"}\n [1h]\n )\n) \nby(namespace, service) ", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "instant": false, + "interval": "1h", + "legendFormat": "{{namespace}}/{{service}}", + "range": true, + "refId": "B", + "useBackend": false + } + ], + "title": "Kubecost Network Cloud Service by Namespace (egress is negative)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 80, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 24, + "x": 0, + "y": 10 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "sum(topk(5,\n rate(kubecost_pod_network_ingress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\",service!=\"\",service=~\"$service\"}\n [1h]\n )\n) )\nby(namespace, pod_name,service) ", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "interval": "1h", + "legendFormat": "{{namespace}}/{{pod_name}}/{{service}}", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "- sum(topk(5,\n rate(kubecost_pod_network_egress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\",service!=\"\",service=~\"$service\"}\n [1h]\n )\n) )\nby(namespace, pod_name,service) ", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "instant": false, + "interval": "1h", + "legendFormat": "{{namespace}}/{{pod_name}}/{{service}}", + "range": true, + "refId": "B", + "useBackend": false + } + ], + "title": "Kubecost Network Cloud Service by Pod (egress is negative)", + "type": "timeseries" + } + ], + "refresh": "5s", + "schemaVersion": 39, + "tags": [ + "utilization", + "metrics", + "kubecost" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "PBFA97CFB590B2093" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels,namespace)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_namespace_labels,namespace)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_pod_owner{namespace=~\"$namespace\"},pod)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "pod", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_pod_owner{namespace=~\"$namespace\"},pod)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "definition": "label_values(kube_pod_container_status_running{namespace=\"$namespace\"},container)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "container", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_pod_container_status_running{namespace=\"$namespace\"},container)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": true, + "text": "All", + "value": "$__all" + }, + "definition": "label_values(kubecost_pod_network_egress_bytes_total{namespace=~\"$namespace\"},service)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "service", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kubecost_pod_network_egress_bytes_total{namespace=~\"$namespace\"},service)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-2d", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Kubecost Network Cloud Service Metrics", + "uid": "kubecost-network-cloud-services", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/networkCosts-metrics.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/networkCosts-metrics.json new file mode 100644 index 0000000000..79e568ccb1 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/networkCosts-metrics.json @@ -0,0 +1,672 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "https://docs.kubecost.com/install-and-configure/advanced-configuration/network-costs-configuration", + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 2, + "links": [], + "liveNow": false, + "panels": [ + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 12, + "panels": [], + "title": "Network Data Transfers (negative is egress data)", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 11, + "x": 0, + "y": 1 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]\n ))\nby($aggregation) ", + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "-sum(increase(kubecost_pod_network_egress_bytes_total\n {namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]\n ))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "All Data", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 13, + "x": 11, + "y": 1 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {internet=\"true\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]\n))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(increase(kubecost_pod_network_egress_bytes_total\n {internet=\"true\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", service=~\"$service\"}\n [1h]))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Internet Data", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Cross region and cross zone subnets must be defined via the configMap. \nSee: \n", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 11, + "x": 0, + "y": 15 + }, + "id": 9, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {internet=\"false\",namespace=~\"$namespace\",cluster_id=~\"$cluster\",pod_name=~\"$pod_name\", sameRegion=\"false\",sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation)", + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(increase(kubecost_pod_network_egress_bytes_total\n {internet=\"false\", namespace=~\"$namespace\",cluster_id=~\"$cluster\",pod_name=~\"$pod_name\",sameRegion=\"false\", sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation) ", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Cross Region Data", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Cross region and cross zone subnets must be defined via the configMap. \nSee: \n", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 100, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 2, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 14, + "w": 13, + "x": 11, + "y": 15 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(increase(kubecost_pod_network_ingress_bytes_total\n {internet=\"false\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", sameRegion=\"true\", sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation)", + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(increase(kubecost_pod_network_egress_bytes_total\n {internet=\"false\", namespace=~\"$namespace\", cluster_id=~\"$cluster\", pod_name=~\"$pod_name\", sameRegion=\"true\", sameZone=\"false\", service=~\"$service\"}\n [1h]))\nby($aggregation)", + "hide": false, + "interval": "1h", + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Cross Zone Data", + "type": "timeseries" + } + ], + "refresh": "", + "revision": 1, + "schemaVersion": 39, + "tags": [ + "utilization", + "metrics", + "kubecost" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "PBFA97CFB590B2093" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": false, + "text": "namespace", + "value": "namespace" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "aggregation", + "options": [ + { + "selected": false, + "text": "cluster_id", + "value": "cluster_id" + }, + { + "selected": true, + "text": "namespace", + "value": "namespace" + }, + { + "selected": false, + "text": "pod_name", + "value": "pod_name" + } + ], + "query": "cluster_id, namespace, pod_name", + "queryValue": "", + "skipUrlSync": false, + "type": "custom" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(cluster_id)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "query": "label_values(cluster_id)", + "refId": "StandardVariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": true, + "text": "kubecost", + "value": "kubecost" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels{cluster_id=~\"$cluster\"}, namespace) ", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "query": "label_values(kube_namespace_labels{cluster_id=~\"$cluster\"}, namespace) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kubecost_pod_network_egress_bytes_total{cluster_id=~\"$cluster\", namespace=~\"$namespace\"},pod_name)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "pod_name", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kubecost_pod_network_egress_bytes_total{cluster_id=~\"$cluster\", namespace=~\"$namespace\"},pod_name)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "filters": [], + "hide": 0, + "name": "filter", + "skipUrlSync": false, + "type": "adhoc" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "definition": "label_values(kubecost_pod_network_egress_bytes_total{namespace=~\"$namespace\"},service)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "service", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kubecost_pod_network_egress_bytes_total{namespace=~\"$namespace\"},service)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-7d", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Kubecost Network Costs Metrics", + "uid": "kubecost-networkCosts-metrics", + "version": 2, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/node-utilization.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/node-utilization.json new file mode 100644 index 0000000000..dc03cc0743 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/node-utilization.json @@ -0,0 +1,1389 @@ +{ + "annotations":{ + "list":[ + { + "builtIn":1, + "datasource":"-- Grafana --", + "enable":true, + "hide":true, + "iconColor":"rgba(0, 211, 255, 1)", + "name":"Annotations & Alerts", + "type":"dashboard" + } + ] + }, + "editable":true, + "gnetId":null, + "graphTooltip":0, + "id":6, + "iteration":1557245882378, + "links":[ + + ], + "panels":[ + { + "cacheTimeout":null, + "colorBackground":false, + "colorValue":false, + "colors":[ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource":"${datasource}", + "format":"percentunit", + "gauge":{ + "maxValue":100, + "minValue":0, + "show":true, + "thresholdLabels":false, + "thresholdMarkers":true + }, + "gridPos":{ + "h":7, + "w":8, + "x":0, + "y":0 + }, + "id":2, + "interval":null, + "links":[ + + ], + "mappingType":1, + "mappingTypes":[ + { + "name":"value to text", + "value":1 + }, + { + "name":"range to text", + "value":2 + } + ], + "maxDataPoints":100, + "nullPointMode":"connected", + "nullText":null, + "postfix":"", + "postfixFontSize":"50%", + "prefix":"", + "prefixFontSize":"50%", + "rangeMaps":[ + { + "from":"null", + "text":"N/A", + "to":"null" + } + ], + "sparkline":{ + "fillColor":"rgba(31, 118, 189, 0.18)", + "full":false, + "lineColor":"rgb(31, 120, 193)", + "show":false + }, + "tableColumn":"", + "targets":[ + { + "expr":"sum(irate(container_cpu_usage_seconds_total{id=\"/\",instance=\"$node\"}[10m]))", + "format":"time_series", + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":"", + "title":"CPU Usage", + "type":"singlestat", + "valueFontSize":"80%", + "valueMaps":[ + { + "op":"=", + "text":"N/A", + "value":"null" + } + ], + "valueName":"avg" + }, + { + "cacheTimeout":null, + "colorBackground":false, + "colorValue":false, + "colors":[ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource":"${datasource}", + "format":"percentunit", + "gauge":{ + "maxValue":100, + "minValue":0, + "show":true, + "thresholdLabels":false, + "thresholdMarkers":true + }, + "gridPos":{ + "h":7, + "w":8, + "x":8, + "y":0 + }, + "id":3, + "interval":null, + "links":[ + + ], + "mappingType":1, + "mappingTypes":[ + { + "name":"value to text", + "value":1 + }, + { + "name":"range to text", + "value":2 + } + ], + "maxDataPoints":100, + "nullPointMode":"connected", + "nullText":null, + "postfix":"", + "postfixFontSize":"50%", + "prefix":"", + "prefixFontSize":"50%", + "rangeMaps":[ + { + "from":"null", + "text":"N/A", + "to":"null" + } + ], + "sparkline":{ + "fillColor":"rgba(31, 118, 189, 0.18)", + "full":false, + "lineColor":"rgb(31, 120, 193)", + "show":false + }, + "tableColumn":"", + "targets":[ + { + "expr":"SUM(container_memory_usage_bytes{namespace!=\"\",instance=\"$node\"}) / SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\", node=\"$node\"})", + "format":"time_series", + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":"", + "title":"Memory Usage", + "type":"singlestat", + "valueFontSize":"80%", + "valueMaps":[ + { + "op":"=", + "text":"N/A", + "value":"null" + } + ], + "valueName":"avg" + }, + { + "cacheTimeout":null, + "colorBackground":false, + "colorValue":false, + "colors":[ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource":"${datasource}", + "format":"percentunit", + "gauge":{ + "maxValue":100, + "minValue":0, + "show":true, + "thresholdLabels":false, + "thresholdMarkers":true + }, + "gridPos":{ + "h":7, + "w":8, + "x":16, + "y":0 + }, + "id":4, + "interval":null, + "links":[ + + ], + "mappingType":1, + "mappingTypes":[ + { + "name":"value to text", + "value":1 + }, + { + "name":"range to text", + "value":2 + } + ], + "maxDataPoints":100, + "nullPointMode":"connected", + "nullText":null, + "postfix":"", + "postfixFontSize":"50%", + "prefix":"", + "prefixFontSize":"50%", + "rangeMaps":[ + { + "from":"null", + "text":"N/A", + "to":"null" + } + ], + "sparkline":{ + "fillColor":"rgba(31, 118, 189, 0.18)", + "full":false, + "lineColor":"rgb(31, 120, 193)", + "show":false + }, + "tableColumn":"", + "targets":[ + { + "expr":"sum(container_fs_usage_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\",instance=\"$node\"}) /\nsum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\",instance=\"$node\"})", + "format":"time_series", + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":"", + "title":"Storage Usage", + "type":"singlestat", + "valueFontSize":"80%", + "valueMaps":[ + { + "op":"=", + "text":"N/A", + "value":"null" + } + ], + "valueName":"avg" + }, + { + "columns":[ + { + "text":"Avg", + "value":"avg" + } + ], + "datasource":"${datasource}", + "fontSize":"100%", + "gridPos":{ + "h":8, + "w":16, + "x":0, + "y":7 + }, + "hideTimeOverride":true, + "id":21, + "links":[ + + ], + "pageSize":8, + "repeat":null, + "repeatDirection":"v", + "scroll":true, + "showHeader":true, + "sort":{ + "col":4, + "desc":true + }, + "styles":[ + { + "alias":"Pod", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(50, 172, 45, 0.97)", + "#c15c17" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "link":false, + "linkTooltip":"", + "linkUrl":"", + "pattern":"pod_name", + "thresholds":[ + "30", + "80" + ], + "type":"string", + "unit":"currencyUSD" + }, + { + "alias":"", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Time", + "thresholds":[ + + ], + "type":"hidden", + "unit":"short" + }, + { + "alias":"CPU Usage", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #C", + "thresholds":[ + + ], + "type":"number", + "unit":"short" + }, + { + "alias":"CPU Request", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #A", + "thresholds":[ + + ], + "type":"number", + "unit":"short" + }, + { + "alias":"CPU Limit", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #B", + "thresholds":[ + + ], + "type":"number", + "unit":"short" + }, + { + "alias":"Mem Usage", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #D", + "thresholds":[ + + ], + "type":"number", + "unit":"bytes" + }, + { + "alias":"Mem Request", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #E", + "thresholds":[ + + ], + "type":"number", + "unit":"bytes" + }, + { + "alias":"Mem Limit", + "colorMode":null, + "colors":[ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat":"YYYY-MM-DD HH:mm:ss", + "decimals":2, + "mappingType":1, + "pattern":"Value #F", + "thresholds":[ + + ], + "type":"number", + "unit":"bytes" + } + ], + "targets":[ + { + "expr":"sum(rate(container_cpu_usage_seconds_total{container_name!=\"\",container_name!=\"POD\",pod_name!=\"\",instance=\"$node\"}[24h])) by (pod_name)", + "format":"table", + "instant":true, + "intervalFactor":1, + "refId":"C" + }, + { + "expr":"sum(label_replace(\nsum(avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", container!=\"\",container!=\"POD\",node=\"$node\"}[24h])) by (pod), \n\"pod_name\",\"$1\",\"pod\",\"(.+)\")\nor up * 0\n) by (pod_name)", + "format":"table", + "instant":true, + "intervalFactor":1, + "refId":"A" + }, + { + "expr":"sum(avg_over_time(container_memory_usage_bytes{container_name!=\"\",container_name!=\"POD\",pod_name!=\"\",instance=\"$node\"}[24h])) by (pod_name)\n", + "format":"table", + "instant":true, + "intervalFactor":1, + "refId":"D" + }, + { + "expr":"sum(label_replace(label_replace(\nsum(avg_over_time(kube_pod_container_resource_requests{resource=\"memory\", unit=\"byte\", container!=\"\",container!=\"POD\",node=\"$node\"}[24h])) by (pod),\n\"container_name\",\"$1\",\"container\",\"(.+)\"), \"pod_name\",\"$1\",\"pod\",\"(.+)\")\nor up * 0\n) by (pod_name)\n", + "format":"table", + "instant":true, + "intervalFactor":1, + "refId":"E" + } + ], + "timeFrom":"1M", + "timeShift":null, + "title":"Current pods", + "transform":"table", + "transparent":false, + "type":"table" + }, + { + "cacheTimeout":null, + "colorBackground":false, + "colorValue":false, + "colors":[ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource":"${datasource}", + "decimals":0, + "format":"none", + "gauge":{ + "maxValue":100, + "minValue":0, + "show":false, + "thresholdLabels":false, + "thresholdMarkers":true + }, + "gridPos":{ + "h":4, + "w":4, + "x":16, + "y":7 + }, + "id":8, + "interval":null, + "links":[ + + ], + "mappingType":1, + "mappingTypes":[ + { + "name":"value to text", + "value":1 + }, + { + "name":"range to text", + "value":2 + } + ], + "maxDataPoints":100, + "nullPointMode":"connected", + "nullText":null, + "postfix":"", + "postfixFontSize":"50%", + "prefix":"", + "prefixFontSize":"50%", + "rangeMaps":[ + { + "from":"null", + "text":"N/A", + "to":"null" + } + ], + "sparkline":{ + "fillColor":"rgba(31, 118, 189, 0.18)", + "full":false, + "lineColor":"rgb(31, 120, 193)", + "show":false + }, + "tableColumn":"", + "targets":[ + { + "expr":"sum(\n count(avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\", unit=\"core\", container!=\"\",container!=\"POD\",node=\"$node\"}[24h])) by (pod)\n * on (pod) group_right()\n sum(kube_pod_container_status_running) by (pod)\n)", + "format":"time_series", + "instant":true, + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":"", + "title":"Pods Running", + "type":"singlestat", + "valueFontSize":"80%", + "valueMaps":[ + { + "op":"=", + "text":"N/A", + "value":"null" + } + ], + "valueName":"current" + }, + { + "cacheTimeout":null, + "colorBackground":false, + "colorValue":false, + "colors":[ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource":"${datasource}", + "format":"bytes", + "gauge":{ + "maxValue":100, + "minValue":0, + "show":false, + "thresholdLabels":false, + "thresholdMarkers":true + }, + "gridPos":{ + "h":4, + "w":4, + "x":20, + "y":7 + }, + "id":18, + "interval":null, + "links":[ + + ], + "mappingType":1, + "mappingTypes":[ + { + "name":"value to text", + "value":1 + }, + { + "name":"range to text", + "value":2 + } + ], + "maxDataPoints":100, + "nullPointMode":"connected", + "nullText":null, + "postfix":"", + "postfixFontSize":"50%", + "prefix":"", + "prefixFontSize":"50%", + "rangeMaps":[ + { + "from":"null", + "text":"N/A", + "to":"null" + } + ], + "sparkline":{ + "fillColor":"rgba(31, 118, 189, 0.18)", + "full":false, + "lineColor":"rgb(31, 120, 193)", + "show":false + }, + "tableColumn":"", + "targets":[ + { + "expr":"sum(container_fs_limit_bytes{device=~\"^/dev/[sv]d[a-z][1-9]$\",id=\"/\",instance=\"$node\"})", + "format":"time_series", + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":"", + "title":"Storage Capacity", + "type":"singlestat", + "valueFontSize":"80%", + "valueMaps":[ + { + "op":"=", + "text":"N/A", + "value":"null" + } + ], + "valueName":"current" + }, + { + "cacheTimeout":null, + "colorBackground":false, + "colorValue":false, + "colors":[ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource":"${datasource}", + "format":"none", + "gauge":{ + "maxValue":100, + "minValue":0, + "show":false, + "thresholdLabels":false, + "thresholdMarkers":true + }, + "gridPos":{ + "h":4, + "w":4, + "x":16, + "y":11 + }, + "id":9, + "interval":null, + "links":[ + + ], + "mappingType":1, + "mappingTypes":[ + { + "name":"value to text", + "value":1 + }, + { + "name":"range to text", + "value":2 + } + ], + "maxDataPoints":100, + "nullPointMode":"connected", + "nullText":null, + "postfix":"", + "postfixFontSize":"50%", + "prefix":"", + "prefixFontSize":"50%", + "rangeMaps":[ + { + "from":"null", + "text":"N/A", + "to":"null" + } + ], + "sparkline":{ + "fillColor":"rgba(31, 118, 189, 0.18)", + "full":false, + "lineColor":"rgb(31, 120, 193)", + "show":false + }, + "tableColumn":"", + "targets":[ + { + "expr":"kube_node_status_capacity{resource=\"cpu\", unit=\"core\", node=\"$node\"}", + "format":"time_series", + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":"", + "title":"CPU Capacity", + "type":"singlestat", + "valueFontSize":"80%", + "valueMaps":[ + { + "op":"=", + "text":"N/A", + "value":"null" + } + ], + "valueName":"avg" + }, + { + "cacheTimeout":null, + "colorBackground":false, + "colorValue":false, + "colors":[ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource":"${datasource}", + "format":"bytes", + "gauge":{ + "maxValue":100, + "minValue":0, + "show":false, + "thresholdLabels":false, + "thresholdMarkers":true + }, + "gridPos":{ + "h":4, + "w":4, + "x":20, + "y":11 + }, + "id":19, + "interval":null, + "links":[ + + ], + "mappingType":1, + "mappingTypes":[ + { + "name":"value to text", + "value":1 + }, + { + "name":"range to text", + "value":2 + } + ], + "maxDataPoints":100, + "nullPointMode":"connected", + "nullText":null, + "postfix":"", + "postfixFontSize":"50%", + "prefix":"", + "prefixFontSize":"50%", + "rangeMaps":[ + { + "from":"null", + "text":"N/A", + "to":"null" + } + ], + "sparkline":{ + "fillColor":"rgba(31, 118, 189, 0.18)", + "full":false, + "lineColor":"rgb(31, 120, 193)", + "show":false + }, + "tableColumn":"", + "targets":[ + { + "expr":"kube_node_status_capacity{resource=\"memory\", unit=\"byte\", node=\"$node\"}", + "format":"time_series", + "intervalFactor":1, + "refId":"A" + } + ], + "thresholds":"", + "title":"RAM Capacity", + "type":"singlestat", + "valueFontSize":"80%", + "valueMaps":[ + { + "op":"=", + "text":"N/A", + "value":"null" + } + ], + "valueName":"current" + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":3, + "description":"This panel shows historical utilization for the node.", + "editable":true, + "error":false, + "fill":0, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":0, + "y":15 + }, + "height":"", + "id":11, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":false, + "current":false, + "hideEmpty":false, + "hideZero":false, + "max":false, + "min":false, + "rightSide":false, + "show":false, + "sideWidth":null, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":true, + "targets":[ + { + "expr":"sum(irate(container_cpu_usage_seconds_total{id=\"/\",instance=\"$node\"}[10m]))", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"10s", + "intervalFactor":1, + "legendFormat":"cpu utilization", + "metric":"container_cpu", + "refId":"A", + "step":10 + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"CPU Utilization", + "tooltip":{ + "msResolution":true, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "decimals":null, + "format":"percentunit", + "label":"", + "logBase":1, + "max":"1.1", + "min":"0", + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":2, + "description":"This panel shows historical utilization for the node.", + "editable":true, + "error":false, + "fill":0, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":12, + "y":15 + }, + "id":13, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":false, + "current":false, + "max":false, + "min":false, + "rightSide":false, + "show":false, + "sideWidth":200, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":true, + "targets":[ + { + "expr":"SUM(container_memory_usage_bytes{namespace!=\"\",instance=\"$node\"}) / SUM(kube_node_status_capacity{resource=\"memory\", unit=\"byte\", node=\"$node\"})", + "format":"time_series", + "instant":false, + "interval":"10s", + "intervalFactor":1, + "legendFormat":"ram utilization", + "metric":"container_memory_usage:sort_desc", + "refId":"A", + "step":10 + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"RAM Utilization", + "tooltip":{ + "msResolution":false, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "decimals":null, + "format":"percentunit", + "label":null, + "logBase":1, + "max":"1.1", + "min":"0", + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":2, + "description":"Traffic in and out of this namespace, as a sum of the pods within it", + "editable":true, + "error":false, + "fill":1, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":0, + "y":21 + }, + "height":"", + "id":15, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":true, + "current":true, + "hideEmpty":false, + "hideZero":false, + "max":false, + "min":false, + "rightSide":false, + "show":true, + "sideWidth":null, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":false, + "targets":[ + { + "expr":"sum (rate (container_network_receive_bytes_total{instance=\"$node\"}[10m]))", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"<- in", + "metric":"container_cpu", + "refId":"A", + "step":10 + }, + { + "expr":"- sum (rate (container_network_transmit_bytes_total{instance=\"$node\"}[10m]))", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"-> out", + "refId":"B" + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"Network IO", + "tooltip":{ + "msResolution":true, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "format":"Bps", + "label":"", + "logBase":1, + "max":null, + "min":null, + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + }, + { + "aliasColors":{ + + }, + "bars":false, + "dashLength":10, + "dashes":false, + "datasource":"${datasource}", + "decimals":2, + "description":"Disk reads and writes for the namespace, as a sum of the pods within it", + "editable":true, + "error":false, + "fill":1, + "grid":{ + + }, + "gridPos":{ + "h":6, + "w":12, + "x":12, + "y":21 + }, + "height":"", + "id":17, + "isNew":true, + "legend":{ + "alignAsTable":false, + "avg":true, + "current":true, + "hideEmpty":false, + "hideZero":false, + "max":false, + "min":false, + "rightSide":false, + "show":true, + "sideWidth":null, + "sort":"current", + "sortDesc":true, + "total":false, + "values":true + }, + "lines":true, + "linewidth":2, + "links":[ + + ], + "nullPointMode":"connected", + "percentage":false, + "pointradius":5, + "points":false, + "renderer":"flot", + "seriesOverrides":[ + + ], + "spaceLength":10, + "stack":false, + "steppedLine":false, + "targets":[ + { + "expr":"sum (rate (container_fs_writes_bytes_total{instance=\"$node\"}[10m]))", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"<- write", + "metric":"container_cpu", + "refId":"A", + "step":10 + }, + { + "expr":"- sum (rate (container_fs_reads_bytes_total{instance=\"$node\"}[10m]))", + "format":"time_series", + "hide":false, + "instant":false, + "interval":"", + "intervalFactor":1, + "legendFormat":"-> read", + "refId":"B" + } + ], + "thresholds":[ + + ], + "timeFrom":"", + "timeShift":null, + "title":"Disk IO", + "tooltip":{ + "msResolution":true, + "shared":true, + "sort":2, + "value_type":"cumulative" + }, + "type":"graph", + "xaxis":{ + "buckets":null, + "mode":"time", + "name":null, + "show":true, + "values":[ + + ] + }, + "yaxes":[ + { + "format":"Bps", + "label":"", + "logBase":1, + "max":null, + "min":null, + "show":true + }, + { + "format":"short", + "label":null, + "logBase":1, + "max":null, + "min":null, + "show":false + } + ], + "yaxis":{ + "align":false, + "alignLevel":null + } + } + ], + "schemaVersion":16, + "style":"dark", + "tags":[ + "cost", + "utilization", + "metrics" + ], + "templating":{ + "list":[ + { + "allValue":null, + "current":{ + "text":"ip-172-20-44-170.us-east-2.compute.internal", + "value":"ip-172-20-44-170.us-east-2.compute.internal" + }, + "datasource":"${datasource}", + "hide":0, + "includeAll":false, + "label":null, + "multi":false, + "name":"node", + "options":[ + + ], + "query":"query_result(kube_node_labels)", + "refresh":1, + "regex":"/node=\\\"(.*?)(\\\")/", + "skipUrlSync":false, + "sort":0, + "tagValuesQuery":"", + "tags":[ + + ], + "tagsQuery":"", + "type":"query", + "useTags":false + }, + { + "current": { + "selected": true, + "text": "default-kubecost", + "value": "default-kubecost" + }, + "error": null, + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time":{ + "from":"now-6h", + "to":"now" + }, + "timepicker":{ + "refresh_intervals":[ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options":[ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone":"", + "title":"Node utilization metrics", + "uid":"NUQW37Lmk", + "version":1 +} diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/pod-utilization-multi-cluster.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/pod-utilization-multi-cluster.json new file mode 100644 index 0000000000..3054b9fdde --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/pod-utilization-multi-cluster.json @@ -0,0 +1,788 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "", + "editable": true, + "fiscalYearStartMonth": 0, + "gnetId": 9063, + "graphTooltip": 0, + "id": 4, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "description": "Maximum CPU Core Usage vs avg Requested", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 94, + "links": [], + "options": { + "legend": { + "calcs": [ + "max" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "max(irate(container_cpu_usage_seconds_total\r\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container=~\"$container\", container!=\"POD\",container!=\"\"}\r\n [$__rate_interval])) \r\n by (cluster_id, namespace, pod, container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (usage max)", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "exemplar": true, + "expr": "avg(kube_pod_container_resource_requests\r\n {cluster_id=\"$cluster\",resource=\"cpu\",unit=\"core\",namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\",container!=\"POD\"}\r\n ) \r\nby (cluster_id,namespace,pod,container)", + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (requested)", + "range": true, + "refId": "B" + } + ], + "timeFrom": "", + "title": "CPU Core Usage vs Requested", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "description": "Max memory used vs avg requested", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 96, + "links": [], + "options": { + "legend": { + "calcs": [ + "max" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "asc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "max(max_over_time(container_memory_working_set_bytes\r\n {namespace=~\"$namespace\",pod=~\"$pod\",cluster_id=\"$cluster\",container=~\"$container\",container!=\"POD\",container!=\"\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (usage max)", + "metric": "container_cpu", + "refId": "MEMORY_USAGE", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "avg(kube_pod_container_resource_requests\n {resource=\"memory\",unit=\"byte\",cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container=~\"$container\",container!=\"POD\"}\n )\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}/{{container}} (requested)", + "refId": "MEMORY_REQUESTED" + } + ], + "timeFrom": "", + "title": "Memory Usage vs Requested", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "description": "Network traffic by pod", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Bps", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 7 + }, + "id": 95, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "sum(irate(container_network_receive_bytes_total\n {cluster_id=~\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\"}\n [$__rate_interval])) \nby (cluster_id, namespace, pod)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}<- in", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "- sum(irate(container_network_transmit_bytes_total\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\"}\n [$__rate_interval])) \nby (cluster_id, namespace, pod)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}-> out", + "refId": "B" + } + ], + "timeFrom": "", + "title": "Network IO", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "description": "Disk read writes", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Bps", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 7 + }, + "id": 97, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "sum(irate(container_fs_writes_bytes_total\r\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",container!=\"POD\",pod!=\"\",pod=~\"$pod\",container=~\"$container\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}}<- write", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "- sum(irate(container_fs_reads_bytes_total\r\n {cluster_id=\"$cluster\",namespace=~\"$namespace\",container!=\"POD\",pod!=\"\",pod=~\"$pod\",container=~\"$container\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}}-> read", + "refId": "B" + } + ], + "timeFrom": "", + "title": "Disk IO", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "description": "This graph shows the % of periods where a pod is being throttled. Values range from 0-100", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 1800000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percent", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 14 + }, + "id": 99, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "editorMode": "code", + "expr": "100\n * sum by(cluster_id, namespace, pod, container) (increase(container_cpu_cfs_throttled_periods_total{container!=\"\",cluster_id=\"$cluster\", namespace=~\"$namespace\", pod=~\"$pod\", container=~\"$container\", container!=\"POD\"}[$__rate_interval]))\n / sum by(cluster_id,namespace,pod,container) (increase(container_cpu_cfs_periods_total{container!=\"\",cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\",container!=\"POD\"}[$__rate_interval]))", + "format": "time_series", + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "B" + } + ], + "timeFrom": "", + "title": "CPU throttle percent", + "type": "timeseries" + } + ], + "refresh": "", + "revision": 1, + "schemaVersion": 39, + "tags": [ + "utilization", + "metrics", + "kubecost" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "CostManagement", + "value": "CostManagement" + }, + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "definition": "label_values(cluster_id)", + "hide": 0, + "includeAll": false, + "multi": false, + "name": "cluster", + "options": [], + "query": { + "query": "label_values(cluster_id)", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "kubecost", + "value": "kubecost" + }, + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "definition": "label_values(kube_namespace_labels{cluster_id=\"$cluster\"}, namespace) ", + "hide": 0, + "includeAll": true, + "label": "", + "multi": false, + "name": "namespace", + "options": [], + "query": { + "query": "label_values(kube_namespace_labels{cluster_id=\"$cluster\"}, namespace) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "definition": "label_values(kube_pod_labels{cluster_id=\"$cluster\",namespace=~\"$namespace\"}, pod) ", + "hide": 0, + "includeAll": true, + "label": "pod", + "multi": false, + "name": "pod", + "options": [], + "query": { + "query": "label_values(kube_pod_labels{cluster_id=\"$cluster\",namespace=~\"$namespace\"}, pod) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "Thanos" + }, + "definition": "label_values(container_memory_working_set_bytes{cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"POD\"}, container) ", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "container", + "options": [], + "query": { + "query": "label_values(container_memory_working_set_bytes{cluster_id=\"$cluster\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"POD\"}, container) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-2d", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "browser", + "title": "Pod utilization metrics (multi-cluster)", + "uid": "at-cost-analysis-pod-multicluster", + "version": 2, + "weekStart": "" +} diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/pod-utilization.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/pod-utilization.json new file mode 100644 index 0000000000..6596cef761 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/pod-utilization.json @@ -0,0 +1,860 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "", + "editable": true, + "fiscalYearStartMonth": 0, + "gnetId": 9063, + "graphTooltip": 0, + "id": 11, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Maximum CPU Core Usage vs Requested", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 94, + "links": [], + "options": { + "legend": { + "calcs": [ + "max" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "max(irate(\r\n container_cpu_usage_seconds_total\r\n {namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\",container!=\"POD\",container!=\"\"}\r\n [$__rate_interval])) \r\n by (cluster_id, namespace, pod, container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}} (usage max)", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "avg(kube_pod_container_resource_requests\r\n {resource=\"cpu\",unit=\"core\",namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\",container!=\"POD\"}\r\n ) \r\nby (cluster_id, namespace, pod, container)", + "legendFormat": "{{cluster_id}} {{pod}}/{{container}} (avg requested)", + "range": true, + "refId": "B" + } + ], + "timeFrom": "", + "title": "CPU Core Usage vs Requested", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Max Memory usage vs avg requested", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 96, + "links": [], + "options": { + "legend": { + "calcs": [ + "max" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "asc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "max(max_over_time(\r\n container_memory_working_set_bytes\r\n {namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\",container!=\"POD\",container!=\"\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}} (usage max)", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "avg(\n kube_pod_container_resource_requests\n {resource=\"memory\",unit=\"byte\",namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\", container!=\"POD\"}\n )\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}} (avg requested)", + "refId": "B" + } + ], + "timeFrom": "", + "title": "Memory Usage vs Requested", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Network traffic by pod", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Bps" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 7 + }, + "id": 95, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(irate(container_network_receive_bytes_total\n {namespace=~\"$namespace\",pod=~\"$pod\"}\n [$__rate_interval])) \nby (cluster_id, namespace, pod)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}<- in", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(irate(container_network_transmit_bytes_total\n {namespace=~\"$namespace\",pod=~\"$pod\"}\n [$__rate_interval])) \nby (cluster_id, namespace, pod)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{namespace}}/{{pod}}-> out", + "refId": "B" + } + ], + "timeFrom": "", + "title": "Network IO", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "Disk read writes", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Bps" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 7 + }, + "id": 97, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(irate(container_fs_writes_bytes_total\r\n {container!=\"POD\",pod!=\"\",pod=~\"$pod\",container=~\"$container\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}}<- write", + "metric": "container_cpu", + "refId": "A", + "step": 10 + }, + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "- sum(irate(container_fs_reads_bytes_total\r\n {container!=\"POD\",pod!=\"\",pod=~\"$pod\",container=~\"$container\"}\r\n [$__rate_interval])) \r\nby (cluster_id,namespace,pod,container)", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{cluster_id}} {{pod}}/{{container}}-> read", + "refId": "B" + } + ], + "timeFrom": "", + "title": "Disk IO", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "This graph shows the % of periods where a pod is being throttled. Values range from 0-100", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 1800000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percent" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 14 + }, + "id": 99, + "links": [], + "options": { + "legend": { + "calcs": [ + "mean" + ], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "100\n * sum by(cluster_id, namespace, pod, container) (increase(container_cpu_cfs_throttled_periods_total{container!=\"\", namespace=~\"$namespace\", pod=~\"$pod\", container=~\"$container\", container!=\"POD\"}[$__rate_interval]))\n / sum by(cluster_id, namespace, pod, container) (increase(container_cpu_cfs_periods_total{container!=\"\", namespace=~\"$namespace\", pod=~\"$pod\", container=~\"$container\", container!=\"POD\"}[$__rate_interval]))", + "format": "time_series", + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "__auto", + "refId": "B" + } + ], + "timeFrom": "", + "title": "CPU throttle percent", + "type": "timeseries" + }, + { + "datasource": { + "default": false, + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "NVIDIA GPU usage for this container.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 2, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": 3600000, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 14 + }, + "id": 100, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": false + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.4.7", + "targets": [ + { + "datasource": { + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "DCGM_FI_PROF_GR_ENGINE_ACTIVE{namespace=~\"$namespace\",container=~\"$container\",pod=~\"$pod\"}", + "format": "time_series", + "hide": false, + "instant": false, + "interval": "", + "intervalFactor": 1, + "legendFormat": "__auto", + "metric": "container_cpu", + "refId": "A", + "step": 10 + } + ], + "timeFrom": "", + "title": "GPU Usage", + "type": "timeseries" + } + ], + "refresh": "", + "revision": 1, + "schemaVersion": 39, + "tags": [ + "kubecost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels, namespace) ", + "hide": 0, + "includeAll": true, + "label": "", + "multi": false, + "name": "namespace", + "options": [], + "query": { + "query": "label_values(kube_namespace_labels, namespace) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "uid": "${datasource}" + }, + "definition": "label_values(kube_pod_labels{namespace=~\"$namespace\"}, pod) ", + "hide": 0, + "includeAll": true, + "label": "pod", + "multi": false, + "name": "pod", + "options": [], + "query": { + "query": "label_values(kube_pod_labels{namespace=~\"$namespace\"}, pod) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "tagValuesQuery": "", + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(container_memory_working_set_bytes{namespace=~\"$namespace\",pod=~\"$pod\", container!=\"POD\"}, container) ", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "container", + "options": [], + "query": { + "query": "label_values(container_memory_working_set_bytes{namespace=~\"$namespace\",pod=~\"$pod\", container!=\"POD\"}, container) ", + "refId": "StandardVariableQuery" + }, + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-2d", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "browser", + "title": "Pod utilization metrics", + "uid": "at-cost-analysis-pod", + "version": 2, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/prom-benchmark.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/prom-benchmark.json new file mode 100644 index 0000000000..ff054acc2f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/prom-benchmark.json @@ -0,0 +1,5691 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "description": "Metrics useful for benchmarking and loadtesting Prometheus itself. Designed primarily for Prometheus 2.17.x.", + "editable": true, + "gnetId": 12054, + "graphTooltip": 1, + "id": 9, + "iteration": 1603144824023, + "links": [], + "panels": [ + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 49, + "panels": [], + "title": "Basics", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 1 + }, + "hiddenSeries": false, + "id": 40, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_build_info{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{version}} - {{revision}}", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Prometheus Version", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 1 + }, + "hiddenSeries": false, + "id": 72, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "time() - process_start_time_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "Age", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Uptime", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "dtdurations", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 1 + }, + "hiddenSeries": false, + "id": 107, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "time() - prometheus_config_last_reload_success_timestamp_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "Age", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Last Successful Config Reload", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "dtdurations", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 46, + "panels": [], + "title": "Ingestion", + "type": "row" + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "Time series": "#70dbed" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 9 + }, + "hiddenSeries": false, + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_head_series{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Time series", + "metric": "prometheus_local_storage_memory_series", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Head Time series", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 9 + }, + "hiddenSeries": false, + "id": 26, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_head_active_appenders{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Head Appenders", + "metric": "prometheus_local_storage_memory_series", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Head Active Appenders", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "samples/s": "#e5a8e2" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 9 + }, + "hiddenSeries": false, + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_head_samples_appended_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "samples/s", + "metric": "prometheus_local_storage_ingested_samples_total", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Samples Appended/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "", + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "To persist": "#9AC48A" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 16 + }, + "hiddenSeries": false, + "id": 2, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "/Max.*/", + "fill": 0 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_head_chunks{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Chunks", + "metric": "prometheus_local_storage_memory_chunks", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Head Chunks", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 16 + }, + "hiddenSeries": false, + "id": 4, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_head_chunks_created_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Created", + "metric": "prometheus_local_storage_chunk_ops_total", + "refId": "A", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_head_chunks_removed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Removed", + "metric": "prometheus_local_storage_chunk_ops_total", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Head Chunks/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "ops", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "Removed": "#e5ac0e" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 16 + }, + "hiddenSeries": false, + "id": 25, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_isolation_high_watermark{job=\"prometheus\",instance=\"$Prometheus:9090\"} - prometheus_tsdb_isolation_low_watermark{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Difference", + "metric": "prometheus_local_storage_chunk_ops_total", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Isolation Watermarks", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 23 + }, + "id": 52, + "panels": [], + "title": "Compaction", + "type": "row" + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max": "#447ebc", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "Min": "#447ebc", + "Now": "#7eb26d" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 24 + }, + "hiddenSeries": false, + "id": 28, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "Max", + "fillBelowTo": "Min", + "lines": false + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_head_min_time{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Min", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + }, + { + "expr": "time() * 1000", + "format": "time_series", + "hide": false, + "intervalFactor": 2, + "legendFormat": "Now", + "refId": "C" + }, + { + "expr": "prometheus_tsdb_head_max_time{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Max", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Head Time Range", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": null, + "format": "dateTimeAsIso", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 24 + }, + "hiddenSeries": false, + "id": 29, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_head_gc_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "GC Time/s", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Head GC Time/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 24 + }, + "hiddenSeries": false, + "id": 14, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "Queue length", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_blocks_loaded{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Blocks Loaded", + "metric": "prometheus_local_storage_indexing_batch_sizes_sum", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Blocks Loaded", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Failed Compactions": "#bf1b00", + "Failed Reloads": "#bf1b00", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 31 + }, + "hiddenSeries": false, + "id": 30, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_reloads_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Reloads", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "TSDB Reloads/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Failed Compactions": "#bf1b00", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 31 + }, + "hiddenSeries": false, + "id": 31, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_wal_fsync_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_tsdb_wal_fsync_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Fsync Latency", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_wal_truncate_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m]) / rate(prometheus_tsdb_wal_trunacte_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Truncate Latency", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "WAL Fsync&Truncate Latency", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Failed Compactions": "#bf1b00", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "{instance=\"demo.robustperception.io:9090\",job=\"prometheus\"}": "#bf1b00" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 31 + }, + "hiddenSeries": false, + "id": 32, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_wal_corruptions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "WAL Corruptions", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_reloads_failures_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Reload Failures", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "B", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_head_series_not_found{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Head Series Not Found", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "C", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_compactions_failed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Compaction Failures", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "D", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_retention_cutoffs_failures_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Retention Cutoff Failures", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "E", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_checkpoint_creations_failed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "WAL Checkpoint Creation Failures", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "F", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_checkpoint_deletions_failed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "WAL Checkpoint Deletion Failures", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "G", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "TSDB Problems/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Failed Compactions": "#bf1b00", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 38 + }, + "hiddenSeries": false, + "id": 19, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_compactions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Compactions", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Compactions/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 38 + }, + "hiddenSeries": false, + "id": 33, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_compaction_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Compaction Time/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Allocated bytes": "#F9BA8F", + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "RSS": "#890F02" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 38 + }, + "hiddenSeries": false, + "id": 8, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_time_retentions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Time Cutoffs", + "metric": "last", + "refId": "A", + "step": 10 + }, + { + "expr": "rate(prometheus_tsdb_size_retentions_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Size Cutoffs", + "metric": "last", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Retention Cutoffs/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 45 + }, + "hiddenSeries": false, + "id": 27, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_compaction_chunk_range_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m]) / rate(prometheus_tsdb_compaction_chunk_range_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Chunk Time Range", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "First Compaction, Avg Chunk Time Range", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": null, + "format": "dtdurationms", + "label": "", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 45 + }, + "hiddenSeries": false, + "id": 35, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_compaction_chunk_size_bytes_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m]) / rate(prometheus_tsdb_compaction_chunk_samples_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Bytes/Sample", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "First Compaction, Avg Bytes/Sample", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": null, + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 45 + }, + "hiddenSeries": false, + "id": 34, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_tsdb_compaction_chunk_samples_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m]) / rate(prometheus_tsdb_compaction_chunk_samples_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[10m])", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Chunk Samples", + "metric": "prometheus_local_storage_series_chunks_persisted_count", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "First Compaction, Avg Chunk Samples", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": null, + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 52 + }, + "id": 55, + "panels": [], + "title": "Resource Usage", + "type": "row" + }, + { + "aliasColors": { + "Allocated bytes": "#7EB26D", + "Allocated bytes - 1m max": "#BF1B00", + "Allocated bytes - 1m min": "#BF1B00", + "Allocated bytes - 5m max": "#BF1B00", + "Allocated bytes - 5m min": "#BF1B00", + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "RSS": "#447EBC" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "decimals": null, + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 53 + }, + "hiddenSeries": false, + "id": 6, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "/-/", + "fill": 0 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "process_resident_memory_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "intervalFactor": 2, + "legendFormat": "RSS", + "metric": "process_resident_memory_bytes", + "refId": "B", + "step": 10 + }, + { + "expr": "prometheus_local_storage_target_heap_size_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "intervalFactor": 2, + "legendFormat": "Target heap size", + "metric": "go_memstats_alloc_bytes", + "refId": "D", + "step": 10 + }, + { + "expr": "go_memstats_next_gc_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "intervalFactor": 2, + "legendFormat": "Next GC", + "metric": "go_memstats_next_gc_bytes", + "refId": "C", + "step": 10 + }, + { + "expr": "go_memstats_alloc_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "intervalFactor": 2, + "legendFormat": "Allocated", + "metric": "go_memstats_alloc_bytes", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Memory", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Allocated bytes": "#F9BA8F", + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833", + "RSS": "#890F02" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 53 + }, + "hiddenSeries": false, + "id": 7, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(go_memstats_alloc_bytes_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Allocated Bytes/s", + "metric": "go_memstats_alloc_bytes", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Allocations", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "decimals": 2, + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 53 + }, + "hiddenSeries": false, + "id": 9, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "hideEmpty": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "irate(process_cpu_seconds_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "intervalFactor": 2, + "legendFormat": "Irate", + "metric": "prometheus_local_storage_ingested_samples_total", + "refId": "A", + "step": 10 + }, + { + "expr": "rate(process_cpu_seconds_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[5m])", + "intervalFactor": 2, + "legendFormat": "5m rate", + "metric": "prometheus_local_storage_ingested_samples_total", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "CPU", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + "avg" + ] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "decimals": 2, + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 60 + }, + "hiddenSeries": false, + "id": 70, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "hideEmpty": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_symbol_table_size_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "RAM Used", + "metric": "prometheus_local_storage_ingested_samples_total", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Symbol Tables Size", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + "avg" + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "decimals": 2, + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 60 + }, + "hiddenSeries": false, + "id": 71, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "hideEmpty": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_tsdb_storage_blocks_bytes_total{job=\"prometheus\",instance=\"$Prometheus:9090\"} or prometheus_tsdb_storage_blocks_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Disk Used", + "metric": "prometheus_local_storage_ingested_samples_total", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Block Size", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + "avg" + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Max": "#e24d42", + "Open": "#508642" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 60 + }, + "hiddenSeries": false, + "id": 41, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "process_max_fds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "Max", + "refId": "A" + }, + { + "expr": "process_open_fds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "Open", + "refId": "B" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "File Descriptors", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 67 + }, + "id": 91, + "panels": [], + "title": "Service Discovery", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 68 + }, + "hiddenSeries": false, + "id": 42, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_sd_discovered_targets{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{name}}-{{config}}", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Discovered Targets", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 68 + }, + "hiddenSeries": false, + "id": 96, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_sd_updates_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[5m])", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{name}}", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Sent Updates/s", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 68 + }, + "hiddenSeries": false, + "id": 97, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_sd_received_updates_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[5m])", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{name}}", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Received Updates/s", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 75 + }, + "id": 99, + "panels": [], + "title": "Scraping", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 76 + }, + "hiddenSeries": false, + "id": 105, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_target_interval_length_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_target_interval_length_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{interval}}", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Scrape Interval", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 76 + }, + "hiddenSeries": false, + "id": 104, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_target_scrapes_exceeded_sample_limit_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "Exceeded Sample Limit", + "refId": "A" + }, + { + "expr": "rate(prometheus_target_scrapes_sample_duplicate_timestamp_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "Duplicate Timestamp", + "refId": "C" + }, + { + "expr": "rate(prometheus_target_scrapes_sample_out_of_bounds_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "Out Of Bounds ", + "refId": "D" + }, + { + "expr": "rate(prometheus_target_scrapes_sample_out_of_order_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "Out of Order", + "refId": "E" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Scrape Problems/s", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 76 + }, + "hiddenSeries": false, + "id": 95, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_target_metadata_cache_bytes{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{scrape_job}}", + "refId": "A" + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Metadata Cache Size", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 83 + }, + "id": 63, + "panels": [], + "title": "Query Engine", + "type": "row" + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "Time spent in each mode, per second", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 84 + }, + "hiddenSeries": false, + "id": 24, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_engine_query_duration_seconds_sum{job=\"prometheus\",}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{slice}}", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Query engine timings/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 84 + }, + "hiddenSeries": false, + "id": 22, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_rule_group_iterations_missed_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) ", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Rule group missed", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "B", + "step": 10 + }, + { + "expr": "rate(prometheus_rule_evaluation_failures_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Rule evals failed", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "C", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Rule group evaulation problems/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 84 + }, + "hiddenSeries": false, + "id": 23, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_rule_group_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Rule evaluation duration", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Evaluation time of rule groups/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": true, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 91 + }, + "id": 77, + "panels": [ + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 92 + }, + "hiddenSeries": false, + "id": 86, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_notifications_sent_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{alertmanager}}", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Notification Sent/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 92 + }, + "hiddenSeries": false, + "id": 87, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_notifications_errors_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_notifications_sent_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{alertmanager}}", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Notification Error Ratio", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 92 + }, + "hiddenSeries": false, + "id": 81, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_notifications_latency_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m]) / rate(prometheus_notifications_latency_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{alertmanager}}", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Notification Latency", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 99 + }, + "hiddenSeries": false, + "id": 85, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_notifications_alertmanagers_discovered{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Alertmanagers", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Alertmanagers Discovered", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 99 + }, + "hiddenSeries": false, + "id": 89, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_notifications_dropped_total{job=\"prometheus\",instance=\"$Prometheus:9090\"}[1m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Dropped", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Notifications Dropped/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 99 + }, + "hiddenSeries": false, + "id": 88, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_notifications_queue_length{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Pending", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + }, + { + "expr": "prometheus_notifications_queue_capacity{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "Max", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Notification Queue", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + } + ], + "title": "Notification", + "type": "row" + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 92 + }, + "id": 58, + "panels": [], + "title": "HTTP Server", + "type": "row" + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 93 + }, + "hiddenSeries": false, + "id": 38, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_http_request_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{handler}}", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "HTTP requests/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 93 + }, + "hiddenSeries": false, + "id": 37, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_http_request_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m]) / rate(prometheus_http_request_duration_seconds_count{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{handler}}", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "HTTP request latency", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "description": "", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 93 + }, + "hiddenSeries": false, + "id": 36, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "rate(prometheus_http_request_duration_seconds_sum{job=\"prometheus\",instance=\"$Prometheus:9090\"}[2m])", + "format": "time_series", + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{handler}}", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Time spent in HTTP requests/s", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 100 + }, + "id": 61, + "panels": [], + "repeat": "RuleGroup", + "scopedVars": { + "RuleGroup": { + "selected": false, + "text": "/etc/config/rules;CPU", + "value": "/etc/config/rules;CPU" + } + }, + "title": "Rule Group: $RuleGroup", + "type": "row" + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Interval": "#890f02", + "Last Duration": "#f9934e", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 101 + }, + "hiddenSeries": false, + "id": 43, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "repeatDirection": "h", + "scopedVars": { + "RuleGroup": { + "selected": false, + "text": "/etc/config/rules;CPU", + "value": "/etc/config/rules;CPU" + } + }, + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_rule_group_interval_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Interval", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + }, + { + "expr": "prometheus_rule_group_last_duration_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Last Duration", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "$RuleGroup: Duration", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Interval": "#890f02", + "Last Duration": "#f9934e", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 101 + }, + "hiddenSeries": false, + "id": 66, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeatDirection": "h", + "scopedVars": { + "RuleGroup": { + "selected": false, + "text": "/etc/config/rules;CPU", + "value": "/etc/config/rules;CPU" + } + }, + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_rule_group_rules{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Rules", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "$RuleGroup: Rules", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": 0, + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": "${datasource}", + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 108 + }, + "id": 108, + "panels": [], + "repeat": null, + "repeatIteration": 1603144824023, + "repeatPanelId": 61, + "scopedVars": { + "RuleGroup": { + "selected": false, + "text": "/etc/config/rules;Savings", + "value": "/etc/config/rules;Savings" + } + }, + "title": "Rule Group: $RuleGroup", + "type": "row" + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Interval": "#890f02", + "Last Duration": "#f9934e", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 109 + }, + "hiddenSeries": false, + "id": 109, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "repeatDirection": "h", + "repeatIteration": 1603144824023, + "repeatPanelId": 43, + "repeatedByRow": true, + "scopedVars": { + "RuleGroup": { + "selected": false, + "text": "/etc/config/rules;Savings", + "value": "/etc/config/rules;Savings" + } + }, + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_rule_group_interval_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Interval", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + }, + { + "expr": "prometheus_rule_group_last_duration_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Last Duration", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "B", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "$RuleGroup: Duration", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": { + "Chunks": "#1F78C1", + "Chunks to persist": "#508642", + "Interval": "#890f02", + "Last Duration": "#f9934e", + "Max chunks": "#052B51", + "Max to persist": "#3F6833" + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "${datasource}", + "editable": true, + "error": false, + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 109 + }, + "hiddenSeries": false, + "id": 110, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "percentage": false, + "pluginVersion": "7.1.1", + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeatDirection": "h", + "repeatIteration": 1603144824023, + "repeatPanelId": 66, + "repeatedByRow": true, + "scopedVars": { + "RuleGroup": { + "selected": false, + "text": "/etc/config/rules;Savings", + "value": "/etc/config/rules;Savings" + } + }, + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "prometheus_rule_group_rules{job=\"prometheus\",instance=\"$Prometheus:9090\",rule_group=~\"$RuleGroup\"}\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Rules", + "metric": "prometheus_local_storage_memory_chunkdescs", + "refId": "A", + "step": 10 + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "$RuleGroup: Rules", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": 0, + "format": "none", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + } + ], + "refresh": false, + "schemaVersion": 26, + "style": "dark", + "tags": [ + "kubecost" + ], + "templating": { + "list": [ + { + "allValue": null, + "current": { + "selected": false, + "text": "localhost", + "value": "localhost" + }, + "datasource": "${datasource}", + "definition": "", + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "Prometheus", + "options": [], + "query": "query_result(up{job=\"prometheus\"} == 1)", + "refresh": 2, + "regex": ".*instance=\"([^\"]+):9090\".*", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": null, + "tags": [], + "tagsQuery": null, + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": "${datasource}", + "definition": "", + "hide": 2, + "includeAll": true, + "label": null, + "multi": false, + "name": "RuleGroup", + "options": [], + "query": "prometheus_rule_group_last_duration_seconds{job=\"prometheus\",instance=\"$Prometheus:9090\"}", + "refresh": 2, + "regex": ".*rule_group=\"(.*?)\".*", + "skipUrlSync": false, + "sort": 1, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "current": { + "selected": true, + "text": "default-kubecost", + "value": "default-kubecost" + }, + "error": null, + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "utc", + "title": "Prometheus Benchmark - 2.17.x", + "uid": "L0HBvojWz", + "version": 4 +} diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/workload-metrics-aggregator.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/workload-metrics-aggregator.json new file mode 100644 index 0000000000..660358905e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/workload-metrics-aggregator.json @@ -0,0 +1,988 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "description": "Most used metrics when troubleshooting applications", + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 7, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "topk(5,sum(container_memory_working_set_bytes{container=\"aggregator\",namespace=~\"$namespace\"} ) by (namespace,pod,container))", + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "A" + } + ], + "title": "Top Memory Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 1, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "topk(5, (\r\n sum(rate(container_cpu_usage_seconds_total{image!=\"\",namespace=~\"$namespace\",container=\"aggregator\"}[$__rate_interval])) by (namespace,pod,container)\r\n )\r\n)", + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "A" + } + ], + "title": "Top CPU Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 8 + }, + "id": 9, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "sum(topk(5,\n rate(kubecost_pod_network_ingress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\"}\n [$__rate_interval]\n )\n) )\nby(namespace, pod_name) ", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{namespace}}/{{pod_name}}", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "- sum(topk(5,\n rate(kubecost_pod_network_egress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\"}\n [$__rate_interval]\n )\n) )\nby(namespace, pod_name) ", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{namespace}}/{{pod_name}}", + "range": true, + "refId": "B", + "useBackend": false + } + ], + "title": "Kubecost Top Network (egress is negative)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": 3600000, + "lineInterpolation": "smooth", + "lineStyle": { + "fill": "solid" + }, + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 8 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(topk(5,rate(container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval]))) by (namespace,pod) ", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{pod}}", + "range": true, + "refId": "receive" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "-sum(topk(5,rate(container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval]))) by (namespace,pod) ", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{pod}}", + "range": true, + "refId": "transmit" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "container_network_transmit_bytes_total{}", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Top Network (transmit is negative)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": 3600000, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 16 + }, + "id": 7, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "\n sum(rate(container_fs_writes_bytes_total\n {container=\"aggregator\",namespace=~\"$namespace\",image!=\"\"}\n [$__rate_interval]))\n by (namespace,pod,container)\n>0 ", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "storage_write" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "-(sum\r\n (rate(container_fs_reads_bytes_total\r\n {container=\"aggregator\",namespace=~\"$namespace\",image!=\"\"}\r\n [$__rate_interval])) \r\nby (namespace,pod,container) \r\n) <0", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "storage_read" + } + ], + "title": "Storage (read is negative)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "This may work depending on the CRI", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 16 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(kubelet_volume_stats_available_bytes{namespace=~\"$namespace\"}) by (namespace,persistentvolumeclaim)", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{persistentvolumeclaim}}", + "range": true, + "refId": "C" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(kube_persistentvolume_capacity_bytes) by (persistentvolume)", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Storage ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 82, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 0, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 24 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(increase(kube_pod_container_status_restarts_total{namespace=~\"$namespace\",pod=~\".+-aggregator-0\"}[1h])) by (namespace,container)>0", + "instant": false, + "interval": "1h", + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "A" + } + ], + "title": "Pod restarts per hour", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 24 + }, + "id": 11, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "editorMode": "code", + "expr": "kubecost_read_db_size", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "kubecost_read_db_size" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(kubecost_write_db_size)", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "kubecost_write_db_size" + } + ], + "title": "Aggregator DB Size", + "type": "timeseries" + } + ], + "refresh": "5s", + "schemaVersion": 39, + "tags": [ + "kubecost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "PBFA97CFB590B2093" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": true, + "text": "kubecost", + "value": "kubecost" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels,namespace)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_namespace_labels,namespace)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_pod_owner{namespace=~\"$namespace\"},pod)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "pod", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_pod_owner{namespace=~\"$namespace\"},pod)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-3h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Workload Metrics - Aggregator", + "uid": "kubecost-aggregator-metrics", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/workload-metrics.json b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/workload-metrics.json new file mode 100644 index 0000000000..248afc1348 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/grafana-dashboards/workload-metrics.json @@ -0,0 +1,893 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "description": "Most used metrics when troubleshooting applications", + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 2, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "topk(5,sum(container_memory_working_set_bytes{container=~\"$container\",pod=~\"$pod\",container!=\"\",namespace=~\"$namespace\"} ) by (namespace,pod,container))", + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "A" + } + ], + "title": "Top Memory Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 1, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 10, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "topk(5, (\r\n sum(rate(container_cpu_usage_seconds_total{image!=\"\",namespace=~\"$namespace\",pod=~\"$pod\",container=~\"$container\"}[10m])) by (namespace,pod,container)\r\n )\r\n)", + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "A" + } + ], + "title": "Top CPU Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 8 + }, + "id": 9, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "sum(topk(5,\n rate(kubecost_pod_network_ingress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\"}\n [$__rate_interval]\n )\n) )\nby(namespace, pod_name) ", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{namespace}}/{{pod_name}}", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "disableTextWrap": false, + "editorMode": "code", + "expr": "- sum(topk(5,\n rate(kubecost_pod_network_egress_bytes_total\n {namespace=~\"$namespace\", pod_name=~\"$pod\"}\n [$__rate_interval]\n )\n) )\nby(namespace, pod_name) ", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "{{namespace}}/{{pod_name}}", + "range": true, + "refId": "B", + "useBackend": false + } + ], + "title": "Kubecost Top Network (egress is negative)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": 3600000, + "lineInterpolation": "smooth", + "lineStyle": { + "fill": "solid" + }, + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 8 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(topk(5,rate(container_network_receive_bytes_total{pod=~\"$pod\",namespace=~\"$namespace\"}[$__rate_interval]))) by (namespace,pod) ", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{pod}}", + "range": true, + "refId": "receive" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "-sum(topk(5,rate(container_network_transmit_bytes_total{pod=~\"$pod\",namespace=~\"$namespace\"}[$__rate_interval]))) by (namespace,pod) ", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{pod}}", + "range": true, + "refId": "transmit" + } + ], + "title": "Top Network (transmit is negative)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": 3600000, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "binBps" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 16 + }, + "id": 7, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "\n sum(rate(container_fs_writes_bytes_total\n {pod=~\"$pod\",namespace=~\"$namespace\",image!=\"\"}\n [$__rate_interval]))\n by (namespace,pod,container)\n>0 ", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "storage_write" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "-(sum\r\n (rate(container_fs_reads_bytes_total\r\n {pod=~\"$pod\",namespace=~\"$namespace\",image!=\"\"}\r\n [$__rate_interval])) \r\nby (namespace,pod,container) \r\n) <0", + "hide": false, + "instant": false, + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "storage_read" + } + ], + "title": "Storage (read is negative)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "This may work depending on the CRI", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 16 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(kubelet_volume_stats_available_bytes{namespace=~\"$namespace\"}) by (namespace,persistentvolumeclaim)", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "C" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "editorMode": "code", + "expr": "sum(kube_persistentvolume_capacity_bytes) by (persistentvolume)", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Storage ", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "bars", + "fillOpacity": 82, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "normal" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "decimals": 0, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 24 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "table", + "placement": "right", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(increase(kube_pod_container_status_restarts_total{namespace=~\"$namespace\",pod=~\"$pod\"}[1h])) by (namespace,container)>0", + "instant": false, + "interval": "1h", + "legendFormat": "{{namespace}}/{{container}}", + "range": true, + "refId": "A" + } + ], + "title": "Pod restarts per hour", + "type": "timeseries" + } + ], + "refresh": "5s", + "schemaVersion": 39, + "tags": [ + "kubecost", + "utilization", + "metrics" + ], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "PBFA97CFB590B2093" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "current": { + "selected": true, + "text": "kubecost", + "value": "kubecost" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_namespace_labels,namespace)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "namespace", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_namespace_labels,namespace)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "${datasource}" + }, + "definition": "label_values(kube_pod_owner{namespace=~\"$namespace\"},pod)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "pod", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_pod_owner{namespace=~\"$namespace\"},pod)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + }, + { + "current": { + "selected": false, + "text": "All", + "value": "$__all" + }, + "datasource": { + "type": "prometheus", + "uid": "PBFA97CFB590B2093" + }, + "definition": "label_values({namespace=~\"$namespace\", pod=~\"$pod\"},container)", + "hide": 0, + "includeAll": true, + "multi": false, + "name": "container", + "options": [], + "query": { + "qryType": 1, + "query": "label_values({namespace=~\"$namespace\", pod=~\"$pod\"},container)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 5, + "type": "query" + } + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Workload Metrics", + "uid": "kubecost-workload-metrics", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/questions.yaml b/charts/kubecost/cost-analyzer/2.4.0/questions.yaml new file mode 100644 index 0000000000..7717d04dc4 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/questions.yaml @@ -0,0 +1,187 @@ +questions: + # General Settings + - variable: kubecostProductConfigs.clusterName + label: Cluster Name + description: "Used for display in the cost-analyzer UI (Can be renamed in the UI)" + type: string + required: true + default: "" + group: General Settings + - variable: persistentVolume.enabled + label: Enable Persistent Volume for CostAnalyzer + description: "If true, Kubecost will create a Persistent Volume Claim for product config data" + type: boolean + default: false + show_subquestion_if: true + group: "General Settings" + subquestions: + - variable: persistentVolume.size + label: CostAnalyzer Persistent Volume Size + type: string + default: "0.2Gi" + # Amazon EKS + - variable: AmazonEKS.enabled + label: Amazon EKS cluster + description: "If true, Kubecost will be installed with the images and helm chart from https://gallery.ecr.aws/kubecost/" + type: boolean + default: false + show_subquestion_if: true + group: General Settings + subquestions: + - variable: kubecostFrontend.image + label: Kubecost frontend image for Amazon EKS + description: "Use this image for the Amazon EKS cluster: public.ecr.aws/kubecost/frontend" + type: string + default: "" + - variable: kubecostModel.image + label: Kubecost cost-model image for Amazon EKS + description: "Use this image for the Amazon EKS cluster: public.ecr.aws/kubecost/cost-model" + type: string + default: "" + - variable: prometheus.server.image.repository + label: Kubecost Prometheus image for Amazon EKS + description: "Use this image for the Amazon EKS cluster: public.ecr.aws/kubecost/prometheus" + type: string + default: "" + - variable: prometheus.server.image.tag + label: Kubecost Prometheus image tag for Amazon EKS + type: string + default: "v2.35.0" + # Prometheus Server + - variable: global.prometheus.enabled + label: Enable Prometheus + description: If false, use an existing Prometheus install + type: boolean + default: true + group: "Prometheus" + - variable: prometheus.kubeStateMetrics.enabled + label: Enable KubeStateMetrics + description: "If true, deploy kube-state-metrics for Kubernetes metrics" + type: boolean + default: true + show_if: "global.prometheus.enabled=true" + group: "Prometheus" + - variable: prometheus.server.retention + label: Prometheus Server Retention + description: "Determines when to remove old data" + type: string + default: "15d" + show_if: "global.prometheus.enabled=true" + group: "Prometheus" + - variable: prometheus.server.persistentVolume.enabled + label: Create Persistent Volume for Prometheus + description: "If true, prometheus will create a persistent volume claim" + type: boolean + required: true + default: false + group: "Prometheus" + show_if: "global.prometheus.enabled=true" + show_subquestion_if: true + subquestions: + - variable: prometheus.server.persistentVolume.size + label: Prometheus Persistent Volume Size + type: string + default: "8Gi" + - variable: prometheus.server.persistentVolume.storageClass + label: Prometheus Persistent Volume StorageClass + description: "Prometheus data persistent volume storageClass, if not set use default StorageClass" + default: "" + type: storageclass + - variable: prometheus.server.persistentVolume.existingClaim + label: Existing Persistent Volume Claim for Prometheus + description: "If not empty, uses the specified existing PVC instead of creating new one" + type: pvc + default: "" + + # Prometheus Node Exporter + - variable: prometheus.nodeExporter.enabled + label: Enable NodeExporter + description: "If false, do not create NodeExporter daemonset" + type: boolean + default: true + group: "NodeExporter" + - variable: prometheus.serviceAccounts.nodeExporter.create + label: Enable Service Accounts NodeExporter + description: "If false, do not create NodeExporter daemonset" + type: boolean + default: true + group: "NodeExporter" + + # Prometheus AlertManager + - variable: prometheus.alertmanager.enabled + label: Enable AlertManager + type: boolean + default: false + group: "AlertManager" + - variable: prometheus.alertmanager.persistentVolume.enabled + label: Create Persistent Volume for AlertManager + description: "If true, alertmanager will create a persistent volume claim" + type: boolean + required: true + default: false + group: "AlertManager" + show_if: "prometheus.alertmanager.enabled=true" + show_subquestion_if: true + subquestions: + - variable: prometheus.alertmanager.persistentVolume.size + default: "2Gi" + description: "AlertManager data persistent volume size" + type: string + label: AlertManager Persistent Volume Size + - variable: prometheus.alertmanager.persistentVolume.storageClass + default: "" + description: "Alertmanager data persistent volume storageClass, if not set use default StorageClass" + type: storageclass + label: AlertManager Persistent Volume StorageClass + - variable: prometheus.alertmanager.persistentVolume.existingClaim + default: "" + description: "If not empty, uses the specified existing PVC instead of creating new one" + type: pvc + label: Existing Persistent Volume Claim for AlertManager + + # PushGateway + - variable: prometheus.pushgateway.enabled + label: Enable PushGateway + type: boolean + default: false + group: "PushGateway" + - variable: prometheus.pushgateway.persistentVolume.enabled + label: Create Persistent Volume for PushGateway + description: "If true, PushGateway will create a persistent volume claim" + required: true + type: boolean + default: false + group: "PushGateway" + show_if: "prometheus.pushgateway.enabled=true" + show_subquestion_if: true + subquestions: + - variable: prometheus.prometheus.pushgateway.persistentVolume.size + label: PushGateway Persistent Volume Size + type: string + default: "2Gi" + - variable: prometheus.pushgateway.persistentVolume.storageClass + label: PushGateway Persistent Volume StorageClass + description: "PushGateway data persistent volume storageClass, if not set use default StorageClass" + type: storageclass + default: "" + - variable: prometheus.pushgateway.persistentVolume.existingClaim + label: Existing Persistent Volume Claim for PushGateway + description: "If not empty, uses the specified existing PVC instead of creating new one" + type: pvc + default: "" + + # Services and Load Balancing + - variable: ingress.enabled + label: Enable Ingress + description: "Expose app using Ingress (Layer 7 Load Balancer)" + default: false + type: boolean + show_subquestion_if: true + group: "Services and Load Balancing" + subquestions: + - variable: ingress.hosts[0] + default: "xip.io" + description: "Hostname to your CostAnalyzer installation" + type: hostname + required: true + label: Hostname diff --git a/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-aws.yaml b/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-aws.yaml new file mode 100644 index 0000000000..e86af6dc47 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-aws.yaml @@ -0,0 +1,790 @@ +kubecostProductConfigs: + savingsRecommendationsAllowLists: + AWS: + - a1.2xlarge + - a1.4xlarge + - a1.large + - a1.medium + - a1.metal + - a1.xlarge + - c1.medium + - c1.xlarge + - c3.2xlarge + - c3.4xlarge + - c3.8xlarge + - c3.large + - c3.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - c4.large + - c4.xlarge + - c5.12xlarge + - c5.18xlarge + - c5.24xlarge + - c5.2xlarge + - c5.4xlarge + - c5.9xlarge + - c5.large + - c5.metal + - c5.xlarge + - c5a.12xlarge + - c5a.16xlarge + - c5a.24xlarge + - c5a.2xlarge + - c5a.4xlarge + - c5a.8xlarge + - c5a.large + - c5a.xlarge + - c5ad.12xlarge + - c5ad.16xlarge + - c5ad.24xlarge + - c5ad.2xlarge + - c5ad.4xlarge + - c5ad.8xlarge + - c5ad.large + - c5ad.xlarge + - c5d.12xlarge + - c5d.18xlarge + - c5d.24xlarge + - c5d.2xlarge + - c5d.4xlarge + - c5d.9xlarge + - c5d.large + - c5d.metal + - c5d.xlarge + - c5n.18xlarge + - c5n.2xlarge + - c5n.4xlarge + - c5n.9xlarge + - c5n.large + - c5n.metal + - c5n.xlarge + - c6a.12xlarge + - c6a.16xlarge + - c6a.24xlarge + - c6a.2xlarge + - c6a.32xlarge + - c6a.48xlarge + - c6a.4xlarge + - c6a.8xlarge + - c6a.large + - c6a.metal + - c6a.xlarge + - c6g.12xlarge + - c6g.16xlarge + - c6g.2xlarge + - c6g.4xlarge + - c6g.8xlarge + - c6g.large + - c6g.medium + - c6g.metal + - c6g.xlarge + - c6gd.12xlarge + - c6gd.16xlarge + - c6gd.2xlarge + - c6gd.4xlarge + - c6gd.8xlarge + - c6gd.large + - c6gd.medium + - c6gd.metal + - c6gd.xlarge + - c6gn.12xlarge + - c6gn.16xlarge + - c6gn.2xlarge + - c6gn.4xlarge + - c6gn.8xlarge + - c6gn.large + - c6gn.medium + - c6gn.xlarge + - c6i.12xlarge + - c6i.16xlarge + - c6i.24xlarge + - c6i.2xlarge + - c6i.32xlarge + - c6i.4xlarge + - c6i.8xlarge + - c6i.large + - c6i.metal + - c6i.xlarge + - c6id.12xlarge + - c6id.16xlarge + - c6id.24xlarge + - c6id.2xlarge + - c6id.32xlarge + - c6id.4xlarge + - c6id.8xlarge + - c6id.large + - c6id.metal + - c6id.xlarge + - c6in.12xlarge + - c6in.16xlarge + - c6in.24xlarge + - c6in.2xlarge + - c6in.32xlarge + - c6in.4xlarge + - c6in.8xlarge + - c6in.large + - c6in.metal + - c6in.xlarge + - c7a.12xlarge + - c7a.16xlarge + - c7a.24xlarge + - c7a.2xlarge + - c7a.32xlarge + - c7a.48xlarge + - c7a.4xlarge + - c7a.8xlarge + - c7a.large + - c7a.medium + - c7a.metal-48xl + - c7a.xlarge + - c7g.12xlarge + - c7g.16xlarge + - c7g.2xlarge + - c7g.4xlarge + - c7g.8xlarge + - c7g.large + - c7g.medium + - c7g.metal + - c7g.xlarge + - c7gd.12xlarge + - c7gd.16xlarge + - c7gd.2xlarge + - c7gd.4xlarge + - c7gd.8xlarge + - c7gd.large + - c7gd.medium + - c7gd.metal + - c7gd.xlarge + - c7gn.12xlarge + - c7gn.16xlarge + - c7gn.2xlarge + - c7gn.4xlarge + - c7gn.8xlarge + - c7gn.large + - c7gn.medium + - c7gn.metal + - c7gn.xlarge + - c7i-flex.2xlarge + - c7i-flex.4xlarge + - c7i-flex.8xlarge + - c7i-flex.large + - c7i-flex.xlarge + - c7i.12xlarge + - c7i.16xlarge + - c7i.24xlarge + - c7i.2xlarge + - c7i.48xlarge + - c7i.4xlarge + - c7i.8xlarge + - c7i.large + - c7i.metal-24xl + - c7i.metal-48xl + - c7i.xlarge + - d2.2xlarge + - d2.4xlarge + - d2.8xlarge + - d2.xlarge + - d3.2xlarge + - d3.4xlarge + - d3.8xlarge + - d3.xlarge + - d3en.12xlarge + - d3en.2xlarge + - d3en.4xlarge + - d3en.6xlarge + - d3en.8xlarge + - d3en.xlarge + - dl1.24xlarge + - dl2q.24xlarge + - f1.16xlarge + - f1.2xlarge + - f1.4xlarge + - g3.16xlarge + - g3.4xlarge + - g3.8xlarge + - g3s.xlarge + - g4ad.16xlarge + - g4ad.2xlarge + - g4ad.4xlarge + - g4ad.8xlarge + - g4ad.xlarge + - g4dn.12xlarge + - g4dn.16xlarge + - g4dn.2xlarge + - g4dn.4xlarge + - g4dn.8xlarge + - g4dn.metal + - g4dn.xlarge + - g5.12xlarge + - g5.16xlarge + - g5.24xlarge + - g5.2xlarge + - g5.48xlarge + - g5.4xlarge + - g5.8xlarge + - g5.xlarge + - g5g.16xlarge + - g5g.2xlarge + - g5g.4xlarge + - g5g.8xlarge + - g5g.metal + - g5g.xlarge + - g6.12xlarge + - g6.16xlarge + - g6.24xlarge + - g6.2xlarge + - g6.48xlarge + - g6.4xlarge + - g6.8xlarge + - g6.xlarge + - g6e.12xlarge + - g6e.16xlarge + - g6e.24xlarge + - g6e.2xlarge + - g6e.48xlarge + - g6e.4xlarge + - g6e.8xlarge + - g6e.xlarge + - gr6.4xlarge + - gr6.8xlarge + - h1.16xlarge + - h1.2xlarge + - h1.4xlarge + - h1.8xlarge + - i2.2xlarge + - i2.4xlarge + - i2.8xlarge + - i2.xlarge + - i3.16xlarge + - i3.2xlarge + - i3.4xlarge + - i3.8xlarge + - i3.large + - i3.metal + - i3.xlarge + - i3en.12xlarge + - i3en.24xlarge + - i3en.2xlarge + - i3en.3xlarge + - i3en.6xlarge + - i3en.large + - i3en.metal + - i3en.xlarge + - i4g.16xlarge + - i4g.2xlarge + - i4g.4xlarge + - i4g.8xlarge + - i4g.large + - i4g.xlarge + - i4i.12xlarge + - i4i.16xlarge + - i4i.24xlarge + - i4i.2xlarge + - i4i.32xlarge + - i4i.4xlarge + - i4i.8xlarge + - i4i.large + - i4i.metal + - i4i.xlarge + - im4gn.16xlarge + - im4gn.2xlarge + - im4gn.4xlarge + - im4gn.8xlarge + - im4gn.large + - im4gn.xlarge + - inf1.24xlarge + - inf1.2xlarge + - inf1.6xlarge + - inf1.xlarge + - inf2.24xlarge + - inf2.48xlarge + - inf2.8xlarge + - inf2.xlarge + - is4gen.2xlarge + - is4gen.4xlarge + - is4gen.8xlarge + - is4gen.large + - is4gen.medium + - is4gen.xlarge + - m1.large + - m1.medium + - m1.small + - m1.xlarge + - m2.2xlarge + - m2.4xlarge + - m2.xlarge + - m3.2xlarge + - m3.large + - m3.medium + - m3.xlarge + - m4.10xlarge + - m4.16xlarge + - m4.2xlarge + - m4.4xlarge + - m4.large + - m4.xlarge + - m5.12xlarge + - m5.16xlarge + - m5.24xlarge + - m5.2xlarge + - m5.4xlarge + - m5.8xlarge + - m5.large + - m5.metal + - m5.xlarge + - m5a.12xlarge + - m5a.16xlarge + - m5a.24xlarge + - m5a.2xlarge + - m5a.4xlarge + - m5a.8xlarge + - m5a.large + - m5a.xlarge + - m5ad.12xlarge + - m5ad.16xlarge + - m5ad.24xlarge + - m5ad.2xlarge + - m5ad.4xlarge + - m5ad.8xlarge + - m5ad.large + - m5ad.xlarge + - m5d.12xlarge + - m5d.16xlarge + - m5d.24xlarge + - m5d.2xlarge + - m5d.4xlarge + - m5d.8xlarge + - m5d.large + - m5d.metal + - m5d.xlarge + - m5dn.12xlarge + - m5dn.16xlarge + - m5dn.24xlarge + - m5dn.2xlarge + - m5dn.4xlarge + - m5dn.8xlarge + - m5dn.large + - m5dn.metal + - m5dn.xlarge + - m5n.12xlarge + - m5n.16xlarge + - m5n.24xlarge + - m5n.2xlarge + - m5n.4xlarge + - m5n.8xlarge + - m5n.large + - m5n.metal + - m5n.xlarge + - m5zn.12xlarge + - m5zn.2xlarge + - m5zn.3xlarge + - m5zn.6xlarge + - m5zn.large + - m5zn.metal + - m5zn.xlarge + - m6a.12xlarge + - m6a.16xlarge + - m6a.24xlarge + - m6a.2xlarge + - m6a.32xlarge + - m6a.48xlarge + - m6a.4xlarge + - m6a.8xlarge + - m6a.large + - m6a.metal + - m6a.xlarge + - m6g.12xlarge + - m6g.16xlarge + - m6g.2xlarge + - m6g.4xlarge + - m6g.8xlarge + - m6g.large + - m6g.medium + - m6g.metal + - m6g.xlarge + - m6gd.12xlarge + - m6gd.16xlarge + - m6gd.2xlarge + - m6gd.4xlarge + - m6gd.8xlarge + - m6gd.large + - m6gd.medium + - m6gd.metal + - m6gd.xlarge + - m6i.12xlarge + - m6i.16xlarge + - m6i.24xlarge + - m6i.2xlarge + - m6i.32xlarge + - m6i.4xlarge + - m6i.8xlarge + - m6i.large + - m6i.metal + - m6i.xlarge + - m6id.12xlarge + - m6id.16xlarge + - m6id.24xlarge + - m6id.2xlarge + - m6id.32xlarge + - m6id.4xlarge + - m6id.8xlarge + - m6id.large + - m6id.metal + - m6id.xlarge + - m6idn.12xlarge + - m6idn.16xlarge + - m6idn.24xlarge + - m6idn.2xlarge + - m6idn.32xlarge + - m6idn.4xlarge + - m6idn.8xlarge + - m6idn.large + - m6idn.metal + - m6idn.xlarge + - m6in.12xlarge + - m6in.16xlarge + - m6in.24xlarge + - m6in.2xlarge + - m6in.32xlarge + - m6in.4xlarge + - m6in.8xlarge + - m6in.large + - m6in.metal + - m6in.xlarge + - m7a.12xlarge + - m7a.16xlarge + - m7a.24xlarge + - m7a.2xlarge + - m7a.32xlarge + - m7a.48xlarge + - m7a.4xlarge + - m7a.8xlarge + - m7a.large + - m7a.medium + - m7a.metal-48xl + - m7a.xlarge + - m7g.12xlarge + - m7g.16xlarge + - m7g.2xlarge + - m7g.4xlarge + - m7g.8xlarge + - m7g.large + - m7g.medium + - m7g.metal + - m7g.xlarge + - m7gd.12xlarge + - m7gd.16xlarge + - m7gd.2xlarge + - m7gd.4xlarge + - m7gd.8xlarge + - m7gd.large + - m7gd.medium + - m7gd.metal + - m7gd.xlarge + - m7i-flex.2xlarge + - m7i-flex.4xlarge + - m7i-flex.8xlarge + - m7i-flex.large + - m7i-flex.xlarge + - m7i.12xlarge + - m7i.16xlarge + - m7i.24xlarge + - m7i.2xlarge + - m7i.48xlarge + - m7i.4xlarge + - m7i.8xlarge + - m7i.large + - m7i.metal-24xl + - m7i.metal-48xl + - m7i.xlarge + - p2.16xlarge + - p2.8xlarge + - p2.xlarge + - p3.16xlarge + - p3.2xlarge + - p3.8xlarge + - p3dn.24xlarge + - p4d.24xlarge + - p5.48xlarge + - r3.2xlarge + - r3.4xlarge + - r3.8xlarge + - r3.large + - r3.xlarge + - r4.16xlarge + - r4.2xlarge + - r4.4xlarge + - r4.8xlarge + - r4.large + - r4.xlarge + - r5.12xlarge + - r5.16xlarge + - r5.24xlarge + - r5.2xlarge + - r5.4xlarge + - r5.8xlarge + - r5.large + - r5.metal + - r5.xlarge + - r5a.12xlarge + - r5a.16xlarge + - r5a.24xlarge + - r5a.2xlarge + - r5a.4xlarge + - r5a.8xlarge + - r5a.large + - r5a.xlarge + - r5ad.12xlarge + - r5ad.16xlarge + - r5ad.24xlarge + - r5ad.2xlarge + - r5ad.4xlarge + - r5ad.8xlarge + - r5ad.large + - r5ad.xlarge + - r5b.12xlarge + - r5b.16xlarge + - r5b.24xlarge + - r5b.2xlarge + - r5b.4xlarge + - r5b.8xlarge + - r5b.large + - r5b.metal + - r5b.xlarge + - r5d.12xlarge + - r5d.16xlarge + - r5d.24xlarge + - r5d.2xlarge + - r5d.4xlarge + - r5d.8xlarge + - r5d.large + - r5d.metal + - r5d.xlarge + - r5dn.12xlarge + - r5dn.16xlarge + - r5dn.24xlarge + - r5dn.2xlarge + - r5dn.4xlarge + - r5dn.8xlarge + - r5dn.large + - r5dn.metal + - r5dn.xlarge + - r5n.12xlarge + - r5n.16xlarge + - r5n.24xlarge + - r5n.2xlarge + - r5n.4xlarge + - r5n.8xlarge + - r5n.large + - r5n.metal + - r5n.xlarge + - r6a.12xlarge + - r6a.16xlarge + - r6a.24xlarge + - r6a.2xlarge + - r6a.32xlarge + - r6a.48xlarge + - r6a.4xlarge + - r6a.8xlarge + - r6a.large + - r6a.metal + - r6a.xlarge + - r6g.12xlarge + - r6g.16xlarge + - r6g.2xlarge + - r6g.4xlarge + - r6g.8xlarge + - r6g.large + - r6g.medium + - r6g.metal + - r6g.xlarge + - r6gd.12xlarge + - r6gd.16xlarge + - r6gd.2xlarge + - r6gd.4xlarge + - r6gd.8xlarge + - r6gd.large + - r6gd.medium + - r6gd.metal + - r6gd.xlarge + - r6i.12xlarge + - r6i.16xlarge + - r6i.24xlarge + - r6i.2xlarge + - r6i.32xlarge + - r6i.4xlarge + - r6i.8xlarge + - r6i.large + - r6i.metal + - r6i.xlarge + - r6id.12xlarge + - r6id.16xlarge + - r6id.24xlarge + - r6id.2xlarge + - r6id.32xlarge + - r6id.4xlarge + - r6id.8xlarge + - r6id.large + - r6id.metal + - r6id.xlarge + - r6idn.12xlarge + - r6idn.16xlarge + - r6idn.24xlarge + - r6idn.2xlarge + - r6idn.32xlarge + - r6idn.4xlarge + - r6idn.8xlarge + - r6idn.large + - r6idn.metal + - r6idn.xlarge + - r6in.12xlarge + - r6in.16xlarge + - r6in.24xlarge + - r6in.2xlarge + - r6in.32xlarge + - r6in.4xlarge + - r6in.8xlarge + - r6in.large + - r6in.metal + - r6in.xlarge + - r7a.12xlarge + - r7a.16xlarge + - r7a.24xlarge + - r7a.2xlarge + - r7a.32xlarge + - r7a.48xlarge + - r7a.4xlarge + - r7a.8xlarge + - r7a.large + - r7a.medium + - r7a.metal-48xl + - r7a.xlarge + - r7g.12xlarge + - r7g.16xlarge + - r7g.2xlarge + - r7g.4xlarge + - r7g.8xlarge + - r7g.large + - r7g.medium + - r7g.metal + - r7g.xlarge + - r7gd.12xlarge + - r7gd.16xlarge + - r7gd.2xlarge + - r7gd.4xlarge + - r7gd.8xlarge + - r7gd.large + - r7gd.medium + - r7gd.metal + - r7gd.xlarge + - r7i.12xlarge + - r7i.16xlarge + - r7i.24xlarge + - r7i.2xlarge + - r7i.48xlarge + - r7i.4xlarge + - r7i.8xlarge + - r7i.large + - r7i.metal-24xl + - r7i.metal-48xl + - r7i.xlarge + - r7iz.12xlarge + - r7iz.16xlarge + - r7iz.2xlarge + - r7iz.32xlarge + - r7iz.4xlarge + - r7iz.8xlarge + - r7iz.large + - r7iz.metal-16xl + - r7iz.metal-32xl + - r7iz.xlarge + - r8g.12xlarge + - r8g.16xlarge + - r8g.24xlarge + - r8g.2xlarge + - r8g.48xlarge + - r8g.4xlarge + - r8g.8xlarge + - r8g.large + - r8g.medium + - r8g.metal-24xl + - r8g.metal-48xl + - r8g.xlarge + - t1.micro + - t2.2xlarge + - t2.large + - t2.medium + - t2.micro + - t2.small + - t2.xlarge + - t3.2xlarge + - t3.large + - t3.medium + - t3.micro + - t3.nano + - t3.small + - t3.xlarge + - t3a.2xlarge + - t3a.large + - t3a.medium + - t3a.micro + - t3a.nano + - t3a.small + - t3a.xlarge + - t4g.2xlarge + - t4g.large + - t4g.medium + - t4g.micro + - t4g.nano + - t4g.small + - t4g.xlarge + - trn1.2xlarge + - trn1.32xlarge + - trn1n.32xlarge + - vt1.24xlarge + - vt1.3xlarge + - vt1.6xlarge + - x1.16xlarge + - x1.32xlarge + - x1e.16xlarge + - x1e.2xlarge + - x1e.32xlarge + - x1e.4xlarge + - x1e.8xlarge + - x1e.xlarge + - x2gd.12xlarge + - x2gd.16xlarge + - x2gd.2xlarge + - x2gd.4xlarge + - x2gd.8xlarge + - x2gd.large + - x2gd.medium + - x2gd.metal + - x2gd.xlarge + - x2idn.16xlarge + - x2idn.24xlarge + - x2idn.32xlarge + - x2idn.metal + - x2iedn.16xlarge + - x2iedn.24xlarge + - x2iedn.2xlarge + - x2iedn.32xlarge + - x2iedn.4xlarge + - x2iedn.8xlarge + - x2iedn.metal + - x2iedn.xlarge + - x2iezn.12xlarge + - x2iezn.2xlarge + - x2iezn.4xlarge + - x2iezn.6xlarge + - x2iezn.8xlarge + - x2iezn.metal + - z1d.12xlarge + - z1d.2xlarge + - z1d.3xlarge + - z1d.6xlarge + - z1d.large + - z1d.metal + - z1d.xlarge \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-azure.yaml b/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-azure.yaml new file mode 100644 index 0000000000..e324c53a00 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-azure.yaml @@ -0,0 +1,283 @@ +kubecostProductConfigs: + savingsRecommendationsAllowLists: + Azure: + - A1 v2 + - A2 v2 + - A2m v2 + - A4 v2 + - A4m v2 + - A8 v2 + - A8m v2 + - B12ms + - B16ms + - B1ls + - B1ms + - B1s + - B20ms + - B2ms + - B2s + - B4ms + - B8ms + - D1 v2 + - D11 v2 + - D12 v2 + - D13 v2 + - D14 v2 + - D15 v2 + - D15i v2 + - D16 v3 + - D16 v4 + - D16a v4 + - D16as v4 + - D16d v4 + - D16ds v4 + - D16ds v5 + - D16s v3 + - D16s v4 + - D16s v5 + - D2 v2 + - D2 v3 + - D2 v4 + - D2a v4 + - D2as v4 + - D2d v4 + - D2ds v4 + - D2ds v5 + - D2s v3 + - D2s v4 + - D2s v5 + - D3 v2 + - D32 v3 + - D32 v4 + - D32a v4 + - D32as v4 + - D32d v4 + - D32ds v4 + - D32ds v5 + - D32s v3 + - D32s v4 + - D32s v5 + - D4 v2 + - D4 v3 + - D4 v4 + - D48 v3 + - D48 v4 + - D48a v4 + - D48as v4 + - D48d v4 + - D48ds v4 + - D48ds v5 + - D48s v3 + - D48s v4 + - D48s v5 + - D4a v4 + - D4as v4 + - D4d v4 + - D4ds v4 + - D4ds v5 + - D4s v3 + - D4s v4 + - D4s v5 + - D5 v2 + - D64 v3 + - D64 v4 + - D64a v4 + - D64as v4 + - D64d v4 + - D64ds v4 + - D64ds v5 + - D64s v3 + - D64s v4 + - D64s v5 + - D8 v3 + - D8 v4 + - D8a v4 + - D8as v4 + - D8d v4 + - D8ds v4 + - D8ds v5 + - D8s v3 + - D8s v4 + - D8s v5 + - D96a v4 + - D96as v4 + - D96ds v5 + - D96s v5 + - DC1s v2 + - DC2s v2 + - DC4s v2 + - DC8 v2 + - DS1 v2 + - DS11 v2 + - DS12 v2 + - DS13 v2 + - DS14 v2 + - DS15 v2 + - DS15i v2 + - DS2 v2 + - DS3 v2 + - DS4 v2 + - DS5 v2 + - E16 v3 + - E16 v4 + - E16a v4 + - E16as v4 + - E16d v4 + - E16ds v4 + - E16s v3 + - E16s v4 + - E2 v3 + - E2 v4 + - E20 v3 + - E20a v4 + - E20as v4 + - E20d v4 + - E20ds v4 + - E20s v3 + - E20s v4 + - E2a v4 + - E2as v4 + - E2d v4 + - E2ds v4 + - E2s v3 + - E2s v4 + - E32 v3 + - E32 v4 + - E32a v4 + - E32as v4 + - E32d v4 + - E32ds v4 + - E32s v3 + - E32s v4 + - E4 v3 + - E4 v4 + - E48 v3 + - E48 v4 + - E48a v4 + - E48as v4 + - E48d v4 + - E48ds v4 + - E48s v3 + - E48s v4 + - E4a v4 + - E4as v4 + - E4d v4 + - E4ds v4 + - E4s v3 + - E4s v4 + - E64 v3 + - E64 v4 + - E64a v4 + - E64as v4 + - E64d v4 + - E64ds v4 + - E64i v3 + - E64is v3 + - E64s v3 + - E64s v4 + - E8 v3 + - E8 v4 + - E80ids v4 + - E80is v4 + - E8a v4 + - E8as v4 + - E8d v4 + - E8ds v4 + - E8s v3 + - E8s v4 + - E96a v4 + - E96as v4 + - F1 + - F16 + - F16s + - F16s v2 + - F1s + - F2 + - F2s + - F2s v2 + - F32s v2 + - F4 + - F48s v2 + - F4s + - F4s v2 + - F64s v2 + - F72s v2 + - F8 + - F8s + - F8s v2 + - G1 + - G2 + - G3 + - G4 + - G5 + - GS1 + - GS2 + - GS3 + - GS4 + - GS5 + - H16 + - H16m + - H16mr + - H16r + - H8 + - H8m + - HB120rs v2 + - HC44rs + - L16s + - L16s v2 + - L32s + - L32s v2 + - L48s v2 + - L4s + - L64s v2 + - L80s v2 + - L8s + - L8s v2 + - M128 + - M128m + - M128ms + - M128s + - M16ms + - M208ms v2 + - M208s v2 + - M32ls + - M32ms + - M32ts + - M416ms v2 + - M416s v2 + - M64 + - M64ls + - M64m + - M64ms + - M64s + - M8ms + - NC12 + - NC12s v2 + - NC12s v3 + - NC16as T4 v3 + - NC24 + - NC24r + - NC24rs v2 + - NC24rs v3 + - NC24s v2 + - NC24s v3 + - NC4as T4 v3 + - NC6 + - NC64as T4 v3 + - NC6s v2 + - NC6s v3 + - NC8as T4 v3 + - ND12s + - ND24rs + - ND24s + - ND40rs v2 + - ND6s + - NP10s + - NP20s + - NP40s + - NV12 + - NV12s v3 + - NV24 + - NV24s v3 + - NV48s v3 + - NV6 \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-gcp.yaml b/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-gcp.yaml new file mode 100644 index 0000000000..2de05f0b43 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/savings-recommendations-allow-lists-gcp.yaml @@ -0,0 +1,76 @@ +kubecostProductConfigs: + savingsRecommendationsAllowLists: + GCP: + - e2-highcpu-2 + - e2-highcpu-4 + - e2-highcpu-8 + - e2-highcpu-16 + - e2-highcpu-32 + - e2-highmem-2 + - e2-highmem-4 + - e2-highmem-8 + - e2-highmem-16 + - e2-micro + - e2-small + - e2-medium + - e2-standard-2 + - e2-standard-4 + - e2-standard-8 + - e2-standard-16 + - e2-standard-32 + - f1-micro + - g1-small + - m1-megamem-96 + - m1-ultramem-40 + - m1-ultramem-80 + - m1-ultramem-160 + - n1-highcpu-2 + - n1-highcpu-4 + - n1-highcpu-8 + - n1-highcpu-16 + - n1-highcpu-32 + - n1-highcpu-64 + - n1-highcpu-96 + - n1-highmem-2 + - n1-highmem-4 + - n1-highmem-8 + - n1-highmem-16 + - n1-highmem-32 + - n1-highmem-64 + - n1-highmem-96 + - n1-megamem-96 + - n1-standard-1 + - n1-standard-2 + - n1-standard-4 + - n1-standard-8 + - n1-standard-16 + - n1-standard-32 + - n1-standard-64 + - n1-standard-96 + - n1-ultramem-40 + - n1-ultramem-80 + - n1-ultramem-160 + - n2-highcpu-2 + - n2-highcpu-4 + - n2-highcpu-8 + - n2-highcpu-16 + - n2-highcpu-32 + - n2-highcpu-48 + - n2-highcpu-64 + - n2-highcpu-80 + - n2-highmem-2 + - n2-highmem-4 + - n2-highmem-8 + - n2-highmem-16 + - n2-highmem-32 + - n2-highmem-48 + - n2-highmem-64 + - n2-highmem-80 + - n2-standard-2 + - n2-standard-4 + - n2-standard-8 + - n2-standard-16 + - n2-standard-32 + - n2-standard-48 + - n2-standard-64 + - n2-standard-80 \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/scripts/create-admission-controller-tls.sh b/charts/kubecost/cost-analyzer/2.4.0/scripts/create-admission-controller-tls.sh new file mode 100644 index 0000000000..2290cadd1b --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/scripts/create-admission-controller-tls.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +set -eo pipefail + +if [ -z "$1" ]; then + namespace=kubecost +else + namespace="$1" +fi + +echo -e "\nCreating certificates ..." +mkdir certs +openssl genrsa -out certs/tls.key 2048 +openssl req -new -key certs/tls.key -out certs/tls.csr -subj "/CN=webhook-server.${namespace}.svc" +openssl x509 -req -days 500 -extfile <(printf "subjectAltName=DNS:webhook-server.%s.svc" "${namespace}") -in certs/tls.csr -signkey certs/tls.key -out certs/tls.crt + +echo -e "\nCreating Webhook Server TLS Secret ..." +kubectl create secret tls webhook-server-tls \ + --cert "certs/tls.crt" \ + --key "certs/tls.key" -n "${namespace}" + +ENCODED_CA=$(base64 < certs/tls.crt | tr -d '\n') + +if [ -f "../values.yaml" ]; then + echo -e "\nUpdating values.yaml ..." + sed -i '' 's@${CA_BUNDLE}@'"${ENCODED_CA}"'@g' ../values.yaml +else + echo -e "\nThe CA bundle to use in your values file is: \n${ENCODED_CA}" +fi \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/NOTES.txt b/charts/kubecost/cost-analyzer/2.4.0/templates/NOTES.txt new file mode 100644 index 0000000000..bdb83d549b --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/NOTES.txt @@ -0,0 +1,28 @@ +-------------------------------------------------- +{{- include "kubecostV2-preconditions" . -}} +{{- include "cloudIntegrationSourceCheck" . -}} +{{- include "eksCheck" . -}} +{{- include "cloudIntegrationSecretCheck" . -}} +{{- include "gcpCloudIntegrationCheck" . -}} +{{- include "azureCloudIntegrationCheck" . -}} +{{- include "federatedStorageConfigSecretCheck" . -}} +{{- include "federatedStorageSourceCheck" . -}} +{{- include "prometheusRetentionCheck" . -}} +{{- include "clusterIDCheck" . -}} + +{{- $servicePort := .Values.service.port | default 9090 }} +Kubecost {{ .Chart.Version }} has been successfully installed. + +Kubecost 2.x is a major upgrade from previous versions and includes major new features including a brand new API Backend. Please review the following documentation to ensure a smooth transition: https://docs.kubecost.com/install-and-configure/install/kubecostv2 + +When pods are Ready, you can enable port-forwarding with the following command: + + kubectl port-forward --namespace {{ .Release.Namespace }} deployment/{{ template "cost-analyzer.fullname" . }} {{ $servicePort }} + +Then, navigate to http://localhost:{{ $servicePort }} in a web browser. + +Please allow 25 minutes for Kubecost to gather metrics. A progress indicator will appear at the top of the UI. + +Having installation issues? View our Troubleshooting Guide at http://docs.kubecost.com/troubleshoot-install + +{{- include "kubecostV2-3-notices" . -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/_helpers.tpl b/charts/kubecost/cost-analyzer/2.4.0/templates/_helpers.tpl new file mode 100644 index 0000000000..513c8011ac --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/_helpers.tpl @@ -0,0 +1,1529 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Set important variables before starting main templates +*/}} +{{- define "aggregator.deployMethod" -}} + {{- if (.Values.federatedETL).primaryCluster }} + {{- printf "statefulset" }} + {{- else if or ((.Values.federatedETL).agentOnly) (.Values.agent) (.Values.cloudAgent) }} + {{- printf "disabled" }} + {{- else if (not .Values.kubecostAggregator) }} + {{- printf "singlepod" }} + {{- else if .Values.kubecostAggregator.enabled }} + {{- printf "statefulset" }} + {{- else if eq .Values.kubecostAggregator.deployMethod "singlepod" }} + {{- printf "singlepod" }} + {{- else if eq .Values.kubecostAggregator.deployMethod "statefulset" }} + {{- printf "statefulset" }} + {{- else if eq .Values.kubecostAggregator.deployMethod "disabled" }} + {{- printf "disabled" }} + {{- else }} + {{- fail "Unknown kubecostAggregator.deployMethod value" }} + {{- end }} +{{- end }} + +{{- define "frontend.deployMethod" -}} + {{- if eq .Values.kubecostFrontend.deployMethod "haMode" -}} + {{- printf "haMode" -}} + {{- else -}} + {{- printf "singlepod" -}} + {{- end -}} +{{- end -}} + +{{/* +Kubecost 2.3 notices +*/}} +{{- define "kubecostV2-3-notices" -}} + {{- if (.Values.kubecostAggregator).env -}} + {{- printf "\n\n\nNotice: Issue in values detected.\nKubecost 2.3 has updated the aggregator's environment variables. Please update your Helm values to use the new key pairs.\nFor more information, see: https://docs.kubecost.com/install-and-configure/install/multi-cluster/federated-etl/aggregator#aggregator-optimizations\nIn Kubecost 2.3, kubecostAggregator.env is no longer used in favor of the new key pairs. This was done to prevent unexpected behavior and to simplify the aggregator's configuration." -}} + {{- end -}} +{{- end -}} + +{{/* +Kubecost 2.0 preconditions +*/}} +{{- define "kubecostV2-preconditions" -}} + {{/* Iterate through all StatefulSets in the namespace and check if any of them have a label indicating they are from + a pre-2.0 Helm Chart (e.g. "helm.sh/chart: cost-analyzer-1.108.1"). If so, return an error message with details and + documentation for how to properly upgrade to Kubecost 2.0 */}} + {{- $sts := (lookup "apps/v1" "StatefulSet" .Release.Namespace "") -}} + {{- if not (empty $sts.items) -}} + {{- range $index, $sts := $sts.items -}} + {{- if contains "aggregator" $sts.metadata.name -}} + {{- if $sts.metadata.labels -}} + {{- $stsLabels := $sts.metadata.labels -}} {{/* helm.sh/chart: cost-analyzer-1.108.1 */}} + {{- if hasKey $stsLabels "helm.sh/chart" -}} + {{- $chartLabel := index $stsLabels "helm.sh/chart" -}} {{/* cost-analyzer-1.108.1 */}} + {{- $chartNameAndVersion := split "-" $chartLabel -}} {{/* _0:cost _1:analyzer _2:1.108.1 */}} + {{- if gt (len $chartNameAndVersion) 2 -}} + {{- $chartVersion := $chartNameAndVersion._2 -}} {{/* 1.108.1 */}} + {{- if semverCompare ">=1.0.0-0 <2.0.0-0" $chartVersion -}} + {{- fail "\n\nAn existing Aggregator StatefulSet was found in your namespace.\nBefore upgrading to Kubecost 2.x, please `kubectl delete` this Statefulset.\nRefer to the following documentation for more information: https://docs.kubecost.com/install-and-configure/install/kubecostv2" -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{/*https://github.com/helm/helm/issues/8026#issuecomment-881216078*/}} + {{- if ((.Values.thanos).store).enabled -}} + {{- fail "\n\nYou are attempting to upgrade to Kubecost 2.x.\nKubecost no longer includes Thanos by default. \nPlease see https://docs.kubecost.com/install-and-configure/install/kubecostv2 for more information.\nIf you have any questions or concerns, please reach out to us at product@kubecost.com" -}} + {{- end -}} + + {{- if or ((.Values.saml).rbac).enabled ((.Values.oidc).rbac).enabled -}} + {{- if (not (.Values.upgrade).toV2) -}} + {{- fail "\n\nSSO with RBAC is enabled.\nNote that Kubecost 2.x has significant architectural changes that may impact RBAC.\nThis should be tested before giving end-users access to the UI.\nKubecost has tested various configurations and believe that 2.x will be 100% compatible with existing configurations.\nRefer to the following documentation for more information: https://docs.kubecost.com/install-and-configure/install/kubecostv2\n\nWhen ready to upgrade, add `--set upgrade.toV2=true`." -}} + {{- end -}} + {{- end -}} + + {{- if not .Values.kubecostModel.etlFileStoreEnabled -}} + {{- fail "\n\nKubecost 2.0 does not support running fully in-memory. Some file system must be available to store cost data." -}} + {{- end -}} + + + {{- if .Values.kubecostModel.openSourceOnly -}} + {{- fail "In Kubecost 2.0, kubecostModel.openSourceOnly is not supported" -}} + {{- end -}} + + {{/* Aggregator config reconciliation and common config */}} + {{- if eq (include "aggregator.deployMethod" .) "statefulset" -}} + {{- if .Values.kubecostAggregator -}} + {{- if (not .Values.kubecostAggregator.aggregatorDbStorage) -}} + {{- fail "In Enterprise configuration, Aggregator DB storage is required" -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{- if (.Values.podSecurityPolicy).enabled }} + {{- fail "Kubecost no longer includes PodSecurityPolicy by default. Please take steps to preserve your existing PSPs before attempting the installation/upgrade again with the podSecurityPolicy values removed." }} + {{- end }} + + {{- if ((.Values.kubecostDeployment).leaderFollower).enabled -}} + {{- fail "\nIn Kubecost 2.0, kubecostDeployment does not support running as leaderFollower. Please reach out to support to discuss upgrade paths." -}} + {{- end -}} + + {{- if ((.Values.kubecostDeployment).statefulSet).enabled -}} + {{- fail "\nIn Kubecost 2.0, kubecostDeployment does not support running as a statefulSet. Please reach out to support to discuss upgrade paths." -}} + {{- end -}} + {{- if and (eq (include "aggregator.deployMethod" .) "statefulset") (.Values.federatedETL).agentOnly }} + {{- fail "\nKubecost does not support running federatedETL.agentOnly with the aggregator statefulset" }} + {{- end }} +{{- end -}} + +{{- define "cloudIntegrationFromProductConfigs" }} + { + {{- if ((.Values.kubecostProductConfigs).athenaBucketName) }} + "aws": [ + { + "athenaBucketName": "{{ .Values.kubecostProductConfigs.athenaBucketName }}", + "athenaRegion": "{{ .Values.kubecostProductConfigs.athenaRegion }}", + "athenaDatabase": "{{ .Values.kubecostProductConfigs.athenaDatabase }}", + "athenaTable": "{{ .Values.kubecostProductConfigs.athenaTable }}", + "projectID": "{{ .Values.kubecostProductConfigs.athenaProjectID }}" + {{ if (.Values.kubecostProductConfigs).athenaWorkgroup }} + , "athenaWorkgroup": "{{ .Values.kubecostProductConfigs.athenaWorkgroup }}" + {{ else }} + , "athenaWorkgroup": "primary" + {{ end }} + {{ if (.Values.kubecostProductConfigs).masterPayerARN }} + , "masterPayerARN": "{{ .Values.kubecostProductConfigs.masterPayerARN }}" + {{ end }} + {{- if and ((.Values.kubecostProductConfigs).awsServiceKeyName) ((.Values.kubecostProductConfigs).awsServiceKeyPassword) }}, + "serviceKeyName": "{{ .Values.kubecostProductConfigs.awsServiceKeyName }}", + "serviceKeySecret": "{{ .Values.kubecostProductConfigs.awsServiceKeyPassword }}" + {{- end }} + } + ] + {{- end }} + } +{{- end }} + +{{/* +Cloud integration source contents check. Either the Secret must be specified or the JSON, not both. +Additionally, for upgrade protection, certain individual values populated under the kubecostProductConfigs map, if found, +will result in failure. Users are asked to select one of the two presently-available sources for cloud integration information. +*/}} +{{- define "cloudIntegrationSourceCheck" -}} + {{- if and (.Values.kubecostProductConfigs).cloudIntegrationSecret (.Values.kubecostProductConfigs).cloudIntegrationJSON -}} + {{- fail "\nkubecostProductConfigs.cloudIntegrationSecret and kubecostProductConfigs.cloudIntegrationJSON are mutually exclusive. Please specify only one." -}} + {{- end -}} + {{- if and (.Values.kubecostProductConfigs).cloudIntegrationSecret ((.Values.kubecostProductConfigs).athenaBucketName) }} + {{- fail "\nkubecostProductConfigs.cloudIntegrationSecret and kubecostProductConfigs.athena* values are mutually exclusive. Please specifiy only one." -}} + {{- end -}} +{{- if and (.Values.kubecostProductConfigs).cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaBucketName) }} + {{- fail "\nkubecostProductConfigs.cloudIntegrationJSON and kubecostProductConfigs.athena* values are mutually exclusive. Please specifiy only one." -}} + {{- end -}} +{{- end -}} + +{{/* +Federated Storage source contents check. Either the Secret must be specified or the JSON, not both. +*/}} +{{- define "federatedStorageSourceCheck" -}} + {{- if and (.Values.kubecostModel).federatedStorageConfigSecret (.Values.kubecostModel).federatedStorageConfig -}} + {{- fail "\nkubecostkubecostModel.federatedStorageConfigSecret and kubecostModel.federatedStorageConfig are mutually exclusive. Please specify only one." -}} + {{- end -}} +{{- end -}} + +{{/* +Print a warning if PV is enabled AND EKS is detected AND the EBS-CSI driver is not installed +*/}} +{{- define "eksCheck" }} +{{- $isEKS := (regexMatch ".*eks.*" (.Capabilities.KubeVersion | quote) )}} +{{- $isGT22 := (semverCompare ">=1.23-0" .Capabilities.KubeVersion.GitVersion) }} +{{- $PVNotExists := (empty (lookup "v1" "PersistentVolume" "" "")) }} +{{- $EBSCSINotExists := (empty (lookup "apps/v1" "Deployment" "kube-system" "ebs-csi-controller")) }} +{{- if (and $isEKS $isGT22 .Values.persistentVolume.enabled $EBSCSINotExists) -}} + +ERROR: MISSING EBS-CSI DRIVER WHICH IS REQUIRED ON EKS v1.23+ TO MANAGE PERSISTENT VOLUMES. LEARN MORE HERE: https://docs.kubecost.com/install-and-configure/install/provider-installations/aws-eks-cost-monitoring#prerequisites + +{{- end -}} +{{- end -}} + +{{/* +Verify a cluster_id is set in the Prometheus global config +*/}} +{{- define "clusterIDCheck" -}} + {{- if or (.Values.kubecostModel).federatedStorageConfigSecret (.Values.kubecostModel).federatedStorageConfig }} + {{- if not .Values.prometheus.server.clusterIDConfigmap }} + {{- if eq .Values.prometheus.server.global.external_labels.cluster_id "cluster-one" }} + {{- fail "\n\nWhen using multi-cluster Kubecost, you must specify a unique `.Values.prometheus.server.global.external_labels.cluster_id` for each cluster.\nNote this must be set even if you are using your own Prometheus or another identifier.\n" -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- end -}} + + +{{/* +Verify the cloud integration secret exists with the expected key when cloud integration is enabled. +Skip the check if CI/CD is enabled and skipSanityChecks is set. Argo CD, for example, does not +support templating a chart which uses the lookup function. +*/}} +{{- define "cloudIntegrationSecretCheck" -}} +{{- if (.Values.kubecostProductConfigs).cloudIntegrationSecret }} +{{- if not (and .Values.global.platforms.cicd.enabled .Values.global.platforms.cicd.skipSanityChecks) }} +{{- if .Capabilities.APIVersions.Has "v1/Secret" }} + {{- $secret := lookup "v1" "Secret" .Release.Namespace .Values.kubecostProductConfigs.cloudIntegrationSecret }} + {{- if or (not $secret) (not (index $secret.data "cloud-integration.json")) }} + {{- fail (printf "The cloud integration secret '%s' does not exist or does not contain the expected key 'cloud-integration.json'\nIf you are using `--dry-run`, please add `--dry-run=server`. This requires Helm 3.13+." .Values.kubecostProductConfigs.cloudIntegrationSecret) }} + {{- end }} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Verify the federated storage config secret exists with the expected key. +Skip the check if CI/CD is enabled and skipSanityChecks is set. Argo CD, for +example, does not support templating a chart which uses the lookup function. +*/}} +{{- define "federatedStorageConfigSecretCheck" -}} +{{- if (.Values.kubecostModel).federatedStorageConfigSecret }} +{{- if not (and .Values.global.platforms.cicd.enabled .Values.global.platforms.cicd.skipSanityChecks) }} +{{- if .Capabilities.APIVersions.Has "v1/Secret" }} + {{- $secret := lookup "v1" "Secret" .Release.Namespace .Values.kubecostModel.federatedStorageConfigSecret }} + {{- if or (not $secret) (not (index $secret.data "federated-store.yaml")) }} + {{- fail (printf "The federated storage config secret '%s' does not exist or does not contain the expected key 'federated-store.yaml'" .Values.kubecostModel.federatedStorageConfigSecret) }} + {{- end }} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* + Ensure that the Prometheus retention is not set too low +*/}} +{{- define "prometheusRetentionCheck" }} +{{- if ((.Values.prometheus).server).enabled }} + + {{- $retention := .Values.prometheus.server.retention }} + {{- $etlHourlyDurationHours := (int .Values.kubecostModel.etlHourlyStoreDurationHours) }} + + {{- if (hasSuffix "d" $retention) }} + {{- $retentionDays := (int (trimSuffix "d" $retention)) }} + {{- if lt $retentionDays 3 }} + {{- fail (printf "With a daily resolution, Prometheus retention must be set >= 3 days. Provided retention is %s" $retention) }} + {{- else if le (mul $retentionDays 24) $etlHourlyDurationHours }} + {{- fail (printf "Prometheus retention (%s) must be greater than .Values.kubecostModel.etlHourlyStoreDurationHours (%d)" $retention $etlHourlyDurationHours) }} + {{- end }} + + {{- else if (hasSuffix "h" $retention) }} + {{- $retentionHours := (int (trimSuffix "h" $retention)) }} + {{- if lt $retentionHours 50 }} + {{- fail (printf "With an hourly resolution, Prometheus retention must be set >= 50 hours. Provided retention is %s" $retention) }} + {{- else if le $retentionHours $etlHourlyDurationHours }} + {{- fail (printf "Prometheus retention (%s) must be greater than .Values.kubecostModel.etlHourlyStoreDurationHours (%d)" $retention $etlHourlyDurationHours) }} + {{- end }} + + {{- else }} + {{- fail "prometheus.server.retention must be set in days (e.g. 5d) or hours (e.g. 97h)"}} + + {{- end }} +{{- end }} +{{- end }} + +{{/* +Expand the name of the chart. +*/}} +{{- define "cost-analyzer.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "aggregator.name" -}} +{{- default "aggregator" | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "cloudCost.name" -}} +{{- default "cloud-cost" | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "etlUtils.name" -}} +{{- default "etl-utils" | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "forecasting.name" -}} +{{- default "forecasting" | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "frontend.name" -}} +{{- default "frontend" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cost-analyzer.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- define "diagnostics.fullname" -}} +{{- if .Values.diagnosticsFullnameOverride -}} +{{- .Values.diagnosticsFullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name "diagnostics" | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{- define "aggregator.fullname" -}} +{{- printf "%s-%s" .Release.Name "aggregator" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "cloudCost.fullname" -}} +{{- printf "%s-%s" .Release.Name (include "cloudCost.name" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "etlUtils.fullname" -}} +{{- printf "%s-%s" .Release.Name (include "etlUtils.name" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "forecasting.fullname" -}} +{{- printf "%s-%s" .Release.Name (include "forecasting.name" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "frontend.fullname" -}} +{{- printf "%s-%s" .Release.Name (include "frontend.name" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the fully qualified name for Prometheus server service. +*/}} +{{- define "cost-analyzer.prometheus.server.name" -}} +{{- if .Values.prometheus -}} +{{- if .Values.prometheus.server -}} +{{- if .Values.prometheus.server.fullnameOverride -}} +{{- .Values.prometheus.server.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-prometheus-server" .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- else -}} +{{- printf "%s-prometheus-server" .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- else -}} +{{- printf "%s-prometheus-server" .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Create the fully qualified name for Prometheus alertmanager service. +*/}} +{{- define "cost-analyzer.prometheus.alertmanager.name" -}} +{{- if .Values.prometheus -}} +{{- if .Values.prometheus.alertmanager -}} +{{- if .Values.prometheus.alertmanager.fullnameOverride -}} +{{- .Values.prometheus.alertmanager.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-prometheus-alertmanager" .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- else -}} +{{- printf "%s-prometheus-alertmanager" .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- else -}} +{{- printf "%s-prometheus-alertmanager" .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{- define "cost-analyzer.serviceName" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- define "frontend.serviceName" -}} +{{ include "frontend.fullname" . }} +{{- end -}} + +{{- define "diagnostics.serviceName" -}} +{{- printf "%s-%s" .Release.Name "diagnostics" | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "aggregator.serviceName" -}} +{{- printf "%s-%s" .Release.Name "aggregator" | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "cloudCost.serviceName" -}} +{{ include "cloudCost.fullname" . }} +{{- end -}} +{{- define "etlUtils.serviceName" -}} +{{ include "etlUtils.fullname" . }} +{{- end -}} +{{- define "forecasting.serviceName" -}} +{{ include "forecasting.fullname" . }} +{{- end -}} + +{{/* +Create the name of the service account +*/}} +{{- define "cost-analyzer.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "cost-analyzer.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} +{{- define "aggregator.serviceAccountName" -}} +{{- if .Values.kubecostAggregator.serviceAccountName -}} + {{ .Values.kubecostAggregator.serviceAccountName }} +{{- else -}} + {{ template "cost-analyzer.serviceAccountName" . }} +{{- end -}} +{{- end -}} +{{- define "cloudCost.serviceAccountName" -}} +{{- if .Values.kubecostAggregator.cloudCost.serviceAccountName -}} + {{ .Values.kubecostAggregator.cloudCost.serviceAccountName }} +{{- else -}} + {{ template "cost-analyzer.serviceAccountName" . }} +{{- end -}} +{{- end -}} +{{/* +Network Costs name used to tie autodiscovery of metrics to daemon set pods +*/}} +{{- define "cost-analyzer.networkCostsName" -}} +{{- printf "%s-%s" .Release.Name "network-costs" -}} +{{- end -}} + +{{- define "kubecost.clusterControllerName" -}} +{{- printf "%s-%s" .Release.Name "cluster-controller" -}} +{{- end -}} + +{{- define "kubecost.kubeMetricsName" -}} +{{- if .Values.agent }} +{{- printf "%s-%s" .Release.Name "agent" -}} +{{- else if .Values.cloudAgent }} +{{- printf "%s-%s" .Release.Name "cloud-agent" -}} +{{- else }} +{{- printf "%s-%s" .Release.Name "metrics" -}} +{{- end }} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "cost-analyzer.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the chart labels. +*/}} +{{- define "cost-analyzer.chartLabels" -}} +helm.sh/chart: {{ include "cost-analyzer.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} +{{- define "kubecost.chartLabels" -}} +app.kubernetes.io/name: {{ include "cost-analyzer.name" . }} +helm.sh/chart: {{ include "cost-analyzer.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} +{{- define "kubecost.aggregator.chartLabels" -}} +app.kubernetes.io/name: {{ include "aggregator.name" . }} +helm.sh/chart: {{ include "cost-analyzer.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + + +{{/* +Create the common labels. +*/}} +{{- define "cost-analyzer.commonLabels" -}} +app.kubernetes.io/name: {{ include "cost-analyzer.name" . }} +helm.sh/chart: {{ include "cost-analyzer.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app: cost-analyzer +{{- end -}} + +{{- define "aggregator.commonLabels" -}} +{{ include "cost-analyzer.chartLabels" . }} +app: aggregator +{{- end -}} + +{{- define "diagnostics.commonLabels" -}} +{{ include "cost-analyzer.chartLabels" . }} +app: diagnostics +{{- end -}} + +{{- define "cloudCost.commonLabels" -}} +{{ include "cost-analyzer.chartLabels" . }} +{{ include "cloudCost.selectorLabels" . }} +{{- end -}} + +{{- define "etlUtils.commonLabels" -}} +{{ include "cost-analyzer.chartLabels" . }} +{{ include "etlUtils.selectorLabels" . }} +{{- end -}} +{{- define "forecasting.commonLabels" -}} +{{ include "cost-analyzer.chartLabels" . }} +{{ include "forecasting.selectorLabels" . }} +{{- end -}} + +{{/* +Create the networkcosts common labels. Note that because this is a daemonset, we don't want app.kubernetes.io/instance: to take the release name, which allows the scrape config to be static. +*/}} +{{- define "networkcosts.commonLabels" -}} +app.kubernetes.io/instance: kubecost +app.kubernetes.io/name: network-costs +helm.sh/chart: {{ include "cost-analyzer.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app: {{ template "cost-analyzer.networkCostsName" . }} +{{- end -}} +{{- define "networkcosts.selectorLabels" -}} +app: {{ template "cost-analyzer.networkCostsName" . }} +{{- end }} +{{- define "diagnostics.selectorLabels" -}} +app.kubernetes.io/name: diagnostics +app.kubernetes.io/instance: {{ .Release.Name }} +app: diagnostics +{{- end }} + +{{/* +Create the selector labels. +*/}} +{{- define "cost-analyzer.selectorLabels" -}} +app.kubernetes.io/name: {{ include "cost-analyzer.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app: cost-analyzer +{{- end -}} + +{{/* +Create the selector labels for haMode frontend. +*/}} +{{- define "frontend.selectorLabels" -}} +app.kubernetes.io/name: {{ include "frontend.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app: cost-analyzer +{{- end -}} + +{{- define "aggregator.selectorLabels" -}} +{{- if eq (include "aggregator.deployMethod" .) "statefulset" }} +app.kubernetes.io/name: {{ include "aggregator.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app: aggregator +{{- else if eq (include "aggregator.deployMethod" .) "singlepod" }} +{{- include "cost-analyzer.selectorLabels" . }} +{{- else }} +{{ fail "Failed to set aggregator.selectorLabels" }} +{{- end }} +{{- end }} + +{{- define "cloudCost.selectorLabels" -}} +{{- if eq (include "aggregator.deployMethod" .) "statefulset" }} +app.kubernetes.io/name: {{ include "cloudCost.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app: {{ include "cloudCost.name" . }} +{{- else }} +{{- include "cost-analyzer.selectorLabels" . }} +{{- end }} +{{- end }} + +{{- define "forecasting.selectorLabels" -}} +app.kubernetes.io/name: {{ include "forecasting.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app: {{ include "forecasting.name" . }} +{{- end -}} +{{- define "etlUtils.selectorLabels" -}} +app.kubernetes.io/name: {{ include "etlUtils.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app: {{ include "etlUtils.name" . }} +{{- end -}} + +{{/* +Recursive filter which accepts a map containing an input map (.v) and an output map (.r). The template +will traverse all values inside .v recursively writing non-map values to the output .r. If a nested map +is discovered, we look for an 'enabled' key. If it doesn't exist, we continue traversing the +map. If it does exist, we omit the inner map traversal iff enabled is false. This filter writes the +enabled only version to the output .r +*/}} +{{- define "cost-analyzer.filter" -}} +{{- $v := .v }} +{{- $r := .r }} +{{- range $key, $value := .v }} + {{- $tp := kindOf $value -}} + {{- if eq $tp "map" -}} + {{- $isEnabled := true -}} + {{- if (hasKey $value "enabled") -}} + {{- $isEnabled = $value.enabled -}} + {{- end -}} + {{- if $isEnabled -}} + {{- $rr := "{}" | fromYaml }} + {{- template "cost-analyzer.filter" (dict "v" $value "r" $rr) }} + {{- $_ := set $r $key $rr -}} + {{- end -}} + {{- else -}} + {{- $_ := set $r $key $value -}} + {{- end -}} +{{- end -}} +{{- end -}} + +{{/* +This template accepts a map and returns a base64 encoded json version of the map where all disabled +leaf nodes are omitted. + +The implied use case is {{ template "cost-analyzer.filterEnabled" .Values }} +*/}} +{{- define "cost-analyzer.filterEnabled" -}} +{{- $result := "{}" | fromYaml }} +{{- template "cost-analyzer.filter" (dict "v" . "r" $result) }} +{{- $result | toJson | b64enc }} +{{- end -}} + +{{/* +============================================================== +Begin Prometheus templates +============================================================== +*/}} +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus.name" -}} +{{- "prometheus" -}} +{{- end -}} + +{{/* +Define common selector labels for all Prometheus components +*/}} +{{- define "prometheus.common.matchLabels" -}} +app: {{ template "prometheus.name" . }} +release: {{ .Release.Name }} +{{- end -}} + +{{/* +Define common top-level labels for all Prometheus components +*/}} +{{- define "prometheus.common.metaLabels" -}} +heritage: {{ .Release.Service }} +{{- end -}} + +{{/* +Define top-level labels for Alert Manager +*/}} +{{- define "prometheus.alertmanager.labels" -}} +{{ include "prometheus.alertmanager.matchLabels" . }} +{{ include "prometheus.common.metaLabels" . }} +{{- end -}} + +{{/* +Define selector labels for Alert Manager +*/}} +{{- define "prometheus.alertmanager.matchLabels" -}} +component: {{ .Values.prometheus.alertmanager.name | quote }} +{{ include "prometheus.common.matchLabels" . }} +{{- end -}} + +{{/* +Define top-level labels for Node Exporter +*/}} +{{- define "prometheus.nodeExporter.labels" -}} +{{ include "prometheus.nodeExporter.matchLabels" . }} +{{ include "prometheus.common.metaLabels" . }} +{{- end -}} + +{{/* +Define selector labels for Node Exporter +*/}} +{{- define "prometheus.nodeExporter.matchLabels" -}} +component: {{ .Values.prometheus.nodeExporter.name | quote }} +{{ include "prometheus.common.matchLabels" . }} +{{- end -}} + +{{/* +Define top-level labels for Push Gateway +*/}} +{{- define "prometheus.pushgateway.labels" -}} +{{ include "prometheus.pushgateway.matchLabels" . }} +{{ include "prometheus.common.metaLabels" . }} +{{- end -}} + +{{/* +Define selector labels for Push Gateway +*/}} +{{- define "prometheus.pushgateway.matchLabels" -}} +component: {{ .Values.prometheus.pushgateway.name | quote }} +{{ include "prometheus.common.matchLabels" . }} +{{- end -}} + +{{/* +Define top-level labels for Server +*/}} +{{- define "prometheus.server.labels" -}} +{{ include "prometheus.server.matchLabels" . }} +{{ include "prometheus.common.metaLabels" . }} +{{- end -}} + +{{/* +Define selector labels for Server +*/}} +{{- define "prometheus.server.matchLabels" -}} +component: {{ .Values.prometheus.server.name | quote }} +{{ include "prometheus.common.matchLabels" . }} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "prometheus.fullname" -}} +{{- if .Values.prometheus.fullnameOverride -}} +{{- .Values.prometheus.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default "prometheus" .Values.prometheus.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a fully qualified alertmanager name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} + +{{- define "prometheus.alertmanager.fullname" -}} +{{- if .Values.prometheus.alertmanager.fullnameOverride -}} +{{- .Values.prometheus.alertmanager.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default "prometheus" .Values.prometheus.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.prometheus.alertmanager.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.prometheus.alertmanager.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + + +{{/* +Create a fully qualified node-exporter name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "prometheus.nodeExporter.fullname" -}} +{{- if .Values.prometheus.nodeExporter.fullnameOverride -}} +{{- .Values.prometheus.nodeExporter.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default "prometheus" .Values.prometheus.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.prometheus.nodeExporter.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.prometheus.nodeExporter.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a fully qualified Prometheus server name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "prometheus.server.fullname" -}} +{{- if .Values.prometheus.server.fullnameOverride -}} +{{- .Values.prometheus.server.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default "prometheus" .Values.prometheus.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.prometheus.server.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.prometheus.server.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a fully qualified pushgateway name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "prometheus.pushgateway.fullname" -}} +{{- if .Values.prometheus.pushgateway.fullnameOverride -}} +{{- .Values.prometheus.pushgateway.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default "prometheus" .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.prometheus.pushgateway.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.prometheus.pushgateway.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use for the alertmanager component +*/}} +{{- define "prometheus.serviceAccountName.alertmanager" -}} +{{- if .Values.prometheus.serviceAccounts.alertmanager.create -}} + {{ default (include "prometheus.alertmanager.fullname" .) .Values.prometheus.serviceAccounts.alertmanager.name }} +{{- else -}} + {{ default "default" .Values.prometheus.serviceAccounts.alertmanager.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use for the nodeExporter component +*/}} +{{- define "prometheus.serviceAccountName.nodeExporter" -}} +{{- if .Values.prometheus.serviceAccounts.nodeExporter.create -}} + {{ default (include "prometheus.nodeExporter.fullname" .) .Values.prometheus.serviceAccounts.nodeExporter.name }} +{{- else -}} + {{ default "default" .Values.prometheus.serviceAccounts.nodeExporter.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use for the pushgateway component +*/}} +{{- define "prometheus.serviceAccountName.pushgateway" -}} +{{- if .Values.prometheus.serviceAccounts.pushgateway.create -}} + {{ default (include "prometheus.pushgateway.fullname" .) .Values.prometheus.serviceAccounts.pushgateway.name }} +{{- else -}} + {{ default "default" .Values.prometheus.serviceAccounts.pushgateway.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use for the server component +*/}} +{{- define "prometheus.serviceAccountName.server" -}} +{{- if .Values.prometheus.serviceAccounts.server.create -}} + {{ default (include "prometheus.server.fullname" .) .Values.prometheus.serviceAccounts.server.name }} +{{- else -}} + {{ default "default" .Values.prometheus.serviceAccounts.server.name }} +{{- end -}} +{{- end -}} + +{{/* +============================================================== +Begin Grafana templates +============================================================== +*/}} +{{/* +Expand the name of the chart. +*/}} +{{- define "grafana.name" -}} +{{- "grafana" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "grafana.fullname" -}} +{{- if .Values.grafana.fullnameOverride -}} +{{- .Values.grafana.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default "grafana" .Values.grafana.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account +*/}} +{{- define "grafana.serviceAccountName" -}} +{{- if .Values.grafana.serviceAccount.create -}} + {{ default (include "grafana.fullname" .) .Values.grafana.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.grafana.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +============================================================== +Begin Kubecost 2.0 templates +============================================================== +*/}} + +{{- define "aggregator.containerTemplate" }} +- name: aggregator +{{- if .Values.kubecostAggregator.containerSecurityContext }} + securityContext: + {{- toYaml .Values.kubecostAggregator.containerSecurityContext | nindent 4 }} +{{- else if .Values.global.containerSecurityContext }} + securityContext: + {{- toYaml .Values.global.containerSecurityContext | nindent 4 }} +{{- end }} + {{- if .Values.kubecostModel }} + {{- if .Values.kubecostAggregator.fullImageName }} + image: {{ .Values.kubecostAggregator.fullImageName }} + {{- else if .Values.imageVersion }} + image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + image: gcr.io/kubecost1/cost-model-nightly:latest + {{- else }} + image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} + {{- end }} + {{- else }} + image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} + {{- end }} + {{- if .Values.kubecostAggregator.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz + port: 9004 + initialDelaySeconds: {{ .Values.kubecostAggregator.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostAggregator.readinessProbe.periodSeconds }} + failureThreshold: {{ .Values.kubecostAggregator.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.kubecostAggregator.imagePullPolicy }} + imagePullPolicy: {{ .Values.kubecostAggregator.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + args: ["waterfowl"] + ports: + - name: tcp-api + containerPort: 9004 + protocol: TCP + {{- with.Values.kubecostAggregator.extraPorts }} + {{- toYaml . | nindent 4 }} + {{- end }} + resources: + {{- toYaml .Values.kubecostAggregator.resources | nindent 4 }} + volumeMounts: + - name: persistent-configs + mountPath: /var/configs + {{- if or (.Values.kubecostModel).federatedStorageConfigSecret (.Values.kubecostModel).federatedStorageConfig }} + - name: federated-storage-config + mountPath: /var/configs/etl + readOnly: true + {{- end }} + {{- if and .Values.persistentVolume.dbPVEnabled (eq (include "aggregator.deployMethod" .) "singlepod") }} + - name: persistent-db + mountPath: /var/db + # aggregator should only need read access to ETL data + readOnly: true + {{- end }} + {{- if eq (include "aggregator.deployMethod" .) "statefulset" }} + - name: aggregator-db-storage + mountPath: /var/configs/waterfowl/duckdb + - name: aggregator-staging + # Aggregator uses /var/configs/waterfowl as a "staging" directory for + # things like intermediate-state files pre-ingestion. In order to avoid a + # permission problem similar to + # https://github.com/kubernetes/kubernetes/issues/81676, we create an + # emptyDir at this path. + # + # This hasn't been observed as a problem in cost-analyzer, likely because + # of the init container that gives everything under /var/configs 777. + mountPath: /var/configs/waterfowl + {{- end }} + {{- if and ((.Values.kubecostProductConfigs).productKey).enabled ((.Values.kubecostProductConfigs).productKey).secretname (eq (include "aggregator.deployMethod" .) "statefulset") }} + - name: productkey-secret + mountPath: /var/configs/productkey + {{- end }} + {{- if and ((.Values.kubecostProductConfigs).smtp).secretname (eq (include "aggregator.deployMethod" .) "statefulset") }} + - name: smtp-secret + mountPath: /var/configs/smtp + {{- end }} + {{- if .Values.saml }} + {{- if .Values.saml.enabled }} + {{- if .Values.saml.secretName }} + - name: secret-volume + mountPath: /var/configs/secret-volume + {{- end }} + {{- if .Values.saml.encryptionCertSecret }} + - name: saml-encryption-cert + mountPath: /var/configs/saml-encryption-cert + {{- end }} + {{- if .Values.saml.decryptionKeySecret }} + - name: saml-decryption-key + mountPath: /var/configs/saml-decryption-key + {{- end }} + {{- if .Values.saml.metadataSecretName }} + - name: metadata-secret-volume + mountPath: /var/configs/metadata-secret-volume + {{- end }} + - name: saml-auth-secret + mountPath: /var/configs/saml-auth-secret + {{- if .Values.saml.rbac.enabled }} + - name: saml-roles + mountPath: /var/configs/saml + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.oidc }} + {{- if .Values.oidc.enabled }} + - name: oidc-config + mountPath: /var/configs/oidc + {{- if or .Values.oidc.existingCustomSecret.name .Values.oidc.secretName }} + - name: oidc-client-secret + mountPath: /var/configs/oidc-client-secret + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.global.integrations.postgres.enabled }} + - name: postgres-creds + mountPath: /var/configs/integrations/postgres-creds + - name: postgres-queries + mountPath: /var/configs/integrations/postgres-queries + {{- end }} + {{- /* Only adds extraVolumeMounts if aggregator is running as its own pod */}} + {{- if and .Values.kubecostAggregator.extraVolumeMounts (eq (include "aggregator.deployMethod" .) "statefulset") }} + {{- toYaml .Values.kubecostAggregator.extraVolumeMounts | nindent 4 }} + {{- end }} + env: + {{- if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }} + - name: CLUSTER_ID + value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} + {{- end }} + {{- if .Values.prometheus.server.clusterIDConfigmap }} + - name: CLUSTER_ID + valueFrom: + configMapKeyRef: + name: {{ .Values.prometheus.server.clusterIDConfigmap }} + key: CLUSTER_ID + {{- end }} + {{- if and ((.Values.kubecostProductConfigs).productKey).mountPath (eq (include "aggregator.deployMethod" .) "statefulset") }} + - name: PRODUCT_KEY_MOUNT_PATH + value: {{ .Values.kubecostProductConfigs.productKey.mountPath }} + {{- end }} + {{- if and ((.Values.kubecostProductConfigs).smtp).mountPath (eq (include "aggregator.deployMethod" .) "statefulset") }} + - name: SMTP_CONFIG_MOUNT_PATH + value: {{ .Values.kubecostProductConfigs.smtp.mountPath }} + {{- end }} + {{- if .Values.smtpConfigmapName }} + - name: SMTP_CONFIGMAP_NAME + value: {{ .Values.smtpConfigmapName }} + {{- end }} + {{- if (gt (int .Values.kubecostAggregator.numDBCopyPartitions) 0) }} + - name: NUM_DB_COPY_CHUNKS + value: {{ .Values.kubecostAggregator.numDBCopyPartitions | quote }} + {{- end }} + {{- if .Values.kubecostAggregator.jaeger.enabled }} + - name: TRACING_URL + value: "http://localhost:14268/api/traces" + {{- end }} + - name: CONFIG_PATH + value: /var/configs/ + {{- if and .Values.persistentVolume.dbPVEnabled (eq (include "aggregator.deployMethod" .) "singlepod") }} + - name: ETL_PATH_PREFIX + value: "/var/db" + {{- end }} + - name: CLOUD_PROVIDER_API_KEY + value: "AIzaSyDXQPG_MHUEy9neR7stolq6l0ujXmjJlvk" # The GCP Pricing API key.This GCP api key is expected to be here and is limited to accessing google's billing API.' + {{- if .Values.global.integrations.postgres.enabled }} + - name: AGGREGATOR_ADDRESS + {{- if or .Values.saml.enabled .Values.oidc.enabled }} + value: localhost:9008 + {{- else }} + value: localhost:9004 + {{- end }} + - name: INT_PG_ENABLED + value: "true" + - name: INT_PG_RUN_INTERVAL + value: {{ quote .Values.global.integrations.postgres.runInterval }} + {{- end }} + - name: READ_ONLY + value: {{ (quote .Values.readonly) | default (quote false) }} + {{- if .Values.systemProxy.enabled }} + - name: HTTP_PROXY + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: http_proxy + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: HTTPS_PROXY + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: https_proxy + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: NO_PROXY + value: {{ .Values.systemProxy.noProxy }} + - name: no_proxy + value: {{ .Values.systemProxy.noProxy }} + {{- end }} + {{- if ((.Values.kubecostProductConfigs).carbonEstimates) }} + - name: CARBON_ESTIMATES_ENABLED + value: "true" + {{- end }} + - name: CUSTOM_COST_ENABLED + value: {{ .Values.kubecostModel.plugins.enabled | quote }} + {{- if .Values.kubecostAggregator.extraEnv -}} + {{- toYaml .Values.kubecostAggregator.extraEnv | nindent 4 }} + {{- end }} + {{- if eq (include "aggregator.deployMethod" .) "statefulset" }} + # If this isn't set, we pretty much have to be in a read only state, + # initialization will probably fail otherwise. + - name: ETL_BUCKET_CONFIG + {{- if and (not .Values.kubecostModel.federatedStorageConfigSecret) (not .Values.kubecostModel.federatedStorageConfig) }} + value: /var/configs/etl/object-store.yaml + {{- else }} + value: /var/configs/etl/federated-store.yaml + - name: FEDERATED_STORE_CONFIG + value: /var/configs/etl/federated-store.yaml + - name: FEDERATED_PRIMARY_CLUSTER # this ensures the ingester runs assuming federated primary paths in the bucket + value: "true" + - name: FEDERATED_CLUSTER # this ensures the ingester runs assuming federated primary paths in the bucket + value: "true" + {{- if (.Values.kubecostProductConfigs).standardDiscount }} + {{- if .Values.ingestionConfigmapName }} + - name: INGESTION_CONFIGMAP_NAME + value: {{ .Values.ingestionConfigmapName }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + - name: LOG_LEVEL + value: {{ .Values.kubecostAggregator.logLevel }} + - name: DB_READ_THREADS + value: {{ .Values.kubecostAggregator.dbReadThreads | quote }} + - name: DB_WRITE_THREADS + value: {{ .Values.kubecostAggregator.dbWriteThreads | quote }} + - name: DB_CONCURRENT_INGESTION_COUNT + value: {{ .Values.kubecostAggregator.dbConcurrentIngestionCount | quote }} + {{- if ne .Values.kubecostAggregator.dbMemoryLimit "0GB" }} + - name: DB_MEMORY_LIMIT + value: {{ .Values.kubecostAggregator.dbMemoryLimit | quote }} + {{- end }} + {{- if ne .Values.kubecostAggregator.dbWriteMemoryLimit "0GB" }} + - name: DB_WRITE_MEMORY_LIMIT + value: {{ .Values.kubecostAggregator.dbWriteMemoryLimit | quote }} + {{- end }} + - name: ETL_DAILY_STORE_DURATION_DAYS + value: {{ .Values.kubecostAggregator.etlDailyStoreDurationDays | quote }} + - name: ETL_HOURLY_STORE_DURATION_HOURS + value: {{ .Values.kubecostAggregator.etlHourlyStoreDurationHours | quote }} + - name: CONTAINER_RESOURCE_USAGE_RETENTION_DAYS + value: {{ .Values.kubecostAggregator.containerResourceUsageRetentionDays | quote }} + - name: DB_TRIM_MEMORY_ON_CLOSE + value: {{ .Values.kubecostAggregator.dbTrimMemoryOnClose | quote }} + - name: KUBECOST_NAMESPACE + value: {{ .Release.Namespace }} + {{- if .Values.global.grafana }} + - name: GRAFANA_ENABLED + value: "{{ template "cost-analyzer.grafanaEnabled" . }}" + {{- end}} + {{- if .Values.oidc.enabled }} + - name: OIDC_ENABLED + value: "true" + - name: OIDC_SKIP_ONLINE_VALIDATION + value: {{ (quote .Values.oidc.skipOnlineTokenValidation) | default (quote false) }} + {{- end}} + {{- if .Values.kubecostAggregator }} + {{- if .Values.kubecostAggregator.collections }} + {{- if (((.Values.kubecostAggregator).collections).cache) }} + - name: COLLECTIONS_MEMORY_CACHE_ENABLED + value: {{ (quote .Values.kubecostAggregator.collections.cache.enabled) | default (quote true) }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.saml }} + {{- if .Values.saml.enabled }} + - name: SAML_ENABLED + value: "true" + - name: IDP_URL + value: {{ .Values.saml.idpMetadataURL }} + - name: SP_HOST + value: {{ .Values.saml.appRootURL }} + {{- if .Values.saml.audienceURI }} + - name: AUDIENCE_URI + value: {{ .Values.saml.audienceURI }} + {{- end }} + {{- if .Values.saml.isGLUUProvider }} + - name: GLUU_SAML_PROVIDER + value: {{ (quote .Values.saml.isGLUUProvider) }} + {{- end }} + {{- if .Values.saml.nameIDFormat }} + - name: NAME_ID_FORMAT + value: {{ .Values.saml.nameIDFormat }} + {{- end}} + {{- if .Values.saml.authTimeout }} + - name: AUTH_TOKEN_TIMEOUT + value: {{ (quote .Values.saml.authTimeout) }} + {{- end}} + {{- if .Values.saml.redirectURL }} + - name: LOGOUT_REDIRECT_URL + value: {{ .Values.saml.redirectURL }} + {{- end}} + {{- if .Values.saml.rbac.enabled }} + - name: SAML_RBAC_ENABLED + value: "true" + {{- end }} + {{- if and .Values.saml.encryptionCertSecret .Values.saml.decryptionKeySecret }} + - name: SAML_RESPONSE_ENCRYPTED + value: "true" + {{- end}} + {{- end }} + {{- end }} +{{- end }} + + +{{- define "aggregator.jaeger.sidecarContainerTemplate" }} +- name: embedded-jaeger + env: + - name: SPAN_STORAGE_TYPE + value: badger + - name: BADGER_EPHEMERAL + value: "true" + - name: BADGER_DIRECTORY_VALUE + value: /tmp/badger/data + - name: BADGER_DIRECTORY_KEY + value: /tmp/badger/key + securityContext: + {{- toYaml .Values.kubecostAggregator.jaeger.containerSecurityContext | nindent 4 }} + image: {{ .Values.kubecostAggregator.jaeger.image }}:{{ .Values.kubecostAggregator.jaeger.imageVersion }} +{{- end }} + + +{{- define "aggregator.cloudCost.containerTemplate" }} +- name: cloud-cost + {{- if .Values.kubecostModel }} + {{- if .Values.kubecostAggregator.fullImageName }} + image: {{ .Values.kubecostAggregator.fullImageName }} + {{- else if .Values.kubecostModel.fullImageName }} + image: {{ .Values.kubecostModel.fullImageName }} + {{- else if .Values.imageVersion }} + image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + image: gcr.io/kubecost1/cost-model-nightly:latest + {{- else }} + image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} + {{ end }} + {{- else }} + image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} + {{ end }} + {{- if .Values.kubecostAggregator.cloudCost.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz + port: 9005 + initialDelaySeconds: {{ .Values.kubecostAggregator.cloudCost.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostAggregator.cloudCost.readinessProbe.periodSeconds }} + failureThreshold: {{ .Values.kubecostAggregator.cloudCost.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.kubecostAggregator.imagePullPolicy }} + imagePullPolicy: {{ .Values.kubecostAggregator.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + args: ["cloud-cost"] + ports: + - name: tcp-api + containerPort: 9005 + protocol: TCP + resources: + {{- toYaml .Values.kubecostAggregator.cloudCost.resources | nindent 4 }} + securityContext: + {{- if .Values.global.containerSecurityContext }} + {{- toYaml .Values.global.containerSecurityContext | nindent 4 }} + {{- end }} + volumeMounts: + - name: persistent-configs + mountPath: /var/configs + {{- if or (.Values.kubecostModel).federatedStorageConfigSecret (.Values.kubecostModel).federatedStorageConfig }} + - name: federated-storage-config + mountPath: /var/configs/etl/federated + readOnly: true + {{- else if .Values.kubecostModel.etlBucketConfigSecret }} + - name: etl-bucket-config + mountPath: /var/configs/etl + readOnly: true + {{- end }} + {{- if or (.Values.kubecostProductConfigs).cloudIntegrationSecret (.Values.kubecostProductConfigs).cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaBucketName) }} + - name: cloud-integration + mountPath: /var/configs/cloud-integration + {{- end }} + {{- if .Values.kubecostModel.plugins.enabled }} + - mountPath: {{ .Values.kubecostModel.plugins.folder }} + name: plugins-dir + readOnly: false + - name: tmp + mountPath: /tmp + - mountPath: {{ $.Values.kubecostModel.plugins.folder }}/config + name: plugins-config + readOnly: true + {{- end }} + {{- /* Only adds extraVolumeMounts when cloudcosts is running as its own pod */}} + {{- if and .Values.kubecostAggregator.cloudCost.extraVolumeMounts (eq (include "aggregator.deployMethod" .) "statefulset") }} + {{- toYaml .Values.kubecostAggregator.cloudCost.extraVolumeMounts | nindent 4 }} + {{- end }} + env: + - name: CONFIG_PATH + value: /var/configs/ + {{- if .Values.kubecostModel.etlBucketConfigSecret }} + - name: ETL_BUCKET_CONFIG + value: /var/configs/etl/object-store.yaml + {{- end}} + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: FEDERATED_STORE_CONFIG + value: /var/configs/etl/federated/federated-store.yaml + - name: FEDERATED_CLUSTER + value: "true" + {{- end}} + - name: ETL_DAILY_STORE_DURATION_DAYS + value: {{ (quote .Values.kubecostModel.etlDailyStoreDurationDays) }} + - name: CLOUD_COST_REFRESH_RATE_HOURS + value: {{ .Values.kubecostAggregator.cloudCost.refreshRateHours | default 6 | quote }} + - name: CLOUD_COST_QUERY_WINDOW_DAYS + value: {{ .Values.kubecostAggregator.cloudCost.queryWindowDays | default 7 | quote }} + - name: CLOUD_COST_RUN_WINDOW_DAYS + value: {{ .Values.kubecostAggregator.cloudCost.runWindowDays | default 3 | quote }} + - name: CUSTOM_COST_ENABLED + value: {{ .Values.kubecostModel.plugins.enabled | quote }} + {{- range $key, $value := .Values.kubecostAggregator.cloudCost.env }} + - name: {{ $key | quote }} + value: {{ $value | quote }} + {{- end }} + {{- if .Values.systemProxy.enabled }} + - name: HTTP_PROXY + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: http_proxy + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: HTTPS_PROXY + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: https_proxy + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: NO_PROXY + value: {{ .Values.systemProxy.noProxy }} + - name: no_proxy + value: {{ .Values.systemProxy.noProxy }} + {{- end }} +{{- end }} + +{{/* +SSO enabled flag for nginx configmap +*/}} +{{- define "ssoEnabled" -}} + {{- if or (.Values.saml).enabled (.Values.oidc).enabled -}} + {{- printf "true" -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} +{{- end -}} + +{{/* +To use the Kubecost built-in Teams UI RBAC< you must enable SSO and RBAC and not specify any groups. +Groups is only used when using external RBAC. +*/}} +{{- define "rbacTeamsEnabled" -}} + {{- if or (.Values.saml).enabled (.Values.oidc).enabled -}} + {{- if or ((.Values.saml).rbac).enabled ((.Values.oidc).rbac).enabled -}} + {{- if not (or (.Values.saml).groups (.Values.oidc).groups) -}} + {{- printf "true" -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} +{{- end -}} + +{{/* +Backups configured flag for nginx configmap +*/}} +{{- define "dataBackupConfigured" -}} + {{- if or (.Values.kubecostModel).etlBucketConfigSecret (.Values.kubecostModel).federatedStorageConfigSecret (.Values.kubecostModel).federatedStorageConfig -}} + {{- printf "true" -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} +{{- end -}} + +{{/* +costEventsAuditEnabled flag for nginx configmap +*/}} +{{- define "costEventsAuditEnabled" -}} + {{- if or (.Values.costEventsAudit).enabled -}} + {{- printf "true" -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} +{{- end -}} + +{{- define "cost-analyzer.grafanaEnabled" -}} + {{- if and (.Values.global.grafana.enabled) (not .Values.federatedETL.agentOnly) -}} + {{- printf "true" -}} + {{- else -}} + {{- printf "false" -}} + {{- end -}} +{{- end -}} + +{{- define "gcpCloudIntegrationJSON" }} +Kubecost 2.x requires a change to the method that cloud-provider billing integrations are configured. +Please use this output to create a cloud-integration.json config. See: + +for more information + + { + "gcp": + { + [ + { + "bigQueryBillingDataDataset": "{{ .Values.kubecostProductConfigs.bigQueryBillingDataDataset }}", + "bigQueryBillingDataProject": "{{ .Values.kubecostProductConfigs.bigQueryBillingDataProject }}", + "bigQueryBillingDataTable": "{{ .Values.kubecostProductConfigs.bigQueryBillingDataTable }}", + "projectID": "{{ .Values.kubecostProductConfigs.projectID }}" + } + ] + } + } +{{- end }} + +{{- define "gcpCloudIntegrationCheck" }} +{{- if ((.Values.kubecostProductConfigs).bigQueryBillingDataDataset) }} +{{- fail (include "gcpCloudIntegrationJSON" .) }} +{{- end }} +{{- end }} + + +{{- define "azureCloudIntegrationJSON" }} + +Kubecost 2.x requires a change to the method that cloud-provider billing integrations are configured. +Please use this output to create a cloud-integration.json config. See: + +for more information + { + "azure": + [ + { + "azureStorageContainer": "{{ .Values.kubecostProductConfigs.azureStorageContainer }}", + "azureSubscriptionID": "{{ .Values.kubecostProductConfigs.azureSubscriptionID }}", + "azureStorageAccount": "{{ .Values.kubecostProductConfigs.azureStorageAccount }}", + "azureStorageAccessKey": "{{ .Values.kubecostProductConfigs.azureStorageKey }}", + "azureContainerPath": "{{ .Values.kubecostProductConfigs.azureContainerPath }}", + "azureCloud": "{{ .Values.kubecostProductConfigs.azureCloud }}" + } + ] + } +{{- end }} + +{{- define "azureCloudIntegrationCheck" }} +{{- if ((.Values.kubecostProductConfigs).azureStorageContainer) }} +{{- fail (include "azureCloudIntegrationJSON" .) }} +{{- end }} +{{- end }} + +{{- define "clusterControllerEnabled" }} +{{- if (.Values.clusterController).enabled }} +{{- printf "true" -}} +{{- else -}} +{{- printf "false" -}} +{{- end -}} +{{- end -}} + +{{- define "forecastingEnabled" }} +{{- if (.Values.forecasting).enabled }} +{{- printf "true" -}} +{{- else -}} +{{- printf "false" -}} +{{- end -}} +{{- end -}} + +{{- define "pluginsEnabled" }} +{{- if (.Values.kubecostModel.plugins).enabled }} +{{- printf "true" -}} +{{- else -}} +{{- printf "false" -}} +{{- end -}} +{{- end -}} + +{{- define "carbonEstimatesEnabled" }} +{{- if ((.Values.kubecostProductConfigs).carbonEstimates) }} +{{- printf "true" -}} +{{- else -}} +{{- printf "false" -}} +{{- end -}} +{{- end -}} + +{{- /* + Compute a checksum based on the rendered content of specific ConfigMaps and Secrets. +*/ -}} +{{- define "configsChecksum" -}} +{{- $files := list + "alibaba-service-key-secret.yaml" + "aws-service-key-secret.yaml" + "azure-service-key-secret.yaml" + "azure-storage-config-secret.yaml" + "cloud-integration-secret.yaml" + "cost-analyzer-account-mapping-configmap.yaml" + "cost-analyzer-alerts-configmap.yaml" + "cost-analyzer-asset-reports-configmap.yaml" + "cost-analyzer-cloud-cost-reports-configmap.yaml" + "cost-analyzer-config-map-template.yaml" + "cost-analyzer-frontend-config-map-template.yaml" + "cost-analyzer-metrics-config-map-template.yaml" + "cost-analyzer-network-costs-config-map-template.yaml" + "cost-analyzer-oidc-config-map-template.yaml" + "cost-analyzer-pkey-configmap.yaml" + "cost-analyzer-pricing-configmap.yaml" + "cost-analyzer-saml-config-map-template.yaml" + "cost-analyzer-saved-reports-configmap.yaml" + "cost-analyzer-server-configmap.yaml" + "cost-analyzer-smtp-configmap.yaml" + "external-grafana-config-map-template.yaml" + "gcpstore-config-map-template.yaml" + "grafana-secret.yaml" + "install-plugins.yaml" + "integrations-postgres-queries-configmap.yaml" + "integrations-postgres-secret.yaml" + "kubecost-agent-secret-template.yaml" + "kubecost-agent-secretprovider-template.yaml" + "kubecost-cluster-controller-actions-config.yaml" + "kubecost-cluster-manager-configmap-template.yaml" + "kubecost-oidc-secret-template.yaml" + "kubecost-saml-secret-template.yaml" + "mimir-proxy-configmap-template.yaml" + "savings-recommendations-allowlists-config-map-template.yaml" +-}} +{{- $checksum := "" -}} +{{- range $files -}} + {{- $content := include (print $.Template.BasePath (printf "/%s" .)) $ -}} + {{- $checksum = printf "%s%s" $checksum $content | sha256sum -}} +{{- end -}} +{{- $checksum | sha256sum -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-deployment.yaml new file mode 100644 index 0000000000..4bd0f6cf7d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-deployment.yaml @@ -0,0 +1,166 @@ +{{- if eq (include "aggregator.deployMethod" .) "statefulset" }} + +{{/* + A cloud integration secret is required for cloud cost to function as a dedicated pod. + UI based configuration is not supported for cloud cost with aggregator. +*/}} +{{- if ((.Values.kubecostAggregator).cloudCost).enabled }} +{{- if not ( or (.Values.kubecostProductConfigs).cloudIntegrationSecret (.Values.kubecostProductConfigs).cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaBucketName)) }} +{{- fail "\n\nA cloud-integration secret is required when using the aggregator statefulset and cloudCost is enabled." }} +{{- end }} +{{- end }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "cloudCost.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cloudCost.commonLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: 1 + selector: + matchLabels: + {{ include "cloudCost.selectorLabels" . | nindent 6 }} + strategy: + type: Recreate + template: + metadata: + labels: + app.kubernetes.io/name: cloud-cost + app.kubernetes.io/instance: {{ .Release.Name }} + app: cloud-cost + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + {{- with .Values.global.podAnnotations}} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/configs: {{ include "configsChecksum" . }} + spec: + {{- if .Values.global.platforms.openshift.enabled }} + securityContext: + {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- else }} + securityContext: + runAsUser: 1001 + runAsGroup: 1001 + fsGroup: 1001 + {{- end }} + restartPolicy: Always + serviceAccountName: {{ template "cloudCost.serviceAccountName" . }} + volumes: + {{- if .Values.kubecostModel.etlBucketConfigSecret }} + - name: etl-bucket-config + secret: + defaultMode: 420 + secretName: {{ .Values.kubecostModel.etlBucketConfigSecret }} + {{- end }} + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: federated-storage-config + secret: + defaultMode: 420 + {{- if .Values.kubecostModel.federatedStorageConfigSecret }} + secretName: {{ .Values.kubecostModel.federatedStorageConfigSecret }} + {{- else }} + secretName: federated-store + {{- end }} + {{- end }} + {{- if (.Values.kubecostProductConfigs).cloudIntegrationSecret }} + - name: cloud-integration + secret: + secretName: {{ .Values.kubecostProductConfigs.cloudIntegrationSecret }} + items: + - key: cloud-integration.json + path: cloud-integration.json + {{- else if or (.Values.kubecostProductConfigs).cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaProjectID) }} + - name: cloud-integration + secret: + secretName: cloud-integration + items: + - key: cloud-integration.json + path: cloud-integration.json + {{- end }} + {{/* Despite the name, this is not persistent-configs. + The name is for compatibility with single-pod install. + All data stored here is ephemeral, and does not require persistence. */}} + - name: persistent-configs + emptyDir: {} + {{- if .Values.kubecostModel.plugins.enabled }} + {{- if .Values.kubecostModel.plugins.install.enabled}} + - name: install-script + configMap: + name: {{ template "cost-analyzer.fullname" . }}-install-plugins + {{- end }} + - name: plugins-dir + emptyDir: {} + {{- if and (not .Values.kubecostModel.plugins.existingCustomSecret.enabled) .Values.kubecostModel.plugins.secretName }} + - name: plugins-config + secret: + secretName: {{ .Values.kubecostModel.plugins.secretName }} + items: + - key: datadog_config.json + path: datadog_config.json + {{- end }} + {{- if .Values.kubecostModel.plugins.existingCustomSecret.enabled }} + - name: plugins-config + secret: + secretName: {{ .Values.kubecostModel.plugins.existingCustomSecret.name }} + items: + - key: datadog_config.json + path: datadog_config.json + {{- end }} + - name: tmp + emptyDir: {} + {{- end }} + {{- if .Values.kubecostAggregator.cloudCost.extraVolumes }} + {{- toYaml .Values.kubecostAggregator.cloudCost.extraVolumes | nindent 8 }} + {{- end }} + initContainers: + {{- if (and .Values.kubecostModel.plugins.enabled .Values.kubecostModel.plugins.install.enabled )}} + - name: plugin-installer + image: {{ .Values.kubecostModel.plugins.install.fullImageName }} + command: ["sh", "/install/install_plugins.sh"] + {{- with .Values.kubecostModel.plugins.install.securityContext }} + securityContext: {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: install-script + mountPath: /install + - name: plugins-dir + mountPath: {{ .Values.kubecostModel.plugins.folder }} + {{- end }} + containers: + {{- include "aggregator.cloudCost.containerTemplate" . | nindent 8 }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.kubecostAggregator.priority }} + {{- if .Values.kubecostAggregator.priority.enabled }} + {{- if .Values.kubecostAggregator.priority.name }} + priorityClassName: {{ .Values.kubecostAggregator.priority.name }} + {{- else }} + priorityClassName: {{ template "cost-analyzer.fullname" . }}-aggregator-priority + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.kubecostAggregator.cloudCost.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubecostAggregator.cloudCost.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubecostAggregator.cloudCost.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-service-account.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-service-account.yaml new file mode 100644 index 0000000000..c8018f77bb --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-service-account.yaml @@ -0,0 +1,23 @@ +{{- if eq (include "aggregator.deployMethod" .) "statefulset" }} + +{{/* + A cloud integration secret is required for cloud cost to function as a dedicated pod. + UI based configuration is not supported for cloud cost with aggregator. +*/}} + +{{- if or (.Values.kubecostProductConfigs).cloudIntegrationSecret (.Values.kubecostProductConfigs).cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaBucketName) }} +{{- if and .Values.serviceAccount.create .Values.kubecostAggregator.cloudCost.serviceAccountName }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "cloudCost.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cloudCost.commonLabels" . | nindent 4 }} +{{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-service.yaml new file mode 100644 index 0000000000..bef9bfdc54 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-cloud-cost-service.yaml @@ -0,0 +1,17 @@ +{{- if not (eq (include "aggregator.deployMethod" .) "disabled") -}} +kind: Service +apiVersion: v1 +metadata: + name: {{ template "cloudCost.serviceName" . }} + namespace: {{ .Release.Namespace }} + labels: +{{ include "cloudCost.commonLabels" . | nindent 4 }} +spec: + selector: +{{ include "cloudCost.selectorLabels" . | nindent 4 }} + type: "ClusterIP" + ports: + - name: tcp-api + port: 9005 + targetPort: 9005 +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-service.yaml new file mode 100644 index 0000000000..134c2f37d6 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-service.yaml @@ -0,0 +1,28 @@ +{{- if not (eq (include "aggregator.deployMethod" .) "disabled") -}} +kind: Service +apiVersion: v1 +metadata: + name: {{ template "aggregator.serviceName" . }} + namespace: {{ .Release.Namespace }} + labels: +{{ include "aggregator.commonLabels" . | nindent 4 }} +{{- if .Values.kubecostAggregator.service.labels }} + {{- toYaml .Values.kubecostAggregator.service.labels | nindent 4 }} +{{- end }} +spec: + selector: +{{ include "aggregator.selectorLabels" . | nindent 4 }} + type: "ClusterIP" + ports: + - name: tcp-api + port: 9004 + targetPort: 9004 + {{- if or .Values.saml.enabled .Values.oidc.enabled}} + - name: apiserver + port: 9008 + targetPort: 9008 + {{- end }} + {{- with .Values.kubecostAggregator.extraPorts }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-servicemonitor.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-servicemonitor.yaml new file mode 100644 index 0000000000..670ae47947 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-servicemonitor.yaml @@ -0,0 +1,31 @@ +{{- if .Values.serviceMonitor.aggregatorMetrics.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "aggregator.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "aggregator.commonLabels" . | nindent 4 }} + {{- if .Values.serviceMonitor.aggregatorMetrics.additionalLabels }} + {{ toYaml .Values.serviceMonitor.aggregatorMetrics.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: tcp-api + interval: {{ .Values.serviceMonitor.aggregatorMetrics.interval }} + scrapeTimeout: {{ .Values.serviceMonitor.aggregatorMetrics.scrapeTimeout }} + path: /metrics + scheme: http + {{- with .Values.serviceMonitor.aggregatorMetrics.metricRelabelings }} + metricRelabelings: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.serviceMonitor.aggregatorMetrics.relabelings }} + relabelings: {{ toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "aggregator.commonLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-statefulset.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-statefulset.yaml new file mode 100644 index 0000000000..9bd4d57a8b --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/aggregator-statefulset.yaml @@ -0,0 +1,208 @@ +{{- if and (not .Values.agent) (not .Values.cloudAgent) }} +{{- if eq (include "aggregator.deployMethod" .) "statefulset" }} + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ template "aggregator.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "aggregator.commonLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.kubecostAggregator.replicas }} + serviceName: {{ template "aggregator.serviceName" . }} + selector: + matchLabels: + {{- include "aggregator.selectorLabels" . | nindent 6 }} + volumeClaimTemplates: + - metadata: + name: aggregator-db-storage + spec: + accessModes: [ "ReadWriteOnce" ] + storageClassName: {{ .Values.kubecostAggregator.aggregatorDbStorage.storageClass }} + resources: + requests: + storage: {{ .Values.kubecostAggregator.aggregatorDbStorage.storageRequest }} + - metadata: + # In the StatefulSet config, Aggregator should not share any filesystem + # state with the cost-model to maintain independence and improve + # stability (in the event of bad file-locking state). Still, there is + # a need to "mount" ConfigMap files (using the watcher) to a file system; + # that's what this per-replica Volume is used for. + name: persistent-configs + spec: + accessModes: [ "ReadWriteOnce" ] + storageClassName: {{ .Values.kubecostAggregator.persistentConfigsStorage.storageClass }} + resources: + requests: + storage: {{ .Values.kubecostAggregator.persistentConfigsStorage.storageRequest }} + template: + metadata: + labels: + app.kubernetes.io/name: aggregator + app.kubernetes.io/instance: {{ .Release.Name }} + app: aggregator + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + {{- with .Values.global.podAnnotations}} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/configs: {{ include "configsChecksum" . }} + spec: + restartPolicy: Always + {{- if .Values.kubecostAggregator.securityContext }} + securityContext: + {{- toYaml .Values.kubecostAggregator.securityContext | nindent 8 }} + {{- else if and (.Values.global.platforms.openshift.enabled) (.Values.global.platforms.openshift.securityContext) }} + securityContext: + {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "aggregator.serviceAccountName" . }} + volumes: + - name: aggregator-staging + emptyDir: + sizeLimit: {{ .Values.kubecostAggregator.stagingEmptyDirSizeLimit }} + {{- $etlBackupBucketSecret := "" }} + {{- if .Values.kubecostModel.federatedStorageConfigSecret }} + {{- $etlBackupBucketSecret = .Values.kubecostModel.federatedStorageConfigSecret }} + {{- end }} + {{- if or $etlBackupBucketSecret .Values.kubecostModel.federatedStorageConfig }} + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: federated-storage-config + secret: + defaultMode: 420 + {{- if .Values.kubecostModel.federatedStorageConfigSecret }} + secretName: {{ .Values.kubecostModel.federatedStorageConfigSecret }} + {{- else }} + secretName: federated-store + {{- end }} + {{- end }} + - name: etl-bucket-config + secret: + defaultMode: 420 + secretName: {{ $etlBackupBucketSecret | default "federated-store" }} + {{- else }} + {{- fail "\n\nKubecost Aggregator Enterprise Config requires either .Values.kubecostModel.federatedStorageConfigSecret or .Values.kubecostModel.federatedStorageConfig" }} + {{- end }} + {{- if and ((.Values.kubecostProductConfigs).productKey).enabled ((.Values.kubecostProductConfigs).productKey).secretname }} + - name: productkey-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.productKey.secretname }} + items: + - key: productkey.json + path: productkey.json + {{- end }} + {{- if ((.Values.kubecostProductConfigs).smtp).secretname }} + - name: smtp-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.smtp.secretname }} + items: + - key: smtp.json + path: smtp.json + {{- end }} + {{- if .Values.saml }} + {{- if .Values.saml.enabled }} + {{- if .Values.saml.secretName }} + - name: secret-volume + secret: + secretName: {{ .Values.saml.secretName }} + {{- end }} + {{- if .Values.saml.encryptionCertSecret }} + - name: saml-encryption-cert + secret: + secretName: {{ .Values.saml.encryptionCertSecret }} + {{- end }} + {{- if .Values.saml.decryptionKeySecret }} + - name: saml-decryption-key + secret: + secretName: {{ .Values.saml.decryptionKeySecret }} + {{- end }} + {{- if .Values.saml.metadataSecretName }} + - name: metadata-secret-volume + secret: + secretName: {{ .Values.saml.metadataSecretName }} + {{- end }} + - name: saml-auth-secret + secret: + secretName: {{ .Values.saml.authSecretName | default "kubecost-saml-secret" }} + {{- if .Values.saml.rbac.enabled }} + - name: saml-roles + configMap: + name: {{ template "cost-analyzer.fullname" . }}-saml + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.oidc }} + {{- if .Values.oidc.enabled }} + - name: oidc-config + configMap: + name: {{ template "cost-analyzer.fullname" . }}-oidc + {{- if and (not .Values.oidc.existingCustomSecret.enabled) .Values.oidc.secretName }} + - name: oidc-client-secret + secret: + secretName: {{ .Values.oidc.secretName }} + {{- end }} + {{- if .Values.oidc.existingCustomSecret.enabled }} + - name: oidc-client-secret + secret: + secretName: {{ .Values.oidc.existingCustomSecret.name }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.global.integrations.postgres.enabled }} + - name: postgres-creds + secret: + {{- if not (eq .Values.global.integrations.postgres.databaseSecretName "") }} + secretName: {{ .Values.global.integrations.postgres.databaseSecretName }} + {{- else }} + secretName: kubecost-integrations-postgres + {{- end }} + - name: postgres-queries + configMap: + name: kubecost-integrations-postgres-queries + {{- end }} + {{- if .Values.kubecostAggregator.extraVolumes }} + {{- toYaml .Values.kubecostAggregator.extraVolumes | nindent 8 }} + {{- end }} + containers: + {{- include "aggregator.containerTemplate" . | nindent 8 }} + + {{- if .Values.kubecostAggregator.jaeger.enabled }} + {{ include "aggregator.jaeger.sidecarContainerTemplate" . | nindent 8 }} + {{- end }} + + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.kubecostAggregator.priority }} + {{- if .Values.kubecostAggregator.priority.enabled }} + {{- if .Values.kubecostAggregator.priority.name }} + priorityClassName: {{ .Values.kubecostAggregator.priority.name }} + {{- else }} + priorityClassName: {{ template "cost-analyzer.fullname" . }}-aggregator-priority + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.kubecostAggregator.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubecostAggregator.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubecostAggregator.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/alibaba-service-key-secret.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/alibaba-service-key-secret.yaml new file mode 100644 index 0000000000..bffb7d8fe6 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/alibaba-service-key-secret.yaml @@ -0,0 +1,20 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.createServiceKeySecret }} +{{- if .Values.kubecostProductConfigs.alibabaServiceKeyName }} +apiVersion: v1 +kind: Secret +metadata: + name: cloud-service-key + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +type: Opaque +stringData: + service-key.json: |- + { + "alibaba_access_key_id": "{{ .Values.kubecostProductConfigs.alibabaServiceKeyName }}", + "alibaba_secret_access_key": "{{ .Values.kubecostProductConfigs.alibabaServiceKeyPassword }}" + } +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/aws-service-key-secret.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/aws-service-key-secret.yaml new file mode 100644 index 0000000000..eeecc03f95 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/aws-service-key-secret.yaml @@ -0,0 +1,20 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.createServiceKeySecret }} +{{- if .Values.kubecostProductConfigs.awsServiceKeyName }} +apiVersion: v1 +kind: Secret +metadata: + name: cloud-service-key + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +type: Opaque +stringData: + service-key.json: |- + { + "aws_access_key_id": "{{ .Values.kubecostProductConfigs.awsServiceKeyName }}", + "aws_secret_access_key": "{{ .Values.kubecostProductConfigs.awsServiceKeyPassword }}" + } +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/awsstore-deployment-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/awsstore-deployment-template.yaml new file mode 100644 index 0000000000..6a1eb5f8e2 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/awsstore-deployment-template.yaml @@ -0,0 +1,49 @@ +{{- if .Values.awsstore }} +{{- if .Values.awsstore.useAwsStore }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "cost-analyzer.fullname" . }}-awsstore + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + app: awsstore + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: awsstore + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.podAnnotations}} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: awsstore-serviceaccount + {{- if .Values.awsstore.priorityClassName }} + priorityClassName: "{{ .Values.awsstore.priorityClassName }}" + {{- end }} + {{- with .Values.awsstore.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - image: {{ .Values.awsstore.imageNameAndVersion }} + name: awsstore + # Just sleep forever + command: [ "sleep" ] + args: [ "infinity" ] +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/awsstore-service-account-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/awsstore-service-account-template.yaml new file mode 100644 index 0000000000..0dadeaacc0 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/awsstore-service-account-template.yaml @@ -0,0 +1,15 @@ +{{- if .Values.awsstore }} +{{- if .Values.awsstore.createServiceAccount }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: awsstore-serviceaccount + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- with .Values.awsstore.annotations }} + annotations: + {{- toYaml . | nindent 4 }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/azure-service-key-secret.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/azure-service-key-secret.yaml new file mode 100644 index 0000000000..e61b61e86d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/azure-service-key-secret.yaml @@ -0,0 +1,24 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.createServiceKeySecret }} +{{- if .Values.kubecostProductConfigs.azureSubscriptionID }} +apiVersion: v1 +kind: Secret +metadata: + name: cloud-service-key + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +type: Opaque +stringData: + service-key.json: |- + { + "subscriptionId": "{{ .Values.kubecostProductConfigs.azureSubscriptionID }}", + "serviceKey": { + "appId": "{{ .Values.kubecostProductConfigs.azureClientID }}", + "password": "{{ .Values.kubecostProductConfigs.azureClientPassword }}", + "tenant": "{{ .Values.kubecostProductConfigs.azureTenantID }}" + } + } +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/azure-storage-config-secret.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/azure-storage-config-secret.yaml new file mode 100644 index 0000000000..f27cb4e89d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/azure-storage-config-secret.yaml @@ -0,0 +1,26 @@ +{{/*This method of configuration is deprecated*/}} +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.azureStorageCreateSecret }} +{{- if .Values.kubecostProductConfigs.azureStorageAccessKey }} +{{- if .Values.kubecostProductConfigs.azureStorageAccount }} +{{- if .Values.kubecostProductConfigs.azureStorageContainer }} +apiVersion: v1 +kind: Secret +metadata: + name: azure-storage-config + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +type: Opaque +stringData: + azure-storage-config.json: |- + { + "azureStorageAccount": "{{ .Values.kubecostProductConfigs.azureStorageAccount }}", + "azureStorageAccessKey": "{{ .Values.kubecostProductConfigs.azureStorageAccessKey }}", + "azureStorageContainer": "{{ .Values.kubecostProductConfigs.azureStorageContainer }}" + } +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cloud-integration-secret.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cloud-integration-secret.yaml new file mode 100644 index 0000000000..e6023e59b3 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cloud-integration-secret.yaml @@ -0,0 +1,16 @@ +{{- if or ((.Values.kubecostProductConfigs).cloudIntegrationJSON) ((.Values.kubecostProductConfigs).athenaBucketName) }} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: cloud-integration + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + {{- if (.Values.kubecostProductConfigs).cloudIntegrationJSON }} + cloud-integration.json: {{ .Values.kubecostProductConfigs.cloudIntegrationJSON | replace "\n" "" | b64enc }} + {{- else }} + cloud-integration.json: {{ include "cloudIntegrationFromProductConfigs" . |nindent 4| replace "\n" "" | b64enc }} + {{- end }} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-account-mapping-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-account-mapping-configmap.yaml new file mode 100644 index 0000000000..3c4902395c --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-account-mapping-configmap.yaml @@ -0,0 +1,12 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.cloudAccountMapping }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: "account-mapping" + namespace: {{ .Release.Namespace }} + labels: {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + account-map.json: '{{ toJson .Values.kubecostProductConfigs.cloudAccountMapping }}' +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-alerts-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-alerts-configmap.yaml new file mode 100644 index 0000000000..3a25544113 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-alerts-configmap.yaml @@ -0,0 +1,10 @@ +{{- if .Values.global.notifications.alertConfigs }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "alert-configs" .Values.alertConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + alerts.json: '{{ toJson .Values.global.notifications.alertConfigs }}' +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-asset-reports-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-asset-reports-configmap.yaml new file mode 100644 index 0000000000..387b0afc83 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-asset-reports-configmap.yaml @@ -0,0 +1,14 @@ +{{- if .Values.global.assetReports }} +{{- if .Values.global.assetReports.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "asset-report-configs" .Values.assetReportConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + asset-reports.json: '{{ toJson .Values.global.assetReports.reports }}' +{{- end -}} +{{- end -}} + diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cloud-cost-reports-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cloud-cost-reports-configmap.yaml new file mode 100644 index 0000000000..97e74156fc --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cloud-cost-reports-configmap.yaml @@ -0,0 +1,13 @@ +{{- if .Values.global.cloudCostReports }} +{{- if .Values.global.cloudCostReports.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{default "cloud-cost-report-configs" .Values.cloudCostReportConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + cloud-cost-reports.json: '{{ toJson .Values.global.cloudCostReports.reports }}' +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-binding-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-binding-template.yaml new file mode 100644 index 0000000000..91867dd903 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-binding-template.yaml @@ -0,0 +1,36 @@ +{{- if .Values.reporting }} +{{- if .Values.reporting.logCollection }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "cost-analyzer.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "cost-analyzer.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ template "cost-analyzer.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +--- +{{- end }} +{{- end }} +{{- if (not .Values.kubecostModel.etlReadOnlyMode) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cost-analyzer.serviceAccountName" . }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cost-analyzer.serviceAccountName" . }} +subjects: + - kind: ServiceAccount + name: {{ template "cost-analyzer.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-template-readonly.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-template-readonly.yaml new file mode 100644 index 0000000000..c84f105e9c --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-template-readonly.yaml @@ -0,0 +1,26 @@ +{{- if (.Values.kubecostModel.etlReadOnlyMode) }} +{{- if and .Values.reporting .Values.reporting.logCollection -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: {{ .Release.Namespace }} + name: {{ template "cost-analyzer.serviceAccountName" . }} +rules: + - apiGroups: + - '' + resources: + - "pods/log" + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-template.yaml new file mode 100644 index 0000000000..a76d2fe55f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-cluster-role-template.yaml @@ -0,0 +1,108 @@ +{{- if not .Values.kubecostModel.etlReadOnlyMode -}} +{{- if and .Values.reporting .Values.reporting.logCollection -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: {{ .Release.Namespace }} + name: {{ template "cost-analyzer.serviceAccountName" . }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +rules: +- apiGroups: + - '' + resources: + - "pods/log" + verbs: + - get + - list + - watch +- apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch + - update +--- +{{- end }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cost-analyzer.serviceAccountName" . }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +rules: + - apiGroups: + - '' + resources: + - configmaps + - nodes + - pods + - events + - services + - resourcequotas + - replicationcontrollers + - limitranges + - persistentvolumeclaims + - persistentvolumes + - namespaces + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + - deployments + - daemonsets + - replicasets + verbs: + - get + - list + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch + - apiGroups: + - events.k8s.io + resources: + - events + verbs: + - get + - list + - watch +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-config-map-template.yaml new file mode 100644 index 0000000000..b84b9a4969 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-config-map-template.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "cost-analyzer.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + {{- if .Values.global.prometheus.enabled }} + {{- if .Values.global.zone }} + prometheus-alertmanager-endpoint: http://{{ template "cost-analyzer.prometheus.alertmanager.name" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.zone }} + {{ else }} + prometheus-alertmanager-endpoint: http://{{ template "cost-analyzer.prometheus.alertmanager.name" . }}.{{ .Release.Namespace }} + {{- end -}} + {{ else }} + prometheus-alertmanager-endpoint: {{ .Values.global.notifications.alertmanager.fqdn }} + {{- end -}} + {{ if .Values.global.gmp.enabled }} + prometheus-server-endpoint: {{ .Values.global.gmp.prometheusServerEndpoint }} + {{- else if .Values.global.amp.enabled }} + prometheus-server-endpoint: {{ .Values.global.amp.prometheusServerEndpoint }} + {{- else if .Values.global.ammsp.enabled }} + prometheus-server-endpoint: {{ .Values.global.ammsp.prometheusServerEndpoint }} + {{- else if .Values.global.prometheus.enabled }} + {{- if .Values.global.zone }} + prometheus-server-endpoint: http://{{ template "cost-analyzer.prometheus.server.name" . }}.{{ .Release.Namespace }}.svc.{{ .Values.global.zone }} + {{ else }} + prometheus-server-endpoint: http://{{ template "cost-analyzer.prometheus.server.name" . }}.{{ .Release.Namespace }} + {{- end -}} + {{ else }} + prometheus-server-endpoint: {{ .Values.global.prometheus.fqdn }} + {{- end -}} + {{- if .Values.kubecostToken }} + kubecost-token: {{ .Values.kubecostToken }} + {{ else }} + kubecost-token: not-applied + {{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-db-pvc-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-db-pvc-template.yaml new file mode 100644 index 0000000000..9b81ee367e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-db-pvc-template.yaml @@ -0,0 +1,35 @@ +{{- if .Values.persistentVolume -}} +{{- if not .Values.persistentVolume.dbExistingClaim -}} +{{- if .Values.persistentVolume.enabled -}} +{{- if .Values.persistentVolume.dbPVEnabled -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "cost-analyzer.fullname" . }}-db + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.persistentVolume.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.persistentVolume.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + accessModes: + - ReadWriteOnce + {{- if .Values.persistentVolume.dbStorageClass }} + storageClassName: {{ .Values.persistentVolume.dbStorageClass }} + {{ end }} + resources: + requests: + {{- if .Values.persistentVolume }} + storage: {{ .Values.persistentVolume.dbSize }} + {{- else }} + storage: 32.0Gi + {{ end }} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-deployment-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-deployment-template.yaml new file mode 100644 index 0000000000..dba2ce2044 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-deployment-template.yaml @@ -0,0 +1,1263 @@ +{{- if and (not .Values.agent) (not .Values.cloudAgent) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "cost-analyzer.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if and .Values.kubecostDeployment .Values.kubecostDeployment.labels }} + {{- toYaml .Values.kubecostDeployment.labels | nindent 4 }} + {{- end }} + {{- if and .Values.kubecostDeployment .Values.kubecostDeployment.annotations }} + annotations: + {{- toYaml .Values.kubecostDeployment.annotations | nindent 4 }} + {{- end }} +spec: +{{- if .Values.kubecostDeployment }} + replicas: {{ .Values.kubecostDeployment.replicas | default 1 }} +{{- end }} + selector: + matchLabels: + {{- include "cost-analyzer.selectorLabels" . | nindent 8}} +{{- if .Values.kubecostDeployment }} +{{- if .Values.kubecostDeployment.deploymentStrategy }} +{{- with .Values.kubecostDeployment.deploymentStrategy }} + strategy: {{ toYaml . | nindent 4 }} +{{- end }} +{{- else }} + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate +{{- end }} +{{- end }} + template: + metadata: + labels: + {{- include "cost-analyzer.selectorLabels" . | nindent 8 }} + {{- if .Values.global.additionalLabels }} + {{ toYaml .Values.global.additionalLabels | nindent 8 }} + {{- end }} + {{- if and .Values.kubecostDeployment .Values.kubecostDeployment.labels }} + {{- toYaml .Values.kubecostDeployment.labels | nindent 8 }} + {{- end }} + annotations: + {{- with .Values.global.podAnnotations}} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/configs: {{ include "configsChecksum" . }} + spec: + {{- if .Values.global.platforms.openshift.enabled }} + securityContext: + {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- else }} + securityContext: + runAsUser: 1001 + runAsGroup: 1001 + fsGroup: 1001 + {{- end }} + restartPolicy: Always + serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} + volumes: + {{- if .Values.kubecostModel.plugins.enabled }} + - name: plugins-dir + emptyDir: {} + {{- if and (not .Values.kubecostModel.plugins.existingCustomSecret.enabled) .Values.kubecostModel.plugins.secretName }} + - name: plugins-config + secret: + secretName: {{ .Values.kubecostModel.plugins.secretName }} + items: + - key: datadog_config.json + path: datadog_config.json + {{- end }} + {{- if .Values.kubecostModel.plugins.existingCustomSecret.enabled }} + - name: plugins-config + secret: + secretName: {{ .Values.kubecostModel.plugins.existingCustomSecret.name }} + items: + - key: datadog_config.json + path: datadog_config.json + {{- end }} + {{- if .Values.kubecostModel.plugins.install.enabled}} + - name: install-script + configMap: + name: {{ template "cost-analyzer.fullname" . }}-install-plugins + {{- end }} + {{- end }} + {{- if .Values.global.gcpstore.enabled }} + - name: ubbagent-config + configMap: + name: ubbagent-config + {{- end }} + {{- if .Values.hosted }} + - name: config-store + secret: + defaultMode: 420 + secretName: kubecost-thanos + {{- end }} + - name: tmp + emptyDir: {} + {{- if and .Values.kubecostFrontend.enabled (not .Values.federatedETL.agentOnly) (not (eq (include "frontend.deployMethod" .) "haMode")) }} + - name: nginx-conf + configMap: + name: nginx-conf + items: + - key: nginx.conf + path: default.conf + {{- end }} + {{- if .Values.global.containerSecuritycontext }} + - name: var-run + emptyDir: { } + - name: cache + emptyDir: { } + {{- end }} + {{- /* + To opt out of ETL backups, set .Values.kubecostModel.etlBucketConfigSecret="" + */}} + {{- $etlBackupBucketSecret := "" }} + {{- if .Values.kubecostModel.etlBucketConfigSecret }} + {{- $etlBackupBucketSecret = .Values.kubecostModel.etlBucketConfigSecret }} + {{- end }} + {{- if $etlBackupBucketSecret }} + - name: etl-bucket-config + secret: + defaultMode: 420 + secretName: {{ $etlBackupBucketSecret }} + {{- end }} + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: federated-storage-config + secret: + defaultMode: 420 + secretName: {{ .Values.kubecostModel.federatedStorageConfigSecret | default "federated-store" }} + {{- end }} + {{- if .Values.kubecostProductConfigs }} + {{- if and ((.Values.kubecostProductConfigs).productKey).enabled ((.Values.kubecostProductConfigs).productKey).secretname }} + - name: productkey-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.productKey.secretname }} + items: + - key: productkey.json + path: productkey.json + {{- end }} + {{- if ((.Values.kubecostProductConfigs).smtp).secretname }} + - name: smtp-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.smtp.secretname }} + items: + - key: smtp.json + path: smtp.json + {{- end }} + {{- if .Values.kubecostProductConfigs }} + {{- if .Values.kubecostProductConfigs.gcpSecretName }} + - name: gcp-key-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.gcpSecretName }} + items: + - key: {{ .Values.kubecostProductConfigs.gcpSecretKeyName | default "compute-viewer-kubecost-key.json" }} + path: service-key.json + {{- end }} + {{- end -}} + {{- if .Values.kubecostProductConfigs.serviceKeySecretName }} + - name: service-key-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.serviceKeySecretName }} + {{- else if .Values.kubecostProductConfigs.createServiceKeySecret }} + - name: service-key-secret + secret: + secretName: cloud-service-key + {{- end }} + {{- if .Values.kubecostProductConfigs.azureStorageSecretName }} + - name: azure-storage-config + secret: + secretName: {{ .Values.kubecostProductConfigs.azureStorageSecretName }} + items: + - key: azure-storage-config.json + path: azure-storage-config.json + {{- else if .Values.kubecostProductConfigs.azureStorageCreateSecret }} + - name: azure-storage-config + secret: + secretName: azure-storage-config + {{- end }} + {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }} + - name: cloud-integration + secret: + secretName: {{ .Values.kubecostProductConfigs.cloudIntegrationSecret }} + items: + - key: cloud-integration.json + path: cloud-integration.json + {{- else if or .Values.kubecostProductConfigs.cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaBucketName) }} + - name: cloud-integration + secret: + secretName: cloud-integration + items: + - key: cloud-integration.json + path: cloud-integration.json + {{- end }} + {{- if .Values.kubecostProductConfigs.clusters }} + - name: kubecost-clusters + configMap: + name: kubecost-clusters + {{- range .Values.kubecostProductConfigs.clusters }} + {{- if .auth }} + {{- if .auth.secretName }} + - name: {{ .auth.secretName }} + secret: + secretName: {{ .auth.secretName }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.kubecostFrontend.tls }} + {{- if .Values.kubecostFrontend.tls.enabled }} + - name: tls + secret: + secretName : {{ .Values.kubecostFrontend.tls.secretName }} + items: + - key: tls.crt + path: kc.crt + - key: tls.key + path: kc.key + {{- end }} + {{- end }} + {{- if .Values.kubecostAdmissionController }} + {{- if .Values.kubecostAdmissionController.enabled }} + {{- if .Values.kubecostAdmissionController.secretName }} + - name: webhook-server-tls + secret: + secretName: {{ .Values.kubecostAdmissionController.secretName }} + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.saml }} + {{- if .Values.saml.enabled }} + {{- if .Values.saml.secretName }} + - name: secret-volume + secret: + secretName: {{ .Values.saml.secretName }} + {{- end }} + {{- if .Values.saml.encryptionCertSecret }} + - name: saml-encryption-cert + secret: + secretName: {{ .Values.saml.encryptionCertSecret }} + {{- end }} + {{- if .Values.saml.decryptionKeySecret }} + - name: saml-decryption-key + secret: + secretName: {{ .Values.saml.decryptionKeySecret }} + {{- end }} + {{- if .Values.saml.metadataSecretName }} + - name: metadata-secret-volume + secret: + secretName: {{ .Values.saml.metadataSecretName }} + {{- end }} + - name: saml-auth-secret + secret: + secretName: {{ .Values.saml.authSecretName | default "kubecost-saml-secret" }} + {{- if .Values.saml.rbac.enabled }} + - name: saml-roles + configMap: + name: {{ template "cost-analyzer.fullname" . }}-saml + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.oidc }} + {{- if .Values.oidc.enabled }} + - name: oidc-config + configMap: + name: {{ template "cost-analyzer.fullname" . }}-oidc + {{- if and (not .Values.oidc.existingCustomSecret.enabled) .Values.oidc.secretName }} + - name: oidc-client-secret + secret: + secretName: {{ .Values.oidc.secretName }} + {{- end }} + {{- if .Values.oidc.existingCustomSecret.enabled }} + - name: oidc-client-secret + secret: + secretName: {{ .Values.oidc.existingCustomSecret.name }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.extraVolumes }} + # Extra volume(s) + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} + - name: persistent-configs +{{- if .Values.persistentVolume }} +{{- if .Values.persistentVolume.enabled }} + persistentVolumeClaim: +{{- if .Values.persistentVolume.existingClaim }} + claimName: {{ .Values.persistentVolume.existingClaim }} +{{- else }} + claimName: {{ template "cost-analyzer.fullname" . }} +{{- end -}} +{{- else }} + emptyDir: {} +{{- end -}} +{{- else }} + persistentVolumeClaim: + claimName: {{ template "cost-analyzer.fullname" . }} +{{- end }} +{{- if .Values.persistentVolume.dbPVEnabled }} + - name: persistent-db +{{- if .Values.persistentVolume }} +{{- if .Values.persistentVolume.enabled }} + persistentVolumeClaim: +{{- if .Values.persistentVolume.dbExistingClaim }} + claimName: {{ .Values.persistentVolume.dbExistingClaim }} +{{- else }} + claimName: {{ template "cost-analyzer.fullname" . }}-db +{{- end -}} +{{- else }} + emptyDir: {} +{{- end -}} +{{- else }} + persistentVolumeClaim: + claimName: {{ template "cost-analyzer.fullname" . }}-db +{{- end }} +{{- end }} + initContainers: + {{- if and .Values.kubecostModel.plugins.enabled (not (eq (include "aggregator.deployMethod" .) "statefulset")) }} + - name: plugin-installer + image: {{ .Values.kubecostModel.plugins.install.fullImageName }} + command: ["sh", "/install/install_plugins.sh"] + {{- with .Values.kubecostModel.plugins.install.securityContext }} + securityContext: {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: install-script + mountPath: /install + - name: plugins-dir + mountPath: {{ .Values.kubecostModel.plugins.folder }} + {{- end }} + {{- if .Values.supportNFS }} + - name: config-db-perms-fix + {{- if .Values.initChownDataImage }} + image: {{ .Values.initChownDataImage }} + {{- else }} + image: busybox + {{- end }} + {{- with .Values.initChownData.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.persistentVolume.dbPVEnabled }} + command: ["sh", "-c", "/bin/chmod -R 777 /var/configs && /bin/chmod -R 777 /var/db"] + {{- else }} + command: ["sh", "-c", "/bin/chmod -R 777 /var/configs"] + {{- end }} + volumeMounts: + - name: persistent-configs + mountPath: /var/configs + {{- if .Values.persistentVolume.dbPVEnabled }} + - name: persistent-db + mountPath: /var/db + {{- end }} + securityContext: + runAsUser: 0 +{{ end }} + containers: + {{- if .Values.global.gmp.enabled }} + - name: {{ .Values.global.gmp.gmpProxy.name }} + image: {{ .Values.global.gmp.gmpProxy.image }} + {{- if .Values.global.gmp.gmpProxy.imagePullPolicy }} + imagePullPolicy: {{ .Values.global.gmp.gmpProxy.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + args: + - "--web.listen-address=:{{ .Values.global.gmp.gmpProxy.port }}" + - "--query.project-id={{ .Values.global.gmp.gmpProxy.projectId }}" + {{- if .Values.systemProxy.enabled }} + env: + - name: HTTP_PROXY + value: "{{ .Values.systemProxy.httpProxyUrl }}" + - name: http_proxy + value: "{{ .Values.systemProxy.httpProxyUrl }}" + - name: HTTPS_PROXY + value: "{{ .Values.systemProxy.httpsProxyUrl }}" + - name: https_proxy + value: "{{ .Values.systemProxy.httpsProxyUrl }}" + - name: NO_PROXY + value: "{{ .Values.systemProxy.noProxy }}" + - name: no_proxy + value: "{{ .Values.systemProxy.noProxy }}" + {{- end }} + ports: + - name: web + containerPort: {{ .Values.global.gmp.gmpProxy.port | int }} + readinessProbe: + httpGet: + path: /-/ready + port: web + livenessProbe: + httpGet: + path: /-/healthy + port: web + {{- end }} + {{- if .Values.global.amp.enabled }} + - name: sigv4proxy + image: {{ .Values.sigV4Proxy.image }} + {{- if .Values.sigV4Proxy.imagePullPolicy }} + imagePullPolicy: {{ .Values.sigV4Proxy.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + {{- if .Values.global.containerSecurityContext }} + securityContext: + {{- toYaml .Values.global.containerSecurityContext | nindent 12 -}} + {{- end }} + {{- with .Values.sigV4Proxy.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + args: + - --name + - {{ .Values.sigV4Proxy.name }} + - --region + - {{ .Values.sigV4Proxy.region }} + - --host + - {{ .Values.sigV4Proxy.host }} + {{- if .Values.sigV4Proxy.role_arn }} + - --role-arn + - {{ .Values.sigV4Proxy.role_arn }} + {{- end }} + - --port + - :{{ .Values.sigV4Proxy.port }} + ports: + - name: aws-sigv4-proxy + containerPort: {{ .Values.sigV4Proxy.port | int }} + env: + - name: AGENT_LOCAL_PORT + value: "{{ .Values.sigV4Proxy.port | int }}" + {{- if .Values.systemProxy.enabled }} + - name: HTTP_PROXY + value: "{{ .Values.systemProxy.httpProxyUrl }}" + - name: http_proxy + value: "{{ .Values.systemProxy.httpProxyUrl }}" + - name: HTTPS_PROXY + value: "{{ .Values.systemProxy.httpsProxyUrl }}" + - name: https_proxy + value: "{{ .Values.systemProxy.httpsProxyUrl }}" + - name: NO_PROXY + value: "{{ .Values.systemProxy.noProxy }}" + - name: no_proxy + value: "{{ .Values.systemProxy.noProxy }}" + {{- end }} + {{- if .Values.sigV4Proxy.extraEnv }} + {{- toYaml .Values.sigV4Proxy.extraEnv | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.global.gcpstore.enabled }} + - name: ubbagent + image: gcr.io/kubecost1/gcp-mp/ent/cost-model/ubbagent:1.0 + env: + {{- if .Values.systemProxy.enabled }} + - name: HTTP_PROXY + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: http_proxy + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: HTTPS_PROXY + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: https_proxy + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: NO_PROXY + value: {{ .Values.systemProxy.noProxy }} + - name: no_proxy + value: {{ .Values.systemProxy.noProxy }} + {{- end }} + - name: AGENT_CONFIG_FILE + value: "/etc/ubbagent/config.yaml" + - name: AGENT_LOCAL_PORT + value: "6080" + - name: AGENT_ENCODED_KEY + valueFrom: + secretKeyRef: + name: {{ default "kubecost-reporting-secret" .Values.reportingSecret }} + key: reporting-key + - name: AGENT_CONSUMER_ID + valueFrom: + secretKeyRef: + name: {{ default "kubecost-reporting-secret" .Values.reportingSecret }} + key: consumer-id + volumeMounts: + - name: ubbagent-config + mountPath: /etc/ubbagent + {{- end }} + {{- if .Values.global.ammsp.enabled }} + # This section of the chart borrows liberally from + # https://github.com/Azure/aad-auth-proxy/blob/main/deploy/chart/aad-auth-proxy/templates/deployment.yaml + - name: {{ .Values.global.ammsp.aadAuthProxy.name }} + image: {{ .Values.global.ammsp.aadAuthProxy.image }} + {{- if .Values.global.ammsp.aadAuthProxy.imagePullPolicy }} + imagePullPolicy: {{ .Values.global.ammsp.aadAuthProxy.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + env: + - name: AUDIENCE + value: {{ .Values.global.ammsp.aadAuthProxy.audience }} + - name: TARGET_HOST + value: {{ .Values.global.ammsp.queryEndpoint }} + - name: LISTENING_PORT + value: {{ .Values.global.ammsp.aadAuthProxy.port | quote }} + - name: IDENTITY_TYPE + value: {{ .Values.global.ammsp.aadAuthProxy.identityType }} + {{- if eq .Values.global.ammsp.aadAuthProxy.identityType "userAssigned" }} + - name: AAD_CLIENT_ID + value: {{ required "aadClientId is required for userAssigned identity types" .Values.global.ammsp.aadAuthProxy.aadClientId | toString | trim | quote }} + {{- else if eq .Values.global.ammsp.aadAuthProxy.identityType "aadApplication" }} + - name: AAD_CLIENT_ID + value: {{ required "aadClientId is required for aadApplication identity types" .Values.global.ammsp.aadAuthProxy.aadClientId | toString | trim | quote }} + - name: AAD_TENANT_ID + value: {{ required "aadTenantId is required for aadApplication identity type" .Values.global.ammsp.aadAuthProxy.aadTenantId | toString | trim | quote }} + - name: AAD_CLIENT_CERTIFICATE_PATH + value: {{ required "aadClientCertificatePath is required for aadApplication identity type" .Values.global.ammsp.aadAuthProxy.aadClientCertificatePath | toString | trim | quote }} + {{- end }} + - name: AAD_TOKEN_REFRESH_INTERVAL_IN_PERCENTAGE + value: "10" + - name: OTEL_SERVICE_NAME + value: {{ .Values.global.ammsp.aadAuthProxy.name | replace "-" "_" }} + {{- if .Values.systemProxy.enabled }} + - name: HTTP_PROXY + value: "{{ .Values.systemProxy.httpProxyUrl }}" + - name: http_proxy + value: "{{ .Values.systemProxy.httpProxyUrl }}" + - name: HTTPS_PROXY + value: "{{ .Values.systemProxy.httpsProxyUrl }}" + - name: https_proxy + value: "{{ .Values.systemProxy.httpsProxyUrl }}" + - name: NO_PROXY + value: "{{ .Values.systemProxy.noProxy }}" + - name: no_proxy + value: "{{ .Values.systemProxy.noProxy }}" + {{- end }} + ports: + - name: http + containerPort: {{ .Values.global.ammsp.aadAuthProxy.port | int }} + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /ready + port: http + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /health + port: http + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + {{- end }} + {{- if .Values.kubecostModel }} + {{- if .Values.kubecostModel.fullImageName }} + - image: {{ .Values.kubecostModel.fullImageName }} + {{- else if .Values.imageVersion }} + - image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + - image: gcr.io/kubecost1/cost-model-nightly:latest + {{- else }} + - image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} + {{- end }} + {{- else }} + - image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} + {{- end }} + name: cost-model + {{- if .Values.kubecostModel.extraArgs }} + args: + {{- toYaml .Values.kubecostModel.extraArgs | nindent 12 }} + {{- end }} + securityContext: + {{- if .Values.kubecostModel.securityContext }} + {{- toYaml .Values.kubecostModel.securityContext | nindent 12 -}} + {{- else if .Values.global.containerSecurityContext }} + {{- toYaml .Values.global.containerSecurityContext | nindent 12 -}} + {{- end }} + {{- if .Values.kubecostModel.imagePullPolicy }} + imagePullPolicy: {{ .Values.kubecostModel.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + ports: + - name: tcp-model + containerPort: 9003 + protocol: TCP + {{- if and .Values.kubecostFrontend.enabled (not .Values.federatedETL.agentOnly) (not (eq (include "frontend.deployMethod" .) "haMode")) }} + - name: tcp-frontend + containerPort: 9090 + protocol: TCP + {{- end }} + {{- with .Values.kubecostModel.extraPorts }} + {{- toYaml . | nindent 10 }} + {{- end }} + resources: +{{ toYaml .Values.kubecostModel.resources | indent 12 }} + {{- if .Values.kubecostModel.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz + port: 9003 + initialDelaySeconds: {{ .Values.kubecostModel.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostModel.readinessProbe.periodSeconds}} + failureThreshold: {{ .Values.kubecostModel.readinessProbe.failureThreshold}} + {{- end }} + {{- if .Values.kubecostModel.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /healthz + port: 9003 + initialDelaySeconds: {{ .Values.kubecostModel.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostModel.livenessProbe.periodSeconds }} + failureThreshold: {{ .Values.kubecostModel.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.global.containerSecuritycontext }} + securityContext: + {{- toYaml .Values.global.containerSecuritycontext | nindent 12 }} + {{- end }} + volumeMounts: + {{- if .Values.hosted }} + - name: config-store + mountPath: /var/secrets + readOnly: true + {{- end }} + - name: persistent-configs + mountPath: /var/configs + {{- if .Values.extraVolumeMounts }} + # Extra volume mount(s) + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- if $etlBackupBucketSecret }} + - name: etl-bucket-config + mountPath: /var/configs/etl + readOnly: true + {{- else if .Values.persistentVolume.dbPVEnabled }} + - name: persistent-db + mountPath: /var/db + {{- end }} + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: federated-storage-config + mountPath: /var/configs/etl/federated + readOnly: true + {{- end }} + {{- if .Values.kubecostAdmissionController }} + {{- if .Values.kubecostAdmissionController.enabled }} + {{- if .Values.kubecostAdmissionController.secretName }} + - name: {{ .Values.kubecostAdmissionController.secretName }} + mountPath: /certs + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.kubecostProductConfigs }} + {{- if and ((.Values.kubecostProductConfigs).productKey).enabled ((.Values.kubecostProductConfigs).productKey).secretname }} + - name: productkey-secret + mountPath: /var/configs/productkey + {{- end }} + {{- if ((.Values.kubecostProductConfigs).smtp).secretname }} + - name: smtp-secret + mountPath: /var/configs/smtp + {{- end }} + {{- if .Values.kubecostProductConfigs.gcpSecretName }} + - name: gcp-key-secret + mountPath: /var/secrets + {{- end }} + {{- if or .Values.kubecostProductConfigs.azureStorageSecretName .Values.kubecostProductConfigs.azureStorageCreateSecret }} + - name: azure-storage-config + mountPath: /var/azure-storage-config + {{- end }} + {{- if or .Values.kubecostProductConfigs.serviceKeySecretName .Values.kubecostProductConfigs.createServiceKeySecret }} + - name: service-key-secret + mountPath: /var/secrets + {{- end }} + {{- if .Values.kubecostProductConfigs.clusters }} + - name: kubecost-clusters + mountPath: /var/configs/clusters + {{- range .Values.kubecostProductConfigs.clusters }} + {{- if .auth }} + {{- if .auth.secretName }} + - name: {{ .auth.secretName }} + mountPath: /var/secrets/{{ .auth.secretName }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.saml }} + {{- if .Values.saml.enabled }} + {{- if .Values.saml.secretName }} + - name: secret-volume + mountPath: /var/configs/secret-volume + {{- end }} + {{- if .Values.saml.encryptionCertSecret }} + - name: saml-encryption-cert + mountPath: /var/configs/saml-encryption-cert + {{- end }} + {{- if .Values.saml.decryptionKeySecret }} + - name: saml-decryption-key + mountPath: /var/configs/saml-decryption-key + {{- end }} + {{- if .Values.saml.metadataSecretName }} + - name: metadata-secret-volume + mountPath: /var/configs/metadata-secret-volume + {{- end }} + - name: saml-auth-secret + mountPath: /var/configs/saml-auth-secret + {{- if .Values.saml.rbac.enabled }} + - name: saml-roles + mountPath: /var/configs/saml + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.oidc }} + {{- if .Values.oidc.enabled }} + - name: oidc-config + mountPath: /var/configs/oidc + {{- if or .Values.oidc.existingCustomSecret.name .Values.oidc.secretName }} + - name: oidc-client-secret + mountPath: /var/configs/oidc-client-secret + {{- end }} + {{- end }} + {{- end }} + env: + {{- if .Values.global.grafana }} + - name: GRAFANA_ENABLED + value: "{{ template "cost-analyzer.grafanaEnabled" . }}" + {{- end}} + {{- if .Values.kubecostModel.extraEnv -}} + {{ toYaml .Values.kubecostModel.extraEnv | nindent 12 }} + {{- end }} + {{- if .Values.reporting }} + {{- if .Values.reporting.valuesReporting }} + - name: HELM_VALUES + value: {{ template "cost-analyzer.filterEnabled" .Values }} + {{- end }} + {{- end }} + {{- if .Values.alertConfigmapName }} + - name: ALERT_CONFIGMAP_NAME + value: {{ .Values.alertConfigmapName }} + {{- end }} + {{- if .Values.productConfigmapName }} + - name: PRODUCT_CONFIGMAP_NAME + value: {{ .Values.productConfigmapName }} + {{- end }} + {{- if .Values.smtpConfigmapName }} + - name: SMTP_CONFIGMAP_NAME + value: {{ .Values.smtpConfigmapName }} + {{- end }} + {{- if .Values.appConfigmapName }} + - name: APP_CONFIGMAP_NAME + value: {{ .Values.appConfigmapName }} + {{- end }} + {{- if .Values.kubecostModel.softMemoryLimit }} + - name: GOMEMLIMIT + value: {{ .Values.kubecostModel.softMemoryLimit }} + {{- end }} + {{- if .Values.assetReportConfigmapName }} + - name: ASSET_REPORT_CONFIGMAP_NAME + value: {{ .Values.assetReportConfigmapName }} + {{- end }} + {{- if .Values.cloudCostReportConfigmapName }} + - name: CLOUD_COST_REPORT_CONFIGMAP_NAME + value: {{ .Values.cloudCostReportConfigmapName }} + {{- end }} + {{- if .Values.savedReportConfigmapName }} + - name: SAVED_REPORT_CONFIGMAP_NAME + value: {{ .Values.savedReportConfigmapName }} + {{- end }} + {{- if .Values.groupFiltersConfigmapName }} + - name: GROUP_FILTERS_CONFIGMAP_NAME + value: {{ .Values.groupFiltersConfigmapName }} + {{- end }} + {{- if .Values.pricingConfigmapName }} + - name: PRICING_CONFIGMAP_NAME + value: {{ .Values.pricingConfigmapName }} + {{- end }} + {{- if .Values.metricsConfigmapName }} + - name: METRICS_CONFIGMAP_NAME + value: {{ .Values.metricsConfigmapName }} + {{- end }} + - name: READ_ONLY + value: {{ (quote .Values.readonly) | default (quote false) }} + - name: PROMETHEUS_SERVER_ENDPOINT + valueFrom: + configMapKeyRef: + name: {{ template "cost-analyzer.fullname" . }} + key: prometheus-server-endpoint + - name: CLOUD_PROVIDER_API_KEY + value: "AIzaSyDXQPG_MHUEy9neR7stolq6l0ujXmjJlvk" # The GCP Pricing API key.This GCP api key is expected to be here and is limited to accessing google's billing API. + {{- if .Values.kubecostProductConfigs }} + {{- if .Values.kubecostProductConfigs.gcpSecretName }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: /var/configs/key.json + {{- end }} + {{- end }} + - name: CONFIG_PATH + value: /var/configs/ + - name: DB_PATH + value: /var/db/ + - name: CLUSTER_PROFILE + {{- if .Values.kubecostProductConfigs }} + value: {{ .Values.kubecostProductConfigs.clusterProfile | default "production" }} + {{- else }} + value: production + {{- end }} + {{- if .Values.kubecostProductConfigs }} + {{- if ((.Values.kubecostProductConfigs).productKey).mountPath }} + - name: PRODUCT_KEY_MOUNT_PATH + value: {{ .Values.kubecostProductConfigs.productKey.mountPath }} + {{- end }} + {{- if ((.Values.kubecostProductConfigs).smtp).mountPath }} + - name: SMTP_CONFIG_MOUNT_PATH + value: {{ .Values.kubecostProductConfigs.smtp.mountPath }} + {{- end }} + {{- if .Values.kubecostProductConfigs.ingestPodUID }} + - name: INGEST_POD_UID + value: {{ (quote .Values.kubecostProductConfigs.ingestPodUID) }} + {{- end }} + {{- if .Values.kubecostProductConfigs.regionOverrides }} + - name: REGION_OVERRIDE_LIST + value: {{ (quote .Values.kubecostProductConfigs.regionOverrides) }} + {{- end }} + {{- end }} + {{- if .Values.global.prometheus.queryServiceBasicAuthSecretName}} + - name: DB_BASIC_AUTH_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} + key: USERNAME + - name: DB_BASIC_AUTH_PW + valueFrom: + secretKeyRef: + name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} + key: PASSWORD + {{- end }} + {{- if .Values.global.prometheus.queryServiceBearerTokenSecretName }} + - name: DB_BEARER_TOKEN + valueFrom: + secretKeyRef: + name: {{ .Values.global.prometheus.queryServiceBearerTokenSecretName }} + key: TOKEN + {{- end }} + {{- if .Values.global.prometheus.insecureSkipVerify }} + - name: INSECURE_SKIP_VERIFY + value: {{ (quote .Values.global.prometheus.insecureSkipVerify) }} + {{- end }} + {{- if .Values.pricingCsv }} + {{- if .Values.pricingCsv.enabled }} + - name: USE_CSV_PROVIDER + value: "true" + - name: CSV_PATH + value: {{ .Values.pricingCsv.location.URI }} + - name: CSV_REGION + value: {{ .Values.pricingCsv.location.region }} + {{- if eq .Values.pricingCsv.location.provider "AWS"}} + {{- if .Values.pricingCsv.location.csvAccessCredentials }} + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: {{ .Values.pricingCsv.location.csvAccessCredentials }} + key: AWS_ACCESS_KEY_ID + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ .Values.pricingCsv.location.csvAccessCredentials }} + key: AWS_SECRET_ACCESS_KEY + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.kubecostMetrics }} + - name: EMIT_POD_ANNOTATIONS_METRIC + value: {{ (quote .Values.kubecostMetrics.emitPodAnnotations) | default (quote false) }} + - name: EMIT_NAMESPACE_ANNOTATIONS_METRIC + value: {{ (quote .Values.kubecostMetrics.emitNamespaceAnnotations) | default (quote false) }} + {{- end }} + {{- if .Values.kubecostMetrics }} + - name: EMIT_KSM_V1_METRICS + value: {{ (quote .Values.kubecostMetrics.emitKsmV1Metrics) | default (quote true) }} + {{- end }} + {{- if .Values.kubecostMetrics }} + - name: EMIT_KSM_V1_METRICS_ONLY # ONLY emit KSM v1 metrics that do not exist in KSM 2 by default + value: {{ (quote .Values.kubecostMetrics.emitKsmV1MetricsOnly) | default (quote false) }} + {{- end }} + {{- if .Values.reporting }} + - name: LOG_COLLECTION_ENABLED + value: {{ (quote .Values.reporting.logCollection) | default (quote true) }} + - name: PRODUCT_ANALYTICS_ENABLED + value: {{ (quote .Values.reporting.productAnalytics) | default (quote true) }} + - name: ERROR_REPORTING_ENABLED + value: {{ (quote .Values.reporting.errorReporting ) | default (quote true) }} + - name: VALUES_REPORTING_ENABLED + value: {{ (quote .Values.reporting.valuesReporting) | default (quote true) }} + {{- if .Values.reporting.errorReporting }} + - name: SENTRY_DSN + value: "https://71964476292e4087af8d5072afe43abd@o394722.ingest.sentry.io/5245431" + {{- end }} + {{- end }} + - name: LEGACY_EXTERNAL_API_DISABLED + value: {{ (quote .Values.kubecostModel.legacyOutOfClusterAPIDisabled) | default (quote false) }} + - name: CACHE_WARMING_ENABLED + value: {{ (quote .Values.kubecostModel.warmCache) | default (quote true) }} + - name: SAVINGS_ENABLED + value: {{ (quote .Values.kubecostModel.warmSavingsCache) | default (quote true) }} + {{- if $etlBackupBucketSecret }} + - name: ETL_BUCKET_CONFIG + value: "/var/configs/etl/object-store.yaml" + {{- end }} + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: FEDERATED_STORE_CONFIG + value: "/var/configs/etl/federated/federated-store.yaml" + {{- end }} + {{- if or .Values.federatedETL.federatedCluster .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: FEDERATED_CLUSTER + {{- if eq .Values.federatedETL.readOnlyPrimary true }} + value: "false" + {{- else }} + value: "true" + {{- end }} + {{- end }} + {{- if .Values.federatedETL.redirectS3Backup }} + - name: FEDERATED_REDIRECT_BACKUP + value: "true" + {{- end }} + {{- if .Values.federatedETL.useMultiClusterDB }} + - name: CURRENT_CLUSTER_ID_FILTER_ENABLED + value: "true" + {{- end }} + {{- if .Values.persistentVolume.dbPVEnabled }} + - name: ETL_PATH_PREFIX + value: "/var/db" + {{- end }} + - name: ETL_RESOLUTION_SECONDS + value: {{ (quote .Values.kubecostModel.etlResolutionSeconds) | default (quote 300) }} + - name: ETL_MAX_PROMETHEUS_QUERY_DURATION_MINUTES + value: {{ (quote .Values.kubecostModel.maxPrometheusQueryDurationMinutes) | default (quote 1440) }} + - name: ETL_DAILY_STORE_DURATION_DAYS + value: {{ (quote .Values.kubecostModel.etlDailyStoreDurationDays) }} + - name: ETL_HOURLY_STORE_DURATION_HOURS + value: {{ (quote .Values.kubecostModel.etlHourlyStoreDurationHours) | default (quote 49) }} + - name: ETL_FILE_STORE_ENABLED + value: {{ (quote .Values.kubecostModel.etlFileStoreEnabled) | default (quote true) }} + - name: ETL_ASSET_RECONCILIATION_ENABLED + value: {{ (quote .Values.kubecostModel.etlAssetReconciliationEnabled) | default (quote true) }} + + {{- if .Values.kubecostModel }} + {{- if .Values.kubecostModel.allocation }} + {{- if .Values.kubecostModel.allocation.nodeLabels }} + {{- with .Values.kubecostModel.allocation.nodeLabels }} + - name: ALLOCATION_NODE_LABELS_ENABLED + value: {{ (quote .enabled) | default (quote true) }} + - name: ALLOCATION_NODE_LABELS_INCLUDE_LIST + value: {{ (quote .includeList) }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + - name: CONTAINER_STATS_ENABLED + value: {{ (quote .Values.kubecostModel.containerStatsEnabled) | default (quote false) }} + - name: RECONCILE_NETWORK + value: {{ (quote .Values.kubecostModel.reconcileNetwork) | default (quote true) }} + {{- if .Values.systemProxy.enabled }} + - name: HTTP_PROXY + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: http_proxy + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: HTTPS_PROXY + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: https_proxy + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: NO_PROXY + value: {{ .Values.systemProxy.noProxy }} + - name: no_proxy + value: {{ .Values.systemProxy.noProxy }} + {{- end }} + {{- if .Values.kubecostMetrics }} + {{- if .Values.kubecostMetrics.exporter }} + - name: KUBECOST_METRICS_POD_ENABLED + value: {{ (quote .Values.kubecostMetrics.exporter.enabled) | default (quote false) }} + {{- end }} + {{- end }} + - name: PV_ENABLED + value: {{ (quote .Values.persistentVolume.enabled) | default (quote true) }} + - name: MAX_QUERY_CONCURRENCY + value: {{ (quote .Values.kubecostModel.maxQueryConcurrency) | default (quote 5) }} + - name: UTC_OFFSET + value: {{ (quote .Values.kubecostModel.utcOffset) | default (quote ) }} + {{- if .Values.networkCosts }} + {{- if .Values.networkCosts.enabled }} + - name: NETWORK_COSTS_PORT + value: {{ quote .Values.networkCosts.port | default (quote 3001) }} + # ADVANCED_NETWORK_STATS is a feature offered by Kubecost that gives you network + # insights of your Kubernetes resources with cloud services. The feature is + # enabled when network cost is enabled and one of the service tagging is enabled + {{- if .Values.networkCosts.config.services }} + {{- $services := .Values.networkCosts.config.services -}} + {{- if or (index $services "google-cloud-services") (index $services "amazon-web-services") (index $services "azure-cloud-services")}} + - name: ADVANCED_NETWORK_STATS + value: "true" + {{- else}} + - name: ADVANCED_NETWORK_STATS + value: "false" + {{- end}} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.oidc.enabled }} + - name: OIDC_ENABLED + value: "true" + - name: OIDC_SKIP_ONLINE_VALIDATION + value: {{ (quote .Values.oidc.skipOnlineTokenValidation) | default (quote false) }} + {{- end}} + {{- if .Values.saml }} + {{- if .Values.saml.enabled }} + - name: SAML_ENABLED + value: "true" + - name: IDP_URL + value: {{ .Values.saml.idpMetadataURL }} + - name: SP_HOST + value: {{ .Values.saml.appRootURL }} + {{- if .Values.saml.audienceURI }} + - name: AUDIENCE_URI + value: {{ .Values.saml.audienceURI }} + {{- end }} + {{- if .Values.saml.isGLUUProvider }} + - name: GLUU_SAML_PROVIDER + value: {{ (quote .Values.saml.isGLUUProvider) }} + {{- end }} + {{- if .Values.saml.nameIDFormat }} + - name: NAME_ID_FORMAT + value: {{ .Values.saml.nameIDFormat }} + {{- end}} + {{- if .Values.saml.authTimeout }} + - name: AUTH_TOKEN_TIMEOUT + value: {{ (quote .Values.saml.authTimeout) }} + {{- end}} + {{- if .Values.saml.redirectURL }} + - name: LOGOUT_REDIRECT_URL + value: {{ .Values.saml.redirectURL }} + {{- end}} + {{- if .Values.saml.rbac.enabled }} + - name: SAML_RBAC_ENABLED + value: "true" + {{- end }} + {{- if and .Values.saml.encryptionCertSecret .Values.saml.decryptionKeySecret }} + - name: SAML_RESPONSE_ENCRYPTED + value: "true" + {{- end}} + {{- end }} + {{- end }} + {{- if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }} + - name: CLUSTER_ID + value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} + {{- end }} + {{- if .Values.prometheus.server.clusterIDConfigmap }} + - name: CLUSTER_ID + valueFrom: + configMapKeyRef: + name: {{ .Values.prometheus.server.clusterIDConfigmap }} + key: CLUSTER_ID + {{- end }} + {{- if .Values.kubecostModel.promClusterIDLabel }} + - name: PROM_CLUSTER_ID_LABEL + value: {{ .Values.kubecostModel.promClusterIDLabel }} + {{- end }} + {{- if .Values.hosted }} + - name: KUBECOST_CONFIG_BUCKET + value: /var/secrets/object-store.yaml + - name: CLUSTER_INFO_FILE_ENABLED + value: "true" + - name: CLUSTER_CACHE_FILE_ENABLED + value: "true" + {{- end }} + {{- if .Values.reporting.googleAnalyticsTag }} + - name: GOOGLE_ANALYTICS_TAG + value: {{ .Values.reporting.googleAnalyticsTag }} + {{- end }} + {{- if .Values.costEventsAudit }} + - name: COST_EVENTS_AUDIT_ENABLED + value: {{ (quote .Values.costEventsAudit.enabled) | default (quote false) }} + {{- end }} + - name: RELEASE_NAME + value: {{ .Release.Name }} + - name: KUBECOST_NAMESPACE + value: {{ .Release.Namespace }} + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: KUBECOST_TOKEN + valueFrom: + configMapKeyRef: + name: {{ template "cost-analyzer.fullname" . }} + key: kubecost-token + - name: WATERFOWL_ENABLED + value: "true" + {{- if not (.Values.diagnostics.enabled) }} + - name: DIAGNOSTICS_RUN_IN_COST_MODEL + value: "false" + {{- /* Cannot run MultiClusterDiagnostics in the cost-model container without federated-store config */}} + {{- else if and (empty .Values.kubecostModel.federatedStorageConfigSecret) (not .Values.kubecostModel.federatedStorageConfig) }} + - name: DIAGNOSTICS_RUN_IN_COST_MODEL + value: "false" + {{- else if .Values.diagnostics.deployment.enabled }} + - name: DIAGNOSTICS_RUN_IN_COST_MODEL + value: "false" + {{- else }} + - name: DIAGNOSTICS_RUN_IN_COST_MODEL + value: "true" + - name: DIAGNOSTICS_KUBECOST_FQDN + value: "localhost" + - name: DIAGNOSTICS_KUBECOST_NAMESPACE + value: {{ .Release.Namespace }} + - name: DIAGNOSTICS_PRIMARY + value: {{ quote .Values.diagnostics.primary.enabled }} + - name: DIAGNOSTICS_RETENTION + value: {{ .Values.diagnostics.primary.retention }} + - name: DIAGNOSTICS_PRIMARY_READONLY + value: {{ quote .Values.diagnostics.primary.readonly }} + - name: DIAGNOSTICS_POLLING_INTERVAL + value: {{ .Values.diagnostics.pollingInterval }} + - name: DIAGNOSTICS_KEEP_HISTORY + value: {{ quote .Values.diagnostics.keepDiagnosticHistory }} + - name: DIAGNOSTICS_COLLECT_HELM_VALUES + value: {{ quote .Values.diagnostics.collectHelmValues }} + {{- end }} + {{- if and .Values.kubecostFrontend.enabled (not .Values.federatedETL.agentOnly) (not (eq (include "frontend.deployMethod" .) "haMode")) }} + {{- if .Values.kubecostFrontend }} + {{- if .Values.kubecostFrontend.fullImageName }} + - image: {{ .Values.kubecostFrontend.fullImageName }} + {{- else if .Values.imageVersion }} + - image: {{ .Values.kubecostFrontend.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + - image: gcr.io/kubecost1/frontend-nightly:latest + {{- else }} + - image: {{ .Values.kubecostFrontend.image }}:prod-{{ $.Chart.AppVersion }} + {{- end }} + {{- else }} + - image: gcr.io/kubecost1/frontend:prod-{{ $.Chart.AppVersion }} + {{- end }} + env: + - name: GET_HOSTS_FROM + value: dns + {{- if .Values.kubecostFrontend.extraEnv -}} + {{ toYaml .Values.kubecostFrontend.extraEnv | nindent 12 }} + {{- end }} + name: cost-analyzer-frontend + {{- if .Values.kubecostFrontend.securityContext }} + securityContext: + {{- toYaml .Values.kubecostFrontend.securityContext | nindent 12 }} + {{- else }} + securityContext: + {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} + {{- end }} + volumeMounts: + - name: tmp + mountPath: /tmp + - name: tmp + mountPath: /var/lib/nginx/tmp + - name: tmp + mountPath: /var/run + - name: nginx-conf + mountPath: /etc/nginx/conf.d/ + {{- if .Values.global.containerSecuritycontext }} + - mountPath: /var/cache/nginx + name: cache + - mountPath: /var/run + name: var-run + {{- end }} + {{- if .Values.kubecostFrontend.tls }} + {{- if .Values.kubecostFrontend.tls.enabled }} + - name: tls + mountPath: /etc/ssl/certs + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.kubecostFrontend.resources | indent 12 }} + {{- if .Values.kubecostFrontend.imagePullPolicy }} + imagePullPolicy: {{ .Values.kubecostFrontend.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + {{- if .Values.kubecostFrontend.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz + port: 9003 + initialDelaySeconds: {{ .Values.kubecostFrontend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostFrontend.readinessProbe.periodSeconds }} + failureThreshold: {{ .Values.kubecostFrontend.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.kubecostFrontend.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /healthz + port: 9003 + initialDelaySeconds: {{ .Values.kubecostFrontend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostFrontend.livenessProbe.periodSeconds }} + failureThreshold: {{ .Values.kubecostFrontend.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.global.containerSecuritycontext }} + securityContext: + {{- toYaml .Values.global.containerSecuritycontext | nindent 12 }} + {{- end }} + {{ end }} + + {{- if and (eq (include "aggregator.deployMethod" .) "singlepod") (not .Values.federatedETL.agentOnly) }} + {{- include "aggregator.containerTemplate" . | nindent 8 }} + {{- if .Values.kubecostAggregator.jaeger.enabled }} + {{- include "aggregator.jaeger.sidecarContainerTemplate" . | nindent 8 }} + {{- end }} + {{- include "aggregator.cloudCost.containerTemplate" . | nindent 8 }} + {{- end }} + + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.priority }} + {{- if .Values.priority.enabled }} + {{- if gt (len .Values.priority.name) 0 }} + priorityClassName: {{ .Values.priority.name }} + {{- else }} + priorityClassName: {{ template "cost-analyzer.fullname" . }}-priority + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-frontend-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-frontend-config-map-template.yaml new file mode 100644 index 0000000000..dfeb42db23 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-frontend-config-map-template.yaml @@ -0,0 +1,1446 @@ +{{- if .Values.kubecostFrontend.enabled }} +{{- if and (not .Values.agent) (not .Values.cloudAgent) (not .Values.federatedETL.agentOnly) }} +{{- $serviceName := include "cost-analyzer.serviceName" . -}} +{{- if .Values.saml.enabled }} +{{- if .Values.oidc.enabled }} +{{- fail "SAML and OIDC cannot both be enabled" }} +{{- end }} +{{- end }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-conf + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + nginx.conf: | + gzip_static on; + + # Enable gzip encoding for content of the provided types of 50kb and higher. + gzip on; + gzip_min_length 50000; + gzip_proxied expired no-cache no-store private auth; + gzip_types + application/atom+xml + application/geo+json + application/javascript + application/x-javascript + application/json + application/ld+json + application/manifest+json + application/rdf+xml + application/rss+xml + application/vnd.ms-fontobject + application/wasm + application/x-web-app-manifest+json + application/xhtml+xml + application/xml + font/eot + font/otf + font/ttf + image/bmp + image/svg+xml + text/cache-manifest + text/calendar + text/css + text/javascript + text/markdown + text/plain + text/xml + text/x-component + text/x-cross-domain-policy; + + upstream api { +{{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ $serviceName }}.{{ .Release.Namespace }}.svc.cluster.local:9001; +{{- else if (.Values.kubecostFrontend.api).fqdn }} + server {{ .Values.kubecostFrontend.api.fqdn }}; +{{- else }} + server {{ $serviceName }}.{{ .Release.Namespace }}:9001; +{{- end }} + } + + upstream model { +{{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ $serviceName }}.{{ .Release.Namespace }}.svc.cluster.local:9003; +{{- else if (.Values.kubecostFrontend.model).fqdn }} + server {{ .Values.kubecostFrontend.model.fqdn }}; +{{- else }} + server {{ $serviceName }}.{{ .Release.Namespace }}:9003; +{{- end }} + } + +{{- if and .Values.clusterController .Values.clusterController.enabled }} + upstream clustercontroller { +{{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ template "kubecost.clusterControllerName" . }}-service.{{ .Release.Namespace }}.svc.cluster.local:9731; +{{- else }} +{{- if (.Values.kubecostFrontend.clusterController).fqdn }} + server {{ .Values.kubecostFrontend.clusterController.fqdn }}; +{{- else }} + server {{ template "kubecost.clusterControllerName" . }}-service.{{ .Release.Namespace }}:9731; +{{- end }} +{{- end }} + } +{{- end }} + +{{- if .Values.global.grafana.proxy }} + upstream grafana { +{{- if .Values.global.grafana.enabled }} +{{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ .Release.Name }}-grafana.{{ .Release.Namespace }}.svc.cluster.local; +{{- else }} +{{- if .Values.global.grafana.fqdn }} + server {{ .Values.global.grafana.fqdn }}; +{{- else }} + server {{ .Release.Name }}-grafana.{{ .Release.Namespace }}; +{{- end }} +{{- end }} +{{- else }} + server {{.Values.global.grafana.domainName}}; +{{- end }} + } +{{- end }} + + {{- if .Values.forecasting.enabled }} + upstream forecasting { + {{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ .Release.Name }}-forecasting.{{ .Release.Namespace }}.svc.cluster.local:5000; + {{- else }} + {{- if (.Values.kubecostFrontend.forcasting).fqdn }} + server {{ .Values.kubecostFrontend.forcasting.fqdn }}; + {{- else }} + server {{ .Release.Name }}-forecasting.{{ .Release.Namespace }}:5000; + {{- end }} + {{- end }} + } + {{- end }} + + {{- if and (not .Values.agent) (not .Values.cloudAgent) (not (eq (include "aggregator.deployMethod" .) "disabled")) }} + upstream aggregator { + {{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ .Release.Name }}-aggregator.{{ .Release.Namespace }}.svc.cluster.local:9004; + {{- else }} + {{- if (.Values.kubecostFrontend.aggregator).fqdn }} + server {{ .Values.kubecostFrontend.aggregator.fqdn }}; + {{- else }} + server {{ .Release.Name }}-aggregator.{{ .Release.Namespace }}:9004; + {{- end }} + {{- end }} + } + upstream cloudCost { + {{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ template "cloudCost.serviceName" . }}.{{ .Release.Namespace }}.svc.cluster.local:9005; + {{- else }} + {{- if (.Values.kubecostFrontend.cloudCost).fqdn }} + server {{ .Values.kubecostFrontend.cloudCost.fqdn }}; + {{- else }} + server {{ template "cloudCost.serviceName" . }}.{{ .Release.Namespace }}:9005; + {{- end }} + {{- end }} + } + {{- end }} + + {{- if and .Values.diagnostics.enabled .Values.diagnostics.primary.enabled .Values.diagnostics.deployment.enabled }} + {{- if or (not (empty .Values.kubecostModel.federatedStorageConfigSecret )) .Values.kubecostModel.federatedStorageConfig }} + upstream multi-cluster-diagnostics { + {{- if .Values.kubecostFrontend.useDefaultFqdn }} + server {{ template "diagnostics.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:9007; + {{- else}} + {{- if (.Values.kubecostFrontend.multiClusterDiagnostics).fqdn }} + server {{ .Values.kubecostFrontend.multiClusterDiagnostics.fqdn }}; + {{- else }} + server {{ template "diagnostics.fullname" . }}.{{ .Release.Namespace }}:9007; + {{- end }} + {{- end }} + } + {{- end }} + {{- end }} + + server { + server_name _; + root /var/www; + index index.html; + + add_header Cache-Control "must-revalidate"; + + {{- if .Values.kubecostFrontend.extraServerConfig }} + {{- .Values.kubecostFrontend.extraServerConfig | toString | nindent 8 -}} + {{- else }} + large_client_header_buffers 4 32k; + {{- end }} + + error_page 504 /custom_504.html; + location = /custom_504.html { + internal; + } + +{{- if or .Values.saml.enabled .Values.oidc.enabled }} + add_header Cache-Control "max-age=0"; + location / { + auth_request /auth; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + error_page 401 = /login; + try_files $uri $uri/ /index.html; + } + location /healthz { + add_header 'Content-Type' 'text/plain'; + return 200 "healthy\n"; + } +{{- else }} + add_header Cache-Control "max-age=300"; + location / { + try_files $uri $uri/ /index.html; + } +{{- end }} +{{- if .Values.imageVersion }} + add_header ETag "{{ $.Values.imageVersion }}"; +{{- else }} + add_header ETag "{{ $.Chart.Version }}"; +{{- end }} +{{- if .Values.kubecostFrontend.tls }} +{{- if .Values.kubecostFrontend.tls.enabled }} +{{- if .Values.kubecostFrontend.tls.specifyProtocols }} + ssl_protocols {{ $.Values.kubecostFrontend.tls.protocols }}; +{{- end }} + ssl_certificate /etc/ssl/certs/kc.crt; + ssl_certificate_key /etc/ssl/certs/kc.key; + listen {{ .Values.service.targetPort }} ssl; +{{- if .Values.kubecostFrontend.ipv6.enabled }} + listen [::]:{{ .Values.service.targetPort }} ssl; +{{- end }} +{{- else }} + listen {{ .Values.service.targetPort }}; +{{- if .Values.kubecostFrontend.ipv6.enabled }} + listen [::]:{{ .Values.service.targetPort }}; +{{- end }} +{{- end }} +{{- else }} + listen {{ .Values.service.targetPort }}; +{{- if .Values.kubecostFrontend.ipv6.enabled }} + listen [::]:{{ .Values.service.targetPort }}; +{{- end }} +{{- end }} + location /api/ { + {{- if or .Values.saml.enabled .Values.oidc.enabled }} + auth_request /auth; + {{- end }} + proxy_pass http://api/; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location /model/ { + proxy_connect_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_send_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://model/; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + {{- if .Values.kubecostFrontend.extraModelConfigs }} + {{- .Values.kubecostFrontend.extraModelConfigs | toString | nindent 12 -}} + {{- end }} + } + + location ~ ^/(turndown|cluster)/ { + + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; +{{- if .Values.clusterController }} +{{- if .Values.clusterController.enabled }} + {{- if or .Values.saml .Values.oidc }} + {{- if or .Values.saml.enabled .Values.oidc.enabled }} + auth_request /auth; + {{- else if .Values.saml.rbac.enabled}} + auth_request /authrbac; + {{- end }} + {{- end }} + + rewrite ^/(?:turndown|cluster)/(.*)$ /$1 break; + proxy_pass http://clustercontroller; + proxy_connect_timeout 180; + proxy_send_timeout 180; + proxy_read_timeout 180; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + +{{- else }} + return 404; +{{- end }} +{{- else }} + return 404; +{{- end }} + } +{{- if and (or .Values.saml.enabled .Values.oidc.enabled) (not (eq (include "aggregator.deployMethod" .) "disabled")) }} + {{- if .Values.oidc.enabled }} + location /oidc/ { + proxy_connect_timeout 180; + proxy_send_timeout 180; + proxy_read_timeout 180; + proxy_pass http://aggregator/oidc/; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + {{- end }} + {{- if .Values.saml.enabled }} + location /saml/ { + proxy_connect_timeout 180; + proxy_send_timeout 180; + proxy_read_timeout 180; + proxy_pass http://aggregator/saml/; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + {{- end }} + {{- if or .Values.saml.enabled .Values.oidc.enabled}} + location /login { + proxy_connect_timeout 180; + proxy_send_timeout 180; + proxy_read_timeout 180; + proxy_pass http://aggregator/login; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Original-URI $request_uri; + } + + location /logout { + proxy_connect_timeout 180; + proxy_send_timeout 180; + proxy_read_timeout 180; + proxy_pass http://aggregator/logout; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + {{- end }} +{{- end }} + {{- if .Values.global.grafana.proxy }} + location /grafana/ { + {{- if .Values.saml.enabled }} + auth_request /auth; + {{- end }} + proxy_pass http://grafana/; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + } + {{ end }} + {{- if .Values.oidc.enabled }} + location /auth { + proxy_pass http://aggregator/isAuthenticated; + } + {{- end }} + {{- if .Values.saml.enabled }} + location /auth { + proxy_pass http://aggregator/isAuthenticated; + } + {{- if .Values.saml.rbac.enabled }} + location /authrbac { + proxy_pass http://aggregator/isAdminAuthenticated; + } + {{- end }} + {{- end }} + + +{{- if and (not .Values.agent) (not .Values.cloudAgent) (not (eq (include "aggregator.deployMethod" .) "disabled")) }} + # TODO make aggregator route the default, start special-casing + # cost-model APIs + + # Aggregator proxy + {{- if and (.Values.kubecostDeployment) (.Values.kubecostDeployment.queryServiceReplicas) (gt (.Values.kubecostDeployment.queryServiceReplicas | toString | atoi) 0) }} + {{- fail "The Kubecost Aggregator should not be used at the same time as Query Service Replicas" }} + {{- end }} + + location = /model/allocation { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/allocation; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + {{- if not .Values.kubecostFrontend.trendsDisabled }} + location = /model/allocation/trends { + proxy_read_timeout 300; + proxy_pass http://aggregator/allocation/trends; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + {{ end }} + location = /model/allocation/view { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/allocation/view; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/allocation/summary { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/allocation/summary; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/allocation/summary/topline { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/allocation/summary/topline; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/allocation/autocomplete { + proxy_read_timeout 300; + proxy_pass http://aggregator/allocation/autocomplete; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/allocation/carbon { + proxy_read_timeout 300; + proxy_pass http://aggregator/allocation/carbon; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/assets { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/assets; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/assets/topline { + proxy_read_timeout 300; + proxy_pass http://aggregator/assets/topline; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/assets/graph { + proxy_read_timeout 300; + proxy_pass http://aggregator/assets/graph; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/assets/totals { + return 501 "Aggregator does not support this endpoint."; + } + location = /model/assets/diff { + return 501 "Aggregator does not support this endpoint."; + } + location = /model/assets/breakdown { + return 501 "Aggregator does not support this endpoint."; + } + location = /model/assets/autocomplete { + proxy_read_timeout 300; + proxy_pass http://aggregator/assets/autocomplete; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/assets/carbon { + proxy_read_timeout 300; + proxy_pass http://aggregator/assets/carbon; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/requestSizingV2 { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/requestSizingV2; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/requestSizingV2/topline { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/requestSizingV2/topline; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/clusterSizingETL { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/clusterSizingETL; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/nodeGroupSizingETL { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/nodeGroupSizingETL; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/recommendations/allowLists { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/recommendations/allowLists; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/cloudCost; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/view/graph { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/cloudCost/view/graph; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/view/totals { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/cloudCost/view/totals; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/view/table { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/cloudCost/view/table; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/view/trends { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/cloudCost/view/trends; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/autocomplete { + proxy_read_timeout 300; + proxy_pass http://aggregator/cloudCost/autocomplete; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/clusters/status { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/clusters/status; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/abandonedWorkloads { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/abandonedWorkloads; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/abandonedWorkloads/topline { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/abandonedWorkloads/topline; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/unclaimedVolumes { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/unclaimedVolumes; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/localLowDisks { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/localLowDisks; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/persistentVolumeSizing { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/persistentVolumeSizing; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/savings/persistentVolumeSizing/topline { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/savings/persistentVolumeSizing/topline; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/reports/allocation { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/reports/allocation; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/reports/asset { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/reports/asset; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/reports/cloudCost { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/reports/cloudCost; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/reports/group { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/reports/group; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + # this is a special case to handle /reports/group/:group in the Kubecost Aggregator. prior to aggregator, this endpoint + # was handled by /model/, so no special case proxies were required. without this, /model/reports/groups/?foo=bar + # will be directed to /reports/groups?foo=bar (note the missing /model prefix) + location ~ ^/model/reports/group/ { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/reports/group/$is_args$args; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/budget { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/budget; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/budgets { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/budgets; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collections { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collections; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection/query/total { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection/query/total; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection/query/timeseries { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection/query/timeseries; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection/query/complement { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection/query/complement; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection/query/complement/cloud { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection/query/complement/cloud; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection/query/complement/kubernetes { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection/query/complement/kubernetes; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location = /model/collections/query/total { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collections/query/total; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collections/query/timeseries { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collections/query/timeseries; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collections/query/complement { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collections/query/complement; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collections/query/complement/cloud { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collections/query/complement/cloud; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collections/query/complement/kubernetes { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collections/query/complement/kubernetes; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection/cache/status { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection/cache/status; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/collection/configs { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/collection/configs; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/kubernetes/containers/resources { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/kubernetes/containers/resources; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/kubernetes/containers/resources/timeseries { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/kubernetes/containers/resources/timeseries; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/kubernetes/containers/costs { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/kubernetes/containers/costs; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/kubernetes/containers/costs/timeseries { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/kubernetes/containers/costs/timeseries; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/networkinsights { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/networkinsights; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/networkinsights/graph { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/networkinsights/graph; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/rbacGroups { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/rbacGroups; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/smtp { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/smtp; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/smtp/test { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/smtp/test; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/teams { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/teams; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/team { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/team; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/users { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/users; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/user { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/user; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/serviceAccounts { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/serviceAccounts; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/serviceAccount { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/serviceAccount; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/debug/orchestrator { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/debug/orchestrator; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/prediction/speccost { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/prediction/speccost; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/coreCount { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/coreCount; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/tableWindowCount { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/tableWindowCount; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/containersPerDay { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/containersPerDay; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/nodesPerDay { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/nodesPerDay; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/containerLabelStats { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/containerLabelStats; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/containerAnnotationStats { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/containerAnnotationStats; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/cloudCostsPerDay { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/cloudCostsPerDay; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/containerWithoutMatchingNode { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/containerWithoutMatchingNode; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/containerDuplicateNoId { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/containerDuplicateNoId; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/containerDuplicateWithId { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/containerDuplicateWithId; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/nodeDuplicateNoId { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/nodeDuplicateNoId; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/debug/ingestionRecords { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/debug/ingestionRecords; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/debug/ingestionSummary { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/debug/ingestionSummary; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/debug/derivationRecords { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/debug/derivationRecords; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/diagnostic/databaseDirectory { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/diagnostic/databaseDirectory; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/getApiConfig { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/getApiConfig; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/setApiConfig { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/setApiConfig; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/getIngestionConfig { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/getIngestionConfig; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/setIngestionConfig { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/setIngestionConfig; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/enablements { + proxy_read_timeout 300; + proxy_pass http://aggregator/enablements; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/customCost/total { + proxy_read_timeout 300; + proxy_pass http://aggregator/customCost/total; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/customCost/timeseries { + proxy_read_timeout 300; + proxy_pass http://aggregator/customCost/timeseries; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/providerOptimization { + proxy_read_timeout 300; + proxy_pass http://aggregator/providerOptimization; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location = /model/getProductKey { + proxy_read_timeout 300; + proxy_pass http://aggregator/getProductKey; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/setProductKey { + proxy_read_timeout 300; + proxy_pass http://aggregator/setProductKey; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/trialStatus { + proxy_read_timeout 300; + proxy_pass http://aggregator/trialStatus; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/startProductTrial { + proxy_read_timeout 300; + proxy_pass http://aggregator/startProductTrial; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/resetProductTrial { + proxy_read_timeout 300; + proxy_pass http://aggregator/resetProductTrial; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/extendProductTrial { + proxy_read_timeout 300; + proxy_pass http://aggregator/extendProductTrial; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/expireProductTrial { + proxy_read_timeout 300; + proxy_pass http://aggregator/expireProductTrial; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + #Cloud Cost Endpoints + location = /model/cloudCost/status { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloudCost/status; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/rebuild { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloudCost/rebuild; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/repair { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloudCost/repair; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloud/config { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloud/config; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloud/config/export { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloud/config/export; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloud/config/enable { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloud/config/enable; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloud/config/disable { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloud/config/disable; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/cloudCost/integration/validate { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://cloudCost/cloudCost/integration/validate; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/customCost/status { + proxy_read_timeout 300; + proxy_pass http://cloudCost/customCost/status; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location = /model/customCost/rebuild { + proxy_read_timeout 300; + proxy_pass http://cloudCost/customCost/rebuild; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + # alert end points with v2 will be routed to aggregator server + location = /model/v2/alerts { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/alerts; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location ~* ^/model/v2/alerts/(.*) { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/alerts/$1; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + # alert end points without any version will be routed to model server + location = /model/alerts { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://model/alerts; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location ~* ^/model/alerts/(.*) { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://model/alerts/$1; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + location ~* ^/model/reports/(.*)/schedule/test { + proxy_read_timeout {{ .Values.kubecostFrontend.timeoutSeconds | default 300 }}; + proxy_pass http://aggregator/reports/$1/schedule/test; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +{{- end }} + location = /model/hideOrphanedResources { + default_type 'application/json'; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; + {{- if .Values.kubecostFrontend.hideOrphanedResources }} + return 200 '{"hideOrphanedResources": "true"}'; + {{- else }} + return 200 '{"hideOrphanedResources": "false"}'; + {{- end }} + } + location = /model/hideDiagnostics { + default_type 'application/json'; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; + {{- if .Values.kubecostFrontend.hideDiagnostics }} + return 200 '{"hideDiagnostics": "true"}'; + {{- else }} + return 200 '{"hideDiagnostics": "false"}'; + {{- end }} + } + + {{- if .Values.kubecostFrontend.trendsDisabled }} + location /model/allocation/trends { + return 204 'endpoint disabled'; + } + {{ end }} + + location /model/multi-cluster-diagnostics-enabled { + default_type 'application/json'; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; + {{- if and .Values.diagnostics.enabled .Values.diagnostics.primary.enabled }} + {{- if or (not (empty .Values.kubecostModel.federatedStorageConfigSecret )) .Values.kubecostModel.federatedStorageConfig }} + return 200 '{"multiClusterDiagnosticsEnabled": true}'; + {{- end }} + {{- else }} + return 200 '{"multiClusterDiagnosticsEnabled": false}'; + {{- end }} + } + + {{- if and .Values.diagnostics.enabled .Values.diagnostics.primary.enabled .Values.diagnostics.deployment.enabled }} + {{- if or (not (empty .Values.kubecostModel.federatedStorageConfigSecret )) .Values.kubecostModel.federatedStorageConfig }} + + # When the Multi-cluster Diagnostics Service is run within the + # cost-model container, its endpoint is available at the path + # `/model/diagnostics/multicluster`. No additional Nginx path forwarding + # needed. When the Multi-cluster Diagnostics Service is run as a K8s + # Deployment, we should forward that path to the K8s Service. + location /model/diagnostics/multicluster { + default_type 'application/json'; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; + proxy_read_timeout 300; + proxy_pass http://multi-cluster-diagnostics/status; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + # simple alias for support + location /mcd { + default_type 'application/json'; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; + proxy_read_timeout 300; + proxy_pass http://multi-cluster-diagnostics/status?window=7d; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + {{- end }} + {{- end }} + + location /model/aggregatorEnabled { + default_type 'application/json'; + return 200 '{"aggregatorEnabled": "true"}'; + } + + {{- if .Values.forecasting.enabled }} + location /forecasting { + default_type 'application/json'; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; + proxy_read_timeout 300; + proxy_pass http://forecasting/; + proxy_redirect off; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + {{- else }} + location /forecasting { + default_type 'application/json'; + return 405 '{"forecastingEnabled": "false"}'; + } + {{- end }} + + location /model/productConfigs { + default_type 'application/json'; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS' always; + return 200 '\n + { + "ssoConfigured": "{{ template "ssoEnabled" . }}", + "rbacTeamsEnabled": "{{ template "rbacTeamsEnabled" . }}", + "dataBackupConfigured": "{{ template "dataBackupConfigured" . }}", + "costEventsAuditEnabled": "{{ template "costEventsAuditEnabled" . }}", + "frontendDeployMethod": "{{ template "frontend.deployMethod" . }}", + "pluginsEnabled": "{{ template "pluginsEnabled" . }}", + "carbonEstimatesEnabled": "{{ template "carbonEstimatesEnabled" . }}", + "clusterControllerEnabled": "{{ template "clusterControllerEnabled" . }}", + "forecastingEnabled": "{{ template "forecastingEnabled" . }}", + "chartVersion": "2.4.0", + "hourlyDataRetention": "{{ (.Values.kubecostAggregator.etlHourlyStoreDurationHours) }}", + "dailyDataRetention": "{{ (.Values.kubecostAggregator.etlDailyStoreDurationDays) }}", + "hideDiagnostics": "{{ default false ((.Values.kubecostProductConfigs).hideDiagnostics) }}", + "hideOrphanedResources": "{{ default false ((.Values.kubecostProductConfigs).hideOrphanedResources) }}", + "hideKubecostActions": "{{ default false ((.Values.kubecostProductConfigs).hideKubecostActions) }}", + "hideReservedInstances": "{{ default false ((.Values.kubecostProductConfigs).hideReservedInstances) }}", + "hideSpotCommander": "{{ default false ((.Values.kubecostProductConfigs).hideSpotCommander) }}", + "hideUnclaimedVolumes": "{{ default false ((.Values.kubecostProductConfigs).hideUnclaimedVolumes) }}", + "hideCloudIntegrationsUI": "{{ default false ((.Values.kubecostProductConfigs).hideCloudIntegrationsUI) }}", + "hideBellIcon": "{{ default false ((.Values.kubecostProductConfigs).hideBellIcon) }}", + "hideTeams": "{{ default false ((.Values.kubecostProductConfigs).hideTeams) }}" + } + '; + } + } + +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ingestion-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ingestion-configmap.yaml new file mode 100644 index 0000000000..7ca2cea4af --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ingestion-configmap.yaml @@ -0,0 +1,14 @@ +{{- if eq (include "aggregator.deployMethod" .) "statefulset" }} +{{- if (.Values.kubecostProductConfigs).standardDiscount }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "ingestion-configs" .Values.ingestionConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + standardDiscount: "{{ .Values.kubecostProductConfigs.standardDiscount }}" + helmConfig: "true" +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ingress-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ingress-template.yaml new file mode 100644 index 0000000000..4ac0693ddf --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ingress-template.yaml @@ -0,0 +1,56 @@ +{{- if .Values.ingress -}} +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "cost-analyzer.fullname" . -}} +{{- $serviceName := "" -}} +{{- if eq (include "frontend.deployMethod" .) "haMode" }} +{{- $serviceName = include "frontend.serviceName" . }} +{{- else }} +{{- $serviceName = include "cost-analyzer.serviceName" . -}} +{{- end }} +{{- $ingressPaths := .Values.ingress.paths -}} +{{- $ingressPathType := .Values.ingress.pathType -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} +{{- end }} +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + {{- range $ingressPaths }} + - path: {{ . }} + pathType: {{ $ingressPathType }} + backend: + service: + name: {{ $serviceName }} + port: + name: tcp-frontend + {{- end }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-metrics-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-metrics-config-map-template.yaml new file mode 100644 index 0000000000..136d7fa9a7 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-metrics-config-map-template.yaml @@ -0,0 +1,13 @@ +{{- if .Values.kubecostProductConfigs -}} +{{- if .Values.kubecostProductConfigs.metricsConfigs -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "metrics-config" .Values.metricsConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + metrics.json: '{{ toJson .Values.kubecostProductConfigs.metricsConfigs }}' +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-config-map-template.yaml new file mode 100644 index 0000000000..378fca5849 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-config-map-template.yaml @@ -0,0 +1,16 @@ +{{- if .Values.networkCosts -}} +{{- if .Values.networkCosts.enabled -}} +{{- if .Values.networkCosts.config -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-costs-config + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + config.yaml: | +{{- toYaml .Values.networkCosts.config | nindent 4 }} +{{- end -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-podmonitor-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-podmonitor-template.yaml new file mode 100644 index 0000000000..d0b5b5dd8f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-podmonitor-template.yaml @@ -0,0 +1,32 @@ +{{- if .Values.networkCosts }} +{{- if .Values.networkCosts.enabled }} +{{- if .Values.networkCosts.podMonitor }} +{{- if .Values.networkCosts.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: {{ include "cost-analyzer.networkCostsName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if .Values.networkCosts.podMonitor.additionalLabels }} + {{ toYaml .Values.networkCosts.podMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + podMetricsEndpoints: + - port: http-server + honorLabels: true + interval: 1m + scrapeTimeout: 10s + path: /metrics + scheme: http + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app: {{ template "cost-analyzer.networkCostsName" . }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-service-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-service-template.yaml new file mode 100644 index 0000000000..0ac70718d4 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-service-template.yaml @@ -0,0 +1,34 @@ +{{- if .Values.networkCosts }} +{{- if .Values.networkCosts.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "cost-analyzer.networkCostsName" . }} + namespace: {{ .Release.Namespace }} +{{- if (or .Values.networkCosts.service.annotations .Values.networkCosts.prometheusScrape) }} + annotations: +{{- if .Values.networkCosts.service.annotations }} +{{ toYaml .Values.networkCosts.service.annotations | indent 4 }} +{{- end }} +{{- if .Values.networkCosts.prometheusScrape }} + prometheus.io/scrape: "true" + prometheus.io/port: {{ (quote .Values.networkCosts.port) | default (quote 3001) }} +{{- end }} +{{- end }} + labels: + {{- include "networkcosts.commonLabels" . | nindent 4 }} + {{- if .Values.networkCosts.service.labels }} + {{ toYaml .Values.networkCosts.service.labels | nindent 4 }} + {{- end }} +spec: + clusterIP: None + ports: + - name: metrics + port: {{ .Values.networkCosts.port | default 3001 }} + protocol: TCP + targetPort: {{ .Values.networkCosts.port | default 3001 }} + selector: + {{- include "networkcosts.selectorLabels" . | nindent 4 }} + type: ClusterIP +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-template.yaml new file mode 100644 index 0000000000..7af7881535 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-costs-template.yaml @@ -0,0 +1,149 @@ +{{- if .Values.networkCosts -}} +{{- if .Values.networkCosts.enabled -}} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "cost-analyzer.networkCostsName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "networkcosts.commonLabels" . | nindent 4 }} + {{- if .Values.networkCosts.additionalLabels }} + {{- toYaml .Values.networkCosts.additionalLabels | nindent 4 }} + {{- end }} +spec: + {{- if .Values.networkCosts.updateStrategy }} + updateStrategy: + {{- toYaml .Values.networkCosts.updateStrategy | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "networkcosts.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.networkCosts.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "networkcosts.commonLabels" . | nindent 8 }} + {{- if .Values.networkCosts.additionalLabels }} + {{- toYaml .Values.networkCosts.additionalLabels | nindent 8 }} + {{- end }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + hostNetwork: true + serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} + containers: + - name: {{ template "cost-analyzer.networkCostsName" . }} + {{- if eq (typeOf .Values.networkCosts.image) "string" }} + image: {{ .Values.networkCosts.image }} + {{- else }} + image: {{ .Values.networkCosts.image.repository }}:{{ .Values.networkCosts.image.tag }} + {{- end}} + {{- if .Values.networkCosts.extraArgs }} + args: + {{- toYaml .Values.networkCosts.extraArgs | nindent 8 }} + {{- end }} +{{- if .Values.networkCosts.imagePullPolicy }} + imagePullPolicy: {{ .Values.networkCosts.imagePullPolicy }} +{{- else }} + imagePullPolicy: Always +{{- end }} +{{- if .Values.networkCosts.resources }} + resources: {{- toYaml .Values.networkCosts.resources | nindent 10 }} +{{- end }} + env: + {{- if .Values.networkCosts.hostProc }} + - name: HOST_PROC + value: {{ .Values.networkCosts.hostProc.mountPath }} + {{- end }} + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: HOST_PORT + value: {{ (quote .Values.networkCosts.port) | default (quote 3001) }} + - name: TRAFFIC_LOGGING_ENABLED + value: {{ (quote .Values.networkCosts.trafficLogging) | default (quote true) }} + - name: LOG_LEVEL + value: {{ .Values.networkCosts.logLevel | default "info" }} + {{- if .Values.networkCosts.softMemoryLimit }} + - name: GOMEMLIMIT + value: {{ .Values.networkCosts.softMemoryLimit }} + {{- end }} + {{- if .Values.networkCosts.heapMonitor }} + {{- if .Values.networkCosts.heapMonitor.enabled }} + - name: HEAP_MONITOR_ENABLED + value: "true" + - name: HEAP_MONITOR_THRESHOLD + value: {{ .Values.networkCosts.heapMonitor.threshold }} + {{- if .Values.networkCosts.heapMonitor.outFile }} + - name: HEAP_MONITOR_OUTPUT + value: {{ .Values.networkCosts.heapMonitor.outFile }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.networkCosts.healthCheckProbes }} + {{- toYaml .Values.networkCosts.healthCheckProbes | nindent 8 }} + {{- end }} + volumeMounts: + {{- if .Values.networkCosts.hostProc }} + - mountPath: {{ .Values.networkCosts.hostProc.mountPath }} + name: host-proc + {{- else }} + - mountPath: /net + name: nf-conntrack + - mountPath: /netfilter + name: netfilter + {{- end }} + {{- if .Values.networkCosts.config }} + - mountPath: /network-costs/config + name: network-costs-config + {{- end }} + securityContext: + privileged: true + {{- if .Values.networkCosts.additionalSecurityContext }} + {{- toYaml .Values.networkCosts.additionalSecurityContext | nindent 10 }} + {{- end }} + ports: + - name: http-server + containerPort: {{ .Values.networkCosts.port | default 3001 }} + hostPort: {{ .Values.networkCosts.port | default 3001 }} +{{- if .Values.networkCosts.priorityClassName }} + priorityClassName: "{{ .Values.networkCosts.priorityClassName }}" +{{- end }} + {{- with .Values.networkCosts.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 10 }} + {{- end }} +{{- if .Values.networkCosts.tolerations }} + tolerations: +{{ toYaml .Values.networkCosts.tolerations | indent 8 }} + {{- end }} + {{- with .Values.networkCosts.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + {{- if .Values.networkCosts.config }} + - name: network-costs-config + configMap: + name: network-costs-config + {{- end }} + {{- if .Values.networkCosts.hostProc }} + - name: host-proc + hostPath: + path: {{ default "/proc" .Values.networkCosts.hostProc.hostPath }} + {{- else }} + - name: nf-conntrack + hostPath: + path: /proc/net + - name: netfilter + hostPath: + path: /proc/sys/net/netfilter + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-policy-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-policy-template.yaml new file mode 100644 index 0000000000..812956f415 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-policy-template.yaml @@ -0,0 +1,47 @@ +{{- if .Values.networkPolicy -}} +{{- if .Values.networkPolicy.costAnalyzer.enabled -}} +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: {{ template "cost-analyzer.fullname" . }} +{{- if .Values.networkPolicy.costAnalyzer.annotations }} + annotations: +{{ toYaml .Values.networkPolicy.costAnalyzer.annotations | indent 4}} +{{- end }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- if .Values.networkPolicy.costAnalyzer.additionalLabels }} +{{ toYaml .Values.networkPolicy.costAnalyzer.additionalLabels | indent 4 }} +{{- end }} +spec: + podSelector: + matchLabels: + {{- include "cost-analyzer.selectorLabels" . | nindent 6 }} + policyTypes: +{{- if .Values.networkPolicy.costAnalyzer.ingressRules }} + - Ingress +{{- end }} +{{- if .Values.networkPolicy.costAnalyzer.egressRules }} + - Egress +{{- end }} +{{- if .Values.networkPolicy.costAnalyzer.egressRules }} + egress: +{{- range $rule := .Values.networkPolicy.costAnalyzer.egressRules }} + - to: +{{ toYaml $rule.selectors | indent 7 }} + ports: +{{ toYaml $rule.ports | indent 9 }} +{{- end }} +{{- end }} +{{- if .Values.networkPolicy.costAnalyzer.ingressRules }} + ingress: +{{- range $rule := .Values.networkPolicy.costAnalyzer.ingressRules }} + - from: +{{ toYaml $rule.selectors | indent 7 }} + ports: +{{ toYaml $rule.ports | indent 9 }} +{{- end }} +{{- end }} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-policy.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-policy.yaml new file mode 100644 index 0000000000..77a062e9f4 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-network-policy.yaml @@ -0,0 +1,48 @@ +{{- if .Values.networkPolicy -}} +{{- if .Values.networkPolicy.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +{{- if .Values.networkPolicy.denyEgress }} +metadata: + name: deny-egress + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "cost-analyzer.selectorLabels" . | nindent 6 }} + policyTypes: + - Egress +{{- else }} +{{- if .Values.networkPolicy.sameNamespace}} +metadata: + name: shared-namespace + namespace: {{ default "kubecost" .Values.networkPolicy.namespace}} +spec: + podSelector: + matchLabels: + app: prometheus + component: server +{{- else }} +metadata: + name: closed-traffic + namespace: {{ default "kubecost" .Values.networkPolicy.namespace}} +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: cost-analyzer +{{- end }} + policyTypes: + - Ingress + ingress: + - from: + - podSelector: + matchLabels: + app.kubernetes.io/name: cost-analyzer + - namespaceSelector: + matchLabels: + name: k8s-kubecost +{{- end }} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-networks-costs-ocp-scc.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-networks-costs-ocp-scc.yaml new file mode 100644 index 0000000000..8602cb0c61 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-networks-costs-ocp-scc.yaml @@ -0,0 +1,30 @@ +{{- if and (.Capabilities.APIVersions.Has "security.openshift.io/v1/SecurityContextConstraints") (.Values.global.platforms.openshift.scc.networkCosts) (.Values.networkCosts.enabled) }} +apiVersion: security.openshift.io/v1 +kind: SecurityContextConstraints +metadata: + name: {{ template "cost-analyzer.networkCostsName" . }} +priority: 10 +allowPrivilegedContainer: true +allowHostDirVolumePlugin: true +allowHostNetwork: true +allowHostPorts: true +allowHostPID: false +allowHostIPC: false +readOnlyRootFilesystem: false +runAsUser: + type: RunAsAny +fsGroup: + type: RunAsAny +seLinuxContext: + type: RunAsAny +supplementalGroups: + type: RunAsAny +seccompProfiles: +- runtime/default +volumes: + - hostPath + - projected + - configMap +users: + - system:serviceaccount:{{ .Release.Namespace }}:{{ template "cost-analyzer.serviceAccountName" . }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ocp-route.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ocp-route.yaml new file mode 100644 index 0000000000..3438dcd546 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-ocp-route.yaml @@ -0,0 +1,25 @@ +{{- if and (.Capabilities.APIVersions.Has "route.openshift.io/v1/Route") (.Values.global.platforms.openshift.enabled) (.Values.global.platforms.openshift.route.enabled) }} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ template "cost-analyzer.fullname" . }}-route + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.global.platforms.openshift.route.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.global.platforms.openshift.route.host }} + host: "{{ .Values.global.platforms.openshift.route.host }}" + {{- end }} + port: + targetPort: tcp-frontend + tls: + termination: edge + to: + kind: Service + name: {{ template "cost-analyzer.serviceName" . }} + weight: 100 + wildcardPolicy: None +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-oidc-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-oidc-config-map-template.yaml new file mode 100644 index 0000000000..cb44943d35 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-oidc-config-map-template.yaml @@ -0,0 +1,49 @@ +{{- if .Values.oidc }} +{{- if .Values.oidc.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "cost-analyzer.fullname" . }}-oidc + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: +{{- $root := . }} + oidc.json: |- + { + "enabled" : {{ .Values.oidc.enabled }}, + "useIDToken" : {{ .Values.oidc.useIDToken | default "false" }}, + "clientID" : "{{ .Values.oidc.clientID }}", + {{- if .Values.oidc.existingCustomSecret.enabled }} + "secretName" : "{{ .Values.oidc.existingCustomSecret.name }}", + {{- else }} + "secretName" : "{{ .Values.oidc.secretName }}", + {{- end }} + "authURL" : "{{ .Values.oidc.authURL }}", + "loginRedirectURL" : "{{ .Values.oidc.loginRedirectURL }}", + "discoveryURL" : "{{ .Values.oidc.discoveryURL }}", + "hostedDomain" : "{{ .Values.oidc.hostedDomain }}", + "skipOnlineTokenValidation" : "{{ .Values.oidc.skipOnlineTokenValidation | default "false" }}", + "useClientSecretPost": {{ .Values.oidc.useClientSecretPost }}, + "rbac" : { + "enabled" : {{ .Values.oidc.rbac.enabled }}, + "groups" : [ + {{- range $i, $g := .Values.oidc.rbac.groups }} + {{- if ne $i 0 }},{{- end }} + { + "roleName": "{{ $g.name }}", + "enabled": {{ $g.enabled }}, + "claimName": "{{ $g.claimName }}", + "claimValues": [ + {{- range $j, $v := $g.claimValues }} + {{- if ne $j 0 }},{{- end }} + "{{ $v }}" + {{- end }} + ] + } + {{- end }} + ] + } + } +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pkey-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pkey-configmap.yaml new file mode 100644 index 0000000000..6420ac75a7 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pkey-configmap.yaml @@ -0,0 +1,23 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.productKey }} +{{- if .Values.kubecostProductConfigs.productKey.enabled }} +# If the productKey.key is not specified, the configmap will not be created +{{- if .Values.kubecostProductConfigs.productKey.key }} +# If the secretname is specified, the configmap will not be created +{{- if not .Values.kubecostProductConfigs.productKey.secretname }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "product-configs" .Values.productConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + {{- if .Values.kubecostProductConfigs.productKey.key }} + key: {{ .Values.kubecostProductConfigs.productKey.key | quote }} + {{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pricing-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pricing-configmap.yaml new file mode 100644 index 0000000000..1325d4434d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pricing-configmap.yaml @@ -0,0 +1,141 @@ +{{- if .Values.kubecostProductConfigs }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "pricing-configs" .Values.pricingConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + {{- if .Values.kubecostProductConfigs.defaultModelPricing }} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.enabled }} + {{- if .Values.kubecostProductConfigs.customPricesEnabled }} + customPricesEnabled: "{{ .Values.kubecostProductConfigs.customPricesEnabled }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.CPU }} + CPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.CPU | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.spotCPU }} + spotCPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.spotCPU | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.RAM }} + RAM: "{{ .Values.kubecostProductConfigs.defaultModelPricing.RAM | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.spotRAM }} + spotRAM: "{{ .Values.kubecostProductConfigs.defaultModelPricing.spotRAM | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.GPU }} + GPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.GPU | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.spotGPU }} + spotGPU: "{{ .Values.kubecostProductConfigs.defaultModelPricing.spotGPU | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.storage }} + storage: "{{ .Values.kubecostProductConfigs.defaultModelPricing.storage | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.zoneNetworkEgress }} + zoneNetworkEgress: "{{ .Values.kubecostProductConfigs.defaultModelPricing.zoneNetworkEgress | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.regionNetworkEgress }} + regionNetworkEgress: "{{ .Values.kubecostProductConfigs.defaultModelPricing.regionNetworkEgress | toString }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultModelPricing.internetNetworkEgress }} + internetNetworkEgress: "{{ .Values.kubecostProductConfigs.defaultModelPricing.internetNetworkEgress | toString }}" + {{- end -}} + {{- end -}} + {{- end -}} + {{- if .Values.kubecostProductConfigs.clusterName }} + clusterName: "{{ .Values.kubecostProductConfigs.clusterName }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.clusterAccountID }} + clusterAccountID: "{{ .Values.kubecostProductConfigs.clusterAccountID }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.currencyCode }} + currencyCode: "{{ .Values.kubecostProductConfigs.currencyCode }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.azureBillingRegion }} + azureBillingRegion: "{{ .Values.kubecostProductConfigs.azureBillingRegion }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.azureSubscriptionID }} + azureSubscriptionID: "{{ .Values.kubecostProductConfigs.azureSubscriptionID }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.azureClientID }} + azureClientID: "{{ .Values.kubecostProductConfigs.azureClientID }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.azureTenantID }} + azureTenantID: "{{ .Values.kubecostProductConfigs.azureTenantID }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.azureOfferDurableID }} + azureOfferDurableID: "{{ .Values.kubecostProductConfigs.azureOfferDurableID }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.discount }} + discount: "{{ .Values.kubecostProductConfigs.discount }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.negotiatedDiscount }} + negotiatedDiscount: "{{ .Values.kubecostProductConfigs.negotiatedDiscount }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.defaultIdle }} + defaultIdle: "{{ .Values.kubecostProductConfigs.defaultIdle }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.sharedNamespaces }} + sharedNamespaces: "{{ .Values.kubecostProductConfigs.sharedNamespaces }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.sharedOverhead }} + sharedOverhead: "{{ .Values.kubecostProductConfigs.sharedOverhead }}" + {{- end -}} + {{- if gt (len (toString .Values.kubecostProductConfigs.shareTenancyCosts)) 0 }} + {{- if eq (toString .Values.kubecostProductConfigs.shareTenancyCosts) "false" }} + shareTenancyCosts: "false" + {{- else if eq (toString .Values.kubecostProductConfigs.shareTenancyCosts) "true" }} + shareTenancyCosts: "true" + {{- end -}} + {{- end -}} + {{- if .Values.kubecostProductConfigs.spotLabel }} + spotLabel: "{{ .Values.kubecostProductConfigs.spotLabel }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.spotLabelValue }} + spotLabelValue: "{{ .Values.kubecostProductConfigs.spotLabelValue }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.awsSpotDataRegion }} + spotDataRegion: "{{ .Values.kubecostProductConfigs.awsSpotDataRegion }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.awsSpotDataBucket }} + spotDataBucket: "{{ .Values.kubecostProductConfigs.awsSpotDataBucket }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.awsSpotDataPrefix }} + spotDataPrefix: "{{ .Values.kubecostProductConfigs.awsSpotDataPrefix }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.projectID }} + projectID: "{{ .Values.kubecostProductConfigs.projectID }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.bigQueryBillingDataDataset }} + billingDataDataset: "{{ .Values.kubecostProductConfigs.bigQueryBillingDataDataset }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.athenaProjectID }} + athenaProjectID: "{{ .Values.kubecostProductConfigs.athenaProjectID }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.athenaBucketName }} + athenaBucketName: "{{ .Values.kubecostProductConfigs.athenaBucketName }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.athenaRegion }} + athenaRegion: "{{ .Values.kubecostProductConfigs.athenaRegion }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.athenaDatabase }} + athenaDatabase: "{{ .Values.kubecostProductConfigs.athenaDatabase }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.athenaTable }} + athenaTable: "{{ .Values.kubecostProductConfigs.athenaTable }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.athenaWorkgroup }} + athenaWorkgroup: "{{ .Values.kubecostProductConfigs.athenaWorkgroup }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.masterPayerARN}} + masterPayerARN: "{{ .Values.kubecostProductConfigs.masterPayerARN }}" + {{- end }} + {{- if .Values.kubecostProductConfigs.gpuLabel }} + gpuLabel: "{{ .Values.kubecostProductConfigs.gpuLabel }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.gpuLabelValue }} + gpuLabelValue: "{{ .Values.kubecostProductConfigs.gpuLabelValue }}" + {{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-prometheusrule-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-prometheusrule-template.yaml new file mode 100644 index 0000000000..eba7797f38 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-prometheusrule-template.yaml @@ -0,0 +1,22 @@ +{{- if .Values.prometheus }} +{{- if .Values.prometheus.serverFiles }} +{{- if .Values.prometheus.serverFiles.rules }} +{{- if .Values.prometheusRule }} +{{- if .Values.prometheusRule.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ include "cost-analyzer.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if .Values.prometheusRule.additionalLabels }} + {{ toYaml .Values.prometheusRule.additionalLabels | nindent 4 }} + {{- end }} +spec: + {{ toYaml .Values.prometheus.serverFiles.rules | nindent 2 }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pvc-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pvc-template.yaml new file mode 100644 index 0000000000..82a9cdcd0f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-pvc-template.yaml @@ -0,0 +1,33 @@ +{{- if .Values.persistentVolume -}} +{{- if not .Values.persistentVolume.existingClaim -}} +{{- if .Values.persistentVolume.enabled -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "cost-analyzer.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.persistentVolume.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.persistentVolume.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + accessModes: + - ReadWriteOnce + {{- if .Values.persistentVolume.storageClass }} + storageClassName: {{ .Values.persistentVolume.storageClass }} + {{ end }} + resources: + requests: + {{- if .Values.persistentVolume }} + storage: {{ .Values.persistentVolume.size }} + {{- else }} + storage: 32.0Gi + {{ end }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-saml-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-saml-config-map-template.yaml new file mode 100644 index 0000000000..3293f25980 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-saml-config-map-template.yaml @@ -0,0 +1,14 @@ +{{- if .Values.saml }} +{{- if .Values.saml.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "cost-analyzer.fullname" . }}-saml + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: +{{- $root := . }} + saml.json: '{{ toJson .Values.saml }}' +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-saved-reports-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-saved-reports-configmap.yaml new file mode 100644 index 0000000000..285229ab2c --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-saved-reports-configmap.yaml @@ -0,0 +1,13 @@ +{{- if .Values.global.savedReports }} +{{- if .Values.global.savedReports.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{default "saved-report-configs" .Values.savedReportConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + saved-reports.json: '{{ toJson .Values.global.savedReports.reports }}' +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-server-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-server-configmap.yaml new file mode 100644 index 0000000000..57038b9cdf --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-server-configmap.yaml @@ -0,0 +1,72 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if or .Values.kubecostProductConfigs.grafanaURL .Values.kubecostProductConfigs.labelMappingConfigs .Values.kubecostProductConfigs.cloudAccountMapping}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "app-configs" .Values.appConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: +{{- if .Values.kubecostProductConfigs.labelMappingConfigs }} +{{- if .Values.kubecostProductConfigs.labelMappingConfigs.enabled }} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.owner_label }} + owner_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.owner_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.team_label }} + team_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.team_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.department_label }} + department_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.department_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.product_label }} + product_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.product_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.environment_label }} + environment_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.environment_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.namespace_external_label }} + namespace_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.namespace_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.cluster_external_label }} + cluster_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.cluster_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.controller_external_label }} + controller_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.controller_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.product_external_label }} + product_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.product_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.service_external_label }} + service_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.service_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.deployment_external_label }} + deployment_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.deployment_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.team_external_label }} + team_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.team_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.environment_external_label }} + environment_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.environment_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.department_external_label }} + department_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.department_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.statefulset_external_label }} + statefulset_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.statefulset_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.daemonset_external_label }} + daemonset_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.daemonset_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.pod_external_label }} + pod_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.pod_external_label }}" + {{- end -}} + {{- if .Values.kubecostProductConfigs.labelMappingConfigs.owner_external_label }} + owner_external_label: "{{ .Values.kubecostProductConfigs.labelMappingConfigs.owner_external_label }}" + {{- end -}} +{{- end -}} +{{- end -}} + {{- if .Values.kubecostProductConfigs.grafanaURL }} + grafanaURL: "{{ .Values.kubecostProductConfigs.grafanaURL }}" + {{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-service-account-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-service-account-template.yaml new file mode 100644 index 0000000000..f2a2cec80a --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-service-account-template.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "cost-analyzer.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-service-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-service-template.yaml new file mode 100644 index 0000000000..82d957fca7 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-service-template.yaml @@ -0,0 +1,66 @@ +{{- if and (not .Values.agent) (not .Values.cloudAgent) }} +kind: Service +apiVersion: v1 +metadata: + name: {{ template "cost-analyzer.serviceName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} +spec: + selector: + {{- include "cost-analyzer.selectorLabels" . | nindent 4 }} +{{- if .Values.service -}} +{{- if .Values.service.type }} + type: "{{ .Values.service.type }}" +{{- else }} + type: ClusterIP +{{- end }} +{{- else }} + type: ClusterIP +{{- end }} +{{- if (eq .Values.service.type "LoadBalancer") }} + {{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }} + {{- end -}} +{{- end }} + ports: + - name: tcp-model + port: 9003 + targetPort: 9003 + {{- with .Values.kubecostModel.extraPorts }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if and (.Values.kubecostFrontend.enabled) (not (eq (include "frontend.deployMethod" .) "haMode")) }} + - name: tcp-frontend + {{- if (eq .Values.service.type "NodePort") }} + {{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + {{- end }} + port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + {{- end }} + {{- if or .Values.saml.enabled .Values.oidc.enabled}} + - name: apiserver + port: 9007 + targetPort: 9007 + {{- end }} +{{- if .Values.service.sessionAffinity.enabled }} + sessionAffinity: ClientIP + {{- if .Values.service.sessionAffinity.timeoutSeconds }} + sessionAffinityConfig: + clientIP: + timeoutSeconds: {{ .Values.service.sessionAffinity.timeoutSeconds }} + {{- end }} +{{- else }} + sessionAffinity: None +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-servicemonitor-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-servicemonitor-template.yaml new file mode 100644 index 0000000000..fb33792467 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-servicemonitor-template.yaml @@ -0,0 +1,34 @@ +{{- if .Values.serviceMonitor }} +{{- if .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "cost-analyzer.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if .Values.serviceMonitor.additionalLabels }} + {{ toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: tcp-model + honorLabels: true + interval: {{ .Values.serviceMonitor.interval }} + scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} + path: /metrics + scheme: http + {{- with .Values.serviceMonitor.metricRelabelings }} + metricRelabelings: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.serviceMonitor.relabelings }} + relabelings: {{ toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{ include "cost-analyzer.selectorLabels" . | nindent 6 }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-smtp-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-smtp-configmap.yaml new file mode 100644 index 0000000000..fd00091ce3 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/cost-analyzer-smtp-configmap.yaml @@ -0,0 +1,12 @@ + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ default "smtp-configs" .Values.smtpConfigmapName }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- if (((.Values.kubecostProductConfigs).smtp).config) }} +data: + config: {{ .Values.kubecostProductConfigs.smtp.config | quote }} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/diagnostics-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/diagnostics-deployment.yaml new file mode 100644 index 0000000000..d47590eca8 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/diagnostics-deployment.yaml @@ -0,0 +1,174 @@ +{{- if and .Values.diagnostics.enabled .Values.diagnostics.deployment.enabled }} +{{- if or (not (empty .Values.kubecostModel.federatedStorageConfigSecret )) .Values.kubecostModel.federatedStorageConfig -}} + +{{- if eq .Values.prometheus.server.global.external_labels.cluster_id "cluster-one" }} +{{- fail "Error: The 'cluster_id' is set to default 'cluster-one'. Please update so that the diagnostics service can uniquely identify data coming from this cluster." }} +{{- end }} + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "diagnostics.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "diagnostics.selectorLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if .Values.diagnostics.deployment.labels }} + {{- toYaml .Values.diagnostics.deployment.labels | nindent 4 }} + {{- end }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "diagnostics.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "diagnostics.selectorLabels" . | nindent 8 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + {{- with .Values.global.podAnnotations}} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/configs: {{ include "configsChecksum" . }} + spec: + restartPolicy: Always + {{- if .Values.diagnostics.deployment.securityContext }} + securityContext: + {{- toYaml .Values.diagnostics.deployment.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} + volumes: + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig }} + - name: federated-storage-config + secret: + defaultMode: 420 + secretName: {{ .Values.kubecostModel.federatedStorageConfigSecret | default "federated-store" }} + {{- end }} + - name: config-db + {{- /* #TODO: make pv? */}} + emptyDir: {} + containers: + - name: diagnostics + args: ["diagnostics"] + {{- if .Values.kubecostModel }} + {{- if .Values.kubecostModel.fullImageName }} + image: {{ .Values.kubecostModel.fullImageName }} + {{- else if .Values.imageVersion }} + image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + image: gcr.io/kubecost1/cost-model-nightly:latest + {{- else }} + image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} + {{- end }} + {{- else }} + image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} + {{- end }} + {{- if .Values.kubecostModel.imagePullPolicy }} + imagePullPolicy: {{ .Values.kubecostModel.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.diagnostics.deployment.containerSecurityContext }} + securityContext: + {{- toYaml .Values.diagnostics.deployment.containerSecurityContext | nindent 12 }} + {{- else if .Values.global.containerSecurityContext }} + securityContext: + {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} + {{- end }} + volumeMounts: + - name: config-db + mountPath: /var/configs/db + readOnly: false + - name: federated-storage-config + mountPath: /var/configs/etl + readOnly: true + env: + {{- if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }} + - name: CLUSTER_ID + value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} + {{- end }} + {{- if .Values.prometheus.server.clusterIDConfigmap }} + - name: CLUSTER_ID + valueFrom: + configMapKeyRef: + name: {{ .Values.prometheus.server.clusterIDConfigmap }} + key: CLUSTER_ID + {{- end }} + - name: FEDERATED_STORE_CONFIG + value: /var/configs/etl/federated-store.yaml + - name: DIAGNOSTICS_RUN_IN_COST_MODEL + value: "false" + - name: DIAGNOSTICS_KUBECOST_FQDN + value: {{ template "cost-analyzer.serviceName" . }} + - name: DIAGNOSTICS_KUBECOST_NAMESPACE + value: {{ .Release.Namespace }} + - name: DIAGNOSTICS_PRIMARY + value: {{ quote .Values.diagnostics.primary.enabled }} + - name: DIAGNOSTICS_RETENTION + value: {{ .Values.diagnostics.primary.retention }} + - name: DIAGNOSTICS_PRIMARY_READONLY + value: {{ quote .Values.diagnostics.primary.readonly }} + - name: DIAGNOSTICS_POLLING_INTERVAL + value: {{ .Values.diagnostics.pollingInterval }} + - name: DIAGNOSTICS_KEEP_HISTORY + value: {{ quote .Values.diagnostics.keepDiagnosticHistory }} + - name: DIAGNOSTICS_COLLECT_HELM_VALUES + value: {{ quote .Values.diagnostics.collectHelmValues }} + {{- if .Values.systemProxy.enabled }} + - name: HTTP_PROXY + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: http_proxy + value: {{ .Values.systemProxy.httpProxyUrl }} + - name: HTTPS_PROXY + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: https_proxy + value: {{ .Values.systemProxy.httpsProxyUrl }} + - name: NO_PROXY + value: {{ .Values.systemProxy.noProxy }} + - name: no_proxy + value: {{ .Values.systemProxy.noProxy }} + {{- end }} + {{- range $key, $value := .Values.diagnostics.deployment.env }} + - name: {{ $key | quote }} + value: {{ $value | quote }} + {{- end }} + {{- /* TODO: heatlhcheck that validates the diagnotics pod is healthy */}} + {{- if .Values.diagnostics.primary.enabled}} + readinessProbe: + httpGet: + path: /healthz + port: 9007 + ports: + - name: diagnostics-api + containerPort: 9007 + protocol: TCP + {{- end }} + resources: + {{- toYaml .Values.diagnostics.deployment.resources | nindent 12 }} + {{- with .Values.diagnostics.deployment.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.diagnostics.deployment.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.diagnostics.deployment.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/diagnostics-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/diagnostics-service.yaml new file mode 100644 index 0000000000..deb67bce65 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/diagnostics-service.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.diagnostics.enabled .Values.diagnostics.deployment.enabled .Values.diagnostics.primary.enabled }} +{{- if or (not (empty .Values.kubecostModel.federatedStorageConfigSecret )) .Values.kubecostModel.federatedStorageConfig -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "diagnostics.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "diagnostics.selectorLabels" . | nindent 4 }} +spec: + ports: + - name: diagnostics-api + protocol: TCP + port: 9007 + targetPort: diagnostics-api + selector: + {{- include "diagnostics.selectorLabels" . | nindent 4 }} + type: ClusterIP +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/etl-utils-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/etl-utils-deployment.yaml new file mode 100644 index 0000000000..1b229986b1 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/etl-utils-deployment.yaml @@ -0,0 +1,123 @@ +{{- if .Values.etlUtils.enabled }} + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "etlUtils.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "etlUtils.commonLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.global.podAnnotations}} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "etlUtils.selectorLabels" . | nindent 6 }} + strategy: + type: Recreate + template: + metadata: + labels: + app.kubernetes.io/name: {{ template "etlUtils.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app: {{ template "etlUtils.name" . }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + restartPolicy: Always + volumes: + {{- if .Values.etlUtils.thanosSourceBucketSecret }} + - name: etl-bucket-config + secret: + defaultMode: 420 + secretName: {{ .Values.etlUtils.thanosSourceBucketSecret }} + {{- end }} + {{- if or .Values.kubecostModel.federatedStorageConfigSecret .Values.kubecostModel.federatedStorageConfig}} + - name: federated-storage-config + secret: + defaultMode: 420 + secretName: {{ .Values.kubecostModel.federatedStorageConfigSecret | default "federated-store" }} + {{- end }} + serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} + containers: + - name: {{ template "etlUtils.name" . }} + {{- if .Values.kubecostModel }} + {{- if .Values.kubecostModel.openSourceOnly }} + {{- fail "ETL Utils cannot be used with open source only" }} + {{- else if .Values.etlUtils.fullImageName }} + image: {{ .Values.etlUtils.fullImageName }} + {{- else if .Values.kubecostModel.fullImageName }} + image: {{ .Values.kubecostModel.fullImageName }} + {{- else if .Values.imageVersion }} + image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + image: gcr.io/kubecost1/cost-model-nightly:latest + {{- else }} + image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} + {{ end }} + {{- else }} + image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} + {{ end }} + readinessProbe: + httpGet: + path: /healthz + port: 9006 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 200 + livenessProbe: + httpGet: + path: /healthz + port: 9006 + initialDelaySeconds: 10 + periodSeconds: 5 + imagePullPolicy: Always + args: ["etl-utils"] + ports: + - name: api + containerPort: 9006 + protocol: TCP + resources: + {{- toYaml .Values.etlUtils.resources | nindent 12 }} + volumeMounts: + {{- if .Values.etlUtils.thanosSourceBucketSecret }} + - name: etl-bucket-config + mountPath: /var/configs/etl + readOnly: true + {{- end }} + env: + - name: CONFIG_PATH + value: /var/configs/ + {{- if .Values.etlUtils.thanosSourceBucketSecret }} + - name: ETL_BUCKET_CONFIG + value: "/var/configs/etl/object-store.yaml" + {{- end}} + {{- range $key, $value := .Values.etlUtils.env }} + - name: {{ $key | quote }} + value: {{ $value | quote }} + {{- end }} + + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- with .Values.etlUtils.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.etlUtils.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.etlUtils.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/etl-utils-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/etl-utils-service.yaml new file mode 100644 index 0000000000..8296d7faaa --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/etl-utils-service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.etlUtils.enabled }} + +kind: Service +apiVersion: v1 +metadata: + name: {{ template "etlUtils.serviceName" . }} + namespace: {{ .Release.Namespace }} + labels: +{{ include "etlUtils.commonLabels" . | nindent 4 }} +spec: + selector: +{{ include "etlUtils.selectorLabels" . | nindent 4 }} + type: "ClusterIP" + ports: + - name: api + port: 9006 + targetPort: 9006 +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/external-grafana-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/external-grafana-config-map-template.yaml new file mode 100644 index 0000000000..1ac24ee3e2 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/external-grafana-config-map-template.yaml @@ -0,0 +1,11 @@ +{{- if eq .Values.global.grafana.proxy false -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: external-grafana-config-map + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + grafanaURL: {{ .Values.global.grafana.scheme | default "http" }}://{{- .Values.global.grafana.domainName }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/extra-manifests.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/extra-manifests.yaml new file mode 100644 index 0000000000..edad397d93 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/extra-manifests.yaml @@ -0,0 +1,8 @@ +{{ range .Values.extraObjects }} +--- +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} +{{ end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/federated-store.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/federated-store.yaml new file mode 100644 index 0000000000..8119f0b51f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/federated-store.yaml @@ -0,0 +1,12 @@ +{{- if .Values.kubecostModel.federatedStorageConfig -}} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: federated-store + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + federated-store.yaml: {{ .Values.kubecostModel.federatedStorageConfig | b64enc }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/forecasting-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/forecasting-deployment.yaml new file mode 100644 index 0000000000..acc8a3c7d9 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/forecasting-deployment.yaml @@ -0,0 +1,145 @@ +{{- if and .Values.forecasting.enabled (not .Values.federatedETL.agentOnly) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "forecasting.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "forecasting.commonLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "forecasting.selectorLabels" . | nindent 6 }} + strategy: + type: RollingUpdate + template: + metadata: + labels: + app.kubernetes.io/name: forecasting + app.kubernetes.io/instance: {{ .Release.Name }} + app: forecasting + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.podAnnotations}} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + automountServiceAccountToken: false + {{- if .Values.global.platforms.openshift.enabled }} + securityContext: + {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- else }} + securityContext: + runAsUser: 1001 + runAsGroup: 1001 + fsGroup: 1001 + {{- end }} + restartPolicy: Always + containers: + - name: forecasting + {{- if .Values.forecasting.fullImageName }} + image: {{ .Values.forecasting.fullImageName }} + {{- else }} + image: gcr.io/kubecost1/kubecost-modeling:prod-{{ $.Chart.AppVersion }} + {{ end }} + {{- if .Values.forecasting.readinessProbe.enabled }} + volumeMounts: + - name: tmp + {{- /* In the future, this path should be configurable and not under tmp */}} + mountPath: /tmp + securityContext: + {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} + {{- if .Values.forecasting.imagePullPolicy }} + imagePullPolicy: {{ .Values.forecasting.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + ports: + - name: tcp-api + containerPort: 5000 + protocol: TCP + {{- with .Values.forecasting.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: CONFIG_PATH + value: /var/configs/ + {{- if or .Values.saml.enabled .Values.oidc.enabled }} + - name: KCM_BASE_URL + value: http://{{ template "aggregator.serviceName" . }}:9008 + {{- else }} + - name: KCM_BASE_URL + value: http://{{ template "aggregator.serviceName" . }}:9004 + {{- end }} + - name: MODEL_STORAGE_PATH + value: "/tmp/localrun/models" + - name: PAGE_ITEM_LIMIT + value: "1000" + {{- range $key, $value := .Values.forecasting.env }} + - name: {{ $key | quote }} + value: {{ $value | quote }} + {{- end }} + readinessProbe: + httpGet: + path: /healthz + port: 5000 + initialDelaySeconds: {{ .Values.forecasting.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.forecasting.readinessProbe.periodSeconds }} + failureThreshold: {{ .Values.forecasting.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.forecasting.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /healthz + port: 5000 + initialDelaySeconds: {{ .Values.forecasting.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.forecasting.livenessProbe.periodSeconds }} + failureThreshold: {{ .Values.forecasting.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.forecasting.priority }} + {{- if .Values.forecasting.priority.enabled }} + {{- if .Values.forecasting.priority.name }} + priorityClassName: {{ .Values.forecasting.priority.name }} + {{- else }} + priorityClassName: {{ template "forecasting.fullname" . }}-priority + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.forecasting.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.forecasting.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.forecasting.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: tmp + {{- /* + An emptyDir for models is necessary because of the + readOnlyRootFilesystem default In the future, this may optionally be a + PV. To allow Python to auto-detect a temp directory, which the code + currently relies on, we mount it at /tmp. In the future this will be a + configurable path. + */}} + emptyDir: + sizeLimit: 500Mi +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/forecasting-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/forecasting-service.yaml new file mode 100644 index 0000000000..41e69961e3 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/forecasting-service.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.forecasting.enabled (not .Values.federatedETL.agentOnly) }} +kind: Service +apiVersion: v1 +metadata: + name: {{ template "forecasting.serviceName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "forecasting.commonLabels" . | nindent 4 }} +spec: + selector: + {{- include "forecasting.selectorLabels" . | nindent 4 }} + type: ClusterIP + ports: + - name: tcp-api + port: 5000 + targetPort: 5000 +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/frontend-deployment-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/frontend-deployment-template.yaml new file mode 100644 index 0000000000..316400dbb0 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/frontend-deployment-template.yaml @@ -0,0 +1,217 @@ +{{- if eq (include "frontend.deployMethod" .) "haMode" }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "frontend.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if and .Values.kubecostDeployment .Values.kubecostDeployment.labels }} + {{- toYaml .Values.kubecostDeployment.labels | nindent 4 }} + {{- end }} + {{- if and .Values.kubecostDeployment .Values.kubecostDeployment.annotations }} + annotations: + {{- toYaml .Values.kubecostDeployment.annotations | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.kubecostFrontend.haReplicas | default 2 }} + selector: + matchLabels: + {{- include "frontend.selectorLabels" . | nindent 6 }} + {{- if .Values.kubecostFrontend.deploymentStrategy }} + {{- with .Values.kubecostFrontend.deploymentStrategy }} + strategy: {{ toYaml . | nindent 4 }} + {{- end }} + {{- else }} + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + {{- end }} + template: + metadata: + labels: + {{- include "frontend.selectorLabels" . | nindent 8 }} + {{- if .Values.global.additionalLabels }} + {{- toYaml .Values.global.additionalLabels | nindent 8 }} + {{- end }} + {{- if and .Values.kubecostDeployment .Values.kubecostDeployment.labels }} + {{- toYaml .Values.kubecostDeployment.labels | nindent 8 }} + {{- end }} + annotations: + {{- with .Values.global.podAnnotations}} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/configs: {{ include "configsChecksum" . }} + spec: + {{- if .Values.global.platforms.openshift.enabled }} + securityContext: + {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- else }} + securityContext: + runAsUser: 1001 + runAsGroup: 1001 + fsGroup: 1001 + {{- end }} + restartPolicy: Always + serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} + volumes: + - name: tmp + emptyDir: {} + - name: nginx-conf + configMap: + name: nginx-conf + items: + - key: nginx.conf + path: default.conf + {{- if .Values.global.containerSecuritycontext }} + - name: var-run + emptyDir: {} + - name: cache + emptyDir: {} + {{- end }} + {{- if .Values.kubecostFrontend.tls }} + {{- if .Values.kubecostFrontend.tls.enabled }} + - name: tls + secret: + secretName : {{ .Values.kubecostFrontend.tls.secretName }} + items: + - key: tls.crt + path: kc.crt + - key: tls.key + path: kc.key + {{- end }} + {{- end }} + {{- if .Values.kubecostAdmissionController }} + {{- if .Values.kubecostAdmissionController.enabled }} + {{- if .Values.kubecostAdmissionController.secretName }} + - name: webhook-server-tls + secret: + secretName: {{ .Values.kubecostAdmissionController.secretName }} + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + {{- end }} + {{- end }} + {{- end }} + containers: + {{- if .Values.kubecostFrontend }} + {{- if .Values.kubecostFrontend.fullImageName }} + - image: {{ .Values.kubecostFrontend.fullImageName }} + {{- else if .Values.imageVersion }} + - image: {{ .Values.kubecostFrontend.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + - image: gcr.io/kubecost1/frontend-nightly:latest + {{- else }} + - image: {{ .Values.kubecostFrontend.image }}:prod-{{ $.Chart.AppVersion }} + {{- end }} + {{- else }} + - image: gcr.io/kubecost1/frontend:prod-{{ $.Chart.AppVersion }} + {{- end }} + name: cost-analyzer-frontend + ports: + - name: tcp-frontend + containerPort: 9090 + protocol: TCP + env: + - name: GET_HOSTS_FROM + value: dns + {{- if .Values.kubecostFrontend.extraEnv -}} + {{ toYaml .Values.kubecostFrontend.extraEnv | nindent 12 }} + {{- end }} + {{- if .Values.kubecostFrontend.securityContext }} + securityContext: + {{- toYaml .Values.kubecostFrontend.securityContext | nindent 12 }} + {{- else }} + securityContext: + {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} + {{- end }} + volumeMounts: + - name: tmp + mountPath: /tmp + - name: tmp + mountPath: /var/lib/nginx/tmp + - name: tmp + mountPath: /var/run + - name: nginx-conf + mountPath: /etc/nginx/conf.d/ + {{- if .Values.global.containerSecuritycontext }} + - mountPath: /var/cache/nginx + name: cache + - mountPath: /var/run + name: var-run + {{- end }} + {{- if .Values.kubecostFrontend.tls }} + {{- if .Values.kubecostFrontend.tls.enabled }} + - name: tls + mountPath: /etc/ssl/certs + {{- end }} + {{- end }} + resources: + {{- toYaml .Values.kubecostFrontend.resources | nindent 12 }} + {{- if .Values.kubecostFrontend.imagePullPolicy }} + imagePullPolicy: {{ .Values.kubecostFrontend.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + {{- if .Values.kubecostFrontend.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: {{ .Values.kubecostFrontend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostFrontend.readinessProbe.periodSeconds }} + failureThreshold: {{ .Values.kubecostFrontend.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.kubecostFrontend.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: {{ .Values.kubecostFrontend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.kubecostFrontend.livenessProbe.periodSeconds }} + failureThreshold: {{ .Values.kubecostFrontend.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.global.containerSecuritycontext }} + securityContext: + {{- toYaml .Values.global.containerSecuritycontext | nindent 12 }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.priority }} + {{- if .Values.priority.enabled }} + {{- if gt (len .Values.priority.name) 0 }} + priorityClassName: {{ .Values.priority.name }} + {{- else }} + priorityClassName: {{ template "cost-analyzer.fullname" . }}-priority + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/frontend-service-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/frontend-service-template.yaml new file mode 100644 index 0000000000..22c2d4fde8 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/frontend-service-template.yaml @@ -0,0 +1,53 @@ +{{- if eq (include "frontend.deployMethod" .) "haMode" }} +kind: Service +apiVersion: v1 +metadata: + name: {{ template "frontend.serviceName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} +spec: + selector: + {{- include "frontend.selectorLabels" . | nindent 4 }} +{{- if .Values.service -}} +{{- if .Values.service.type }} + type: "{{ .Values.service.type }}" +{{- else }} + type: ClusterIP +{{- end }} +{{- else }} + type: ClusterIP +{{- end }} +{{- if (eq .Values.service.type "LoadBalancer") }} + {{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }} + {{- end -}} +{{- end }} + ports: + - name: tcp-frontend + {{- if (eq .Values.service.type "NodePort") }} + {{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + {{- end }} + port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} +{{- if .Values.service.sessionAffinity.enabled }} + sessionAffinity: ClientIP + {{- if .Values.service.sessionAffinity.timeoutSeconds }} + sessionAffinityConfig: + clientIP: + timeoutSeconds: {{ .Values.service.sessionAffinity.timeoutSeconds }} + {{- end }} +{{- else }} + sessionAffinity: None +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/gcpstore-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/gcpstore-config-map-template.yaml new file mode 100644 index 0000000000..0c5da0df9a --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/gcpstore-config-map-template.yaml @@ -0,0 +1,61 @@ +{{- if .Values.global.gcpstore.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: ubbagent-config +data: + config.yaml: | + # The identity section contains authentication information used + # by the agent. + identities: + - name: gcp + gcp: + # This parameter accepts a base64-encoded JSON service + # account key. The value comes from the reporting secret. + encodedServiceAccountKey: $AGENT_ENCODED_KEY + + # The metrics section defines the metric that will be reported. + # Metric names should match verbatim the identifiers created + # during pricing setup. + metrics: + + - name: commercial_ent_node_hr + type: int + endpoints: + - name: servicecontrol + + # The passthrough marker indicates that no aggregation should + # occur for this metric. Reports received are immediately sent + # to the reporting endpoint. We use passthrough for the + # instance_time metric since reports are generated + # automatically by a heartbeat source defined in a later + # section. + passthrough: {} + + # The endpoints section defines where metering data is ultimately + # sent. Currently supported endpoints include: + # * disk - some directory on the local filesystem + # * servicecontrol - Google Service Control + endpoints: + - name: servicecontrol + servicecontrol: + identity: gcp + # The service name is unique to your application and will be + # provided during onboarding. + serviceName: kubecost-ent.endpoints.kubecost-public.cloud.goog + consumerId: $AGENT_CONSUMER_ID # From the reporting secret. + + + # The sources section lists metric data sources run by the agent + # itself. The currently-supported source is 'heartbeat', which + # sends a defined value to a metric at a defined interval. In + # this example, the heartbeat sends a 60-second value through the + # "instance_time" metric every minute. + sources: + - name: commercial_ent_node_hr_heartbeat + heartbeat: + metric: commercial_ent_node_hr + intervalSeconds: 3600 + value: + int64Value: 1 +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-clusterrole.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-clusterrole.yaml new file mode 100644 index 0000000000..ca1666823d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-clusterrole.yaml @@ -0,0 +1,24 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +{{- if .Values.grafana.rbac.create }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.grafana.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} + name: {{ template "grafana.fullname" . }}-clusterrole +{{- if or .Values.grafana.sidecar.dashboards.enabled .Values.grafana.sidecar.datasources.enabled }} +rules: +- apiGroups: [""] # "" indicates the core API group + resources: ["configmaps"] + verbs: ["get", "watch", "list"] +{{- else }} +rules: [] +{{- end}} +{{- end}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-clusterrolebinding.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-clusterrolebinding.yaml new file mode 100644 index 0000000000..4fc7267f32 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-clusterrolebinding.yaml @@ -0,0 +1,24 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +{{- if .Values.grafana.rbac.create }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "grafana.fullname" . }}-clusterrolebinding + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.grafana.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +subjects: + - kind: ServiceAccount + name: {{ template "grafana.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ template "grafana.fullname" . }}-clusterrole + apiGroup: rbac.authorization.k8s.io +{{- end}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-configmap-dashboard-provider.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-configmap-dashboard-provider.yaml new file mode 100644 index 0000000000..78c7717be6 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-configmap-dashboard-provider.yaml @@ -0,0 +1,28 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +{{- if .Values.grafana.sidecar.dashboards.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.grafana.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} + name: {{ template "grafana.fullname" . }}-config-dashboards + namespace: {{ .Release.Namespace }} +data: + provider.yaml: |- + apiVersion: 1 + providers: + - name: 'default' + orgId: 1 + folder: '' + type: file + disableDeletion: false + options: + path: {{ .Values.grafana.sidecar.dashboards.folder }} +{{- end}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-configmap.yaml new file mode 100644 index 0000000000..04d6146674 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-configmap.yaml @@ -0,0 +1,90 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "grafana.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{- if .Values.grafana.plugins }} + plugins: {{ join "," .Values.grafana.plugins }} +{{- end }} + grafana.ini: | +{{- range $key, $value := index .Values.grafana "grafana.ini" }} + [{{ $key }}] + {{- range $elem, $elemVal := $value }} + {{ $elem }} = {{ $elemVal }} + {{- end }} +{{- end }} + +{{- if .Values.grafana.datasources }} + {{- range $key, $value := .Values.grafana.datasources }} + {{ $key }}: | +{{ toYaml $value | trim | indent 4 }} + {{- end -}} +{{- end }} +{{- if not .Values.grafana.datasources }} + datasources.yaml: | + apiVersion: 1 + datasources: +{{- if .Values.global.prometheus.enabled }} + - access: proxy + isDefault: true + name: Prometheus + type: prometheus + url: http://{{ template "cost-analyzer.prometheus.server.name" . }}.{{ .Release.Namespace }}.svc + jsonData: + httpMethod: POST + prometheusType: Prometheus + prometheusVersion: 2.35.0 + timeInterval: 1m +{{- else }} + - access: proxy + isDefault: true + name: Prometheus + type: prometheus + url: {{ .Values.global.prometheus.fqdn }} + jsonData: + httpMethod: POST + prometheusType: Prometheus + prometheusVersion: 2.35.0 + timeInterval: 1m +{{- end -}} +{{- end }} +{{- if .Values.grafana.dashboardProviders }} + {{- range $key, $value := .Values.grafana.dashboardProviders }} + {{ $key }}: | +{{ toYaml $value | indent 4 }} + {{- end -}} +{{- end -}} + +{{- if .Values.grafana.dashboards }} + download_dashboards.sh: | + #!/usr/bin/env sh + set -euf + {{- if .Values.grafana.dashboardProviders }} + {{- range $key, $value := .Values.grafana.dashboardProviders }} + {{- range $value.providers }} + mkdir -p {{ .options.path }} + {{- end }} + {{- end }} + {{- end }} + + {{- range $provider, $dashboards := .Values.grafana.dashboards }} + {{- range $key, $value := $dashboards }} + {{- if (or (hasKey $value "gnetId") (hasKey $value "url")) }} + curl -sk \ + --connect-timeout 60 \ + --max-time 60 \ + -H "Accept: application/json" \ + -H "Content-Type: application/json;charset=UTF-8" \ + {{- if $value.url -}}{{ $value.url }}{{- else -}} https://grafana.com/api/dashboards/{{ $value.gnetId }}/revisions/{{- if $value.revision -}}{{ $value.revision }}{{- else -}}1{{- end -}}/download{{- end -}}{{ if $value.datasource }}| sed 's|\"datasource\":[^,]*|\"datasource\": \"{{ $value.datasource }}\"|g'{{ end }} \ + > /var/lib/grafana/dashboards/{{ $provider }}/{{ $key }}.json + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{ end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-attached-disks.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-attached-disks.yaml new file mode 100644 index 0000000000..3809640466 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-attached-disks.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-attached-disk-metrics + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + attached-disks.json: |- +{{- .Files.Get "grafana-dashboards/attached-disks.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-cluster-metrics-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-cluster-metrics-template.yaml new file mode 100644 index 0000000000..729869176d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-cluster-metrics-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-cluster-metrics + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + cluster-metrics.json: |- +{{- .Files.Get "grafana-dashboards/cluster-metrics.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-cluster-utilization-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-cluster-utilization-template.yaml new file mode 100644 index 0000000000..2cdbd394cd --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-cluster-utilization-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-cluster-utilization + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + cluster-utilization.json: |- +{{- .Files.Get "grafana-dashboards/cluster-utilization.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-deployment-utilization-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-deployment-utilization-template.yaml new file mode 100644 index 0000000000..f12d1095bd --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-deployment-utilization-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-deployment-utilization + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + deployment-utilization.json: |- +{{- .Files.Get "grafana-dashboards/deployment-utilization.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-kubernetes-resource-efficiency-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-kubernetes-resource-efficiency-template.yaml new file mode 100644 index 0000000000..60ad32d43e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-kubernetes-resource-efficiency-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-kubernetes-resource-efficiency + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + kubernetes-resource-efficiency.json: |- +{{- .Files.Get "grafana-dashboards/kubernetes-resource-efficiency.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-label-cost-utilization-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-label-cost-utilization-template.yaml new file mode 100644 index 0000000000..e08092459d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-label-cost-utilization-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-label-cost + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + label-cost-utilization.json: |- +{{- .Files.Get "grafana-dashboards/label-cost-utilization.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-namespace-utilization-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-namespace-utilization-template.yaml new file mode 100644 index 0000000000..f6d28686bb --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-namespace-utilization-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-namespace-utilization + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + namespace-utilization.json: |- +{{- .Files.Get "grafana-dashboards/namespace-utilization.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-network-cloud-sevices.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-network-cloud-sevices.yaml new file mode 100644 index 0000000000..af72b66644 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-network-cloud-sevices.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-network-cloud-services + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + grafana-network-cloud-services.json: |- +{{- .Files.Get "grafana-dashboards/network-cloud-services.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-network-costs.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-network-costs.yaml new file mode 100644 index 0000000000..2e753745d5 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-network-costs.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-network-costs-metrics + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + networkCosts-metrics.json: |- +{{- .Files.Get "grafana-dashboards/networkCosts-metrics.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-node-utilization-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-node-utilization-template.yaml new file mode 100644 index 0000000000..8f2998c257 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-node-utilization-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-node-utilization + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + node-utilization.json: |- +{{- .Files.Get "grafana-dashboards/node-utilization.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-pod-utilization-multi-cluster.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-pod-utilization-multi-cluster.yaml new file mode 100644 index 0000000000..7b8b6ae7ab --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-pod-utilization-multi-cluster.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-pod-utilization-multi-cluster + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + pod-utilization-multi-cluster.json: |- +{{- .Files.Get "grafana-dashboards/pod-utilization-multi-cluster.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-pod-utilization-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-pod-utilization-template.yaml new file mode 100644 index 0000000000..04374ff43a --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-pod-utilization-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-pod-utilization + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + pod-utilization.json: |- +{{- .Files.Get "grafana-dashboards/pod-utilization.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-prometheus-metrics-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-prometheus-metrics-template.yaml new file mode 100644 index 0000000000..723767c976 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-prometheus-metrics-template.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-prom-benchmark + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + prom-benchmark.json: |- +{{- .Files.Get "grafana-dashboards/prom-benchmark.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-workload-aggregator.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-workload-aggregator.yaml new file mode 100644 index 0000000000..40dfb558b2 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-workload-aggregator.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-workload-aggregator + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + workload-metrics-aggregator.json: |- +{{- .Files.Get "grafana-dashboards/workload-metrics-aggregator.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-workload-metrics.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-workload-metrics.yaml new file mode 100644 index 0000000000..fa027dce71 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboard-workload-metrics.yaml @@ -0,0 +1,21 @@ +{{- if (((.Values.grafana).sidecar).dashboards).enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-dashboard-workload-metrics + {{- if $.Values.grafana.namespace_dashboards }} + namespace: {{ $.Values.grafana.namespace_dashboards }} + {{- end }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "{{ $.Values.grafana.sidecar.dashboards.labelValue }}" + {{- else }} + grafana_dashboard: "1" + {{- end }} + annotations: +{{- toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }} +data: + grafana-workload-metrics.json: |- +{{- .Files.Get "grafana-dashboards/workload-metrics.json" | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboards-json-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboards-json-configmap.yaml new file mode 100644 index 0000000000..b7ccb3cb54 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-dashboards-json-configmap.yaml @@ -0,0 +1,24 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +{{- if .Values.grafana.dashboards }} + {{- range $provider, $dashboards := .Values.grafana.dashboards }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "grafana.fullname" $ }}-dashboards-{{ $provider }} + namespace: {{ $.Release.Namespace }} + labels: + app: {{ template "grafana.name" $ }} + release: {{ $.Release.Name }} + heritage: {{ $.Release.Service }} + dashboard-provider: {{ $provider }} +data: + {{- range $key, $value := $dashboards }} + {{- if hasKey $value "json" }} + {{ $key }}.json: | +{{ $value.json | indent 4 }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-datasource-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-datasource-template.yaml new file mode 100644 index 0000000000..ba4ecea8c9 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-datasource-template.yaml @@ -0,0 +1,38 @@ +{{- if .Values.grafana -}} +{{- if .Values.grafana.sidecar -}} +{{- if .Values.grafana.sidecar.datasources -}} +{{- if .Values.grafana.sidecar.datasources.enabled -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-datasource + {{- if $.Values.grafana.namespace_datasources }} + namespace: {{ $.Values.grafana.namespace_datasources }} + {{- end }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if $.Values.grafana.sidecar.datasources.label }} + {{ $.Values.grafana.sidecar.datasources.label }}: "1" + {{- else }} + {{- if .Values.global.grafana.enabled }} + kubecost_grafana_datasource: "1" + {{- else }} + grafana_datasource: "1" + {{- end }} + {{- end }} +data: + {{ default "datasource.yaml" .Values.grafana.sidecar.datasources.dataSourceFilename }}: |- + apiVersion: 1 + datasources: + - access: proxy + name: default-kubecost + type: prometheus +{{- if .Values.grafana.sidecar.datasources.defaultDatasourceEnabled }} + isDefault: true +{{- else }} + isDefault: false +{{- end }} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-deployment.yaml new file mode 100644 index 0000000000..63598d6dd5 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-deployment.yaml @@ -0,0 +1,313 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "grafana.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- with .Values.grafana.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + replicas: {{ .Values.grafana.replicas }} + selector: + matchLabels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + strategy: + type: {{ .Values.grafana.deploymentStrategy }} + {{- if ne .Values.grafana.deploymentStrategy "RollingUpdate" }} + rollingUpdate: null + {{- end }} + template: + metadata: + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + {{- if .Values.global.additionalLabels }} + {{ toYaml .Values.global.additionalLabels | nindent 8 }} + {{- end }} + {{- with .Values.grafana.podAnnotations }} + annotations: + {{ toYaml . | indent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "grafana.serviceAccountName" . }} + {{- if .Values.grafana.schedulerName }} + schedulerName: "{{ .Values.grafana.schedulerName }}" + {{- end }} + {{- if .Values.grafana.securityContext }} + securityContext: + {{- toYaml .Values.grafana.securityContext | nindent 8 }} + {{- else if and (.Values.global.platforms.openshift.enabled) (.Values.global.platforms.openshift.securityContext) }} + securityContext: + {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} + {{- if .Values.grafana.priorityClassName }} + priorityClassName: "{{ .Values.grafana.priorityClassName }}" + {{- end }} + {{- if .Values.grafana.dashboards }} + initContainers: + - name: download-dashboards + image: "{{ .Values.grafana.downloadDashboardsImage.repository }}:{{ .Values.grafana.downloadDashboardsImage.tag }}" + imagePullPolicy: {{ .Values.grafana.downloadDashboardsImage.pullPolicy }} + command: ["sh", "/etc/grafana/download_dashboards.sh"] + {{- with .Values.global.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: config + mountPath: "/etc/grafana/download_dashboards.sh" + subPath: download_dashboards.sh + - name: storage + mountPath: "/var/lib/grafana" + {{- if .Values.grafana.persistence.subPath }} + subPath: {{ .Values.grafana.persistence.subPath }} + {{- end }} + {{- range .Values.grafana.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- end }} + {{- if .Values.grafana.image.pullSecrets }} + imagePullSecrets: + {{- range .Values.grafana.image.pullSecrets }} + - name: {{ . }} + {{- end}} + {{- end }} + containers: + {{- if .Values.grafana.sidecar.dashboards.enabled }} + - name: {{ template "grafana.name" . }}-sc-dashboard + image: "{{ .Values.grafana.sidecar.image.repository }}:{{ .Values.grafana.sidecar.image.tag }}" + imagePullPolicy: {{ .Values.grafana.sidecar.image.pullPolicy }} + {{- if .Values.global.containerSecurityContext }} + securityContext: + {{- toYaml .Values.global.containerSecurityContext | nindent 12 -}} + {{- end }} + env: + - name: LABEL + value: "{{ .Values.grafana.sidecar.dashboards.label }}" + - name: FOLDER + value: "{{ .Values.grafana.sidecar.dashboards.folder }}" + - name: ERROR_THROTTLE_SLEEP + value: "{{ .Values.grafana.sidecar.dashboards.error_throttle_sleep }}" + {{- with .Values.grafana.sidecar.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: sc-dashboard-volume + mountPath: {{ .Values.grafana.sidecar.dashboards.folder | quote }} + {{- end}} + {{- if .Values.grafana.sidecar.datasources.enabled }} + - name: {{ template "grafana.name" . }}-sc-datasources + image: "{{ .Values.grafana.sidecar.image.repository }}:{{ .Values.grafana.sidecar.image.tag }}" + imagePullPolicy: {{ .Values.grafana.sidecar.image.pullPolicy }} + {{- with .Values.global.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: LABEL + value: "{{ .Values.grafana.sidecar.datasources.label }}" + - name: FOLDER + value: "/etc/grafana/provisioning/datasources" + - name: ERROR_THROTTLE_SLEEP + value: "{{ .Values.grafana.sidecar.datasources.error_throttle_sleep }}" + resources: + {{ toYaml .Values.grafana.sidecar.resources | indent 12 }} + volumeMounts: + - name: sc-datasources-volume + mountPath: "/etc/grafana/provisioning/datasources" + {{- end}} + - name: grafana + image: "{{ .Values.grafana.image.repository }}:{{ .Values.grafana.image.tag }}" + imagePullPolicy: {{ .Values.grafana.image.pullPolicy }} + {{- with .Values.global.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: config + mountPath: "/etc/grafana/grafana.ini" + subPath: grafana.ini + - name: ldap + mountPath: "/etc/grafana/ldap.toml" + subPath: ldap.toml +{{- if .Values.grafana.dashboards }} + {{- range $provider, $dashboards := .Values.grafana.dashboards }} + {{- range $key, $value := $dashboards }} + {{- if hasKey $value "json" }} + - name: dashboards-{{ $provider }} + mountPath: "/var/lib/grafana/dashboards/{{ $provider }}/{{ $key }}.json" + subPath: "{{ $key }}.json" + {{- end }} + {{- end }} + {{- end }} +{{- end -}} +{{- if .Values.grafana.dashboardsConfigMaps }} + {{- range keys .Values.grafana.dashboardsConfigMaps }} + - name: dashboards-{{ . }} + mountPath: "/var/lib/grafana/dashboards/{{ . }}" + {{- end }} +{{- end }} +{{- if or (.Values.grafana.datasources) (include "cost-analyzer.grafanaEnabled" .) }} + - name: config + mountPath: "/etc/grafana/provisioning/datasources/datasources.yaml" + subPath: datasources.yaml +{{- end }} +{{- if .Values.grafana.dashboardProviders }} + - name: config + mountPath: "/etc/grafana/provisioning/dashboards/dashboardproviders.yaml" + subPath: dashboardproviders.yaml +{{- end }} +{{- if .Values.grafana.sidecar.dashboards.enabled }} + - name: sc-dashboard-volume + mountPath: {{ .Values.grafana.sidecar.dashboards.folder | quote }} + - name: sc-dashboard-provider + mountPath: "/etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml" + subPath: provider.yaml +{{- end}} +{{- if .Values.grafana.sidecar.datasources.enabled }} + - name: sc-datasources-volume + mountPath: "/etc/grafana/provisioning/datasources" +{{- end}} + - name: storage + mountPath: "/var/lib/grafana" + {{- if .Values.grafana.persistence.subPath }} + subPath: {{ .Values.grafana.persistence.subPath }} + {{- end }} + {{- range .Values.grafana.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + readOnly: {{ .readOnly }} + {{- end }} + ports: + - name: service + containerPort: {{ .Values.grafana.service.port }} + protocol: TCP + - name: grafana + containerPort: 3000 + protocol: TCP + env: + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + name: {{ template "grafana.fullname" . }} + key: admin-user + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "grafana.fullname" . }} + key: admin-password + {{- if .Values.grafana.plugins }} + - name: GF_INSTALL_PLUGINS + valueFrom: + configMapKeyRef: + name: {{ template "grafana.fullname" . }} + key: plugins + {{- end }} + {{- if .Values.grafana.smtp.existingSecret }} + - name: GF_SMTP_USER + valueFrom: + secretKeyRef: + name: {{ .Values.grafana.smtp.existingSecret }} + key: user + - name: GF_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.grafana.smtp.existingSecret }} + key: password + {{- end }} +{{- range $key, $value := .Values.grafana.env }} + - name: "{{ $key }}" + value: "{{ $value }}" +{{- end }} + {{- if .Values.grafana.envFromSecret }} + envFrom: + - secretRef: + name: {{ .Values.grafana.envFromSecret }} + {{- end }} + livenessProbe: +{{ toYaml .Values.grafana.livenessProbe | indent 12 }} + readinessProbe: +{{ toYaml .Values.grafana.readinessProbe | indent 12 }} + resources: +{{ toYaml .Values.grafana.resources | indent 12 }} + {{- with .Values.grafana.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.grafana.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.grafana.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + - name: config + configMap: + name: {{ template "grafana.fullname" . }} + {{- if .Values.grafana.dashboards }} + {{- range keys .Values.grafana.dashboards }} + - name: dashboards-{{ . }} + configMap: + name: {{ template "grafana.fullname" $ }}-dashboards-{{ . }} + {{- end }} + {{- end }} + {{- if .Values.grafana.dashboardsConfigMaps }} + {{- range $provider, $name := .Values.grafana.dashboardsConfigMaps }} + - name: dashboards-{{ $provider }} + configMap: + name: {{ $name }} + {{- end }} + {{- end }} + - name: ldap + secret: + {{- if .Values.grafana.ldap.existingSecret }} + secretName: {{ .Values.grafana.ldap.existingSecret }} + {{- else }} + secretName: {{ template "grafana.fullname" . }} + {{- end }} + items: + - key: ldap-toml + path: ldap.toml + - name: storage + {{- if .Values.grafana.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.grafana.persistence.existingClaim | default (include "grafana.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end -}} + {{- if .Values.grafana.sidecar.dashboards.enabled }} + - name: sc-dashboard-volume + emptyDir: {} + - name: sc-dashboard-provider + configMap: + name: {{ template "grafana.fullname" . }}-config-dashboards + {{- end }} + {{- if .Values.grafana.sidecar.datasources.enabled }} + - name: sc-datasources-volume + emptyDir: {} + {{- end -}} + {{- range .Values.grafana.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + defaultMode: {{ .defaultMode }} + {{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-ingress.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-ingress.yaml new file mode 100644 index 0000000000..e29ebfc214 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-ingress.yaml @@ -0,0 +1,53 @@ +{{- /* +This template is not needed and is not supported. +It is here for backwards compatibility. +Kubecost exposes grafana by default with the +top level ingress template under /grafana/ +*/ -}} +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +{{- if .Values.grafana.ingress.enabled -}} +{{- $fullName := include "grafana.fullname" . -}} +{{- $servicePort := .Values.service.port -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.grafana.ingress.labels }} +{{ toYaml .Values.grafana.ingress.labels | indent 4 }} +{{- end }} +{{- with .Values.grafana.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.grafana.ingress.tls }} + tls: + {{- range .Values.grafana.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.grafana.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: {{ $.Values.grafana.ingress.pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $servicePort }} + {{- end }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-pvc.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-pvc.yaml new file mode 100644 index 0000000000..d90e7f7477 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-pvc.yaml @@ -0,0 +1,26 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +{{- if and .Values.grafana.persistence.enabled (not .Values.grafana.persistence.existingClaim) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "grafana.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + {{- with .Values.grafana.persistence.annotations }} + annotations: +{{ toYaml . | indent 4 }} + {{- end }} +spec: + accessModes: + {{- range .Values.grafana.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.grafana.persistence.size | quote }} + storageClassName: {{ .Values.grafana.persistence.storageClassName }} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-secret.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-secret.yaml new file mode 100644 index 0000000000..df8b46ddeb --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-secret.yaml @@ -0,0 +1,22 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "grafana.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + admin-user: {{ .Values.grafana.adminUser | b64enc | quote }} + {{- if .Values.grafana.adminPassword }} + admin-password: {{ .Values.grafana.adminPassword | b64enc | quote }} + {{- else }} + admin-password: {{ randAlphaNum 40 | b64enc | quote }} + {{- end }} + {{- if not .Values.grafana.ldap.existingSecret }} + ldap-toml: {{ .Values.grafana.ldap.config | b64enc | quote }} + {{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-service.yaml new file mode 100644 index 0000000000..3bf668ed8a --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-service.yaml @@ -0,0 +1,51 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "grafana.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.grafana.service.labels }} +{{ toYaml .Values.grafana.service.labels | indent 4 }} +{{- end }} +{{- with .Values.grafana.service.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if (or (eq .Values.grafana.service.type "ClusterIP") (empty .Values.grafana.service.type)) }} + type: ClusterIP + {{- if .Values.grafana.service.clusterIP }} + clusterIP: {{ .Values.grafana.service.clusterIP }} + {{end}} +{{- else if eq .Values.grafana.service.type "LoadBalancer" }} + type: {{ .Values.grafana.service.type }} + {{- if .Values.grafana.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.grafana.service.loadBalancerIP }} + {{- end }} + {{- if .Values.grafana.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml .Values.grafana.service.loadBalancerSourceRanges | indent 4 }} + {{- end -}} +{{- else }} + type: {{ .Values.grafana.service.type }} +{{- end }} +{{- if .Values.grafana.service.externalIPs }} + externalIPs: +{{ toYaml .Values.grafana.service.externalIPs | indent 4 }} +{{- end }} + ports: + - name: tcp-service + port: {{ .Values.grafana.service.port }} + protocol: TCP + targetPort: 3000 +{{ if (and (eq .Values.grafana.service.type "NodePort") (not (empty .Values.grafana.service.nodePort))) }} + nodePort: {{.Values.grafana.service.nodePort}} +{{ end }} + selector: + app: {{ template "grafana.name" . }} + release: {{ .Release.Name }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-serviceaccount.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-serviceaccount.yaml new file mode 100644 index 0000000000..bf2f21db6e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/grafana-serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if (eq (include "cost-analyzer.grafanaEnabled" .) "true") }} +{{- if .Values.grafana.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: {{ template "grafana.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + name: {{ template "grafana.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/install-plugins.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/install-plugins.yaml new file mode 100644 index 0000000000..f2abf1c416 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/install-plugins.yaml @@ -0,0 +1,43 @@ +{{- if .Values.kubecostModel.plugins.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "cost-analyzer.fullname" . }}-install-plugins + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + install_plugins.sh: |- + {{- if .Values.kubecostModel.plugins.install.enabled }} + set -ex + rm -f {{ .Values.kubecostModel.plugins.folder }}/bin/* + mkdir -p {{ .Values.kubecostModel.plugins.folder }}/bin + cd {{ .Values.kubecostModel.plugins.folder }}/bin + OSTYPE=$(cat /etc/os-release) + OS='' + case "$OSTYPE" in + *Linux*) OS='linux';; + *) echo "$OSTYPE is unsupported" && exit 1 ;; + esac + + UNAME_OUTPUT=$(uname -m) + ARCH='' + case "$UNAME_OUTPUT" in + *x86_64*) ARCH='amd64';; + *amd64*) ARCH='amd64';; + *aarch64*) ARCH='arm64';; + *arm64*) ARCH='arm64';; + *) echo "$UNAME_OUTPUT is unsupported" && exit 1 ;; + esac + + {{- if .Values.kubecostModel.plugins.version }} + VER={{ .Values.kubecostModel.plugins.version | quote}} + {{- else }} + VER=$(curl --silent https://api.github.com/repos/opencost/opencost-plugins/releases/latest | grep ".tag_name" | awk -F\" '{print $4}') + {{- end }} + + {{- range $pluginName := .Values.kubecostModel.plugins.enabledPlugins }} + curl -fsSLO "https://github.com/opencost/opencost-plugins/releases/download/$VER/{{ $pluginName }}.ocplugin.$OS.$ARCH" + chmod a+rx "{{ $pluginName }}.ocplugin.$OS.$ARCH" + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/integrations-postgres-queries-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/integrations-postgres-queries-configmap.yaml new file mode 100644 index 0000000000..5e0af3e00d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/integrations-postgres-queries-configmap.yaml @@ -0,0 +1,14 @@ +{{- if .Values.global.integrations.postgres.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: kubecost-integrations-postgres-queries + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + kubecost-queries.json: |- + {{- with .Values.global.integrations.postgres.queryConfigs }} + {{- . | toJson | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/integrations-postgres-secret.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/integrations-postgres-secret.yaml new file mode 100644 index 0000000000..136ab60163 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/integrations-postgres-secret.yaml @@ -0,0 +1,19 @@ +{{- if and (.Values.global.integrations.postgres.enabled) (eq .Values.global.integrations.postgres.databaseSecretName "") }} +apiVersion: v1 +kind: Secret +metadata: + name: kubecost-integrations-postgres + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +type: Opaque +stringData: + creds.json: |- + { + "host": "{{ .Values.global.integrations.postgres.databaseHost }}", + "port": "{{ .Values.global.integrations.postgres.databasePort }}", + "databaseName": "{{ .Values.global.integrations.postgres.databaseName }}", + "user": "{{ .Values.global.integrations.postgres.databaseUser }}", + "password": "{{ .Values.global.integrations.postgres.databasePassword }}" + } +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-admission-controller-service-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-admission-controller-service-template.yaml new file mode 100644 index 0000000000..658dca3a96 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-admission-controller-service-template.yaml @@ -0,0 +1,15 @@ +{{- if .Values.kubecostAdmissionController -}} +{{- if .Values.kubecostAdmissionController.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: webhook-server + namespace: {{.Release.Namespace}} +spec: + selector: + {{ include "cost-analyzer.selectorLabels" . | nindent 4 }} + ports: + - port: 443 + targetPort: 8443 +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-admission-controller-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-admission-controller-template.yaml new file mode 100644 index 0000000000..be68bcea14 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-admission-controller-template.yaml @@ -0,0 +1,30 @@ +{{- if .Values.kubecostAdmissionController -}} +{{- if .Values.kubecostAdmissionController.enabled -}} +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: kubecost-deployment-validation +webhooks: + - name: "kubecost-deployment-validation.kubecost.svc" + failurePolicy: Ignore + rules: + - operations: [ "CREATE", "UPDATE" ] + apiGroups: [ "apps" ] + apiVersions: [ "v1" ] + resources: [ "deployments" ] + scope: "*" + clientConfig: + service: + namespace: {{.Release.Namespace}} + name: webhook-server + path: "/validate" + {{- if .Values.kubecostAdmissionController.caBundle }} + caBundle: {{ .Values.kubecostAdmissionController.caBundle }} + {{- else }} + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCRENDQWV5Z0F3SUJBZ0lVR3E2YkdOaEowVjRsb0NiWHhUa0pocWkwUnB3d0RRWUpLb1pJaHZjTkFRRUwKQlFBd0pqRWtNQ0lHQTFVRUF3d2JkMlZpYUc5dmF5MXpaWEoyWlhJdWEzVmlaV052YzNRdWMzWmpNQjRYRFRJegpNREl3T1RFNU1UVTFNbG9YRFRJME1EWXlNekU1TVRVMU1sb3dKakVrTUNJR0ExVUVBd3diZDJWaWFHOXZheTF6ClpYSjJaWEl1YTNWaVpXTnZjM1F1YzNaak1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0MKQVFFQXpvU2JBejBhZFJTdEN3eVRPSGd2S2VuQ29GbWE2OC9nYTFHZjVST2dXeGJhamhQRTZKbEtBcENwK1pzKwo2bHJzL2J3bkx5SDdoMUFJa1NmZ25EYlNadDJjdHRFSmhSd25vKy90WElMYk84WndRQTErYXpUQzVtSkluZVF3CktRMkErYy9CUnk3N3B0SnZIRStkTEllcWhRelV2M25nWUwvSDZaMUZPa20xUCtlR0FwSWxyVHVPV1ozUVhRYkMKemhOQXppRWNjL3o3RERBdlFBMlpIQ1I2OGl1V0ptd0RYZEdjWmEwenNVb1hDbGIvWXdiWFgvMlp2dklIbkdtawp5VTlZdEhxNVpscFZjT0V5MTVBWFVEOFZVUU1jVXQ5NkJvVThMMXJKbTZJK0E0YmFySEs5QjlxcjdzRmFaY2wvCnBncHZGd0NBaHZHYUM2VzA5UnM3T0NrdXh3SURBUUFCb3lvd0tEQW1CZ05WSFJFRUh6QWRnaHQzWldKb2IyOXIKTFhObGNuWmxjaTVyZFdKbFkyOXpkQzV6ZG1Nd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFDdVhNcUgzYmhsVApGKzlRUFplS2xiUTZlWSs0NlhMVGtEdlZzenAyZysweWhlMVNRRHZRUTVad1l6MnMwODNqb2loTXVzeFZ1TmFGCk1LdE9vbGY2bitsaUZFcEw4OU9XZ1VjdzJRdFdqVWUraU1zby91dWN0eGVPTzZLam9JcUVrUlg5YXh1cGxxVm0KakZRaGZtNlRYZ2pxWmttUVNsbHdLVkcxSFJZTkRveFpFa0JHK1l6RWF5QmdQdXl4bW5iTDdlck5IOVJQSVZtbAoxaWFnS1NVVG5vN0hJY3IwdHYzT3JEWDZRN3VJUGdWanBRSHMzNXBZSWlBYjVNR0RjWFZvY050SEZ0YnluREhzCi80WGhYMjFhOXdnSVF6dUF3ck0zQ0VDRnVocHJzWlZmQjBKQ1dBOG1aVEZneTVBL0tLUjJmTXRMRWRQS1ZsSXUKZjc1MjB3T3JzME09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + {{- end }} + admissionReviewVersions: ["v1"] + sideEffects: None + timeoutSeconds: 5 +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-agent-secret-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-agent-secret-template.yaml new file mode 100644 index 0000000000..cda3c60559 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-agent-secret-template.yaml @@ -0,0 +1,12 @@ +{{- if .Values.agentKey }} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ .Values.agentKeySecretName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + object-store.yaml: {{ .Values.agentKey }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-agent-secretprovider-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-agent-secretprovider-template.yaml new file mode 100644 index 0000000000..3ebc1a4b67 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-agent-secretprovider-template.yaml @@ -0,0 +1,25 @@ +{{- if .Values.agent }} +{{- if ((.Values.agentCsi).enabled) }} +{{- if .Capabilities.APIVersions.Has "secrets-store.csi.x-k8s.io/v1" }} +apiVersion: secrets-store.csi.x-k8s.io/v1 +{{- else }} +apiVersion: secrets-store.csi.x-k8s.io/v1alpha1 +{{- end }} +kind: SecretProviderClass +metadata: + name: {{ .Values.agentCsi.secretProvider.name }} + namespace: {{ .Release.Namespace }} + labels: {{ unset (include "cost-analyzer.commonLabels" . | fromYaml) "app" | toYaml | nindent 4 }} + app: {{ template "kubecost.kubeMetricsName" . }} +spec: + provider: {{ required "Specify a valid provider." .Values.agentCsi.secretProvider.provider }} + {{- if .Values.agentCsi.secretProvider.parameters }} + parameters: + {{- .Values.agentCsi.secretProvider.parameters | toYaml | nindent 4 }} + {{- end }} + {{- if .Values.agentCsi.secretProvider.secretObjects }} + secretObjects: + {{- .Values.agentCsi.secretProvider.secretObjects | toYaml | nindent 2 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-controller-actions-config.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-controller-actions-config.yaml new file mode 100644 index 0000000000..114f381b02 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-controller-actions-config.yaml @@ -0,0 +1,56 @@ +{{- if .Values.clusterController }} +{{- if .Values.clusterController.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: cluster-controller-continuous-cluster-sizing + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- if .Values.clusterController.actionConfigs.clusterRightsize }} +binaryData: + config: | +{{- toJson .Values.clusterController.actionConfigs.clusterRightsize | b64enc | nindent 4 }} +{{- end }} +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: cluster-controller-nsturndown-config + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- if .Values.clusterController.actionConfigs.namespaceTurndown }} +binaryData: +{{- range .Values.clusterController.actionConfigs.namespaceTurndown }} + {{ .name }}: | + {{- toJson . | b64enc | nindent 4 }} +{{- end }} +{{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: cluster-controller-container-rightsizing-config + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +{{- if .Values.clusterController.actionConfigs.containerRightsize }} +binaryData: + config: | +{{- toJson .Values.clusterController.actionConfigs.containerRightsize | b64enc | nindent 4 }} +{{- end }} +{{- range .Values.clusterController.actionConfigs.clusterTurndown }} +--- +apiVersion: kubecost.com/v1alpha1 +kind: TurndownSchedule +metadata: + name: {{ .name }} +spec: + start: {{ .start }} + end: {{ .end }} + repeat: {{ .repeat }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-controller-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-controller-template.yaml new file mode 100644 index 0000000000..ac86658be5 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-controller-template.yaml @@ -0,0 +1,293 @@ +{{- if .Values.clusterController }} +{{- if .Values.clusterController.enabled }} +{{- $serviceName := include "cost-analyzer.serviceName" . -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "kubecost.clusterControllerName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +--- +# +# NOTE: +# The following ClusterRole permissions are only created and assigned for the +# cluster controller feature. They will not be added to any clusters by default. +# +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "kubecost.clusterControllerName" . }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +rules: + - apiGroups: + - kubecost.com + resources: + - turndownschedules + - turndownschedules/status + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - '' + - events.k8s.io + resources: + - events + verbs: + - create + - patch + - update + - apiGroups: + - '' + resources: + - deployments + - nodes + - pods + - resourcequotas + - replicationcontrollers + - limitranges + - pods/eviction + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - '' + resources: + - configmaps + - namespaces + - persistentvolumeclaims + - persistentvolumes + - endpoints + - events + - services + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - configmaps + resourceNames: + - 'cluster-controller-nsturndown-config' + verbs: + - get + - create + - update + - apiGroups: + - apps + resources: + - statefulsets + - deployments + - daemonsets + - replicasets + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch + - apiGroups: + - events.k8s.io + resources: + - events + verbs: + - get + - list + - watch + # Used for namespace turndown + # When cleaning a namespace, we need the ability to remove + # arbitrary resources (since we helm uninstall all releases in that NS first) + {{- if .Values.clusterController.namespaceTurndown.rbac.enabled }} + - apiGroups: ["*"] + resources: ["*"] + verbs: + - list + - get + - delete + {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "kubecost.clusterControllerName" . }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "kubecost.clusterControllerName" . }} +subjects: + - kind: ServiceAccount + name: {{ template "kubecost.clusterControllerName" . }} + namespace: {{ .Release.Namespace }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "kubecost.clusterControllerName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +spec: + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: {{ template "kubecost.clusterControllerName" . }} + template: + metadata: + labels: + app: {{ template "kubecost.clusterControllerName" . }} + {{- with .Values.global.podAnnotations}} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- if .Values.clusterController.priorityClassName }} + priorityClassName: "{{ .Values.clusterController.priorityClassName }}" + {{- end }} + containers: + - name: {{ template "kubecost.clusterControllerName" . }} + {{- if eq (typeOf .Values.clusterController.image) "string" }} + image: {{ .Values.clusterController.image }} + {{- else }} + image: {{ .Values.clusterController.image.repository }}:{{ .Values.clusterController.image.tag }} + {{- end}} + imagePullPolicy: {{ .Values.clusterController.imagePullPolicy }} + volumeMounts: + - name: cluster-controller-keys + mountPath: /var/keys + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CLUSTER_ID + value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} + - name: TURNDOWN_NAMESPACE + value: {{ .Release.Namespace }} + - name: TURNDOWN_DEPLOYMENT + value: {{ template "kubecost.clusterControllerName" . }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: /var/keys/service-key.json + - name: CC_LOG_LEVEL + value: {{ .Values.clusterController.logLevel | default "info" }} + - name: CC_KUBESCALER_COST_MODEL_PATH + value: http://{{ $serviceName }}.{{ .Release.Namespace }}:{{ .Values.service.targetPort | default 9090 }}/model + - name: CC_CCL_COST_MODEL_PATH + value: http://{{ $serviceName }}.{{ .Release.Namespace }}:{{ .Values.service.targetPort | default 9090 }}/model + {{- if .Values.clusterController.kubescaler }} + - name: CC_KUBESCALER_DEFAULT_RESIZE_ALL + value: {{ .Values.clusterController.kubescaler.defaultResizeAll | default "false" | quote }} + {{- end }} + ports: + - name: http-server + containerPort: 9731 + hostPort: 9731 + serviceAccount: {{ template "kubecost.clusterControllerName" . }} + serviceAccountName: {{ template "kubecost.clusterControllerName" . }} + {{- with .Values.clusterController.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: cluster-controller-keys + secret: + secretName: {{ .Values.clusterController.secretName | default "cluster-controller-service-key" }} + # The secret is optional because not all of cluster controller's + # functionality requires this secret. Cluster controller will + # partially or fully initialize based on the presence of these keys + # and their validity. + optional: true +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "kubecost.clusterControllerName" . }}-service + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - name: http + protocol: TCP + port: 9731 + targetPort: 9731 + selector: + app: {{ template "kubecost.clusterControllerName" . }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-manager-configmap-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-manager-configmap-template.yaml new file mode 100644 index 0000000000..b851fd4e93 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-cluster-manager-configmap-template.yaml @@ -0,0 +1,14 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.clusters }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: kubecost-clusters + namespace: {{ .Release.Namespace }} + labels: + {{- include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + default-clusters.yaml: | +{{- toYaml .Values.kubecostProductConfigs.clusters | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-deployment-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-deployment-template.yaml new file mode 100644 index 0000000000..e93ae0f0d1 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-deployment-template.yaml @@ -0,0 +1,341 @@ +{{- if .Values.kubecostMetrics }} +{{- if .Values.kubecostMetrics.exporter }} +{{- if or (or .Values.kubecostMetrics.exporter.enabled .Values.agent) .Values.cloudAgent }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "kubecost.kubeMetricsName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ unset (include "cost-analyzer.commonLabels" . | fromYaml) "app" | toYaml | nindent 4 }} + app: {{ template "kubecost.kubeMetricsName" . }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- with .Values.kubecostMetrics.exporter.labels }} +{{ toYaml . | indent 4 }} +{{- end }} +spec: + replicas: {{ .Values.kubecostMetrics.exporter.replicas | default 1 }} + selector: + matchLabels: + app: {{ include "kubecost.kubeMetricsName" . }} + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app: {{ template "kubecost.kubeMetricsName" . }} + {{- if .Values.global.additionalLabels }} + {{ toYaml .Values.global.additionalLabels | nindent 8 }} + {{- end }} +{{- with .Values.kubecostMetrics.exporter.labels }} +{{ toYaml . | indent 8 }} +{{- end }} + {{- with .Values.global.podAnnotations}} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- if .Values.kubecostFrontend.tls }} + {{- if .Values.kubecostFrontend.tls.enabled }} + securityContext: + runAsUser: 0 + {{- else }} + securityContext: + runAsUser: 1001 + runAsGroup: 1001 + fsGroup: 1001 + {{- end }} + {{- else }} + securityContext: + runAsUser: 1001 + runAsGroup: 1001 + fsGroup: 1001 + {{- end }} + restartPolicy: Always + serviceAccountName: {{ template "cost-analyzer.serviceAccountName" . }} + volumes: + {{- if .Values.agent }} + - name: config-store + {{- if ((.Values.agentCsi).enabled) }} + csi: + driver: secrets-store.csi.k8s.io + readOnly: true + volumeAttributes: + secretProviderClass: "{{ .Values.agentCsi.secretProvider.name }}" + {{- else }} + secret: + secretName: {{ .Values.agentKeySecretName }} + {{- end }} + {{- end }} + {{- if .Values.kubecostProductConfigs }} + {{- if .Values.kubecostProductConfigs.gcpSecretName }} + - name: gcp-key-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.gcpSecretName }} + items: + - key: {{ .Values.kubecostProductConfigs.gcpSecretKeyName | default "compute-viewer-kubecost-key.json" }} + path: service-key.json + {{- end }} + {{- if .Values.kubecostProductConfigs.serviceKeySecretName }} + - name: service-key-secret + secret: + secretName: {{ .Values.kubecostProductConfigs.serviceKeySecretName }} + {{- else if .Values.kubecostProductConfigs.createServiceKeySecret }} + - name: service-key-secret + secret: + secretName: cloud-service-key + {{- end }} + {{- if .Values.kubecostProductConfigs.azureStorageSecretName }} + - name: azure-storage-config + secret: + secretName: {{ .Values.kubecostProductConfigs.azureStorageSecretName }} + items: + - key: azure-storage-config.json + path: azure-storage-config.json + {{- else if .Values.kubecostProductConfigs.azureStorageCreateSecret }} + - name: azure-storage-config + secret: + secretName: azure-storage-config + {{- end }} + {{- if .Values.kubecostProductConfigs.cloudIntegrationSecret }} + - name: cloud-integration + secret: + secretName: {{ .Values.kubecostProductConfigs.cloudIntegrationSecret }} + items: + - key: cloud-integration.json + path: cloud-integration.json + {{- else if or .Values.kubecostProductConfigs.cloudIntegrationJSON ((.Values.kubecostProductConfigs).athenaBucketName) }} + - name: cloud-integration + secret: + secretName: cloud-integration + items: + - key: cloud-integration.json + path: cloud-integration.json + {{- end }} + {{- end }} + - name: persistent-configs +{{- if .Values.persistentVolume }} +{{- if .Values.persistentVolume.enabled }} + persistentVolumeClaim: +{{- if .Values.persistentVolume.existingClaim }} + claimName: {{ .Values.persistentVolume.existingClaim }} +{{- else }} + claimName: {{ template "cost-analyzer.fullname" . }} +{{- end -}} +{{- else }} + emptyDir: {} +{{- end -}} +{{- else }} + persistentVolumeClaim: + claimName: {{ template "cost-analyzer.fullname" . }} +{{- end }} + initContainers: +{{- if .Values.supportNFS }} + - name: config-db-perms-fix + {{- if .Values.initChownDataImage }} + image: {{ .Values.initChownDataImage }} + {{- else }} + image: busybox + {{- end }} + resources: +{{ toYaml .Values.initChownData.resources | indent 12 }} + command: ["sh", "-c", "/bin/chmod -R 777 /var/configs"] + volumeMounts: + - name: persistent-configs + mountPath: /var/configs + securityContext: + runAsUser: 0 +{{- end }} + containers: + {{- if .Values.kubecostModel }} + {{- if .Values.kubecostModel.fullImageName }} + - image: {{ .Values.kubecostModel.fullImageName }} + {{- else if .Values.imageVersion }} + - image: {{ .Values.kubecostModel.image }}:{{ .Values.imageVersion }} + {{- else if eq "development" .Chart.AppVersion }} + - image: gcr.io/kubecost1/cost-model-nightly:latest + {{- else }} + - image: {{ .Values.kubecostModel.image }}:prod-{{ $.Chart.AppVersion }} + {{ end }} + {{- else }} + - image: gcr.io/kubecost1/cost-model:prod-{{ $.Chart.AppVersion }} + {{ end }} + {{- if .Values.kubecostModel.imagePullPolicy }} + imagePullPolicy: {{ .Values.kubecostModel.imagePullPolicy }} + {{- else }} + imagePullPolicy: Always + {{- end }} + name: {{ template "kubecost.kubeMetricsName" . }} + ports: + - name: tcp-metrics + protocol: TCP + containerPort: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} + resources: +{{ toYaml .Values.kubecostMetrics.exporter.resources | indent 12 }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 200 + volumeMounts: + - name: persistent-configs + mountPath: /var/configs + {{- if .Values.agent }} + - name: config-store + mountPath: /var/secrets + {{- end }} + {{- if .Values.kubecostProductConfigs }} + {{- if .Values.kubecostProductConfigs.gcpSecretName }} + - name: gcp-key-secret + mountPath: /var/secrets + {{- end }} + {{- if or .Values.kubecostProductConfigs.azureStorageSecretName .Values.kubecostProductConfigs.azureStorageCreateSecret }} + - name: azure-storage-config + mountPath: /var/azure-storage-config + {{- end }} + {{- if or (.Values.kubecostProductConfigs.cloudIntegrationSecret) (.Values.kubecostProductConfigs.cloudIntegrationJSON) ((.Values.kubecostProductConfigs).athenaBucketName) }} + - name: cloud-integration + mountPath: /var/configs/cloud-integration + {{- end }} + {{- if or .Values.kubecostProductConfigs.serviceKeySecretName .Values.kubecostProductConfigs.createServiceKeySecret }} + - name: service-key-secret + mountPath: /var/secrets + {{- end }} + {{- end }} + args: + {{- if .Values.cloudAgent }} + - cloud-agent + {{- else }} + - agent + {{- end }} + {{- if .Values.kubecostMetrics.exporter.extraArgs }} + {{ toYaml .Values.kubecostMetrics.exporter.extraArgs | nindent 12 }} + {{- end }} + env: + - name: PROMETHEUS_SERVER_ENDPOINT + valueFrom: + configMapKeyRef: + name: {{ template "cost-analyzer.fullname" . }} + key: prometheus-server-endpoint + {{- if .Values.cloudAgent }} + - name: CLOUD_AGENT_KEY + value: {{ .Values.cloudAgentKey }} + - name: CLOUD_REPORTING_SERVER + value: {{ .Values.cloudReportingServer }} + {{- end }} + - name: CLOUD_PROVIDER_API_KEY + value: "AIzaSyDXQPG_MHUEy9neR7stolq6l0ujXmjJlvk" # The GCP Pricing API requires a key. + {{- if .Values.kubecostProductConfigs }} + {{- if .Values.kubecostProductConfigs.gcpSecretName }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: /var/configs/key.json + {{- end }} + {{- end }} + - name: CONFIG_PATH + value: /var/configs/ + - name: KUBECOST_METRICS_PORT + value: {{ (quote .Values.kubecostMetrics.exporter.port) | default (quote 9005) }} + {{- if .Values.agent }} + - name: KUBECOST_CONFIG_BUCKET + value: /var/secrets/object-store.yaml + - name: EXPORT_CLUSTER_INFO_ENABLED + value: {{ (quote .Values.kubecostMetrics.exporter.exportClusterInfo) | default (quote true) }} + - name: EXPORT_CLUSTER_CACHE_ENABLED + value: {{ (quote .Values.kubecostMetrics.exporter.exportClusterCache) | default (quote true) }} + {{- end }} + - name: EMIT_POD_ANNOTATIONS_METRIC + value: {{ (quote .Values.kubecostMetrics.emitPodAnnotations) | default (quote false) }} + - name: EMIT_NAMESPACE_ANNOTATIONS_METRIC + value: {{ (quote .Values.kubecostMetrics.emitNamespaceAnnotations) | default (quote false) }} + - name: EMIT_KSM_V1_METRICS + value: {{ (quote .Values.kubecostMetrics.emitKsmV1Metrics) | default (quote true) }} + - name: EMIT_KSM_V1_METRICS_ONLY # ONLY emit KSM v1 metrics that do not exist in KSM 2 by default + value: {{ (quote .Values.kubecostMetrics.emitKsmV1MetricsOnly) | default (quote false) }} + - name: MAX_QUERY_CONCURRENCY + value: {{ (quote .Values.kubecostModel.maxQueryConcurrency) | default (quote 5) }} + {{- if .Values.global.prometheus.queryServiceBasicAuthSecretName}} + - name: DB_BASIC_AUTH_USERNAME + valueFrom: + secretKeyRef: + name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} + key: USERNAME + - name: DB_BASIC_AUTH_PW + valueFrom: + secretKeyRef: + name: {{ .Values.global.prometheus.queryServiceBasicAuthSecretName }} + key: PASSWORD + {{- end }} + {{- if .Values.global.prometheus.queryServiceBearerTokenSecretName }} + - name: DB_BEARER_TOKEN + valueFrom: + secretKeyRef: + name: {{ .Values.global.prometheus.queryServiceBearerTokenSecretName }} + key: TOKEN + {{- end }} + {{- if .Values.global.prometheus.insecureSkipVerify }} + - name: INSECURE_SKIP_VERIFY + value: {{ (quote .Values.global.prometheus.insecureSkipVerify) }} + {{- end }} + {{- if .Values.cloudAgentClusterId }} + - name: CLUSTER_ID + value: {{ .Values.cloudAgentClusterId }} + {{- else if and (.Values.prometheus.server.global.external_labels.cluster_id) (not .Values.prometheus.server.clusterIDConfigmap) }} + - name: CLUSTER_ID + value: {{ .Values.prometheus.server.global.external_labels.cluster_id }} + {{- end }} + {{- if .Values.prometheus.server.clusterIDConfigmap }} + - name: CLUSTER_ID + valueFrom: + configMapKeyRef: + name: {{ .Values.prometheus.server.clusterIDConfigmap }} + key: CLUSTER_ID + {{- end }} + {{- if .Values.kubecostModel.promClusterIDLabel }} + - name: PROM_CLUSTER_ID_LABEL + value: {{ .Values.kubecostModel.promClusterIDLabel }} + {{- end }} + - name: PV_ENABLED + value: {{ (quote .Values.persistentVolume.enabled) | default (quote true) }} + - name: RELEASE_NAME + value: {{ .Release.Name }} + - name: KUBECOST_NAMESPACE + value: {{ .Release.Namespace }} + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: KUBECOST_TOKEN + valueFrom: + configMapKeyRef: + name: {{ template "cost-analyzer.fullname" . }} + key: kubecost-token + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.kubecostMetrics.exporter.priorityClassName }} + priorityClassName: {{ .Values.kubecostMetrics.exporter.priorityClassName }} + {{- end }} + {{- with .Values.kubecostMetrics.exporter.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubecostMetrics.exporter.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubecostMetrics.exporter.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-service-monitor-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-service-monitor-template.yaml new file mode 100644 index 0000000000..f858b77a36 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-service-monitor-template.yaml @@ -0,0 +1,41 @@ +{{- if .Values.kubecostMetrics }} +{{- if .Values.kubecostMetrics.exporter }} +{{- if .Values.kubecostMetrics.exporter.enabled }} +{{- if .Values.kubecostMetrics.exporter.serviceMonitor }} +{{- if .Values.kubecostMetrics.exporter.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "kubecost.kubeMetricsName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if .Values.kubecostMetrics.exporter.serviceMonitor.additionalLabels }} + {{ toYaml .Values.kubecostMetrics.exporter.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: tcp-metrics + honorLabels: true + interval: 1m + scrapeTimeout: 10s + path: /metrics + scheme: http + {{- with .Values.kubecostMetrics.exporter.serviceMonitor.metricRelabelings }} + metricRelabelings: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubecostMetrics.exporter.serviceMonitor.relabelings }} + relabelings: {{ toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app: {{ include "kubecost.kubeMetricsName" . }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} + diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-service-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-service-template.yaml new file mode 100644 index 0000000000..80ef198f87 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-metrics-service-template.yaml @@ -0,0 +1,34 @@ +{{- if .Values.kubecostMetrics }} +{{- if .Values.kubecostMetrics.exporter }} +{{- if .Values.kubecostMetrics.exporter.enabled }} +{{- $prometheusScrape := ternary .Values.kubecostMetrics.exporter.prometheusScrape true (kindIs "bool" .Values.kubecostMetrics.exporter.prometheusScrape) }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "kubecost.kubeMetricsName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ unset (include "cost-analyzer.commonLabels" . | fromYaml) "app" | toYaml | nindent 4 }} + app: {{ template "kubecost.kubeMetricsName" . }} +{{- if (or .Values.kubecostMetrics.exporter.service.annotations $prometheusScrape) }} + annotations: +{{- if .Values.kubecostMetrics.exporter.service.annotations }} +{{ toYaml .Values.kubecostMetrics.exporter.service.annotations | indent 4 }} +{{- end }} +{{- if $prometheusScrape }} + prometheus.io/scrape: "true" + prometheus.io/port: {{ (quote .Values.kubecostMetrics.exporter.port) | default (quote 9005) }} +{{- end }} +{{- end }} +spec: + ports: + - name: tcp-metrics + port: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} + protocol: TCP + targetPort: {{ .Values.kubecostMetrics.exporter.port | default 9005 }} + selector: + app: {{ template "kubecost.kubeMetricsName" . }} + type: ClusterIP +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-oidc-secret-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-oidc-secret-template.yaml new file mode 100644 index 0000000000..3815145129 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-oidc-secret-template.yaml @@ -0,0 +1,16 @@ +{{- if .Values.oidc }} +{{- if and (not .Values.oidc.existingCustomSecret.enabled) .Values.oidc.secretName }} +{{- if .Values.oidc.clientSecret }} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ .Values.oidc.secretName }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +stringData: + clientSecret: {{ .Values.oidc.clientSecret }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-priority-class-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-priority-class-template.yaml new file mode 100644 index 0000000000..7a176d72ad --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-priority-class-template.yaml @@ -0,0 +1,15 @@ +{{- if .Values.priority }} +{{- if .Values.priority.enabled }} +{{- if eq (len .Values.priority.name) 0 }} +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: {{ template "cost-analyzer.fullname" . }}-priority + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +value: {{ .Values.priority.value | default "1000000" }} +globalDefault: false +description: "Priority class for scheduling the cost-analyzer pod" +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-saml-secret-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-saml-secret-template.yaml new file mode 100644 index 0000000000..e9a323057d --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/kubecost-saml-secret-template.yaml @@ -0,0 +1,12 @@ +{{- if .Values.saml.enabled }} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ .Values.saml.authSecretName | default "kubecost-saml-secret" }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +stringData: + clientSecret: {{ .Values.saml.authSecret | default (randAlphaNum 32 | quote) }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-configmap-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-configmap-template.yaml new file mode 100644 index 0000000000..08b93ee84e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-configmap-template.yaml @@ -0,0 +1,21 @@ +{{- if .Values.global.mimirProxy }} +{{- if .Values.global.mimirProxy.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "cost-analyzer.fullname" . }}-mimir-proxy + namespace: {{ .Release.Namespace }} +data: + default.conf: | + server { + listen {{ .Values.global.mimirProxy.port }}; + location / { + proxy_pass {{ .Values.global.mimirProxy.mimirEndpoint }}; + proxy_set_header X-Scope-OrgID "{{ .Values.global.mimirProxy.orgIdentifier }}"; + {{- if .Values.global.mimirProxy.basicAuth }} + proxy_set_header Authorization "Basic {{ (printf "%s:%s" .Values.global.mimirProxy.basicAuth.username .Values.global.mimirProxy.basicAuth.password) | b64enc }}"; + {{- end }} + } + } +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-deployment-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-deployment-template.yaml new file mode 100644 index 0000000000..cbe8519b48 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-deployment-template.yaml @@ -0,0 +1,46 @@ +{{- if .Values.global.mimirProxy }} +{{- if .Values.global.mimirProxy.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "cost-analyzer.fullname" . }}-mimir-proxy + namespace: {{ .Release.Namespace }} + labels: + app: mimir-proxy + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: 1 + selector: + matchLabels: + app: mimir-proxy + template: + metadata: + labels: + app: mimir-proxy + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + containers: + - name: {{ .Values.global.mimirProxy.name }} + image: {{ .Values.global.mimirProxy.image }} + ports: + - containerPort: {{ .Values.global.mimirProxy.port }} + protocol: TCP + resources: {} + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /etc/nginx/conf.d + name: default-conf + readOnly: true + volumes: + - name: default-conf + configMap: + name: {{ template "cost-analyzer.fullname" . }}-mimir-proxy + items: + - key: default.conf + path: default.conf +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-service-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-service-template.yaml new file mode 100644 index 0000000000..5e46b62f99 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/mimir-proxy-service-template.yaml @@ -0,0 +1,18 @@ +{{- if .Values.global.mimirProxy }} +{{- if .Values.global.mimirProxy.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "cost-analyzer.fullname" . }}-mimir-proxy + namespace: {{ .Release.Namespace }} +spec: + ports: + - name: mimir-proxy + protocol: TCP + port: {{ .Values.global.mimirProxy.port }} + targetPort: {{ .Values.global.mimirProxy.port }} + selector: + app: mimir-proxy + type: ClusterIP +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/model-ingress-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/model-ingress-template.yaml new file mode 100644 index 0000000000..b55b2986c5 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/model-ingress-template.yaml @@ -0,0 +1,51 @@ +{{- if .Values.kubecostModel.ingress -}} +{{- if .Values.kubecostModel.ingress.enabled -}} +{{- $fullName := include "cost-analyzer.fullname" . -}} +{{- $serviceName := include "cost-analyzer.serviceName" . -}} +{{- $ingressPaths := .Values.kubecostModel.ingress.paths -}} +{{- $ingressPathType := .Values.kubecostModel.ingress.pathType -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }}-model + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- with .Values.kubecostModel.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.kubecostModel.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.kubecostModel.ingress.className }} + ingressClassName: {{ .Values.kubecostModel.ingress.className }} +{{- end }} +{{- if .Values.kubecostModel.ingress.tls }} + tls: + {{- range .Values.kubecostModel.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.kubecostModel.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + {{- range $ingressPaths }} + - path: {{ . }} + pathType: {{ $ingressPathType }} + backend: + service: + name: {{ $serviceName }} + port: + name: tcp-model + {{- end }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/network-costs-servicemonitor-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/network-costs-servicemonitor-template.yaml new file mode 100644 index 0000000000..3cef9547d8 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/network-costs-servicemonitor-template.yaml @@ -0,0 +1,32 @@ +{{- if .Values.serviceMonitor.networkCosts.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "cost-analyzer.networkCostsName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} + {{- if .Values.serviceMonitor.networkCosts.additionalLabels }} + {{ toYaml .Values.serviceMonitor.networkCosts.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + honorLabels: true + interval: {{ .Values.serviceMonitor.networkCosts.interval }} + scrapeTimeout: {{ .Values.serviceMonitor.networkCosts.scrapeTimeout }} + path: /metrics + scheme: http + {{- with .Values.serviceMonitor.networkCosts.metricRelabelings }} + metricRelabelings: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.serviceMonitor.networkCosts.relabelings }} + relabelings: {{ toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app: {{ include "cost-analyzer.networkCostsName" . }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/plugins-config.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/plugins-config.yaml new file mode 100644 index 0000000000..bd939ac1e8 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/plugins-config.yaml @@ -0,0 +1,13 @@ +{{- if and (not .Values.kubecostModel.plugins.existingCustomSecret.enabled) .Values.kubecostModel.plugins.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.kubecostModel.plugins.secretName }} + labels: + {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + {{- range $key, $config := .Values.kubecostModel.plugins.configs }} + {{ $key }}_config.json: + {{ $config | b64enc | indent 4}} + {{- end }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-configmap.yaml new file mode 100644 index 0000000000..8f5b8315f3 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-configmap.yaml @@ -0,0 +1,21 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.alertmanager.enabled (and (empty .Values.prometheus.alertmanager.configMapOverrideName) (empty .Values.prometheus.alertmanager.configFromSecret)) -}} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} +data: +{{- $root := . -}} +{{- range $key, $value := .Values.prometheus.alertmanagerFiles }} + {{- if $key | regexMatch ".*\\.ya?ml$" }} + {{ $key }}: | +{{ toYaml $value | default "{}" | indent 4 }} + {{- else }} + {{ $key }}: {{ toYaml $value | indent 4 }} + {{- end }} +{{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-deployment.yaml new file mode 100644 index 0000000000..b3af15532a --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-deployment.yaml @@ -0,0 +1,148 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.alertmanager.enabled (not .Values.prometheus.alertmanager.statefulSet.enabled) -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + {{- include "prometheus.alertmanager.matchLabels" . | nindent 6 }} + replicas: {{ .Values.prometheus.alertmanager.replicaCount }} + {{- if .Values.prometheus.alertmanager.strategy }} + strategy: +{{ toYaml .Values.prometheus.alertmanager.strategy | indent 4 }} + {{- end }} + template: + metadata: + {{- if .Values.prometheus.alertmanager.podAnnotations }} + annotations: +{{ toYaml .Values.prometheus.alertmanager.podAnnotations | indent 8 }} + {{- end }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 8 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.podLabels}} + {{ toYaml .Values.prometheus.alertmanager.podLabels | nindent 8 }} + {{- end}} + spec: +{{- if .Values.prometheus.alertmanager.schedulerName }} + schedulerName: "{{ .Values.prometheus.alertmanager.schedulerName }}" +{{- end }} + serviceAccountName: {{ template "prometheus.serviceAccountName.alertmanager" . }} +{{- if .Values.prometheus.alertmanager.priorityClassName }} + priorityClassName: "{{ .Values.prometheus.alertmanager.priorityClassName }}" +{{- end }} + containers: + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.alertmanager.name }} + image: "{{ .Values.prometheus.alertmanager.image.repository }}:{{ .Values.prometheus.alertmanager.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.alertmanager.image.pullPolicy }}" + env: + {{- range $key, $value := .Values.prometheus.alertmanager.extraEnv }} + - name: {{ $key }} + value: {{ $value }} + {{- end }} + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + args: + - --config.file=/etc/config/{{ .Values.prometheus.alertmanager.configFileName }} + - --storage.path={{ .Values.prometheus.alertmanager.persistentVolume.mountPath }} + - --cluster.advertise-address=$(POD_IP):6783 + {{- range $key, $value := .Values.prometheus.alertmanager.extraArgs }} + - --{{ $key }}={{ $value }} + {{- end }} + {{- if .Values.prometheus.alertmanager.baseURL }} + - --web.external-url={{ .Values.prometheus.alertmanager.baseURL }} + {{- end }} + + ports: + - containerPort: 9093 + readinessProbe: + httpGet: + path: {{ .Values.prometheus.alertmanager.prefixURL }}/-/ready + port: 9093 + initialDelaySeconds: 30 + timeoutSeconds: 30 + resources: +{{ toYaml .Values.prometheus.alertmanager.resources | indent 12 }} + volumeMounts: + - name: config-volume + mountPath: /etc/config + - name: storage-volume + mountPath: "{{ .Values.prometheus.alertmanager.persistentVolume.mountPath }}" + subPath: "{{ .Values.prometheus.alertmanager.persistentVolume.subPath }}" + {{- range .Values.prometheus.alertmanager.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + + {{- if .Values.prometheus.configmapReload.alertmanager.enabled }} + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.alertmanager.name }}-{{ .Values.prometheus.configmapReload.alertmanager.name }} + image: "{{ .Values.prometheus.configmapReload.alertmanager.image.repository }}:{{ .Values.prometheus.configmapReload.alertmanager.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.configmapReload.alertmanager.image.pullPolicy }}" + args: + - --watched-dir=/etc/config + - --reload-url=http://127.0.0.1:9093{{ .Values.prometheus.alertmanager.prefixURL }}/-/reload + resources: +{{ toYaml .Values.prometheus.configmapReload.alertmanager.resources | indent 12 }} + volumeMounts: + - name: config-volume + mountPath: /etc/config + readOnly: true + {{- end }} + {{- if .Values.prometheus.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.prometheus.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.nodeSelector }} + nodeSelector: +{{ toYaml .Values.prometheus.alertmanager.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.securityContext }} + securityContext: +{{ toYaml .Values.prometheus.alertmanager.securityContext | indent 8 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.tolerations }} + tolerations: +{{ toYaml .Values.prometheus.alertmanager.tolerations | indent 8 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.affinity }} + affinity: +{{ toYaml .Values.prometheus.alertmanager.affinity | indent 8 }} + {{- end }} + volumes: + - name: config-volume + {{- if empty .Values.prometheus.alertmanager.configFromSecret }} + configMap: + name: {{ if .Values.prometheus.alertmanager.configMapOverrideName }}{{ .Release.Name }}-{{ .Values.prometheus.alertmanager.configMapOverrideName }}{{- else }}{{ template "prometheus.alertmanager.fullname" . }}{{- end }} + {{- else }} + secret: + secretName: {{ .Values.prometheus.alertmanager.configFromSecret }} + {{- end }} + {{- range .Values.prometheus.alertmanager.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + - name: storage-volume + {{- if .Values.prometheus.alertmanager.persistentVolume.enabled }} + persistentVolumeClaim: + claimName: {{ if .Values.prometheus.alertmanager.persistentVolume.existingClaim }}{{ .Values.prometheus.alertmanager.persistentVolume.existingClaim }}{{- else }}{{ template "prometheus.alertmanager.fullname" . }}{{- end }} + {{- else }} + emptyDir: {} + {{- end -}} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-ingress.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-ingress.yaml new file mode 100644 index 0000000000..41757e0e13 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-ingress.yaml @@ -0,0 +1,41 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.alertmanager.enabled .Values.prometheus.alertmanager.ingress.enabled -}} +{{- $releaseName := .Release.Name -}} +{{- $serviceName := include "prometheus.alertmanager.fullname" . }} +{{- $servicePort := .Values.prometheus.alertmanager.service.servicePort -}} +{{- $extraPaths := .Values.prometheus.alertmanager.ingress.extraPaths -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: +{{- if .Values.prometheus.alertmanager.ingress.annotations }} + annotations: +{{ toYaml .Values.prometheus.alertmanager.ingress.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} +{{- range $key, $value := .Values.prometheus.alertmanager.ingress.extraLabels }} + {{ $key }}: {{ $value }} +{{- end }} + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + rules: + {{- range .Values.prometheus.alertmanager.ingress.hosts }} + {{- $url := splitList "/" . }} + - host: {{ first $url }} + http: + paths: +{{ if $extraPaths }} +{{ toYaml $extraPaths | indent 10 }} +{{- end }} + - path: /{{ rest $url | join "/" }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} +{{- if .Values.prometheus.alertmanager.ingress.tls }} + tls: +{{ toYaml .Values.prometheus.alertmanager.ingress.tls | indent 4 }} + {{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-networkpolicy.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-networkpolicy.yaml new file mode 100644 index 0000000000..c24a76ae70 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-networkpolicy.yaml @@ -0,0 +1,22 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.alertmanager.enabled .Values.prometheus.networkPolicy.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "prometheus.alertmanager.matchLabels" . | nindent 6 }} + ingress: + - from: + - podSelector: + matchLabels: + {{- include "prometheus.server.matchLabels" . | nindent 12 }} + - ports: + - port: 9093 +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-pdb.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-pdb.yaml new file mode 100644 index 0000000000..123d24ee01 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-pdb.yaml @@ -0,0 +1,16 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.alertmanager.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} +spec: + maxUnavailable: {{ .Values.prometheus.alertmanager.podDisruptionBudget.maxUnavailable }} + selector: + matchLabels: + {{- include "prometheus.alertmanager.labels" . | nindent 6 }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-pvc.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-pvc.yaml new file mode 100644 index 0000000000..dea65e5e5e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-pvc.yaml @@ -0,0 +1,35 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if not .Values.prometheus.alertmanager.statefulSet.enabled -}} +{{- if and .Values.prometheus.alertmanager.enabled .Values.prometheus.alertmanager.persistentVolume.enabled -}} +{{- if not .Values.prometheus.alertmanager.persistentVolume.existingClaim -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + {{- if .Values.prometheus.alertmanager.persistentVolume.annotations }} + annotations: +{{ toYaml .Values.prometheus.alertmanager.persistentVolume.annotations | indent 4 }} + {{- end }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + accessModes: +{{ toYaml .Values.prometheus.alertmanager.persistentVolume.accessModes | indent 4 }} +{{- if .Values.prometheus.alertmanager.persistentVolume.storageClass }} +{{- if (eq "-" .Values.prometheus.alertmanager.persistentVolume.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.prometheus.alertmanager.persistentVolume.storageClass }}" +{{- end }} +{{- end }} +{{- if .Values.prometheus.alertmanager.persistentVolume.volumeBindingMode }} + volumeBindingModeName: "{{ .Values.prometheus.alertmanager.persistentVolume.volumeBindingMode }}" +{{- end }} + resources: + requests: + storage: "{{ .Values.prometheus.alertmanager.persistentVolume.size }}" +{{- end -}} +{{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-service-headless.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-service-headless.yaml new file mode 100644 index 0000000000..2f68f41260 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-service-headless.yaml @@ -0,0 +1,33 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.alertmanager.enabled .Values.prometheus.alertmanager.statefulSet.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.prometheus.alertmanager.statefulSet.headless.annotations }} + annotations: +{{ toYaml .Values.prometheus.alertmanager.statefulSet.headless.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} +{{- if .Values.prometheus.alertmanager.statefulSet.headless.labels }} +{{ toYaml .Values.prometheus.alertmanager.statefulSet.headless.labels | indent 4 }} +{{- end }} + name: {{ template "prometheus.alertmanager.fullname" . }}-headless + namespace: {{ .Release.Namespace }} +spec: + clusterIP: None + ports: + - name: http + port: {{ .Values.prometheus.alertmanager.statefulSet.headless.servicePort }} + protocol: TCP + targetPort: 9093 +{{- if .Values.prometheus.alertmanager.statefulSet.headless.enableMeshPeer }} + - name: meshpeer + port: 6783 + protocol: TCP + targetPort: 6783 +{{- end }} + selector: + {{- include "prometheus.alertmanager.matchLabels" . | nindent 4 }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-service.yaml new file mode 100644 index 0000000000..838d39ba44 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-service.yaml @@ -0,0 +1,55 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.alertmanager.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.prometheus.alertmanager.service.annotations }} + annotations: +{{ toYaml .Values.prometheus.alertmanager.service.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} +{{- if .Values.prometheus.alertmanager.service.labels }} +{{ toYaml .Values.prometheus.alertmanager.service.labels | indent 4 }} +{{- end }} + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: +{{- if .Values.prometheus.alertmanager.service.clusterIP }} + clusterIP: {{ .Values.prometheus.alertmanager.service.clusterIP }} +{{- end }} +{{- if .Values.prometheus.alertmanager.service.externalIPs }} + externalIPs: +{{ toYaml .Values.prometheus.alertmanager.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.prometheus.alertmanager.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheus.alertmanager.service.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheus.alertmanager.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheus.alertmanager.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: http + port: {{ .Values.prometheus.alertmanager.service.servicePort }} + protocol: TCP + targetPort: 9093 + {{- if .Values.prometheus.alertmanager.service.nodePort }} + nodePort: {{ .Values.prometheus.alertmanager.service.nodePort }} + {{- end }} +{{- if .Values.prometheus.alertmanager.service.enableMeshPeer }} + - name: meshpeer + port: 6783 + protocol: TCP + targetPort: 6783 +{{- end }} + selector: + {{- include "prometheus.alertmanager.matchLabels" . | nindent 4 }} +{{- if .Values.prometheus.alertmanager.service.sessionAffinity }} + sessionAffinity: {{ .Values.prometheus.alertmanager.service.sessionAffinity }} +{{- end }} + type: "{{ .Values.prometheus.alertmanager.service.type }}" +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-serviceaccount.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-serviceaccount.yaml new file mode 100644 index 0000000000..99257bbf88 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-serviceaccount.yaml @@ -0,0 +1,11 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.alertmanager.enabled .Values.prometheus.serviceAccounts.alertmanager.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} + name: {{ template "prometheus.serviceAccountName.alertmanager" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-statefulset.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-statefulset.yaml new file mode 100644 index 0000000000..26e05f1fb4 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-alertmanager-statefulset.yaml @@ -0,0 +1,155 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.alertmanager.enabled .Values.prometheus.alertmanager.statefulSet.enabled -}} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 4 }} + name: {{ template "prometheus.alertmanager.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + serviceName: {{ template "prometheus.alertmanager.fullname" . }}-headless + selector: + matchLabels: + {{- include "prometheus.alertmanager.matchLabels" . | nindent 6 }} + replicas: {{ .Values.prometheus.alertmanager.replicaCount }} + podManagementPolicy: {{ .Values.prometheus.alertmanager.statefulSet.podManagementPolicy }} + template: + metadata: + {{- if .Values.prometheus.alertmanager.podAnnotations }} + annotations: +{{ toYaml .Values.prometheus.alertmanager.podAnnotations | indent 8 }} + {{- end }} + labels: + {{- include "prometheus.alertmanager.labels" . | nindent 8 }} + spec: +{{- if .Values.prometheus.alertmanager.affinity }} + affinity: +{{ toYaml .Values.prometheus.alertmanager.affinity | indent 8 }} +{{- end }} +{{- if .Values.prometheus.alertmanager.schedulerName }} + schedulerName: "{{ .Values.prometheus.alertmanager.schedulerName }}" +{{- end }} + serviceAccountName: {{ template "prometheus.serviceAccountName.alertmanager" . }} +{{- if .Values.prometheus.alertmanager.priorityClassName }} + priorityClassName: "{{ .Values.prometheus.alertmanager.priorityClassName }}" +{{- end }} + containers: + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.alertmanager.name }} + image: "{{ .Values.prometheus.alertmanager.image.repository }}:{{ .Values.prometheus.alertmanager.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.alertmanager.image.pullPolicy }}" + env: + {{- range $key, $value := .Values.prometheus.alertmanager.extraEnv }} + - name: {{ $key }} + value: {{ $value }} + {{- end }} + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + args: + - --config.file=/etc/config/alertmanager.yml + - --storage.path={{ .Values.prometheus.alertmanager.persistentVolume.mountPath }} + - --cluster.advertise-address=$(POD_IP):6783 + {{- if .Values.prometheus.alertmanager.statefulSet.headless.enableMeshPeer }} + - --cluster.listen-address=0.0.0.0:6783 + {{- range $n := until (.Values.prometheus.alertmanager.replicaCount | int) }} + - --cluster.peer={{ template "prometheus.alertmanager.fullname" $ }}-{{ $n }}.{{ template "prometheus.alertmanager.fullname" $ }}-headless:6783 + {{- end }} + {{- end }} + {{- range $key, $value := .Values.prometheus.alertmanager.extraArgs }} + - --{{ $key }}={{ $value }} + {{- end }} + {{- if .Values.prometheus.alertmanager.baseURL }} + - --web.external-url={{ .Values.prometheus.alertmanager.baseURL }} + {{- end }} + + ports: + - containerPort: 9093 + readinessProbe: + httpGet: + path: {{ .Values.prometheus.alertmanager.prefixURL }}/#/status + port: 9093 + initialDelaySeconds: 30 + timeoutSeconds: 30 + resources: +{{ toYaml .Values.prometheus.alertmanager.resources | indent 12 }} + volumeMounts: + - name: config-volume + mountPath: /etc/config + - name: storage-volume + mountPath: "{{ .Values.prometheus.alertmanager.persistentVolume.mountPath }}" + subPath: "{{ .Values.prometheus.alertmanager.persistentVolume.subPath }}" + {{- range .Values.prometheus.alertmanager.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- if .Values.prometheus.configmapReload.alertmanager.enabled }} + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.alertmanager.name }}-{{ .Values.prometheus.configmapReload.alertmanager.name }} + image: "{{ .Values.prometheus.configmapReload.alertmanager.image.repository }}:{{ .Values.prometheus.configmapReload.alertmanager.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.configmapReload.alertmanager.image.pullPolicy }}" + args: + - --watched-dir=/etc/config + - --reload-url=http://localhost:9093{{ .Values.prometheus.alertmanager.prefixURL }}/-/reload + resources: +{{ toYaml .Values.prometheus.configmapReload.alertmanager.resources | indent 12 }} + volumeMounts: + - name: config-volume + mountPath: /etc/config + readOnly: true + {{- end }} + {{- if .Values.prometheus.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.prometheus.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.nodeSelector }} + nodeSelector: +{{ toYaml .Values.prometheus.alertmanager.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.securityContext }} + securityContext: +{{ toYaml .Values.prometheus.alertmanager.securityContext | indent 8 }} + {{- end }} + {{- if .Values.prometheus.alertmanager.tolerations }} + tolerations: +{{ toYaml .Values.prometheus.alertmanager.tolerations | indent 8 }} + {{- end }} + volumes: + - name: config-volume + configMap: + name: {{ if .Values.prometheus.alertmanager.configMapOverrideName }}{{ .Release.Name }}-{{ .Values.prometheus.alertmanager.configMapOverrideName }}{{- else }}{{ template "prometheus.alertmanager.fullname" . }}{{- end }} + {{- range .Values.prometheus.alertmanager.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} +{{- if .Values.prometheus.alertmanager.persistentVolume.enabled }} + volumeClaimTemplates: + - metadata: + name: storage-volume + {{- if .Values.prometheus.alertmanager.persistentVolume.annotations }} + annotations: +{{ toYaml .Values.prometheus.alertmanager.persistentVolume.annotations | indent 10 }} + {{- end }} + spec: + accessModes: +{{ toYaml .Values.prometheus.alertmanager.persistentVolume.accessModes | indent 10 }} + resources: + requests: + storage: "{{ .Values.prometheus.alertmanager.persistentVolume.size }}" + {{- if .Values.prometheus.server.persistentVolume.storageClass }} + {{- if (eq "-" .Values.prometheus.server.persistentVolume.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.prometheus.alertmanager.persistentVolume.storageClass }}" + {{- end }} + {{- end }} +{{- else }} + - name: storage-volume + emptyDir: {} +{{- end }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-daemonset.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-daemonset.yaml new file mode 100644 index 0000000000..3529d6bdd8 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-daemonset.yaml @@ -0,0 +1,139 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.nodeExporter.enabled -}} +apiVersion: apps/v1 +kind: DaemonSet +metadata: +{{- if .Values.prometheus.nodeExporter.deploymentAnnotations }} + annotations: +{{ toYaml .Values.prometheus.nodeExporter.deploymentAnnotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "prometheus.nodeExporter.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + {{- include "prometheus.nodeExporter.matchLabels" . | nindent 6 }} + {{- if .Values.prometheus.nodeExporter.updateStrategy }} + updateStrategy: +{{ toYaml .Values.prometheus.nodeExporter.updateStrategy | indent 4 }} + {{- end }} + template: + metadata: + {{- if .Values.prometheus.nodeExporter.podAnnotations }} + annotations: +{{ toYaml .Values.prometheus.nodeExporter.podAnnotations | indent 8 }} + {{- end }} + labels: + {{- include "prometheus.nodeExporter.labels" . | nindent 8 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} +{{- if .Values.prometheus.nodeExporter.pod.labels }} +{{ toYaml .Values.prometheus.nodeExporter.pod.labels | indent 8 }} +{{- end }} + spec: +{{- if .Values.prometheus.nodeExporter.affinity }} + affinity: +{{ toYaml .Values.prometheus.nodeExporter.affinity | indent 8 }} +{{- end }} + serviceAccountName: {{ template "prometheus.serviceAccountName.nodeExporter" . }} +{{- if .Values.prometheus.nodeExporter.dnsPolicy }} + dnsPolicy: "{{ .Values.prometheus.nodeExporter.dnsPolicy }}" +{{- end }} +{{- if .Values.prometheus.nodeExporter.priorityClassName }} + priorityClassName: "{{ .Values.prometheus.nodeExporter.priorityClassName }}" +{{- end }} + containers: + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.nodeExporter.name }} + image: "{{ .Values.prometheus.nodeExporter.image.repository }}:{{ .Values.prometheus.nodeExporter.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.nodeExporter.image.pullPolicy }}" + args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + {{- if .Values.prometheus.nodeExporter.hostNetwork }} + - --web.listen-address=:{{ .Values.prometheus.nodeExporter.service.hostPort }} + {{- end }} + {{- range $key, $value := .Values.prometheus.nodeExporter.extraArgs }} + {{- if $value }} + - --{{ $key }}={{ $value }} + {{- else }} + - --{{ $key }} + {{- end }} + {{- end }} + ports: + - name: metrics + {{- if .Values.prometheus.nodeExporter.hostNetwork }} + containerPort: {{ .Values.prometheus.nodeExporter.service.hostPort }} + {{- else }} + containerPort: 9100 + {{- end }} + hostPort: {{ .Values.prometheus.nodeExporter.service.hostPort }} + resources: +{{ toYaml .Values.prometheus.nodeExporter.resources | indent 12 }} + volumeMounts: + - name: proc + mountPath: /host/proc + readOnly: true + - name: sys + mountPath: /host/sys + readOnly: true + {{- range .Values.prometheus.nodeExporter.extraHostPathMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + readOnly: {{ .readOnly }} + {{- if .mountPropagation }} + mountPropagation: {{ .mountPropagation }} + {{- end }} + {{- end }} + {{- range .Values.prometheus.nodeExporter.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- if .Values.prometheus.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.prometheus.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.prometheus.nodeExporter.hostNetwork }} + hostNetwork: true + {{- end }} + {{- if .Values.prometheus.nodeExporter.hostPID }} + hostPID: true + {{- end }} + {{- if .Values.prometheus.nodeExporter.tolerations }} + tolerations: +{{ toYaml .Values.prometheus.nodeExporter.tolerations | indent 8 }} + {{- end }} + {{- if .Values.prometheus.nodeExporter.nodeSelector }} + nodeSelector: +{{ toYaml .Values.prometheus.nodeExporter.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.prometheus.nodeExporter.securityContext }} + securityContext: +{{ toYaml .Values.prometheus.nodeExporter.securityContext | indent 8 }} + {{- end }} + volumes: + - name: proc + hostPath: + path: /proc + - name: sys + hostPath: + path: /sys + {{- range .Values.prometheus.nodeExporter.extraHostPathMounts }} + - name: {{ .name }} + hostPath: + path: {{ .hostPath }} + {{- end }} + {{- range .Values.prometheus.nodeExporter.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-ocp-scc.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-ocp-scc.yaml new file mode 100644 index 0000000000..e226f9beac --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-ocp-scc.yaml @@ -0,0 +1,29 @@ +{{- if and (.Capabilities.APIVersions.Has "security.openshift.io/v1/SecurityContextConstraints") (.Values.global.platforms.openshift.scc.nodeExporter) (.Values.prometheus.nodeExporter.enabled) }} +apiVersion: security.openshift.io/v1 +kind: SecurityContextConstraints +metadata: + name: {{ template "prometheus.nodeExporter.fullname" . }} +priority: 10 +allowPrivilegedContainer: true +allowHostDirVolumePlugin: true +allowHostNetwork: true +allowHostPorts: true +allowHostPID: true +allowHostIPC: false +readOnlyRootFilesystem: false +runAsUser: + type: RunAsAny +fsGroup: + type: RunAsAny +seLinuxContext: + type: RunAsAny +supplementalGroups: + type: RunAsAny +seccompProfiles: +- runtime/default +volumes: + - hostPath + - projected +users: + - system:serviceaccount:{{ .Release.Namespace }}:{{ template "prometheus.serviceAccountName.nodeExporter" . }} +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-service.yaml new file mode 100644 index 0000000000..9b8167e8d7 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-service.yaml @@ -0,0 +1,47 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.nodeExporter.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.prometheus.nodeExporter.service.annotations }} + annotations: +{{ toYaml .Values.prometheus.nodeExporter.service.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} +{{- if .Values.prometheus.nodeExporter.service.labels }} +{{ toYaml .Values.prometheus.nodeExporter.service.labels | indent 4 }} +{{- end }} + name: {{ template "prometheus.nodeExporter.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: +{{- if .Values.prometheus.nodeExporter.service.clusterIP }} + clusterIP: {{ .Values.prometheus.nodeExporter.service.clusterIP }} +{{- end }} +{{- if .Values.prometheus.nodeExporter.service.externalIPs }} + externalIPs: +{{ toYaml .Values.prometheus.nodeExporter.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.prometheus.nodeExporter.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheus.nodeExporter.service.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheus.nodeExporter.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheus.nodeExporter.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: tcp-metrics + port: {{ .Values.prometheus.nodeExporter.service.servicePort }} + protocol: TCP + {{- if .Values.prometheus.nodeExporter.hostNetwork }} + targetPort: {{ .Values.prometheus.nodeExporter.service.hostPort }} + {{- else }} + targetPort: 9100 + {{- end }} + selector: + {{- include "prometheus.nodeExporter.matchLabels" . | nindent 4 }} + type: "{{ .Values.prometheus.nodeExporter.service.type }}" +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-serviceaccount.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-serviceaccount.yaml new file mode 100644 index 0000000000..3cb68d8e46 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-node-exporter-serviceaccount.yaml @@ -0,0 +1,11 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.nodeExporter.enabled .Values.prometheus.serviceAccounts.nodeExporter.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} + name: {{ template "prometheus.serviceAccountName.nodeExporter" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-deployment.yaml new file mode 100644 index 0000000000..072c028d1e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-deployment.yaml @@ -0,0 +1,106 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.pushgateway.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "prometheus.pushgateway.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + selector: + {{- if .Values.prometheus.pushgateway.schedulerName }} + schedulerName: "{{ .Values.prometheus.pushgateway.schedulerName }}" + {{- end }} + matchLabels: + {{- include "prometheus.pushgateway.matchLabels" . | nindent 6 }} + replicas: {{ .Values.prometheus.pushgateway.replicaCount }} + {{- if .Values.prometheus.pushgateway.strategy }} + strategy: +{{ toYaml .Values.prometheus.pushgateway.strategy | indent 4 }} + {{- end }} + template: + metadata: + {{- if .Values.prometheus.pushgateway.podAnnotations }} + annotations: +{{ toYaml .Values.prometheus.pushgateway.podAnnotations | indent 8 }} + {{- end }} + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 8 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "prometheus.serviceAccountName.pushgateway" . }} +{{- if .Values.prometheus.pushgateway.priorityClassName }} + priorityClassName: "{{ .Values.prometheus.pushgateway.priorityClassName }}" +{{- end }} + containers: + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.pushgateway.name }} + image: "{{ .Values.prometheus.pushgateway.image.repository }}:{{ .Values.prometheus.pushgateway.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.pushgateway.image.pullPolicy }}" + args: + {{- range $key, $value := .Values.prometheus.pushgateway.extraArgs }} + - --{{ $key }}={{ $value }} + {{- end }} + ports: + - containerPort: 9091 + livenessProbe: + httpGet: + {{- if (index .Values.prometheus "pushgateway" "extraArgs" "web.route-prefix") }} + path: /{{ index .Values.prometheus "pushgateway" "extraArgs" "web.route-prefix" }}/-/healthy + {{- else }} + path: /-/healthy + {{- end }} + port: 9091 + initialDelaySeconds: 10 + timeoutSeconds: 10 + readinessProbe: + httpGet: + {{- if (index .Values.prometheus "pushgateway" "extraArgs" "web.route-prefix") }} + path: /{{ index .Values.prometheus "pushgateway" "extraArgs" "web.route-prefix" }}/-/ready + {{- else }} + path: /-/ready + {{- end }} + port: 9091 + initialDelaySeconds: 10 + timeoutSeconds: 10 + resources: +{{ toYaml .Values.prometheus.pushgateway.resources | indent 12 }} + {{- if .Values.prometheus.pushgateway.persistentVolume.enabled }} + volumeMounts: + - name: storage-volume + mountPath: "{{ .Values.prometheus.pushgateway.persistentVolume.mountPath }}" + subPath: "{{ .Values.prometheus.pushgateway.persistentVolume.subPath }}" + {{- end }} + {{- if .Values.prometheus.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.prometheus.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.prometheus.pushgateway.nodeSelector }} + nodeSelector: +{{ toYaml .Values.prometheus.pushgateway.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.prometheus.pushgateway.securityContext }} + securityContext: +{{ toYaml .Values.prometheus.pushgateway.securityContext | indent 8 }} + {{- end }} + {{- if .Values.prometheus.pushgateway.tolerations }} + tolerations: +{{ toYaml .Values.prometheus.pushgateway.tolerations | indent 8 }} + {{- end }} + {{- if .Values.prometheus.pushgateway.affinity }} + affinity: +{{ toYaml .Values.prometheus.pushgateway.affinity | indent 8 }} + {{- end }} + {{- if .Values.prometheus.pushgateway.persistentVolume.enabled }} + volumes: + - name: storage-volume + persistentVolumeClaim: + claimName: {{ if .Values.prometheus.pushgateway.persistentVolume.existingClaim }}{{ .Values.prometheus.pushgateway.persistentVolume.existingClaim }}{{- else }}{{ template "prometheus.pushgateway.fullname" . }}{{- end }} + {{- end -}} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-ingress.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-ingress.yaml new file mode 100644 index 0000000000..2d3f1d2836 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-ingress.yaml @@ -0,0 +1,38 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.pushgateway.enabled .Values.prometheus.pushgateway.ingress.enabled -}} +{{- $releaseName := .Release.Name -}} +{{- $serviceName := include "prometheus.pushgateway.fullname" . }} +{{- $servicePort := .Values.prometheus.pushgateway.service.servicePort -}} +{{- $extraPaths := .Values.prometheus.pushgateway.ingress.extraPaths -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: +{{- if .Values.prometheus.pushgateway.ingress.annotations }} + annotations: +{{ toYaml .Values.prometheus.pushgateway.ingress.annotations | indent 4}} +{{- end }} + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 4 }} + name: {{ template "prometheus.pushgateway.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + rules: + {{- range .Values.prometheus.pushgateway.ingress.hosts }} + {{- $url := splitList "/" . }} + - host: {{ first $url }} + http: + paths: +{{ if $extraPaths }} +{{ toYaml $extraPaths | indent 10 }} +{{- end }} + - path: /{{ rest $url | join "/" }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} +{{- if .Values.prometheus.pushgateway.ingress.tls }} + tls: +{{ toYaml .Values.prometheus.pushgateway.ingress.tls | indent 4 }} + {{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-networkpolicy.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-networkpolicy.yaml new file mode 100644 index 0000000000..b6e41eedfc --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-networkpolicy.yaml @@ -0,0 +1,22 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.pushgateway.enabled .Values.networkPolicy.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "prometheus.pushgateway.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "prometheus.pushgateway.matchLabels" . | nindent 6 }} + ingress: + - from: + - podSelector: + matchLabels: + {{- include "prometheus.server.matchLabels" . | nindent 12 }} + - ports: + - port: 9091 +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-pdb.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-pdb.yaml new file mode 100644 index 0000000000..00f7e45024 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-pdb.yaml @@ -0,0 +1,15 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.pushgateway.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus.pushgateway.fullname" . }} + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 4 }} +spec: + maxUnavailable: {{ .Values.prometheus.pushgateway.podDisruptionBudget.maxUnavailable }} + selector: + matchLabels: + {{- include "prometheus.pushgateway.labels" . | nindent 6 }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-pvc.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-pvc.yaml new file mode 100644 index 0000000000..ba22f5921c --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-pvc.yaml @@ -0,0 +1,35 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.pushgateway.enabled -}} +{{- if .Values.prometheus.pushgateway.persistentVolume.enabled -}} +{{- if not .Values.prometheus.pushgateway.persistentVolume.existingClaim -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + {{- if .Values.prometheus.pushgateway.persistentVolume.annotations }} + annotations: +{{ toYaml .Values.prometheus.pushgateway.persistentVolume.annotations | indent 4 }} + {{- end }} + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 4 }} + name: {{ template "prometheus.pushgateway.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + accessModes: +{{ toYaml .Values.prometheus.pushgateway.persistentVolume.accessModes | indent 4 }} +{{- if .Values.prometheus.pushgateway.persistentVolume.storageClass }} +{{- if (eq "-" .Values.prometheus.pushgateway.persistentVolume.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.prometheus.pushgateway.persistentVolume.storageClass }}" +{{- end }} +{{- end }} +{{- if .Values.prometheus.pushgateway.persistentVolume.volumeBindingMode }} + volumeBindingModeName: "{{ .Values.prometheus.pushgateway.persistentVolume.volumeBindingMode }}" +{{- end }} + resources: + requests: + storage: "{{ .Values.prometheus.pushgateway.persistentVolume.size }}" +{{- end -}} +{{- end -}} +{{ end }} +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-service.yaml new file mode 100644 index 0000000000..3e88117042 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-service.yaml @@ -0,0 +1,43 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.pushgateway.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.prometheus.pushgateway.service.annotations }} + annotations: +{{ toYaml .Values.prometheus.pushgateway.service.annotations | indent 4}} +{{- end }} + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 4 }} +{{- if .Values.prometheus.pushgateway.service.labels }} +{{ toYaml .Values.prometheus.pushgateway.service.labels | indent 4}} +{{- end }} + name: {{ template "prometheus.pushgateway.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: +{{- if .Values.prometheus.pushgateway.service.clusterIP }} + clusterIP: {{ .Values.prometheus.pushgateway.service.clusterIP }} +{{- end }} +{{- if .Values.prometheus.pushgateway.service.externalIPs }} + externalIPs: +{{ toYaml .Values.prometheus.pushgateway.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.prometheus.pushgateway.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheus.pushgateway.service.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheus.pushgateway.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheus.pushgateway.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: http + port: {{ .Values.prometheus.pushgateway.service.servicePort }} + protocol: TCP + targetPort: 9091 + selector: + {{- include "prometheus.pushgateway.matchLabels" . | nindent 4 }} + type: "{{ .Values.prometheus.pushgateway.service.type }}" +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-serviceaccount.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-serviceaccount.yaml new file mode 100644 index 0000000000..1339e4b6bb --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-pushgateway-serviceaccount.yaml @@ -0,0 +1,11 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.pushgateway.enabled .Values.prometheus.serviceAccounts.pushgateway.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + {{- include "prometheus.pushgateway.labels" . | nindent 4 }} + name: {{ template "prometheus.serviceAccountName.pushgateway" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-clusterrole.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-clusterrole.yaml new file mode 100644 index 0000000000..3672195556 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-clusterrole.yaml @@ -0,0 +1,39 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.server.enabled .Values.prometheus.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + name: {{ template "prometheus.server.fullname" . }} +rules: + - apiGroups: + - "" + resources: + - nodes + - nodes/proxy + - nodes/metrics + - services + - endpoints + - pods + - ingresses + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses/status + - ingresses + verbs: + - get + - list + - watch + - nonResourceURLs: + - "/metrics" + verbs: + - get +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-clusterrolebinding.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-clusterrolebinding.yaml new file mode 100644 index 0000000000..e03d8e443f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-clusterrolebinding.yaml @@ -0,0 +1,18 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if and .Values.prometheus.server.enabled .Values.prometheus.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + name: {{ template "prometheus.server.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "prometheus.serviceAccountName.server" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "prometheus.server.fullname" . }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-configmap.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-configmap.yaml new file mode 100644 index 0000000000..36403c64ca --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-configmap.yaml @@ -0,0 +1,100 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.enabled -}} +{{- if (empty .Values.prometheus.server.configMapOverrideName) -}} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ .Release.Namespace }} +data: +{{- $root := . -}} +{{- range $key, $value := .Values.prometheus.serverFiles }} + {{ $key }}: | +{{- if eq $key "prometheus.yml" }} + global: +{{ $root.Values.prometheus.server.global | toYaml | trimSuffix "\n" | indent 6 }} +{{- if $root.Values.global.amp.enabled }} + remote_write: + - url: {{ $root.Values.global.amp.remoteWriteService }} + sigv4: +{{ $root.Values.global.amp.sigv4 | toYaml | indent 8 }} +{{- end }} +{{- if $root.Values.global.ammsp.enabled }} + # See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write + # for guidance on this configuration option + remote_write: + - url: {{ $root.Values.global.ammsp.remoteWriteService }} + azuread: + cloud: 'AzurePublic' + managed_identity: + client_id: {{ $root.Values.global.ammsp.aadAuthProxy.aadClientId }} +{{- end }} +{{- if $root.Values.prometheus.server.remoteWrite }} + remote_write: +{{ $root.Values.prometheus.server.remoteWrite | toYaml | indent 4 }} +{{- end }} +{{- if $root.Values.prometheus.server.remoteRead }} + remote_read: +{{ $root.Values.prometheus.server.remoteRead | toYaml | indent 4 }} +{{- end }} +{{- end }} +{{- if eq $key "alerts" }} +{{- if and (not (empty $value)) (empty $value.groups) }} + groups: +{{- range $ruleKey, $ruleValue := $value }} + - name: {{ $ruleKey -}}.rules + rules: +{{ $ruleValue | toYaml | trimSuffix "\n" | indent 6 }} +{{- end }} +{{- else }} +{{ toYaml $value | indent 4 }} +{{- end }} +{{- else }} +{{ toYaml $value | default "{}" | indent 4 }} +{{- end }} +{{- if eq $key "prometheus.yml" -}} +{{- if $root.Values.prometheus.extraScrapeConfigs }} +{{ tpl $root.Values.prometheus.extraScrapeConfigs $root | indent 4 }} +{{- end -}} +{{- if or ($root.Values.prometheus.alertmanager.enabled) ($root.Values.prometheus.server.alertmanagers) }} + alerting: +{{- if $root.Values.prometheus.alertRelabelConfigs }} +{{ $root.Values.prometheus.alertRelabelConfigs | toYaml | trimSuffix "\n" | indent 6 }} +{{- end }} + alertmanagers: +{{- if $root.Values.prometheus.server.alertmanagers }} +{{ toYaml $root.Values.prometheus.server.alertmanagers | indent 8 }} +{{- else }} + - kubernetes_sd_configs: + - role: pod + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + {{- if $root.Values.prometheus.alertmanager.prefixURL }} + path_prefix: {{ $root.Values.prometheus.alertmanager.prefixURL }} + {{- end }} + relabel_configs: + - source_labels: [__meta_kubernetes_namespace] + regex: {{ $root.Release.Namespace }} + action: keep + - source_labels: [__meta_kubernetes_pod_label_app] + regex: {{ template "prometheus.name" $root }} + action: keep + - source_labels: [__meta_kubernetes_pod_label_component] + regex: alertmanager + action: keep + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_probe] + regex: {{ index $root.Values.prometheus.alertmanager.podAnnotations "prometheus.io/probe" | default ".*" }} + action: keep + - source_labels: [__meta_kubernetes_pod_container_port_number] + regex: + action: drop +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-deployment.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-deployment.yaml new file mode 100644 index 0000000000..194c3df754 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-deployment.yaml @@ -0,0 +1,260 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.enabled -}} +{{- if not .Values.prometheus.server.statefulSet.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: +{{- if .Values.prometheus.server.deploymentAnnotations }} + annotations: +{{ toYaml .Values.prometheus.server.deploymentAnnotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + {{- include "prometheus.server.matchLabels" . | nindent 6 }} + replicas: {{ .Values.prometheus.server.replicaCount }} + {{- if .Values.prometheus.server.strategy }} + strategy: +{{ toYaml .Values.prometheus.server.strategy | indent 4 }} + {{- end }} + template: + metadata: + annotations: + {{- if .Values.prometheus.server.podAnnotations }} +{{ toYaml .Values.prometheus.server.podAnnotations | indent 8 }} + {{- end }} + checksum/configs: {{ include "configsChecksum" . }} + labels: + {{- include "prometheus.server.labels" . | nindent 8 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.server.podLabels}} + {{ toYaml .Values.prometheus.server.podLabels | nindent 8 }} + {{- end}} + spec: +{{- if .Values.prometheus.server.priorityClassName }} + priorityClassName: "{{ .Values.prometheus.server.priorityClassName }}" +{{- end }} +{{- if .Values.prometheus.server.schedulerName }} + schedulerName: "{{ .Values.prometheus.server.schedulerName }}" +{{- end }} + serviceAccountName: {{ template "prometheus.serviceAccountName.server" . }} + {{- if .Values.prometheus.server.extraInitContainers }} + initContainers: +{{ toYaml .Values.prometheus.server.extraInitContainers | indent 8 }} + {{- end }} + containers: + {{- if .Values.prometheus.configmapReload.prometheus.enabled }} + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.server.name }}-{{ .Values.prometheus.configmapReload.prometheus.name }} + image: "{{ .Values.prometheus.configmapReload.prometheus.image.repository }}:{{ .Values.prometheus.configmapReload.prometheus.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.configmapReload.prometheus.image.pullPolicy }}" + args: + - --watched-dir=/etc/config + - --reload-url=http://127.0.0.1:9090{{ .Values.prometheus.server.prefixURL }}/-/reload + {{- range $key, $value := .Values.prometheus.configmapReload.prometheus.extraArgs }} + - --{{ $key }}={{ $value }} + {{- end }} + {{- range .Values.prometheus.configmapReload.prometheus.extraVolumeDirs }} + - --watched-dir={{ . }} + {{- end }} + resources: + {{- toYaml .Values.prometheus.configmapReload.prometheus.resources | nindent 12 }} + securityContext: + {{- if .Values.global.containerSecurityContext }} + {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} + {{- else }} + {{- toYaml .Values.prometheus.configmapReload.prometheus.containerSecurityContext | nindent 12 }} + {{- end }} + volumeMounts: + {{- if .Values.prometheus.selfsignedCertConfigMapName }} + - name: {{ .Values.prometheus.selfsignedCertConfigMapName }} + mountPath: /etc/ssl/certs/my-cert.pem + subPath: my-cert.pem + readOnly: false + {{- end }} + - name: config-volume + mountPath: /etc/config + readOnly: true + {{- range .Values.prometheus.configmapReload.prometheus.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.configmapReload.prometheus.name }}-{{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- end }} + + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.server.name }} + image: "{{ .Values.prometheus.server.image.repository }}:{{ .Values.prometheus.server.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.server.image.pullPolicy }}" + {{- if .Values.prometheus.server.env }} + env: +{{ toYaml .Values.prometheus.server.env | indent 12}} + {{- end }} + args: + {{- if .Values.prometheus.server.retention }} + - --storage.tsdb.retention.time={{ .Values.prometheus.server.retention }} + {{- end }} + {{- if .Values.prometheus.server.retentionSize }} + - --storage.tsdb.retention.size={{ .Values.prometheus.server.retentionSize }} + {{- end }} + - --config.file={{ .Values.prometheus.server.configPath }} + - --storage.tsdb.path={{ .Values.prometheus.server.persistentVolume.mountPath }} + - --web.console.libraries=/etc/prometheus/console_libraries + - --web.console.templates=/etc/prometheus/consoles + {{- range .Values.prometheus.server.extraFlags }} + - --{{ . }} + {{- end }} + {{- if .Values.prometheus.server.baseURL }} + - --web.external-url={{ .Values.prometheus.server.baseURL }} + {{- end }} + + {{- range $key, $value := .Values.prometheus.server.extraArgs }} + - --{{ $key }}={{ $value }} + {{- end }} + ports: + - containerPort: 9090 + readinessProbe: + httpGet: + path: {{ .Values.prometheus.server.prefixURL }}/-/ready + port: 9090 + initialDelaySeconds: {{ .Values.prometheus.server.readinessProbeInitialDelay }} + timeoutSeconds: {{ .Values.prometheus.server.readinessProbeTimeout }} + failureThreshold: {{ .Values.prometheus.server.readinessProbeFailureThreshold }} + successThreshold: {{ .Values.prometheus.server.readinessProbeSuccessThreshold }} + livenessProbe: + httpGet: + path: {{ .Values.prometheus.server.prefixURL }}/-/healthy + port: 9090 + initialDelaySeconds: {{ .Values.prometheus.server.livenessProbeInitialDelay }} + timeoutSeconds: {{ .Values.prometheus.server.livenessProbeTimeout }} + failureThreshold: {{ .Values.prometheus.server.livenessProbeFailureThreshold }} + successThreshold: {{ .Values.prometheus.server.livenessProbeSuccessThreshold }} + resources: + {{- toYaml .Values.prometheus.server.resources | nindent 12 }} + securityContext: + {{- if .Values.global.containerSecurityContext }} + {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} + {{- else }} + {{- toYaml .Values.prometheus.server.containerSecurityContext | nindent 12 }} + {{- end }} + volumeMounts: + - name: config-volume + mountPath: /etc/config + - name: storage-volume + mountPath: {{ .Values.prometheus.server.persistentVolume.mountPath }} + subPath: "{{ .Values.prometheus.server.persistentVolume.subPath }}" + {{- range .Values.prometheus.server.extraHostPathMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.prometheus.server.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.server.name }}-{{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.prometheus.server.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- if .Values.prometheus.server.extraVolumeMounts }} + {{ toYaml .Values.prometheus.server.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- if .Values.prometheus.server.sidecarContainers }} + {{- toYaml .Values.prometheus.server.sidecarContainers | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.prometheus.imagePullSecrets | indent 0 }} + {{- end }} + {{- if .Values.prometheus.server.nodeSelector }} + nodeSelector: + {{- toYaml .Values.prometheus.server.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.server.securityContext }} + securityContext: + {{- if not .Values.prometheus.server.securityContext.fsGroup }} + fsGroupChangePolicy: OnRootMismatch + fsGroup: 1001 + {{- end }} + {{- toYaml .Values.prometheus.server.securityContext | nindent 8 }} + {{- else if and (.Values.global.platforms.openshift.enabled) (.Values.global.platforms.openshift.securityContext) }} + securityContext: + {{- toYaml .Values.global.platforms.openshift.securityContext | nindent 8 }} + {{- else if .Values.global.securityContext }} + securityContext: + {{- toYaml .Values.global.securityContext | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.server.tolerations }} + tolerations: +{{ toYaml .Values.prometheus.server.tolerations | indent 8 }} + {{- end }} + {{- if .Values.prometheus.server.affinity }} + affinity: +{{ toYaml .Values.prometheus.server.affinity | indent 8 }} + {{- end }} + terminationGracePeriodSeconds: {{ .Values.prometheus.server.terminationGracePeriodSeconds }} + volumes: + {{- if .Values.prometheus.selfsignedCertConfigMapName }} + - name: {{ .Values.prometheus.selfsignedCertConfigMapName }} + configMap: + name: {{ .Values.prometheus.selfsignedCertConfigMapName }} + {{- end }} + - name: config-volume + configMap: + name: {{ if .Values.prometheus.server.configMapOverrideName }}{{ .Release.Name }}-{{ .Values.prometheus.server.configMapOverrideName }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }} + - name: storage-volume + {{- if .Values.prometheus.server.persistentVolume.enabled }} + persistentVolumeClaim: + claimName: {{ if .Values.prometheus.server.persistentVolume.existingClaim }}{{ .Values.prometheus.server.persistentVolume.existingClaim }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }} + {{- else }} + emptyDir: + {{- if .Values.prometheus.server.emptyDir.sizeLimit }} + sizeLimit: {{ .Values.prometheus.server.emptyDir.sizeLimit }} + {{- else }} + {} + {{- end -}} + {{- end -}} +{{- if .Values.prometheus.server.extraVolumes }} +{{ toYaml .Values.prometheus.server.extraVolumes | indent 8}} +{{- end }} + {{- range .Values.prometheus.server.extraHostPathMounts }} + - name: {{ .name }} + hostPath: + path: {{ .hostPath }} + {{- end }} + {{- range .Values.prometheus.configmapReload.prometheus.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.configmapReload.prometheus.name }}-{{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.prometheus.server.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.server.name }}-{{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.prometheus.server.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ tpl .secretName $ }} + {{- end }} + {{- range .Values.prometheus.configmapReload.prometheus.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} +{{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-ingress.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-ingress.yaml new file mode 100644 index 0000000000..18a7835fce --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-ingress.yaml @@ -0,0 +1,45 @@ +{{- if and (.Values.global.prometheus.enabled) (.Values.prometheus.server.enabled) (.Values.prometheus.server.ingress.enabled) }} +{{- $serviceName := include "prometheus.server.fullname" . }} +{{- $servicePort := .Values.prometheus.server.service.servicePort -}} +{{- $extraPaths := .Values.prometheus.server.ingress.extraPaths -}} +{{- $pathType := .Values.prometheus.server.ingress.pathType -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: +{{- if .Values.prometheus.server.ingress.annotations }} + annotations: +{{ toYaml .Values.prometheus.server.ingress.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} +{{- range $key, $value := .Values.prometheus.server.ingress.extraLabels }} + {{ $key }}: {{ $value }} +{{- end }} + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: +{{- if .Values.prometheus.server.ingress.className }} + ingressClassName: {{ .Values.prometheus.server.ingress.className }} +{{- end }} + rules: + {{- range .Values.prometheus.server.ingress.hosts }} + {{- $url := splitList "/" . }} + - host: {{ first $url }} + http: + paths: +{{ if $extraPaths }} +{{ toYaml $extraPaths | indent 10 }} +{{- end }} + - path: /{{ rest $url | join "/" }} + pathType: {{ $pathType }} + backend: + service: + name: {{ $serviceName }} + port: + number: {{ $servicePort }} + {{- end -}} +{{- if .Values.prometheus.server.ingress.tls }} + tls: +{{ toYaml .Values.prometheus.server.ingress.tls | indent 4 }} + {{- end -}} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-networkpolicy.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-networkpolicy.yaml new file mode 100644 index 0000000000..23b04419ca --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-networkpolicy.yaml @@ -0,0 +1,16 @@ +{{- if and (.Values.global.prometheus.enabled) (.Values.prometheus.server.enabled) (.Values.networkPolicy.enabled) }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "prometheus.server.matchLabels" . | nindent 6 }} + ingress: + - ports: + - port: 9090 +{{- end }} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-pdb.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-pdb.yaml new file mode 100644 index 0000000000..52ceeb2484 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-pdb.yaml @@ -0,0 +1,15 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus.server.fullname" . }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} +spec: + maxUnavailable: {{ .Values.prometheus.server.podDisruptionBudget.maxUnavailable }} + selector: + matchLabels: + {{- include "prometheus.server.labels" . | nindent 6 }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-pvc.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-pvc.yaml new file mode 100644 index 0000000000..301a33e1a1 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-pvc.yaml @@ -0,0 +1,37 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.enabled -}} +{{- if not .Values.prometheus.server.statefulSet.enabled -}} +{{- if .Values.prometheus.server.persistentVolume.enabled -}} +{{- if not .Values.prometheus.server.persistentVolume.existingClaim -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + {{- if .Values.prometheus.server.persistentVolume.annotations }} + annotations: +{{ toYaml .Values.prometheus.server.persistentVolume.annotations | indent 4 }} + {{- end }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + accessModes: +{{ toYaml .Values.prometheus.server.persistentVolume.accessModes | indent 4 }} +{{- if .Values.prometheus.server.persistentVolume.storageClass }} +{{- if (eq "-" .Values.prometheus.server.persistentVolume.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.prometheus.server.persistentVolume.storageClass }}" +{{- end }} +{{- end }} +{{- if .Values.prometheus.server.persistentVolume.volumeBindingMode }} + volumeBindingModeName: "{{ .Values.prometheus.server.persistentVolume.volumeBindingMode }}" +{{- end }} + resources: + requests: + storage: "{{ .Values.prometheus.server.persistentVolume.size }}" +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-service-headless.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-service-headless.yaml new file mode 100644 index 0000000000..019803d30c --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-service-headless.yaml @@ -0,0 +1,29 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.enabled -}} +{{- if .Values.prometheus.server.statefulSet.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.prometheus.server.statefulSet.headless.annotations }} + annotations: +{{ toYaml .Values.prometheus.server.statefulSet.headless.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} +{{- if .Values.prometheus.server.statefulSet.headless.labels }} +{{ toYaml .Values.prometheus.server.statefulSet.headless.labels | indent 4 }} +{{- end }} + name: {{ template "prometheus.server.fullname" . }}-headless + namespace: {{ .Release.Namespace }} +spec: + clusterIP: None + ports: + - name: http + port: {{ .Values.prometheus.server.statefulSet.headless.servicePort }} + protocol: TCP + targetPort: 9090 + selector: + {{- include "prometheus.server.matchLabels" . | nindent 4 }} +{{- end -}} +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-service.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-service.yaml new file mode 100644 index 0000000000..69f093c38e --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-service.yaml @@ -0,0 +1,62 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.prometheus.server.service.annotations }} + annotations: +{{ toYaml .Values.prometheus.server.service.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} +{{- if .Values.prometheus.server.service.labels }} +{{ toYaml .Values.prometheus.server.service.labels | indent 4 }} +{{- end }} + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: +{{- if .Values.prometheus.server.service.clusterIP }} + clusterIP: {{ .Values.prometheus.server.service.clusterIP }} +{{- end }} +{{- if .Values.prometheus.server.service.externalIPs }} + externalIPs: +{{ toYaml .Values.prometheus.server.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.prometheus.server.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheus.server.service.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheus.server.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheus.server.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: http + port: {{ .Values.prometheus.server.service.servicePort }} + protocol: TCP + targetPort: 9090 + {{- if .Values.prometheus.server.service.nodePort }} + nodePort: {{ .Values.prometheus.server.service.nodePort }} + {{- end }} + {{- if .Values.prometheus.server.service.gRPC.enabled }} + - name: grpc + port: {{ .Values.prometheus.server.service.gRPC.servicePort }} + protocol: TCP + targetPort: 10901 + {{- if .Values.prometheus.server.service.gRPC.nodePort }} + nodePort: {{ .Values.prometheus.server.service.gRPC.nodePort }} + {{- end }} + {{- end }} + selector: + {{- if and .Values.prometheus.server.statefulSet.enabled .Values.prometheus.server.service.statefulsetReplica.enabled }} + statefulset.kubernetes.io/pod-name: {{ .Release.Name }}-{{ .Values.prometheus.server.name }}-{{ .Values.prometheus.server.service.statefulsetReplica.replica }} + {{- else -}} + {{- include "prometheus.server.matchLabels" . | nindent 4 }} +{{- if .Values.prometheus.server.service.sessionAffinity }} + sessionAffinity: {{ .Values.prometheus.server.service.sessionAffinity }} +{{- end }} + {{- end }} + type: "{{ .Values.prometheus.server.service.type }}" +{{- end -}} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-serviceaccount.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-serviceaccount.yaml new file mode 100644 index 0000000000..17ee234bb0 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-serviceaccount.yaml @@ -0,0 +1,17 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.enabled -}} +{{- if .Values.prometheus.serviceAccounts.server.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + name: {{ template "prometheus.serviceAccountName.server" . }} + namespace: {{ .Release.Namespace }} + {{- with .Values.prometheus.serviceAccounts.server.annotations }} + annotations: + {{- . | toYaml | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-statefulset.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-statefulset.yaml new file mode 100644 index 0000000000..aba286811f --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-statefulset.yaml @@ -0,0 +1,227 @@ +{{ if .Values.global.prometheus.enabled }} +{{- if .Values.prometheus.server.enabled -}} +{{- if .Values.prometheus.server.statefulSet.enabled -}} +apiVersion: apps/v1 +kind: StatefulSet +metadata: +{{- if .Values.prometheus.server.statefulSet.annotations }} + annotations: +{{ toYaml .Values.prometheus.server.statefulSet.annotations | indent 4 }} +{{- end }} + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.server.statefulSet.labels}} + {{ toYaml .Values.prometheus.server.statefulSet.labels | nindent 4 }} + {{- end}} + name: {{ template "prometheus.server.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + serviceName: {{ template "prometheus.server.fullname" . }}-headless + selector: + matchLabels: + {{- include "prometheus.server.matchLabels" . | nindent 6 }} + replicas: {{ .Values.prometheus.server.replicaCount }} + podManagementPolicy: {{ .Values.prometheus.server.statefulSet.podManagementPolicy }} + template: + metadata: + {{- if .Values.prometheus.server.podAnnotations }} + annotations: +{{ toYaml .Values.prometheus.server.podAnnotations | indent 8 }} + {{- end }} + labels: + {{- include "prometheus.server.labels" . | nindent 8 }} + {{- with .Values.global.additionalLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.server.statefulSet.labels}} + {{ toYaml .Values.prometheus.server.statefulSet.labels | nindent 8 }} + {{- end}} + spec: +{{- if .Values.prometheus.server.priorityClassName }} + priorityClassName: "{{ .Values.prometheus.server.priorityClassName }}" +{{- end }} +{{- if .Values.prometheus.server.schedulerName }} + schedulerName: "{{ .Values.prometheus.server.schedulerName }}" +{{- end }} + serviceAccountName: {{ template "prometheus.serviceAccountName.server" . }} + containers: + {{- if .Values.prometheus.configmapReload.prometheus.enabled }} + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.server.name }}-{{ .Values.prometheus.configmapReload.prometheus.name }} + image: "{{ .Values.prometheus.configmapReload.prometheus.image.repository }}:{{ .Values.prometheus.configmapReload.prometheus.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.configmapReload.prometheus.image.pullPolicy }}" + args: + - --watched-dir=/etc/config + - --reload-url=http://127.0.0.1:9090{{ .Values.prometheus.server.prefixURL }}/-/reload + {{- range $key, $value := .Values.prometheus.configmapReload.prometheus.extraArgs }} + - --{{ $key }}={{ $value }} + {{- end }} + {{- range .Values.prometheus.configmapReload.prometheus.extraVolumeDirs }} + - --watched-dir={{ . }} + {{- end }} + resources: +{{ toYaml .Values.prometheus.configmapReload.prometheus.resources | indent 12 }} + volumeMounts: + - name: config-volume + mountPath: /etc/config + readOnly: true + {{- range .Values.prometheus.configmapReload.prometheus.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.configmapReload.prometheus.name }}-{{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- end }} + - name: {{ template "prometheus.name" . }}-{{ .Values.prometheus.server.name }} + image: "{{ .Values.prometheus.server.image.repository }}:{{ .Values.prometheus.server.image.tag }}" + imagePullPolicy: "{{ .Values.prometheus.server.image.pullPolicy }}" + {{- if .Values.prometheus.server.env }} + env: +{{ toYaml .Values.prometheus.server.env | indent 12}} + {{- end }} + args: + {{- if .Values.prometheus.server.retention }} + - --storage.tsdb.retention.time={{ .Values.prometheus.server.retention }} + {{- end }} + - --config.file={{ .Values.prometheus.server.configPath }} + - --storage.tsdb.path={{ .Values.prometheus.server.persistentVolume.mountPath }} + - --web.console.libraries=/etc/prometheus/console_libraries + - --web.console.templates=/etc/prometheus/consoles + {{- range .Values.prometheus.server.extraFlags }} + - --{{ . }} + {{- end }} + {{- range $key, $value := .Values.prometheus.server.extraArgs }} + - --{{ $key }}={{ $value }} + {{- end }} + {{- if .Values.prometheus.server.baseURL }} + - --web.external-url={{ .Values.prometheus.server.baseURL }} + {{- end }} + ports: + - containerPort: 9090 + readinessProbe: + httpGet: + path: {{ .Values.prometheus.server.prefixURL }}/-/ready + port: 9090 + initialDelaySeconds: {{ .Values.prometheus.server.readinessProbeInitialDelay }} + timeoutSeconds: {{ .Values.prometheus.server.readinessProbeTimeout }} + livenessProbe: + httpGet: + path: {{ .Values.prometheus.server.prefixURL }}/-/healthy + port: 9090 + initialDelaySeconds: {{ .Values.prometheus.server.livenessProbeInitialDelay }} + timeoutSeconds: {{ .Values.prometheus.server.livenessProbeTimeout }} + resources: +{{ toYaml .Values.prometheus.server.resources | indent 12 }} + volumeMounts: + - name: config-volume + mountPath: /etc/config + - name: storage-volume + mountPath: {{ .Values.prometheus.server.persistentVolume.mountPath }} + subPath: "{{ .Values.prometheus.server.persistentVolume.subPath }}" + {{- range .Values.prometheus.server.extraHostPathMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.prometheus.server.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.server.name }}-{{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.prometheus.server.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- if .Values.prometheus.server.extraVolumeMounts }} + {{ toYaml .Values.prometheus.server.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- if .Values.prometheus.server.sidecarContainers }} + {{- toYaml .Values.prometheus.server.sidecarContainers | nindent 8 }} + {{- end }} + {{- if .Values.prometheus.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.prometheus.imagePullSecrets | indent 2 }} + {{- end }} + {{- if .Values.prometheus.server.nodeSelector }} + nodeSelector: +{{ toYaml .Values.prometheus.server.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.prometheus.server.securityContext }} + securityContext: +{{ toYaml .Values.prometheus.server.securityContext | indent 8 }} + {{- end }} + {{- if .Values.prometheus.server.tolerations }} + tolerations: +{{ toYaml .Values.prometheus.server.tolerations | indent 8 }} + {{- end }} + {{- if .Values.prometheus.server.affinity }} + affinity: +{{ toYaml .Values.prometheus.server.affinity | indent 8 }} + {{- end }} + terminationGracePeriodSeconds: {{ .Values.prometheus.server.terminationGracePeriodSeconds }} + volumes: + - name: config-volume + configMap: + name: {{ if .Values.prometheus.server.configMapOverrideName }}{{ .Release.Name }}-{{ .Values.prometheus.server.configMapOverrideName }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }} + {{- range .Values.prometheus.server.extraHostPathMounts }} + - name: {{ .name }} + hostPath: + path: {{ .hostPath }} + {{- end }} + {{- range .Values.prometheus.configmapReload.prometheus.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.configmapReload.prometheus.name }}-{{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.prometheus.server.extraConfigmapMounts }} + - name: {{ $.Values.prometheus.server.name }}-{{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} + {{- range .Values.prometheus.server.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + {{- range .Values.prometheus.configmapReload.prometheus.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + {{- end }} +{{- if .Values.prometheus.server.extraVolumes }} +{{ toYaml .Values.prometheus.server.extraVolumes | indent 8}} +{{- end }} +{{- if .Values.prometheus.server.persistentVolume.enabled }} + volumeClaimTemplates: + - metadata: + name: storage-volume + {{- if .Values.prometheus.server.persistentVolume.annotations }} + annotations: +{{ toYaml .Values.prometheus.server.persistentVolume.annotations | indent 10 }} + {{- end }} + spec: + accessModes: +{{ toYaml .Values.prometheus.server.persistentVolume.accessModes | indent 10 }} + resources: + requests: + storage: "{{ .Values.prometheus.server.persistentVolume.size }}" + {{- if .Values.prometheus.server.persistentVolume.storageClass }} + {{- if (eq "-" .Values.prometheus.server.persistentVolume.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.prometheus.server.persistentVolume.storageClass }}" + {{- end }} + {{- end }} +{{- else }} + - name: storage-volume + emptyDir: {} +{{- end }} +{{- end }} +{{- end }} +{{ end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-vpa.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-vpa.yaml new file mode 100644 index 0000000000..25a61f2532 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/prometheus-server-vpa.yaml @@ -0,0 +1,22 @@ +{{- if and (.Values.global.prometheus.enabled) (.Values.prometheus.server.enabled) (.Values.prometheus.server.verticalAutoscaler.enabled) }} +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + labels: + {{- include "prometheus.server.labels" . | nindent 4 }} + name: {{ template "prometheus.server.fullname" . }}-vpa + namespace: {{ .Release.Namespace }} +spec: + targetRef: + apiVersion: apps/v1 +{{- if .Values.prometheus.server.statefulSet.enabled }} + kind: StatefulSet +{{- else }} + kind: Deployment +{{- end }} + name: {{ template "prometheus.server.fullname" . }} + updatePolicy: + updateMode: {{ .Values.prometheus.server.verticalAutoscaler.updateMode | default "Off" | quote }} + resourcePolicy: + containerPolicies: {{ .Values.prometheus.server.verticalAutoscaler.containerPolicies | default list | toYaml | trim | nindent 4 }} +{{- end }} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/savings-recommendations-allowlists-config-map-template.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/savings-recommendations-allowlists-config-map-template.yaml new file mode 100644 index 0000000000..ebd49b62a9 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/savings-recommendations-allowlists-config-map-template.yaml @@ -0,0 +1,12 @@ +{{- if .Values.kubecostProductConfigs }} +{{- if .Values.kubecostProductConfigs.savingsRecommendationsAllowLists }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: "savings-recommendations-instance-allow-lists" + namespace: {{ .Release.Namespace }} + labels: {{ include "cost-analyzer.commonLabels" . | nindent 4 }} +data: + allow-lists.json: '{{ toJson .Values.kubecostProductConfigs.savingsRecommendationsAllowLists }}' +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/tests/_helpers.tpl b/charts/kubecost/cost-analyzer/2.4.0/templates/tests/_helpers.tpl new file mode 100644 index 0000000000..8c1e53a560 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/tests/_helpers.tpl @@ -0,0 +1,5 @@ +{{/* vim: set filetype=mustache: */}} + +{{- define "kubecost.test.annotations" -}} +helm.sh/hook: test +{{- end -}} diff --git a/charts/kubecost/cost-analyzer/2.4.0/templates/tests/basic-health.yaml b/charts/kubecost/cost-analyzer/2.4.0/templates/tests/basic-health.yaml new file mode 100644 index 0000000000..e092b54fd2 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/templates/tests/basic-health.yaml @@ -0,0 +1,48 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: basic-health + namespace: {{ .Release.Namespace }} + annotations: + {{- include "kubecost.test.annotations" . | nindent 4 }} + labels: + app: basic-health + app.kubernetes.io/name: basic-health + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + automountServiceAccountToken: false + restartPolicy: Never + securityContext: + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 1000 + runAsGroup: 3000 + fsGroup: 2000 + containers: + - name: test-kubecost + image: alpine/k8s:1.26.9 + securityContext: + privileged: false + capabilities: + drop: + - ALL + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + command: + - /bin/sh + args: + - -c + - >- + svc="{{ .Release.Name }}-cost-analyzer"; + echo Getting current Kubecost state.; + response=$(curl -sL http://${svc}:9090/model/getConfigs); + code=$(echo ${response} | jq .code); + if [ "$code" -eq 200 ]; then + echo "Got Kubecost working configuration. Successful." + exit 0 + else + echo "Failed to fetch Kubecost configuration. Response was $response" + exit 1 + fi diff --git a/charts/kubecost/cost-analyzer/2.4.0/values-amp.yaml b/charts/kubecost/cost-analyzer/2.4.0/values-amp.yaml new file mode 100644 index 0000000000..4242ba3002 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/values-amp.yaml @@ -0,0 +1,20 @@ +global: + amp: + enabled: true + prometheusServerEndpoint: http://localhost:8005/workspaces/$ + remoteWriteService: https://aps-workspaces.us-west-2.amazonaws.com/workspaces/$/api/v1/remote_write + sigv4: + region: us-west-2 + +sigV4Proxy: + region: us-west-2 + host: aps-workspaces.us-west-2.amazonaws.com + +kubecostProductConfigs: + clusterName: AWS-cluster-one + +prometheus: + server: + global: + external_labels: + cluster_id: AWS-cluster-one \ No newline at end of file diff --git a/charts/kubecost/cost-analyzer/2.4.0/values-cloud-agent.yaml b/charts/kubecost/cost-analyzer/2.4.0/values-cloud-agent.yaml new file mode 100644 index 0000000000..3f24369253 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/values-cloud-agent.yaml @@ -0,0 +1,45 @@ +# Kubecost running as an Agent is designed for external hosting. The current setup deploys a +# kubecost-agent pod and prometheus server +global: + thanos: + enabled: false + grafana: + enabled: false + proxy: false + +# Cloud Agent enables specific features designed to enhance the metrics exporter deployment +# with enhancements designed for Kubecost Cloud +cloudAgent: true +cloudAgentKey: "" + +# No Grafana configuration is required. +grafana: + sidecar: + dashboards: + enabled: false + datasources: + defaultDatasourceEnabled: false + +# Exporter Pod +kubecostMetrics: + exporter: + enabled: true + exportClusterInfo: false + exportClusterCache: false + +# Disable KSM and NodeExporter (?) +prometheus: + nodeExporter: + enabled: false + extraScrapeConfigs: | + - job_name: kubecost-cloud-agent + honor_labels: true + scrape_interval: 1m + scrape_timeout: 60s + metrics_path: /metrics + scheme: http + dns_sd_configs: + - names: + - {{ .Release.Name }}-cloud-agent + type: 'A' + port: 9005 diff --git a/charts/kubecost/cost-analyzer/2.4.0/values-custom-pricing.yaml b/charts/kubecost/cost-analyzer/2.4.0/values-custom-pricing.yaml new file mode 100644 index 0000000000..82a0c55408 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/values-custom-pricing.yaml @@ -0,0 +1,17 @@ +pricingCsv: + enabled: true + location: + URI: /var/kubecost-csv/custom-pricing.csv # local configMap or s3://bucket/path/custom-pricing.csv + # provider: "AWS" + # region: "us-east-1" + # URI: s3://kc-csv-test/pricing_schema.csv # a valid file URI + # csvAccessCredentials: pricing-schema-access-secret + +# when using configmap: kubectl create configmap -n kubecost csv-pricing --from-file custom-pricing.csv +extraVolumes: +- name: kubecost-csv + configMap: + name: csv-pricing +extraVolumeMounts: +- name: kubecost-csv + mountPath: /var/kubecost-csv diff --git a/charts/kubecost/cost-analyzer/2.4.0/values-eks-cost-monitoring.yaml b/charts/kubecost/cost-analyzer/2.4.0/values-eks-cost-monitoring.yaml new file mode 100644 index 0000000000..c4027687e5 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/values-eks-cost-monitoring.yaml @@ -0,0 +1,44 @@ +# grafana is disabled by default, but can be enabled by setting the following values. +# or proxy to an existing grafana: https://docs.kubecost.com/install-and-configure/advanced-configuration/custom-grafana +global: + grafana: + enabled: false + proxy: false +# grafana: +# image: +# repository: YOUR_REGISTRY/grafana +# sidecar: +# image: +# repository: YOUR_REGISTRY/k8s-sidecar + +kubecostFrontend: + image: public.ecr.aws/kubecost/frontend + +kubecostModel: + image: public.ecr.aws/kubecost/cost-model + +forecasting: + fullImageName: public.ecr.aws/kubecost/kubecost-modeling:v0.1.16 + +networkCosts: + image: + repository: public.ecr.aws/kubecost/kubecost-network-costs + tag: v0.17.6 + +clusterController: + image: + repository: public.ecr.aws/kubecost/cluster-controller + +prometheus: + server: + image: + repository: public.ecr.aws/kubecost/prometheus + + configmapReload: + prometheus: + image: + repository: public.ecr.aws/kubecost/prometheus-config-reloader + +reporting: + productAnalytics: false + diff --git a/charts/kubecost/cost-analyzer/2.4.0/values-openshift.yaml b/charts/kubecost/cost-analyzer/2.4.0/values-openshift.yaml new file mode 100644 index 0000000000..7c8ea13b31 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/values-openshift.yaml @@ -0,0 +1,25 @@ +global: + # Platforms is a higher-level abstraction for platform-specific values and settings. + platforms: + # Deploying to OpenShift (OCP) requires enabling this option. + openshift: + enabled: true # Deploy Kubecost to OpenShift. + route: + enabled: false # Create an OpenShift Route. + annotations: {} # Add annotations to the Route. + # host: kubecost.apps.okd4.example.com # Add a custom host for your Route. + # Create Security Context Constraint resources for the DaemonSets requiring additional privileges. + scc: + nodeExporter: false # Creates an SCC for Prometheus Node Exporter. This requires Node Exporter be enabled. + networkCosts: false # Creates an SCC for Kubecost network-costs. This requires network-costs be enabled. + # When OpenShift is enabled, the following securityContext will be applied to all resources unless they define their own. + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + +# networkCosts: +# enabled: true # Enable network costs. +# prometheus: +# nodeExporter: +# enabled: true # Enable Prometheus Node Exporter. diff --git a/charts/kubecost/cost-analyzer/2.4.0/values-windows-node-affinity.yaml b/charts/kubecost/cost-analyzer/2.4.0/values-windows-node-affinity.yaml new file mode 100644 index 0000000000..5770f0c128 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/values-windows-node-affinity.yaml @@ -0,0 +1,30 @@ +kubecostMetrics: + exporter: + nodeSelector: + kubernetes.io/os: linux + +nodeSelector: + kubernetes.io/os: linux + +networkCosts: + nodeSelector: + kubernetes.io/os: linux + +prometheus: + server: + nodeSelector: + kubernetes.io/os: linux + nodeExporter: + enabled: true + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/os + operator: In + values: + - linux +grafana: + nodeSelector: + kubernetes.io/os: linux diff --git a/charts/kubecost/cost-analyzer/2.4.0/values.yaml b/charts/kubecost/cost-analyzer/2.4.0/values.yaml new file mode 100644 index 0000000000..2fa5b39f51 --- /dev/null +++ b/charts/kubecost/cost-analyzer/2.4.0/values.yaml @@ -0,0 +1,3552 @@ +global: + # zone: cluster.local (use only if your DNS server doesn't live in the same zone as kubecost) + prometheus: + enabled: true # Kubecost depends on Prometheus data, it is not optional. When enabled: false, Prometheus will not be installed and you must configure your own Prometheus to scrape kubecost as well as provide the fqdn below. -- Warning: Before changing this setting, please read to understand the risks https://docs.kubecost.com/install-and-configure/install/custom-prom + fqdn: http://cost-analyzer-prometheus-server.default.svc # example address of a prometheus to connect to. Include protocol (http:// or https://) Ignored if enabled: true + # insecureSkipVerify: false # If true, kubecost will not check the TLS cert of prometheus + # queryServiceBasicAuthSecretName: dbsecret # kubectl create secret generic dbsecret -n kubecost --from-file=USERNAME --from-file=PASSWORD + # queryServiceBearerTokenSecretName: mcdbsecret # kubectl create secret generic mcdbsecret -n kubecost --from-file=TOKEN + + grafana: + enabled: true # If false, Grafana will not be installed + domainName: cost-analyzer-grafana.default.svc # example grafana domain Ignored if enabled: true + scheme: "http" # http or https, for the domain name above. + proxy: true # If true, the kubecost frontend will route to your grafana through its service endpoint + # fqdn: cost-analyzer-grafana.default.svc + + # Enable only when you are using GCP Marketplace ENT listing. Learn more at https://console.cloud.google.com/marketplace/product/kubecost-public/kubecost-ent + gcpstore: + enabled: false + + # Google Cloud Managed Service for Prometheus + gmp: + # Remember to set up these parameters when install the Kubecost Helm chart with `global.gmp.enabled=true` if you want to use GMP self-deployed collection (Recommended) to utilize Kubecost scrape configs. + # If enabling GMP, it is highly recommended to utilize Google's distribution of Prometheus. + # Learn more at https://cloud.google.com/stackdriver/docs/managed-prometheus/setup-unmanaged + # --set prometheus.server.image.repository="gke.gcr.io/prometheus-engine/prometheus" \ + # --set prometheus.server.image.tag="v2.35.0-gmp.2-gke.0" + enabled: false # If true, kubecost will be configured to use GMP Prometheus image and query from Google Cloud Managed Service for Prometheus. + prometheusServerEndpoint: http://localhost:8085/ # The prometheus service endpoint used by kubecost. The calls are forwarded through the GMP Prom proxy side car to the GMP database. + gmpProxy: + enabled: false + image: gke.gcr.io/prometheus-engine/frontend:v0.4.1-gke.0 # GMP Prometheus proxy image that serve as an endpoint to query metrics from GMP + imagePullPolicy: IfNotPresent + name: gmp-proxy + port: 8085 + projectId: YOUR_PROJECT_ID # example GCP project ID + + # Amazon Managed Service for Prometheus + amp: + enabled: false # If true, kubecost will be configured to remote_write and query from Amazon Managed Service for Prometheus. + prometheusServerEndpoint: http://localhost:8005/workspaces// # The prometheus service endpoint used by kubecost. The calls are forwarded through the SigV4Proxy side car to the AMP workspace. + remoteWriteService: https://aps-workspaces.us-west-2.amazonaws.com/workspaces//api/v1/remote_write # The remote_write endpoint for the AMP workspace. + sigv4: + region: us-west-2 + # access_key: ACCESS_KEY # AWS Access key + # secret_key: SECRET_KEY # AWS Secret key + # role_arn: ROLE_ARN # AWS role arn + # profile: PROFILE # AWS profile + + # Mimir Proxy to help Kubecost to query metrics from multi-tenant Grafana Mimir. + # Set `global.mimirProxy.enabled=true` and `global.prometheus.enabled=false` to enable Mimir Proxy. + # You also need to set `global.prometheus.fqdn=http://kubecost-cost-analyzer-mimir-proxy.kubecost.svc:8085/prometheus` + # or `global.prometheus.fqdn=http://{{ template "cost-analyzer.fullname" . }}-mimir-proxy.{{ .Release.Namespace }}.svc:8085/prometheus' + # Learn more at https://grafana.com/docs/mimir/latest/operators-guide/secure/authentication-and-authorization/#without-an-authenticating-reverse-proxy + mimirProxy: + enabled: false + name: mimir-proxy + image: nginxinc/nginx-unprivileged + port: 8085 + mimirEndpoint: $mimir_endpoint # Your Mimir query endpoint. If your Mimir query endpoint is http://example.com/prometheus, replace $mimir_endpoint with http://example.com/ + orgIdentifier: $your_tenant_ID # Your Grafana Mimir tenant ID + # basicAuth: + # username: user + # password: pwd + + # Azure Monitor Managed Service for Prometheus + # See https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/azure-monitor/essentials/prometheus-metrics-overview.md for information + # and https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/prometheus-remote-write-virtual-machines for more information on setting this up + ammsp: + enabled: false + prometheusServerEndpoint: http://localhost:8081/ + remoteWriteService: $ + queryEndpoint: $ + + aadAuthProxy: + enabled: false + # per https://github.com/Azure/aad-auth-proxy/releases/tag/0.1.0-main-04-10-2024-7067ac84 + image: $ # Example: mcr.microsoft.com/azuremonitor/auth-proxy/prod/aad-auth-proxy/images/aad-auth-proxy:0.1.0-main-04-10-2024-7067ac84 + imagePullPolicy: IfNotPresent + name: aad-auth-proxy + port: 8081 + audience: https://prometheus.monitor.azure.com/.default + identityType: userAssigned + aadClientId: $ + aadTenantId: $ + + notifications: + # Kubecost alerting configuration + # Ref: http://docs.kubecost.com/alerts + # alertConfigs: + # frontendUrl: http://localhost:9090 # optional, used for linkbacks + # globalSlackWebhookUrl: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX # optional, used for Slack alerts + # globalMsTeamsWebhookUrl: https://xxxxx.webhook.office.com/webhookb2/XXXXXXXXXXXXXXXXXXXXXXXX/IncomingWebhook/XXXXXXXXXXXXXXXXXXXXXXXX # optional, used for Microsoft Teams alerts + # globalAlertEmails: + # - recipient@example.com + # - additionalRecipient@example.com + # globalEmailSubject: Custom Subject + # Alerts generated by kubecost, about cluster data + # alerts: + # Daily namespace budget alert on namespace `kubecost` + # - type: budget # supported: budget, recurringUpdate + # threshold: 50 # optional, required for budget alerts + # window: daily # or 1d + # aggregation: namespace + # filter: kubecost + # ownerContact: # optional, overrides globalAlertEmails default + # - owner@example.com + # - owner2@example.com + # # optional, used for alert-specific Slack and Microsoft Teams alerts + # slackWebhookUrl: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX + # msTeamsWebhookUrl: https://xxxxx.webhook.office.com/webhookb2/XXXXXXXXXXXXXXXXXXXXXXXX/IncomingWebhook/XXXXXXXXXXXXXXXXXXXXXXXX + + # Daily cluster budget alert on cluster `cluster-one` + # - type: budget + # threshold: 200.8 # optional, required for budget alerts + # window: daily # or 1d + # aggregation: cluster + # filter: cluster-one # does not accept csv + + # Recurring weekly update (weeklyUpdate alert) + # - type: recurringUpdate + # window: weekly # or 7d + # aggregation: namespace + # filter: '*' + + # Recurring weekly namespace update on kubecost namespace + # - type: recurringUpdate + # window: weekly # or 7d + # aggregation: namespace + # filter: kubecost + + # Spend Change Alert + # - type: spendChange # change relative to moving avg + # relativeThreshold: 0.20 # Proportional change relative to baseline. Must be greater than -1 (can be negative) + # window: 1d # accepts ‘d’, ‘h’ + # baselineWindow: 30d # previous window, offset by window + # aggregation: namespace + # filter: kubecost, default # accepts csv + + # Health Score Alert + # - type: health # Alerts when health score changes by a threshold + # window: 10m + # threshold: 5 # Send Alert if health scores changes by 5 or more + + # Kubecost Health Diagnostic + # - type: diagnostic # Alerts when kubecost is unable to compute costs - ie: Prometheus unreachable + # window: 10m + + alertmanager: # Supply an alertmanager FQDN to receive notifications from the app. + enabled: false # If true, allow kubecost to write to your alertmanager + fqdn: http://cost-analyzer-prometheus-server.default.svc # example fqdn. Ignored if prometheus.enabled: true + + # Set saved Cost Allocation report(s) accessible from /reports + # Ref: http://docs.kubecost.com/saved-reports + savedReports: + enabled: false # If true, overwrites report parameters set through UI + reports: + - title: "Example Saved Report 0" + window: "today" + aggregateBy: "namespace" + chartDisplay: "category" + idle: "separate" + rate: "cumulative" + accumulate: false # daily resolution + filters: # Ref: https://docs.kubecost.com/apis/filters-api + - key: "cluster" # Ref: https://docs.kubecost.com/apis/filters-api#allocation-apis-request-sizing-v2-api + operator: ":" # Ref: https://docs.kubecost.com/apis/filters-api#filter-operators + value: "dev" + - title: "Example Saved Report 1" + window: "month" + aggregateBy: "controllerKind" + chartDisplay: "category" + idle: "share" + rate: "monthly" + accumulate: false + filters: # Ref: https://docs.kubecost.com/apis/filters-api + - key: "namespace" # Ref: https://docs.kubecost.com/apis/filters-api#allocation-apis-request-sizing-v2-api + operator: "!:" # Ref: https://docs.kubecost.com/apis/filters-api#filter-operators + value: "kubecost" + - title: "Example Saved Report 2" + window: "2020-11-11T00:00:00Z,2020-12-09T23:59:59Z" + aggregateBy: "service" + chartDisplay: "category" + idle: "hide" + rate: "daily" + accumulate: true # entire window resolution + filters: [] # if no filters, specify empty array + + # Set saved Asset report(s) accessible from /reports + # Ref: http://docs.kubecost.com/saved-reports + assetReports: + enabled: false # If true, overwrites report parameters set through UI + reports: + - title: "Example Asset Report 0" + window: "today" + aggregateBy: "type" + accumulate: false # daily resolution + filters: + - property: "cluster" + value: "cluster-one" + + # Set saved Cloud Cost report(s) accessible from /reports + # Ref: http://docs.kubecost.com/saved-reports + cloudCostReports: + enabled: false # If true, overwrites report parameters set through UI + reports: + - title: "Cloud Cost Report 0" + window: "today" + aggregateBy: "service" + accumulate: false # daily resolution + # filters: + # - property: "service" + # value: "service1" # corresponds to a value to filter cloud cost aggregate by service data on. + + podAnnotations: {} + # iam.amazonaws.com/role: role-arn + + # Applies these labels to all Deployments, StatefulSets, DaemonSets, and their pod templates. + additionalLabels: {} + + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + fsGroup: 1001 + runAsGroup: 1001 + runAsUser: 1001 + fsGroupChangePolicy: OnRootMismatch + containerSecurityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + + # Platforms is a higher-level abstraction for platform-specific values and settings. + platforms: + # Deploying to OpenShift (OCP) requires enabling this option. + openshift: + enabled: false # Deploy Kubecost to OpenShift. + route: + enabled: false # Create an OpenShift Route. + annotations: {} # Add annotations to the Route. + # host: kubecost.apps.okd4.example.com # Add a custom host for your Route. + # Create Security Context Constraint resources for the DaemonSets requiring additional privileges. + scc: + nodeExporter: false # Creates an SCC for Prometheus Node Exporter. This requires Node Exporter be enabled. + networkCosts: false # Creates an SCC for Kubecost network-costs. This requires network-costs be enabled. + # When OpenShift is enabled, the following securityContext will be applied to all resources unless they define their own. + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + # Set options for deploying with CI/CD tools like Argo CD. + cicd: + enabled: false # Set to true when using affected CI/CD tools for access to the below configuration options. + skipSanityChecks: false # If true, skip all sanity/existence checks for resources like Secrets. + + ## Kubecost Integrations + ## Ref: https://docs.kubecost.com/integrations + ## + integrations: + postgres: + enabled: false + runInterval: "12h" # How frequently to run the integration. + databaseHost: "" # REQUIRED. ex: my.postgres.database.azure.com + databasePort: "" # REQUIRED. ex: 5432 + databaseName: "" # REQUIRED. ex: postgres + databaseUser: "" # REQUIRED. ex: myusername + databasePassword: "" # REQUIRED. ex: mypassword + databaseSecretName: "" # OPTIONAL. Specify your own k8s secret containing the above credentials. Must have key "creds.json". + + ## Configure what Postgres table to write to, and what parameters to pass + ## when querying Kubecost's APIs. Ensure all parameters are enclosed in + ## quotes. Ref: https://docs.kubecost.com/apis/apis-overview + queryConfigs: + allocations: [] + # - databaseTable: "kubecost_allocation_data" + # window: "7d" + # aggregate: "namespace" + # idle: "true" + # shareIdle: "true" + # shareNamespaces: "kubecost,kube-system" + # shareLabels: "" + # - databaseTable: "kubecost_allocation_data_by_cluster" + # window: "10d" + # aggregate: "cluster" + # idle: "true" + # shareIdle: "false" + # shareNamespaces: "" + # shareLabels: "" + assets: [] + # - databaseTable: "kubecost_assets_data" + # window: "7d" + # aggregate: "cluster" + cloudCosts: [] + # - databaseTable: "kubecost_cloudcosts_data" + # window: "7d" + # aggregate: "service" + +## Provide a name override for the chart. +# nameOverride: "" +## Provide a full name override option for the chart. +# fullnameOverride: "" + +## This flag is only required for users upgrading to a new version of Kubecost. +## The flag is used to ensure users are aware of important +## (potentially breaking) changes included in the new version. +## +upgrade: + toV2: false + +# generated at http://kubecost.com/install, used for alerts tracking and free trials +kubecostToken: # "" + +# Advanced pipeline for custom prices, enterprise key required +pricingCsv: + enabled: false + location: + provider: "AWS" + region: "us-east-1" + URI: s3://kc-csv-test/pricing_schema.csv # a valid file URI + csvAccessCredentials: pricing-schema-access-secret + +# SAML integration for user management and RBAC, enterprise key required +# Ref: https://github.com/kubecost/docs/blob/main/user-management.md +saml: + enabled: false + # secretName: "kubecost-authzero" + # metadataSecretName: "kubecost-authzero-metadata" # One of metadataSecretName or idpMetadataURL must be set. defaults to metadataURL if set + # idpMetadataURL: "https://dev-elu2z98r.auth0.com/samlp/metadata/c6nY4M37rBP0qSO1IYIqBPPyIPxLS8v2" + # appRootURL: "http://localhost:9090" # sample URL + # authTimeout: 1440 # number of minutes the JWT will be valid + # redirectURL: "https://dev-elu2z98r.auth0.com/v2/logout" # callback URL redirected to after logout + # audienceURI: "http://localhost:9090" # by convention, the same as the appRootURL, but any string uniquely identifying kubecost to your samp IDP. Optional if you follow the convention + # nameIDFormat: "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" If your SAML provider requires a specific nameid format + # isGLUUProvider: false # An additional URL parameter must be appended for GLUU providers + # encryptionCertSecret: "kubecost-saml-cert" # k8s secret where the x509 certificate used to encrypt an Okta saml response is stored + # decryptionKeySecret: "kubecost-sank-decryption-key" # k8s secret where the private key associated with the encryptionCertSecret is stored + # authSecret: "random-string" # value of SAML secret used to issue tokens, will be autogenerated as random string if not provided + # authSecretName: "kubecost-saml-secret" # name of k8s secret where the authSecret will be stored, defaults to "kubecost-saml-secret" if not provided + rbac: + enabled: false + # groups: + # - name: admin + # enabled: false # if admin is disabled, all SAML users will be able to make configuration changes to the kubecost frontend + # assertionName: "http://schemas.auth0.com/userType" # a SAML Assertion, one of whose elements has a value that matches on of the values in assertionValues + # assertionValues: + # - "admin" + # - "superusers" + # - name: readonly + # enabled: false # if readonly is disabled, all users authorized on SAML will default to readonly + # assertionName: "http://schemas.auth0.com/userType" + # assertionValues: + # - "readonly" + # - name: editor + # enabled: true # if editor is enabled, editors will be allowed to edit reports/alerts scoped to them, and act as readers otherwise. Users will never default to editor. + # assertionName: "http://schemas.auth0.com/userType" + # assertionValues: + # - "editor" + +oidc: + enabled: false + clientID: "" # application/client client_id parameter obtained from provider, used to make requests to server + clientSecret: "" # application/client client_secret parameter obtained from provider, used to make requests to server + # secretName: "kubecost-oidc-secret" # k8s secret where clientsecret will be stored + # For use to provide a custom OIDC Secret. Overrides the usage of oidc.clientSecret and oidc.secretName. + # Should contain the field directly. + # Can be created using raw k8s secrets, external secrets, sealed secrets, or any other method. + existingCustomSecret: + enabled: false + name: "" # name of the secret containing the client secret + + # authURL: "https://my.auth.server/authorize" # endpoint for login to auth server + # loginRedirectURL: "http://my.kubecost.url/model/oidc/authorize" # Kubecost url configured in provider for redirect after authentication + # discoveryURL: "https://my.auth.server/.well-known/openid-configuration" # url for OIDC endpoint discovery + skipOnlineTokenValidation: false # if true, will skip accessing OIDC introspection endpoint for online token verification, and instead try to locally validate JWT claims + useClientSecretPost: false # if true, client secret will specifically only use client_secret_post method, otherwise it will attempt to send the secret in both the header and the body. + # hostedDomain: "example.com" # optional, blocks access to the auth domain specified in the hd claim of the provider ID token + rbac: + enabled: false + # groups: + # - name: admin + # enabled: false # if admin is disabled, all authenticated users will be able to make configuration changes to the kubecost frontend + # claimName: "roles" # Kubecost matches this string against the JWT's payload key containing RBAC info (this value is unique across identity providers) + # claimValues: # Kubecost matches these strings with the roles created in your identity provider + # - "admin" + # - "superusers" + # - name: readonly + # enabled: false # if readonly is disabled, all authenticated users will default to readonly + # claimName: "roles" + # claimValues: + # - "readonly" + # - name: editor + # enabled: false # if editor is enabled, editors will be allowed to edit reports/alerts scoped to them, and act as readers otherwise. Users will never default to editor. + # claimName: "roles" + # claimValues: + # - "editor" + +## Adds the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables to all +## containers. Typically used in environments that have firewall rules which +## prevent kubecost from accessing cloud provider resources. +## Ref: https://www.oreilly.com/library/view/security-with-go/9781788627917/5ea6a02b-3d96-44b1-ad3c-6ab60fcbbe4f.xhtml +## +systemProxy: + enabled: false + httpProxyUrl: "" + httpsProxyUrl: "" + noProxy: "" + +# imagePullSecrets: +# - name: "image-pull-secret" + +# imageVersion uses the base image name (image:) but overrides the version +# pulled. It should be avoided. If non-default behavior is needed, use +# fullImageName for the relevant component. +# imageVersion: + +kubecostFrontend: + enabled: true + deployMethod: singlepod # haMode or singlepod - haMode is currently only supported with Enterprise tier + haReplicas: 2 # only used with haMode + image: "gcr.io/kubecost1/frontend" + imagePullPolicy: IfNotPresent + # fullImageName overrides the default image construction logic. The exact + # image provided (registry, image, tag) will be used for the frontend. + # fullImageName: + + # extraEnv: + # - name: NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE + # value: "1" + # securityContext: + # readOnlyRootFilesystem: true + resources: + requests: + cpu: "10m" + memory: "55Mi" + # limits: + # cpu: "100m" + # memory: "256Mi" + deploymentStrategy: {} + # rollingUpdate: + # maxSurge: 1 + # maxUnavailable: 1 + # type: RollingUpdate + + # Define a readiness probe for the Kubecost frontend container. + readinessProbe: + enabled: true + initialDelaySeconds: 1 + periodSeconds: 5 + failureThreshold: 6 + + # Define a liveness probe for the Kubecost frontend container. + livenessProbe: + enabled: true + initialDelaySeconds: 1 + periodSeconds: 5 + failureThreshold: 6 + ipv6: + enabled: true # disable if the cluster does not support ipv6 + # timeoutSeconds: 600 # should be rarely used, but can be increased if needed + # allow customizing nginx-conf server block + # extraServerConfig: |- + # proxy_busy_buffers_size 512k; + # proxy_buffers 4 512k; + # proxy_buffer_size 256k; + # large_client_header_buffers 4 64k; + # hideDiagnostics: false # useful if the primary is not monitored. Supported in limited environments. + # hideOrphanedResources: false # OrphanedResources works on the primary-cluster's cloud-provider only. + + # set to true to set all upstreams to use ..svc.cluster.local instead of just . + useDefaultFqdn: false +# api: +# fqdn: kubecost-api.kubecost.svc.cluster.local:9001 +# model: +# fqdn: kubecost-model.kubecost.svc.cluster.local:9003 +# forecasting: +# fqdn: kubecost-forcasting.kubecost.svc.cluster.local:5000 +# aggregator: +# fqdn: kubecost-aggregator.kubecost.svc.cluster.local:9004 +# cloudCost: +# fqdn: kubecost-cloud-cost.kubecost.svc.cluster.local:9005 +# multiClusterDiagnostics: +# fqdn: kubecost-multi-diag.kubecost.svc.cluster.local:9007 +# clusterController: +# fqdn: cluster-controller.kubecost.svc.cluster.local:9731 + +# Kubecost Metrics deploys a separate pod which will emit kubernetes specific metrics required +# by the cost-model. This pod is designed to remain active and decoupled from the cost-model itself. +# However, disabling this service/pod deployment will flag the cost-model to emit the metrics instead. +kubecostMetrics: + # emitPodAnnotations: false + # emitNamespaceAnnotations: false + # emitKsmV1Metrics: true # emit all KSM metrics in KSM v1. + # emitKsmV1MetricsOnly: false # emit only the KSM metrics missing from KSM v2. Advanced users only. + + # Optional + # The metrics exporter is a separate deployment and service (for prometheus scrape auto-discovery) + # which emits metrics cost-model relies on. Enabling this deployment also removes the KSM dependency + # from the cost-model. If the deployment is not enabled, the metrics will continue to be emitted from + # the cost-model. + exporter: + enabled: false + port: 9005 + # Adds the default Prometheus scrape annotations to the metrics exporter service. + # Set to false and use service.annotations (below) to set custom scrape annotations. + prometheusScrape: true + resources: {} + # requests: + # cpu: "200m" + # memory: "55Mi" + ## Node tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + tolerations: [] + + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + affinity: {} + + service: + annotations: {} + + # Service Monitor for Kubecost Metrics + serviceMonitor: # the kubecost included prometheus uses scrapeConfigs and does not support service monitors. The following options assume an existing prometheus that supports serviceMonitors. + enabled: false + additionalLabels: {} + metricRelabelings: [] + relabelings: [] + ## PriorityClassName + ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass + priorityClassName: "" + additionalLabels: {} + nodeSelector: {} + extraArgs: [] + +sigV4Proxy: + image: public.ecr.aws/aws-observability/aws-sigv4-proxy:latest + imagePullPolicy: IfNotPresent + name: aps + port: 8005 + region: us-west-2 # The AWS region + host: aps-workspaces.us-west-2.amazonaws.com # The hostname for AMP service. + # role_arn: arn:aws:iam:::role/role-name # The AWS IAM role to assume. + extraEnv: # Pass extra env variables to sigV4Proxy + # - name: AWS_ACCESS_KEY_ID + # value: + # - name: AWS_SECRET_ACCESS_KEY + # value: + # Optional resource requests and limits for the sigV4proxy container. + resources: {} + +kubecostModel: + image: "gcr.io/kubecost1/cost-model" + imagePullPolicy: IfNotPresent + # fullImageName overrides the default image construction logic. The exact + # image provided (registry, image, tag) will be used for cost-model. + # fullImageName: + + # securityContext: + # readOnlyRootFilesystem: true + + # Build local cost allocation cache + warmCache: false + # Run allocation ETL pipelines + etl: true + # Enable the ETL filestore backing storage + etlFileStoreEnabled: true + # The total number of days the ETL pipelines will build + # Set to 0 to disable daily ETL (not recommended) + etlDailyStoreDurationDays: 91 + # The total number of hours the ETL pipelines will build + # Set to 0 to disable hourly ETL (recommended for large environments) + # Must be < prometheus server retention, otherwise empty data may overwrite + # known-good data + etlHourlyStoreDurationHours: 49 + # For deploying kubecost in a cluster that does not self-monitor + etlReadOnlyMode: false + + ## The name of the Secret containing a bucket config for Federated storage. + ## The contents should be stored under a key named federated-store.yaml. + ## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/long-term-storage-configuration + # federatedStorageConfigSecret: federated-store + + ## Federated storage config can be supplied via a secret or the yaml block + ## below when using the block below, only a single provider is supported, + ## others are for example purposes. + ## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/long-term-storage-configuration + # federatedStorageConfig: |- + # # AWS EXAMPLE + # type: S3 + # config: + # bucket: kubecost-federated-storage-bucket + # endpoint: s3.amazonaws.com + # region: us-east-1 + # # best practice is to use pod identities to access AWS resources. Otherwise it is possible to use an access_key and secret_key + # access_key: "" + # secret_key: "" + # # AZURE EXAMPLE + # type: AZURE + # config: + # storage_account: "" + # storage_account_key: "" + # container: "" + # max_retries: 0 + # # GCP EXAMPLE + # type: GCS + # config: + # bucket: kubecost-federated-storage-bucket + # service_account: |- + # { + # "type": "service_account", + # "project_id": "...", + # "private_key_id": "...", + # "private_key": "...", + # "client_email": "...", + # "client_id": "...", + # "auth_uri": "https://accounts.google.com/o/oauth2/auth", + # "token_uri": "https://oauth2.googleapis.com/token", + # "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", + # "client_x509_cert_url": "" + # } + + # Installs Kubecost/OpenCost plugins + plugins: + enabled: false + install: + enabled: false + fullImageName: curlimages/curl:latest + securityContext: + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1001 + folder: /opt/opencost/plugin + + # leave this commented to always download most recent version of plugins + # version: + + # the list of enabled plugins + enabledPlugins: [] + # - datadog + + # pre-existing secret for plugin configuration + existingCustomSecret: + enabled: false + name: "" # name of the secret containing plugin config + + secretName: kubecost-plugin-secret + + # uncomment this to define plugin configuration via the values file + # configs: + # datadog: | + # { + # "datadog_site": "", + # "datadog_api_key": "", + # "datadog_app_key": "" + # } + + allocation: + # Enables or disables adding node labels to allocation data (i.e. workloads). + # Defaults to "true" and starts with a sensible includeList for basics like + # topology (e.g. zone, region) and instance type labels. + # nodeLabels: + # enabled: true + # includeList: "node.kubernetes.io/instance-type,topology.kubernetes.io/region,topology.kubernetes.io/zone" + + # Enables or disables the ContainerStats pipeline, used for quantile-based + # queries like for request sizing recommendations. + # ContainerStats provides support for quantile-based request right-sizing + # recommendations. + # + # It is disabled by default to avoid problems in extremely high-scale Thanos + # environments. If you would like to try quantile-based request-sizing + # recommendations, enable this! If you are in a high-scale environment, + # please monitor Kubecost logs, Thanos query logs, and Thanos load closely. + # We hope to make major improvements at scale here soon! + # + containerStatsEnabled: true # enabled by default as of v2.2.0 + + # max number of concurrent Prometheus queries + maxQueryConcurrency: 5 + resources: + requests: + cpu: "200m" + memory: "55Mi" + # limits: + # cpu: "800m" + # memory: "256Mi" + + # Define a readiness probe for the Kubecost cost-model container. + readinessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 200 + + # Define a liveness probe for the Kubecost cost-model container. + livenessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 200 + extraArgs: [] + + # Optional. A list of extra environment variables to be added to the cost-model container. + # extraEnv: + # - name: LOG_LEVEL + # value: trace + # - name: LOG_FORMAT + # value: json + # # When false, Kubecost will not show Asset costs for local disks physically + # # attached to nodes (e.g. ephemeral storage). This needs to be applied to + # # each cluster monitored. + # - name: ASSET_INCLUDE_LOCAL_DISK_COST + # value: "true" + + # creates an ingress directly to the model container, for API access + ingress: + enabled: false + # className: nginx + labels: + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + annotations: + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + paths: ["/"] + pathType: ImplementationSpecific + hosts: + - cost-analyzer-model.local + tls: [] + # - secretName: cost-analyzer-model-tls + # hosts: + # - cost-analyzer-model.local + utcOffset: "+00:00" + # Optional - add extra ports to the cost-model container. For kubecost development purposes only - not recommended for users. + extraPorts: [] + # - name: debug + # port: 40000 + # targetPort: 40000 + # containerPort: 40000 + +## etlUtils is a utility typically used by Enterprise customers transitioning +## from v1 to v2 of Kubecost. It translates the data from the "/etl" dir of the +## bucket, to the "/federated" dir of the bucket. +## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/federated-etl/thanos-migration-guide +## +etlUtils: + enabled: false + fullImageName: null + resources: {} + env: {} + nodeSelector: {} + tolerations: [] + affinity: {} + +# Basic Kubecost ingress, more examples available at https://docs.kubecost.com/install-and-configure/install/ingress-examples +ingress: + enabled: false + # className: nginx + labels: + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + annotations: + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + paths: ["/"] # There's no need to route specifically to the pods-- we have an nginx deployed that handles routing + pathType: ImplementationSpecific + hosts: + - cost-analyzer.local + tls: [] + # - secretName: cost-analyzer-tls + # hosts: + # - cost-analyzer.local + +nodeSelector: {} + +tolerations: [] +# - key: "key" +# operator: "Equal|Exists" +# value: "value" +# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + +affinity: {} + +topologySpreadConstraints: [] + +# If true, creates a PriorityClass to be used by the cost-analyzer pod +priority: + enabled: false + name: "" # Provide name of existing priority class only. If left blank, upstream chart will create one from default template. + +# If true, enable creation of NetworkPolicy resources. +networkPolicy: + enabled: false + denyEgress: true # create a network policy that denies egress from kubecost + sameNamespace: true # Set to true if cost analyzer and prometheus are on the same namespace +# namespace: kubecost # Namespace where prometheus is installed + + # Cost-analyzer specific vars using the new template + costAnalyzer: + enabled: false # If true, create a network policy for cost-analyzer + annotations: {} # annotations to be added to the network policy + additionalLabels: {} # additional labels to be added to the network policy + # Examples rules: + # ingressRules: + # - selectors: # allow ingress from self on all ports + # - podSelector: + # matchLabels: + # app.kubernetes.io/name: cost-analyzer + # - selectors: # allow egress access to prometheus + # - namespaceSelector: + # matchLabels: + # name: prometheus + # podSelector: + # matchLabels: + # app: prometheus + # ports: + # - protocol: TCP + # port: 9090 + # egressRules: + # - selectors: # restrict egress to inside cluster + # - namespaceSelector: {} + +## @param extraVolumes A list of volumes to be added to the pod +## +extraVolumes: [] +## @param extraVolumeMounts A list of volume mounts to be added to the pod +## +extraVolumeMounts: [] + +# Define persistence volume for cost-analyzer, more information at https://docs.kubecost.com/install-and-configure/install/storage +persistentVolume: + size: 32Gi + dbSize: 32.0Gi + enabled: true # Note that setting this to false means configurations will be wiped out on pod restart. + # storageClass: "-" # + # existingClaim: kubecost-cost-analyzer # a claim in the same namespace as kubecost + labels: {} + annotations: {} + # helm.sh/resource-policy: keep # https://helm.sh/docs/howto/charts_tips_and_tricks/#tell-helm-not-to-uninstall-a-resource + + # Enables a separate PV specifically for ETL data. This should be avoided, but + # is kept for legacy compatibility. + dbPVEnabled: false + +service: + type: ClusterIP + port: 9090 + targetPort: 9090 + nodePort: {} + labels: {} + annotations: {} + # loadBalancerSourceRanges: [] + sessionAffinity: + enabled: false # Makes sure that connections from a client are passed to the same Pod each time, when set to `true`. You should set it when you enabled authentication through OIDC or SAML integration. + timeoutSeconds: 10800 + +prometheus: + ## Provide a full name override for Prometheus. + # fullnameOverride: "" + ## Provide a name override for Prometheus. + # nameOverride: "" + + rbac: + create: true # Create the RBAC resources for Prometheus. + + ## Define serviceAccount names for components. Defaults to component's fully qualified name. + ## + serviceAccounts: + alertmanager: + create: true + name: + nodeExporter: + create: true + name: + pushgateway: + create: true + name: + server: + create: true + name: + ## Prometheus server ServiceAccount annotations. + ## Can be used for AWS IRSA annotations when using Remote Write mode with Amazon Managed Prometheus. + annotations: {} + + ## Specify an existing ConfigMap to be used by Prometheus when using self-signed certificates. + ## + # selfsignedCertConfigMapName: "" + + imagePullSecrets: + # - name: "image-pull-secret" + + extraScrapeConfigs: | + - job_name: kubecost + honor_labels: true + scrape_interval: 1m + scrape_timeout: 60s + metrics_path: /metrics + scheme: http + dns_sd_configs: + - names: + - {{ template "cost-analyzer.serviceName" . }} + type: 'A' + port: 9003 + - job_name: kubecost-networking + kubernetes_sd_configs: + - role: pod + relabel_configs: + # Scrape only the the targets matching the following metadata + - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] + action: keep + regex: kubecost + - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_name] + action: keep + regex: network-costs + - job_name: kubecost-aggregator + scrape_interval: 1m + scrape_timeout: 60s + metrics_path: /metrics + scheme: http + dns_sd_configs: + - names: + - {{ template "aggregator.serviceName" . }} + type: 'A' + {{- if or .Values.saml.enabled .Values.oidc.enabled }} + port: 9008 + {{- else }} + port: 9004 + {{- end }} + ## Enables scraping of NVIDIA GPU metrics via dcgm-exporter. Scrapes all + ## endpoints which contain "dcgm-exporter" in labels "app", + ## "app.kubernetes.io/component", or "app.kubernetes.io/name" with a case + ## insensitive match. + ## Refs: + ## https://github.com/NVIDIA/gpu-operator/blob/d4316a415bbd684ce8416a88042305fc1a093aa4/assets/state-dcgm-exporter/0600_service.yaml#L7 + ## https://github.com/NVIDIA/dcgm-exporter/blob/54fd1ca137c66511a87a720390613680b9bdabdd/deployment/templates/service.yaml#L23 + - job_name: kubecost-dcgm-exporter + kubernetes_sd_configs: + - role: endpoints + relabel_configs: + - source_labels: [__meta_kubernetes_pod_label_app, __meta_kubernetes_pod_label_app_kubernetes_io_component, __meta_kubernetes_pod_label_app_kubernetes_io_name] + action: keep + regex: (?i)(.*dcgm-exporter.*|.*dcgm-exporter.*|.*dcgm-exporter.*) + + server: + # If clusterIDConfigmap is defined, instead use user-generated configmap with key CLUSTER_ID + # to use as unique cluster ID in kubecost cost-analyzer deployment. + # This overrides the cluster_id set in prometheus.server.global.external_labels. + # NOTE: This does not affect the external_labels set in prometheus config. + # clusterIDConfigmap: cluster-id-configmap + + ## Provide a full name override for the Prometheus server. + # fullnameOverride: "" + + ## Prometheus server container name + ## + enabled: true + name: server + sidecarContainers: + strategy: + type: Recreate + rollingUpdate: null + + ## Prometheus server container image + ## + image: + repository: cgr.dev/chainguard/prometheus + tag: latest + pullPolicy: IfNotPresent + + ## prometheus server priorityClassName + ## + priorityClassName: "" + + ## The URL prefix at which the container can be accessed. Useful in the case the '-web.external-url' includes a slug + ## so that the various internal URLs are still able to access as they are in the default case. + ## (Optional) + prefixURL: "" + + ## External URL which can access alertmanager + ## Maybe same with Ingress host name + baseURL: "" + + ## Additional server container environment variables + ## + ## You specify this manually like you would a raw deployment manifest. + ## This means you can bind in environment variables from secrets. + ## + ## e.g. static environment variable: + ## - name: DEMO_GREETING + ## value: "Hello from the environment" + ## + ## e.g. secret environment variable: + ## - name: USERNAME + ## valueFrom: + ## secretKeyRef: + ## name: mysecret + ## key: username + env: [] + + extraFlags: + - web.enable-lifecycle + ## web.enable-admin-api flag controls access to the administrative HTTP API which includes functionality such as + ## deleting time series. This is disabled by default. + # - web.enable-admin-api + ## + ## storage.tsdb.no-lockfile flag controls BD locking + # - storage.tsdb.no-lockfile + ## + ## storage.tsdb.wal-compression flag enables compression of the write-ahead log (WAL) + # - storage.tsdb.wal-compression + + ## Path to a configuration file on prometheus server container FS + configPath: /etc/config/prometheus.yml + + global: + ## How frequently to scrape targets by default + ## + scrape_interval: 1m + ## How long until a scrape request times out + ## + scrape_timeout: 60s + ## How frequently to evaluate rules + ## + evaluation_interval: 1m + external_labels: + cluster_id: cluster-one # Each cluster should have a unique ID + ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write + ## + remoteWrite: {} + ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_read + ## + remoteRead: {} + + ## Additional Prometheus server container arguments + ## + extraArgs: + query.max-concurrency: 1 + query.max-samples: 100000000 + + ## Additional InitContainers to initialize the pod + ## + extraInitContainers: [] + + ## Additional Prometheus server Volume mounts + ## + extraVolumeMounts: [] + + ## Additional Prometheus server Volumes + ## + extraVolumes: [] + + ## Additional Prometheus server hostPath mounts + ## + extraHostPathMounts: [] + # - name: certs-dir + # mountPath: /etc/kubernetes/certs + # subPath: "" + # hostPath: /etc/kubernetes/certs + # readOnly: true + + extraConfigmapMounts: [] + # - name: certs-configmap + # mountPath: /prometheus + # subPath: "" + # configMap: certs-configmap + # readOnly: true + + ## Additional Prometheus server Secret mounts + # Defines additional mounts with secrets. Secrets must be manually created in the namespace. + extraSecretMounts: [] + # - name: secret-files + # mountPath: /etc/secrets + # subPath: "" + # secretName: prom-secret-files + # readOnly: true + + ## ConfigMap override where fullname is {{.Release.Name}}-{{.Values.server.configMapOverrideName}} + ## Defining configMapOverrideName will cause templates/server-configmap.yaml + ## to NOT generate a ConfigMap resource + ## + configMapOverrideName: "" + + ingress: + ## If true, Prometheus server Ingress will be created + ## + enabled: false + # className: nginx + + ## Prometheus server Ingress annotations + ## + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: 'true' + + ## Prometheus server Ingress additional labels + ## + extraLabels: {} + + ## Prometheus server Ingress hostnames with optional path + ## Must be provided if Ingress is enabled + ## + hosts: [] + # - prometheus.domain.com + # - domain.com/prometheus + + ## PathType determines the interpretation of the Path matching + pathType: "Prefix" + + ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + + ## Prometheus server Ingress TLS configuration + ## Secrets must be manually created in the namespace + ## + tls: [] + # - secretName: prometheus-server-tls + # hosts: + # - prometheus.domain.com + + ## Server Deployment Strategy type + # strategy: + # type: Recreate + + ## Node tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + + ## Node labels for Prometheus server pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Pod affinity + ## + affinity: {} + + ## PodDisruptionBudget settings + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ + ## + podDisruptionBudget: + enabled: false + maxUnavailable: 1 + + ## Use an alternate scheduler, e.g. "stork". + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + # schedulerName: + + persistentVolume: + ## If true, Prometheus server will create/use a Persistent Volume Claim + ## If false, use emptyDir + ## + enabled: true + + ## Prometheus server data Persistent Volume access modes + ## Must match those of existing PV or dynamic provisioner + ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ + ## + accessModes: + - ReadWriteOnce + + ## Prometheus server data Persistent Volume annotations + ## + annotations: {} + # helm.sh/resource-policy: keep # https://helm.sh/docs/howto/charts_tips_and_tricks/#tell-helm-not-to-uninstall-a-resource + + ## Prometheus server data Persistent Volume existing claim name + ## Requires server.persistentVolume.enabled: true + ## If defined, PVC must be created manually before volume will be bound + existingClaim: "" + + ## Prometheus server data Persistent Volume mount root path + ## + mountPath: /data + + ## Prometheus server data Persistent Volume size + ## + size: 32Gi + + ## Prometheus server data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + + ## Prometheus server data Persistent Volume Binding Mode + ## If defined, volumeBindingMode: + ## If undefined (the default) or set to null, no volumeBindingMode spec is + ## set, choosing the default mode. + ## + # volumeBindingMode: "" + + ## Subdirectory of Prometheus server data Persistent Volume to mount + ## Useful if the volume's root directory is not empty + ## + subPath: "" + + emptyDir: + sizeLimit: "" + + ## Annotations to be added to Prometheus server pods + ## + podAnnotations: {} + # iam.amazonaws.com/role: prometheus + + ## Annotations to be added to the Prometheus Server deployment + ## + deploymentAnnotations: {} + + ## Labels to be added to Prometheus server pods + ## + podLabels: {} + + ## Prometheus AlertManager configuration + ## + alertmanagers: [] + + ## Use a StatefulSet if replicaCount needs to be greater than 1 (see below) + ## + replicaCount: 1 + + statefulSet: + ## If true, use a statefulset instead of a deployment for pod management. + ## This allows to scale replicas to more than 1 pod + ## + enabled: false + + annotations: {} + labels: {} + podManagementPolicy: OrderedReady + + ## Alertmanager headless service to use for the statefulset + ## + headless: + annotations: {} + labels: {} + servicePort: 80 + + ## Prometheus server readiness and liveness probe initial delay and timeout + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + ## + readinessProbeInitialDelay: 5 + readinessProbeTimeout: 3 + readinessProbeFailureThreshold: 3 + readinessProbeSuccessThreshold: 1 + livenessProbeInitialDelay: 5 + livenessProbeTimeout: 3 + livenessProbeFailureThreshold: 3 + livenessProbeSuccessThreshold: 1 + + ## Prometheus server resource requests and limits + ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 500m + # memory: 512Mi + + ## Vertical Pod Autoscaler config + ## Ref: https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler + verticalAutoscaler: + ## If true a VPA object will be created for the controller (either StatefulSet or Deployment, based on above configs) + enabled: false + ## Optional. Defaults to "Auto" if not specified. + # updateMode: "Auto" + ## Mandatory. Without, VPA will not be created. + # containerPolicies: + # - containerName: 'prometheus-server' + + ## Security context to be added to server pods + ## + securityContext: {} + # runAsUser: 1001 + # runAsNonRoot: true + # runAsGroup: 1001 + # fsGroup: 1001 + + containerSecurityContext: {} + + service: + annotations: {} + labels: {} + clusterIP: "" + # nodePort: "" + + ## List of IP addresses at which the Prometheus server service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + loadBalancerIP: "" + loadBalancerSourceRanges: [] + servicePort: 80 + sessionAffinity: None + type: ClusterIP + + ## Enable gRPC port on service to allow auto discovery with thanos-querier + gRPC: + enabled: false + servicePort: 10901 + # nodePort: 10901 + + ## If using a statefulSet (statefulSet.enabled=true), configure the + ## service to connect to a specific replica to have a consistent view + ## of the data. + statefulsetReplica: + enabled: false + replica: 0 + + ## Prometheus server pod termination grace period + ## + terminationGracePeriodSeconds: 300 + + ## Prometheus data retention period (default if not specified is 97 hours) + ## + ## Kubecost builds up its own persistent store of metric data on the + ## filesystem (usually a PV) and, when using ETL Backup and/or Federated + ## ETL, in more durable object storage like S3 or GCS. Kubecost's data + ## retention is _not_ tied to the configured Prometheus retention. + ## + ## For data durability, we recommend using ETL Backup instead of relying on + ## Prometheus retention. + ## + ## Lower retention values will affect Prometheus by reducing resource + ## consumption and increasing stability. It _must not_ be set below or equal + ## to kubecostModel.etlHourlyStoreDurationHours, otherwise empty data sets + ## may overwrite good data sets. For now, it must also be >= 49h for Daily + ## ETL stability. + ## + ## "ETL Rebuild" and "ETL Repair" is only possible on data available within + ## this retention window. This is an extremely rare operation. + ## + ## If you want maximum security in the event of a Kubecost agent + ## (cost-model) outage, increase this value. The current default of 97h is + ## intended to balance Prometheus stability and resource consumption + ## against the event of an outage in Kubecost which would necessitate a + ## version change. 4 days should provide enough time for most users to + ## notice a problem and initiate corrective action. + retention: 97h + # retentionSize: should be significantly greater than the storage used in the number of hours set in etlHourlyStoreDurationHours + + # Install Prometheus Alert Manager + alertmanager: + ## If false, alertmanager will not be installed + ## + enabled: false + + ## Provide a full name override for Prometheus alertmanager. + # fullnameOverride: "" + + strategy: + type: Recreate + rollingUpdate: null + + ## alertmanager container name + ## + name: alertmanager + + ## alertmanager container image + ## + image: + repository: cgr.dev/chainguard/prometheus-alertmanager + tag: latest + pullPolicy: IfNotPresent + + ## alertmanager priorityClassName + ## + priorityClassName: "" + + ## Additional alertmanager container arguments + ## + extraArgs: {} + + ## The URL prefix at which the container can be accessed. Useful in the case the '-web.external-url' includes a slug + ## so that the various internal URLs are still able to access as they are in the default case. + ## (Optional) + prefixURL: "" + + ## External URL which can access alertmanager + baseURL: "http://localhost:9093" + + ## Additional alertmanager container environment variable + ## For instance to add a http_proxy + ## + extraEnv: {} + + ## Additional alertmanager Secret mounts + # Defines additional mounts with secrets. Secrets must be manually created in the namespace. + extraSecretMounts: [] + # - name: secret-files + # mountPath: /etc/secrets + # subPath: "" + # secretName: alertmanager-secret-files + # readOnly: true + + ## ConfigMap override where fullname is {{.Release.Name}}-{{.Values.alertmanager.configMapOverrideName}} + ## Defining configMapOverrideName will cause templates/alertmanager-configmap.yaml + ## to NOT generate a ConfigMap resource + ## + configMapOverrideName: "" + + ## The name of a secret in the same kubernetes namespace which contains the Alertmanager config + ## Defining configFromSecret will cause templates/alertmanager-configmap.yaml + ## to NOT generate a ConfigMap resource + ## + configFromSecret: "" + + ## The configuration file name to be loaded to alertmanager + ## Must match the key within configuration loaded from ConfigMap/Secret + ## + configFileName: alertmanager.yml + + ingress: + ## If true, alertmanager Ingress will be created + ## + enabled: false + + ## alertmanager Ingress annotations + ## + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: 'true' + + ## alertmanager Ingress additional labels + ## + extraLabels: {} + + ## alertmanager Ingress hostnames with optional path + ## Must be provided if Ingress is enabled + ## + hosts: [] + # - alertmanager.domain.com + # - domain.com/alertmanager + + ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + + ## alertmanager Ingress TLS configuration + ## Secrets must be manually created in the namespace + ## + tls: [] + # - secretName: prometheus-alerts-tls + # hosts: + # - alertmanager.domain.com + + ## Alertmanager Deployment Strategy type + # strategy: + # type: Recreate + + ## Node tolerations for alertmanager scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + + ## Node labels for alertmanager pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Pod affinity + ## + affinity: {} + + ## PodDisruptionBudget settings + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ + ## + podDisruptionBudget: + enabled: false + maxUnavailable: 1 + + ## Use an alternate scheduler, e.g. "stork". + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + # schedulerName: + + persistentVolume: + ## If true, alertmanager will create/use a Persistent Volume Claim + ## If false, use emptyDir + ## + enabled: true + + ## alertmanager data Persistent Volume access modes + ## Must match those of existing PV or dynamic provisioner + ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ + ## + accessModes: + - ReadWriteOnce + + ## alertmanager data Persistent Volume Claim annotations + ## + annotations: {} + + ## alertmanager data Persistent Volume existing claim name + ## Requires alertmanager.persistentVolume.enabled: true + ## If defined, PVC must be created manually before volume will be bound + existingClaim: "" + + ## alertmanager data Persistent Volume mount root path + ## + mountPath: /data + + ## alertmanager data Persistent Volume size + ## + size: 2Gi + + ## alertmanager data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + + ## alertmanager data Persistent Volume Binding Mode + ## If defined, volumeBindingMode: + ## If undefined (the default) or set to null, no volumeBindingMode spec is + ## set, choosing the default mode. + ## + # volumeBindingMode: "" + + ## Subdirectory of alertmanager data Persistent Volume to mount + ## Useful if the volume's root directory is not empty + ## + subPath: "" + + ## Annotations to be added to alertmanager pods + ## + podAnnotations: {} + ## Tell prometheus to use a specific set of alertmanager pods + ## instead of all alertmanager pods found in the same namespace + ## Useful if you deploy multiple releases within the same namespace + ## + ## prometheus.io/probe: alertmanager-teamA + + ## Labels to be added to Prometheus AlertManager pods + ## + podLabels: {} + + ## Use a StatefulSet if replicaCount needs to be greater than 1 (see below) + ## + replicaCount: 1 + + statefulSet: + ## If true, use a statefulset instead of a deployment for pod management. + ## This allows to scale replicas to more than 1 pod + ## + enabled: false + + podManagementPolicy: OrderedReady + + ## Alertmanager headless service to use for the statefulset + ## + headless: + annotations: {} + labels: {} + + ## Enabling peer mesh service end points for enabling the HA alert manager + ## Ref: https://github.com/prometheus/alertmanager/blob/master/README.md + # enableMeshPeer : true + + servicePort: 80 + + ## alertmanager resource requests and limits + ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Security context to be added to alertmanager pods + ## + securityContext: + runAsUser: 1001 + runAsNonRoot: true + runAsGroup: 1001 + fsGroup: 1001 + + service: + annotations: {} + labels: {} + clusterIP: "" + + ## Enabling peer mesh service end points for enabling the HA alert manager + ## Ref: https://github.com/prometheus/alertmanager/blob/master/README.md + # enableMeshPeer : true + + ## List of IP addresses at which the alertmanager service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + loadBalancerIP: "" + loadBalancerSourceRanges: [] + servicePort: 80 + # nodePort: 30000 + sessionAffinity: None + type: ClusterIP + + # Define a custom scheduler for Alertmanager pods + # schedulerName: default-scheduler + + ## alertmanager ConfigMap entries + ## + alertmanagerFiles: + alertmanager.yml: + global: {} + # slack_api_url: '' + + receivers: + - name: default-receiver + # slack_configs: + # - channel: '@you' + # send_resolved: true + + route: + group_wait: 10s + group_interval: 5m + receiver: default-receiver + repeat_interval: 3h + + ## Monitors ConfigMap changes and POSTs to a URL + configmapReload: + prometheus: + ## If false, the configmap-reload container will not be deployed + ## + enabled: false + + ## configmap-reload container name + ## + name: configmap-reload + + ## configmap-reload container image + ## + image: + repository: cgr.dev/chainguard/prometheus-config-reloader + tag: latest + pullPolicy: IfNotPresent + + ## Additional configmap-reload container arguments + ## + extraArgs: {} + ## Additional configmap-reload volume directories + ## + extraVolumeDirs: [] + + ## Additional configmap-reload mounts + ## + extraConfigmapMounts: [] + # - name: prometheus-alerts + # mountPath: /etc/alerts.d + # subPath: "" + # configMap: prometheus-alerts + # readOnly: true + + ## configmap-reload resource requests and limits + ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + + ## configmap-reload container securityContext + containerSecurityContext: {} + + alertmanager: + ## If false, the configmap-reload container will not be deployed + ## + enabled: false + + ## configmap-reload container name + ## + name: configmap-reload + + ## configmap-reload container image + ## + image: + repository: cgr.dev/chainguard/prometheus-config-reloader + tag: latest + pullPolicy: IfNotPresent + + ## Additional configmap-reload container arguments + ## + extraArgs: {} + ## Additional configmap-reload volume directories + ## + extraVolumeDirs: [] + + + ## Additional configmap-reload mounts + ## + extraConfigmapMounts: [] + # - name: prometheus-alerts + # mountPath: /etc/alerts.d + # subPath: "" + # configMap: prometheus-alerts + # readOnly: true + + + ## configmap-reload resource requests and limits + ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + + # node-export must be disabled if there is an existing daemonset: https://guide.kubecost.com/hc/en-us/articles/4407601830679-Troubleshoot-Install#a-name-node-exporter-a-issue-failedscheduling-kubecost-prometheus-node-exporter + nodeExporter: + ## If false, node-exporter will not be installed. + ## This is disabled by default in Kubecost 2.0, though it can be enabled as needed. + ## + enabled: false + + ## Provide a full name override for node exporter. + # fullnameOverride: "" + + ## If true, node-exporter pods share the host network namespace + ## + hostNetwork: true + + ## If true, node-exporter pods share the host PID namespace + ## + hostPID: true + + ## node-exporter dns policy + ## + dnsPolicy: ClusterFirstWithHostNet + + ## node-exporter container name + ## + name: node-exporter + + ## node-exporter container image + ## + image: + repository: prom/node-exporter + tag: v1.8.2 + pullPolicy: IfNotPresent + + ## node-exporter priorityClassName + ## + priorityClassName: "" + + ## Custom Update Strategy + ## + updateStrategy: + type: RollingUpdate + + ## Additional node-exporter container arguments + ## + extraArgs: {} + + ## Additional node-exporter hostPath mounts + ## + extraHostPathMounts: [] + # - name: textfile-dir + # mountPath: /srv/txt_collector + # hostPath: /var/lib/node-exporter + # readOnly: true + # mountPropagation: HostToContainer + + extraConfigmapMounts: [] + # - name: certs-configmap + # mountPath: /prometheus + # configMap: certs-configmap + # readOnly: true + + ## Set a custom affinity for node-exporter + ## + # affinity: + + ## Node tolerations for node-exporter scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + + ## Node labels for node-exporter pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Annotations to be added to node-exporter pods + ## + podAnnotations: {} + + ## Annotations to be added to the node-exporter DaemonSet + ## + deploymentAnnotations: {} + + ## Labels to be added to node-exporter pods + ## + pod: + labels: {} + + ## PodDisruptionBudget settings + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ + ## + podDisruptionBudget: + enabled: false + maxUnavailable: 1 + + ## node-exporter resource limits & requests + ## Ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + # limits: + # cpu: 200m + # memory: 50Mi + # requests: + # cpu: 100m + # memory: 30Mi + + ## Security context to be added to node-exporter pods + ## + securityContext: {} + # runAsUser: 0 + + service: + annotations: + prometheus.io/scrape: "true" + labels: {} + + # Exposed as a headless service: + # https://kubernetes.io/docs/concepts/services-networking/service/#headless-services + clusterIP: None + + ## List of IP addresses at which the node-exporter service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + hostPort: 9100 + loadBalancerIP: "" + loadBalancerSourceRanges: [] + servicePort: 9100 + type: ClusterIP + + # Install Prometheus Push Gateway. + pushgateway: + ## If false, pushgateway will not be installed + ## + enabled: false + + ## Provide a full name override for Prometheus push gateway. + # fullnameOverride: "" + + ## Use an alternate scheduler, e.g. "stork". + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + # schedulerName: + + ## pushgateway container name + ## + name: pushgateway + + ## pushgateway container image + ## + image: + repository: prom/pushgateway + tag: v1.9.0 + pullPolicy: IfNotPresent + + ## pushgateway priorityClassName + ## + priorityClassName: "" + + ## Additional pushgateway container arguments + ## + ## for example: persistence.file: /data/pushgateway.data + extraArgs: {} + + ingress: + ## If true, pushgateway Ingress will be created + ## + enabled: false + + ## pushgateway Ingress annotations + ## + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: 'true' + + ## pushgateway Ingress hostnames with optional path + ## Must be provided if Ingress is enabled + ## + hosts: [] + # - pushgateway.domain.com + # - domain.com/pushgateway + + ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + + ## pushgateway Ingress TLS configuration + ## Secrets must be manually created in the namespace + ## + tls: [] + # - secretName: prometheus-alerts-tls + # hosts: + # - pushgateway.domain.com + + ## Node tolerations for pushgateway scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + + ## Node labels for pushgateway pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Annotations to be added to pushgateway pods + ## + podAnnotations: {} + + replicaCount: 1 + + ## PodDisruptionBudget settings + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ + ## + podDisruptionBudget: + enabled: false + maxUnavailable: 1 + + ## pushgateway resource requests and limits + ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Security context to be added to push-gateway pods + ## + securityContext: + runAsUser: 1001 + runAsNonRoot: true + + service: + annotations: + prometheus.io/probe: pushgateway + labels: {} + clusterIP: "" + + ## List of IP addresses at which the pushgateway service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + loadBalancerIP: "" + loadBalancerSourceRanges: [] + servicePort: 9091 + type: ClusterIP + + strategy: + type: Recreate + rollingUpdate: null + + + persistentVolume: + ## If true, pushgateway will create/use a Persistent Volume Claim + ## If false, use emptyDir + ## + enabled: true + + ## pushgateway data Persistent Volume access modes + ## Must match those of existing PV or dynamic provisioner + ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ + ## + accessModes: + - ReadWriteOnce + + ## pushgateway data Persistent Volume Claim annotations + ## + annotations: {} + + ## pushgateway data Persistent Volume existing claim name + ## Requires pushgateway.persistentVolume.enabled: true + ## If defined, PVC must be created manually before volume will be bound + existingClaim: "" + + ## pushgateway data Persistent Volume mount root path + ## + mountPath: /data + + ## pushgateway data Persistent Volume size + ## + size: 2Gi + + ## pushgateway data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + + ## pushgateway data Persistent Volume Binding Mode + ## If defined, volumeBindingMode: + ## If undefined (the default) or set to null, no volumeBindingMode spec is + ## set, choosing the default mode. + ## + # volumeBindingMode: "" + + ## Subdirectory of pushgateway data Persistent Volume to mount + ## Useful if the volume's root directory is not empty + ## + subPath: "" + + serverFiles: + ## Alerts configuration + ## Ref: https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/ + alerting_rules.yml: {} + # groups: + # - name: Instances + # rules: + # - alert: InstanceDown + # expr: up == 0 + # for: 5m + # labels: + # severity: page + # annotations: + # description: '{{ $labels.instance }} of job {{ $labels.job }} has been down for more than 5 minutes.' + # summary: 'Instance {{ $labels.instance }} down' + ## DEPRECATED DEFAULT VALUE, unless explicitly naming your files, please use alerting_rules.yml + alerts: {} + + ## Records configuration + ## Ref: https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/ + recording_rules.yml: {} + ## DEPRECATED DEFAULT VALUE, unless explicitly naming your files, please use recording_rules.yml + + prometheus.yml: + rule_files: + - /etc/config/recording_rules.yml + - /etc/config/alerting_rules.yml + ## Below two files are DEPRECATED will be removed from this default values file + - /etc/config/rules + - /etc/config/alerts + + scrape_configs: + - job_name: prometheus + static_configs: + - targets: + - localhost:9090 + + # A scrape configuration for running Prometheus on a Kubernetes cluster. + # This uses separate scrape configs for cluster components (i.e. API server, node) + # and services to allow each to use different authentication configs. + # + # Kubernetes labels will be added as Prometheus labels on metrics via the + # `labelmap` relabeling action. + + - job_name: 'kubernetes-nodes-cadvisor' + + # Default to scraping over https. If required, just disable this or change to + # `http`. + scheme: https + + # This TLS & bearer token file config is used to connect to the actual scrape + # endpoints for cluster components. This is separate to discovery auth + # configuration because discovery & scraping are two separate concerns in + # Prometheus. The discovery auth config is automatic if Prometheus runs inside + # the cluster. Otherwise, more config options have to be provided within the + # . + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + # If your node certificates are self-signed or use a different CA to the + # master CA, then disable certificate verification below. Note that + # certificate verification is an integral part of a secure infrastructure + # so this should only be disabled in a controlled environment. You can + # disable certificate verification by uncommenting the line below. + # + insecure_skip_verify: true + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + + kubernetes_sd_configs: + - role: node + + # This configuration will work only on kubelet 1.7.3+ + # As the scrape endpoints for cAdvisor have changed + # if you are using older version you need to change the replacement to + # replacement: /api/v1/nodes/$1:4194/proxy/metrics + # more info here https://github.com/coreos/prometheus-operator/issues/633 + relabel_configs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + - target_label: __address__ + replacement: kubernetes.default.svc:443 + - source_labels: [__meta_kubernetes_node_name] + regex: (.+) + target_label: __metrics_path__ + replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor + + metric_relabel_configs: + - source_labels: [__name__] + regex: (container_cpu_usage_seconds_total|container_memory_working_set_bytes|container_network_receive_errors_total|container_network_transmit_errors_total|container_network_receive_packets_dropped_total|container_network_transmit_packets_dropped_total|container_memory_usage_bytes|container_cpu_cfs_throttled_periods_total|container_cpu_cfs_periods_total|container_fs_usage_bytes|container_fs_limit_bytes|container_cpu_cfs_periods_total|container_fs_inodes_free|container_fs_inodes_total|container_fs_usage_bytes|container_fs_limit_bytes|container_cpu_cfs_throttled_periods_total|container_cpu_cfs_periods_total|container_network_receive_bytes_total|container_network_transmit_bytes_total|container_fs_inodes_free|container_fs_inodes_total|container_fs_usage_bytes|container_fs_limit_bytes|container_spec_cpu_shares|container_spec_memory_limit_bytes|container_network_receive_bytes_total|container_network_transmit_bytes_total|container_fs_reads_bytes_total|container_network_receive_bytes_total|container_fs_writes_bytes_total|container_fs_reads_bytes_total|cadvisor_version_info|kubecost_pv_info) + action: keep + - source_labels: [container] + target_label: container_name + regex: (.+) + action: replace + - source_labels: [pod] + target_label: pod_name + regex: (.+) + action: replace + + # A scrape configuration for running Prometheus on a Kubernetes cluster. + # This uses separate scrape configs for cluster components (i.e. API server, node) + # and services to allow each to use different authentication configs. + # + # Kubernetes labels will be added as Prometheus labels on metrics via the + # `labelmap` relabeling action. + + - job_name: 'kubernetes-nodes' + + # Default to scraping over https. If required, just disable this or change to + # `http`. + scheme: https + + # This TLS & bearer token file config is used to connect to the actual scrape + # endpoints for cluster components. This is separate to discovery auth + # configuration because discovery & scraping are two separate concerns in + # Prometheus. The discovery auth config is automatic if Prometheus runs inside + # the cluster. Otherwise, more config options have to be provided within the + # . + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + # If your node certificates are self-signed or use a different CA to the + # master CA, then disable certificate verification below. Note that + # certificate verification is an integral part of a secure infrastructure + # so this should only be disabled in a controlled environment. You can + # disable certificate verification by uncommenting the line below. + # + insecure_skip_verify: true + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + + kubernetes_sd_configs: + - role: node + + relabel_configs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + - target_label: __address__ + replacement: kubernetes.default.svc:443 + - source_labels: [__meta_kubernetes_node_name] + regex: (.+) + target_label: __metrics_path__ + replacement: /api/v1/nodes/$1/proxy/metrics + + metric_relabel_configs: + - source_labels: [__name__] + regex: (kubelet_volume_stats_used_bytes) # this metric is in alpha + action: keep + + # Scrape config for service endpoints. + # + # The relabeling allows the actual service scrape endpoint to be configured + # via the following annotations: + # + # * `prometheus.io/scrape`: Only scrape services that have a value of `true` + # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need + # to set this to `https` & most likely set the `tls_config` of the scrape config. + # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. + # * `prometheus.io/port`: If the metrics are exposed on a different port to the + # service then set this appropriately. + - job_name: 'kubernetes-service-endpoints' + + kubernetes_sd_configs: + - role: endpoints + + relabel_configs: + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_endpoints_name] + action: keep + regex: (.*node-exporter|kubecost-network-costs) + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] + action: replace + target_label: __scheme__ + regex: (https?) + - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] + action: replace + target_label: __address__ + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + - action: labelmap + regex: __meta_kubernetes_service_label_(.+) + - source_labels: [__meta_kubernetes_namespace] + action: replace + target_label: kubernetes_namespace + - source_labels: [__meta_kubernetes_service_name] + action: replace + target_label: kubernetes_name + - source_labels: [__meta_kubernetes_pod_node_name] + action: replace + target_label: kubernetes_node + metric_relabel_configs: + - source_labels: [__name__] + regex: (container_cpu_allocation|container_cpu_usage_seconds_total|container_fs_limit_bytes|container_fs_writes_bytes_total|container_gpu_allocation|container_memory_allocation_bytes|container_memory_usage_bytes|container_memory_working_set_bytes|container_network_receive_bytes_total|container_network_transmit_bytes_total|DCGM_FI_DEV_GPU_UTIL|deployment_match_labels|kube_daemonset_status_desired_number_scheduled|kube_daemonset_status_number_ready|kube_deployment_spec_replicas|kube_deployment_status_replicas|kube_deployment_status_replicas_available|kube_job_status_failed|kube_namespace_annotations|kube_namespace_labels|kube_node_info|kube_node_labels|kube_node_status_allocatable|kube_node_status_allocatable_cpu_cores|kube_node_status_allocatable_memory_bytes|kube_node_status_capacity|kube_node_status_capacity_cpu_cores|kube_node_status_capacity_memory_bytes|kube_node_status_condition|kube_persistentvolume_capacity_bytes|kube_persistentvolume_status_phase|kube_persistentvolumeclaim_info|kube_persistentvolumeclaim_resource_requests_storage_bytes|kube_pod_container_info|kube_pod_container_resource_limits|kube_pod_container_resource_limits_cpu_cores|kube_pod_container_resource_limits_memory_bytes|kube_pod_container_resource_requests|kube_pod_container_resource_requests_cpu_cores|kube_pod_container_resource_requests_memory_bytes|kube_pod_container_status_restarts_total|kube_pod_container_status_running|kube_pod_container_status_terminated_reason|kube_pod_labels|kube_pod_owner|kube_pod_status_phase|kube_replicaset_owner|kube_statefulset_replicas|kube_statefulset_status_replicas|kubecost_cluster_info|kubecost_cluster_management_cost|kubecost_cluster_memory_working_set_bytes|kubecost_load_balancer_cost|kubecost_network_internet_egress_cost|kubecost_network_region_egress_cost|kubecost_network_zone_egress_cost|kubecost_node_is_spot|kubecost_pod_network_egress_bytes_total|node_cpu_hourly_cost|node_cpu_seconds_total|node_disk_reads_completed|node_disk_reads_completed_total|node_disk_writes_completed|node_disk_writes_completed_total|node_filesystem_device_error|node_gpu_count|node_gpu_hourly_cost|node_memory_Buffers_bytes|node_memory_Cached_bytes|node_memory_MemAvailable_bytes|node_memory_MemFree_bytes|node_memory_MemTotal_bytes|node_network_transmit_bytes_total|node_ram_hourly_cost|node_total_hourly_cost|pod_pvc_allocation|pv_hourly_cost|service_selector_labels|statefulSet_match_labels|kubecost_pv_info|up) + action: keep + + + # prometheus.yml: # Sample block -- enable if using an in cluster durable store. + # remote_write: + # - url: "http://pgprometheus-adapter:9201/write" + # write_relabel_configs: + # - source_labels: [__name__] + # regex: 'container_.*_allocation|container_.*_allocation_bytes|.*_hourly_cost|kube_pod_container_resource_requests{resource="memory", unit="byte"}|container_memory_working_set_bytes|kube_pod_container_resource_requests{resource="cpu", unit="core"}|kube_pod_container_resource_requests|pod_pvc_allocation|kube_namespace_labels|kube_pod_labels' + # action: keep + # queue_config: + # max_samples_per_send: 1000 + # remote_read: + # - url: "http://pgprometheus-adapter:9201/read" + rules: + groups: + - name: CPU + rules: + - expr: sum(rate(container_cpu_usage_seconds_total{container!=""}[5m])) + record: cluster:cpu_usage:rate5m + - expr: rate(container_cpu_usage_seconds_total{container!=""}[5m]) + record: cluster:cpu_usage_nosum:rate5m + - expr: avg(irate(container_cpu_usage_seconds_total{container!="POD", container!=""}[5m])) by (container,pod,namespace) + record: kubecost_container_cpu_usage_irate + - expr: sum(container_memory_working_set_bytes{container!="POD",container!=""}) by (container,pod,namespace) + record: kubecost_container_memory_working_set_bytes + - expr: sum(container_memory_working_set_bytes{container!="POD",container!=""}) + record: kubecost_cluster_memory_working_set_bytes + - name: Savings + rules: + - expr: sum(avg(kube_pod_owner{owner_kind!="DaemonSet"}) by (pod) * sum(container_cpu_allocation) by (pod)) + record: kubecost_savings_cpu_allocation + labels: + daemonset: "false" + - expr: sum(avg(kube_pod_owner{owner_kind="DaemonSet"}) by (pod) * sum(container_cpu_allocation) by (pod)) / sum(kube_node_info) + record: kubecost_savings_cpu_allocation + labels: + daemonset: "true" + - expr: sum(avg(kube_pod_owner{owner_kind!="DaemonSet"}) by (pod) * sum(container_memory_allocation_bytes) by (pod)) + record: kubecost_savings_memory_allocation_bytes + labels: + daemonset: "false" + - expr: sum(avg(kube_pod_owner{owner_kind="DaemonSet"}) by (pod) * sum(container_memory_allocation_bytes) by (pod)) / sum(kube_node_info) + record: kubecost_savings_memory_allocation_bytes + labels: + daemonset: "true" + + # Adds option to add alert_relabel_configs to avoid duplicate alerts in alertmanager + # useful in H/A prometheus with different external labels but the same alerts + alertRelabelConfigs: + # alert_relabel_configs: + # - source_labels: [dc] + # regex: (.+)\d+ + # target_label: dc + + networkPolicy: + ## Enable creation of NetworkPolicy resources. + ## + enabled: false + + +## Optional daemonset to more accurately attribute network costs to the correct workload +## https://docs.kubecost.com/install-and-configure/advanced-configuration/network-costs-configuration +networkCosts: + enabled: false + image: + repository: gcr.io/kubecost1/kubecost-network-costs + tag: v0.17.6 + imagePullPolicy: IfNotPresent + updateStrategy: + type: RollingUpdate + # For existing Prometheus Installs, use the serviceMonitor: or prometheusScrape below. + # the below setting annotates the networkCost service endpoints for each of the network-costs pods. + # The Service is annotated with prometheus.io/scrape: "true" to automatically get picked up by the prometheus config. + # NOTE: Setting this option to true and leaving the above extraScrapeConfig "job_name: kubecost-networking" configured will cause the + # NOTE: pods to be scraped twice. + prometheusScrape: false + # Traffic Logging will enable logging the top 5 destinations for each source + # every 30 minutes. + trafficLogging: true + + logLevel: info + + # Port will set both the containerPort and hostPort to this value. + # These must be identical due to network-costs being run on hostNetwork + port: 3001 + # this daemonset can use significant resources on large clusters: https://guide.kubecost.com/hc/en-us/articles/4407595973527-Network-Traffic-Cost-Allocation + resources: + limits: # remove the limits by setting cpu: null + cpu: 500m # can be less, will depend on cluster size + # memory: it is not recommended to set a memory limit + requests: + cpu: 50m + memory: 20Mi + extraArgs: [] + config: + # Configuration for traffic destinations, including specific classification + # for IPs and CIDR blocks. This configuration will act as an override to the + # automatic classification provided by network-costs. + destinations: + # In Zone contains a list of address/range that will be + # classified as in zone. + in-zone: + # Loopback Addresses in "IANA IPv4 Special-Purpose Address Registry" + - "127.0.0.0/8" + # IPv4 Link Local Address Space + - "169.254.0.0/16" + # Private Address Ranges in RFC-1918 + - "10.0.0.0/8" # Remove this entry if using Multi-AZ Kubernetes + - "172.16.0.0/12" + - "192.168.0.0/16" + + # In Region contains a list of address/range that will be + # classified as in region. This is synonymous with cross + # zone traffic, where the regions between source and destinations + # are the same, but the zone is different. + in-region: [] + + # Cross Region contains a list of address/range that will be + # classified as non-internet egress from one region to another. + cross-region: [] + + # Internet contains a list of address/range that will be + # classified as internet traffic. This is synonymous with traffic + # that cannot be classified within the cluster. + # NOTE: Internet classification filters are executed _after_ + # NOTE: direct-classification, but before in-zone, in-region, + # NOTE: and cross-region. + internet: [] + + # Direct Classification specifically maps an ip address or range + # to a region (required) and/or zone (optional). This classification + # takes priority over in-zone, in-region, and cross-region configurations. + direct-classification: [] + # - region: "us-east1" + # zone: "us-east1-c" + # ips: + # - "10.0.0.0/24" + services: + # google-cloud-services: when set to true, enables labeling traffic metrics with google cloud + # service endpoints + google-cloud-services: true + # amazon-web-services: when set to true, enables labeling traffic metrics with amazon web service + # endpoints. + amazon-web-services: true + # azure-cloud-services: when set to true, enables labeling traffic metrics with azure cloud service + # endpoints + azure-cloud-services: true + # user defined services provide a way to define custom service endpoints which will label traffic metrics + # falling within the defined address range. + # services: + # - service: "test-service-1" + # ips: + # - "19.1.1.2" + # - service: "test-service-2" + # ips: + # - "15.128.15.2" + # - "20.0.0.0/8" + + ## Node tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + + affinity: {} + + service: + annotations: {} + labels: {} + + ## PriorityClassName + ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass + priorityClassName: "" + ## PodMonitor + ## Allows scraping of network metrics from a dedicated prometheus operator setup + podMonitor: + enabled: false + additionalLabels: {} + # match the default extraScrapeConfig + additionalLabels: {} + nodeSelector: {} + annotations: {} + healthCheckProbes: {} + # readinessProbe: + # tcpSocket: + # port: 3001 + # initialDelaySeconds: 5 + # periodSeconds: 10 + # failureThreshold: 5 + # livenessProbe: + # tcpSocket: + # port: 3001 + # initialDelaySeconds: 5 + # periodSeconds: 10 + # failureThreshold: 5 + additionalSecurityContext: {} + # readOnlyRootFilesystem: true + +## Kubecost Deployment Configuration +## Used for HA mode in Business & Enterprise tier +## +kubecostDeployment: + replicas: 1 + # deploymentStrategy: + # rollingUpdate: + # maxSurge: 1 + # maxUnavailable: 1 + # type: RollingUpdate + labels: {} + annotations: {} + + +## Kubecost Forecasting forecasts future cost patterns based on historical +## patterns observed by Kubecost. +forecasting: + enabled: true + + # fullImageName overrides the default image construction logic. The exact + # image provided (registry, image, tag) will be used for the forecasting + # container. + # Example: fullImageName: gcr.io/kubecost1/forecasting:v0.0.1 + fullImageName: gcr.io/kubecost1/kubecost-modeling:v0.1.16 + imagePullPolicy: IfNotPresent + + # Resource specification block for the forecasting container. + resources: + requests: + cpu: 200m + memory: 300Mi + limits: + cpu: 1500m + memory: 1Gi + + # Set environment variables for the forecasting container as key/value pairs. + env: + # -t is the worker timeout which primarily affects model training time; + # if it is not high enough, training workers may die mid training + "GUNICORN_CMD_ARGS": "--log-level info -t 1200" + + # Define a priority class for the forecasting Deployment. + priority: + enabled: false + name: "" + + # Define a nodeSelector for the forecasting Deployment. + nodeSelector: {} + + # Define tolerations for the forecasting Deployment. + tolerations: [] + + # Define Pod affinity for the forecasting Deployment. + affinity: {} + + # Define a readiness probe for the forecasting container + readinessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 200 + + # Define a liveness probe for the forecasting container. + livenessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 200 + +## The Kubecost Aggregator is the primary query backend for Kubecost +## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/federated-etl/aggregator +## +kubecostAggregator: + # deployMethod determines how Aggregator is deployed. Current options are + # "singlepod" (within cost-analyzer Pod) "statefulset" (separate + # StatefulSet), and "disabled". Only use "disabled" if this is a secondary + # Federated ETL cluster which does not need to answer queries. + deployMethod: singlepod + + # fullImageName overrides the default image construction logic. The exact + # image provided (registry, image, tag) will be used for aggregator. + # fullImageName: + imagePullPolicy: IfNotPresent + + # For legacy configuration support, `enabled: true` overrides deployMethod + # and causes `deployMethod: "statefulset"` + enabled: false + + # Replicas sets the number of Aggregator replicas. It only has an effect if + # `deployMethod: "statefulset"` + replicas: 1 + + logLevel: info + + # stagingEmptyDirSizeLimit changes how large the "staging" + # /var/configs/waterfowl emptyDir is. It only takes effect in StatefulSet + # configurations of Aggregator, other configurations are unaffected. + # + # It should be set to approximately 8x the size of the largest bingen file in + # object storage. For example, if your largest bingen file is a daily + # Allocation file with size 300MiB, this value should be set to approximately + # 2400Mi. In most environments, the default should suffice. + stagingEmptyDirSizeLimit: 2Gi + + # this is the number of partitions the datastore is split into for copying + # the higher this number, the lower the ram usage but the longer it takes for + # new data to show in the kubecost UI + # set to 0 for max partitioning (minimum possible ram usage, but the slowest) + # the default of 25 is sufficient for 95%+ of users. This should only be modified + # after consulting with Kubecost's support team + numDBCopyPartitions: 25 + + # How many threads the read database is configured with (i.e. Kubecost API / + # UI queries). If increasing this value, it is recommended to increase the + # aggregator's memory requests & limits. + # default: 1 + dbReadThreads: 1 + + # How many threads the write database is configured with (i.e. ingestion of + # new data from S3). If increasing this value, it is recommended to increase + # the aggregator's memory requests & limits. + # default: 1 + dbWriteThreads: 1 + + # How many threads to use when ingesting Asset/Allocation/CloudCost data + # from the federated store bucket. In most cases the default is sufficient, + # but can be increased if trying to backfill historical data. + # default: 1 + dbConcurrentIngestionCount: 1 + + # Memory limit applied to read database and write database connections. The + # default of "no limit" is appropriate when first establishing a baseline of + # resource usage required. It is eventually recommended to set these values + # such that dbMemoryLimit + dbWriteMemoryLimit < the total memory available + # to the aggregator pod. + # default: 0GB is no limit + dbMemoryLimit: 0GB + dbWriteMemoryLimit: 0GB + + # How much data to ingest from the federated store bucket, and how much data + # to keep in the DB before rolling the data off. + # + # Note: If increasing this value to backfill historical data, it will take + # time to gradually ingest and process those historical ETL files. Consider + # also increasing the resources available to the aggregator as well as the + # refresh and concurrency env vars. + # + # default: 91 + etlDailyStoreDurationDays: 91 + + # How much hourly data to ingest from the federated store bucket, and how much + # to keep in the DB before rolling the data off. + # + # In high scale environments setting this to `0` can improve performance if hourly + # resolution is not a requirement. + # + # default: 49 + etlHourlyStoreDurationHours: 49 + + # How much container resource usage data to retain in the DB, in terms of days. + # + # In high scale environments setting this to `0` can improve performance if hourly + # resolution is not a requirement. + # + # default: 1 + containerResourceUsageRetentionDays: 1 + + # Trim memory on close, only change if advised by Kubecost support. + dbTrimMemoryOnClose: true + + persistentConfigsStorage: + storageClass: "" # default storage class + storageRequest: 1Gi + aggregatorDbStorage: + storageClass: "" # default storage class + storageRequest: 128Gi + + resources: {} + # requests: + # cpu: 1000m + # memory: 1Gi + + readinessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 200 + + ## Set additional environment variables for the aggregator pod + # extraEnv: + # - name: SOME_VARIABLE + # value: "some_value" + + ## Add a priority class to the aggregator pod + # priority: + # enabled: false + # name: "" + + ## Optional - add extra ports to the aggregator container. For kubecost development purposes only - not recommended for users. + # extraPorts: [] + # - name: debug + # port: 40000 + # targetPort: 40000 + # containerPort: 40000 + + ## Define a securityContext for the aggregator pod. This will take highest precedence. + # securityContext: {} + + ## Define the container-level security context for the aggregator pod. This will take highest precedence. + # containerSecurityContext: {} + + ## Provide a Service Account name for aggregator. + # serviceAccountName: "" + + ## Define a nodeSelector for the aggregator pod + # nodeSelector: {} + + ## Define tolerations for the aggregator pod + # tolerations: [] + + ## Define Pod affinity for the aggregator pod + # affinity: {} + + ## Define extra volumes for the aggregator pod + # extraVolumes: [] + + ## Define extra volumemounts for the aggregator pod + # extraVolumeMounts: [] + + ## Creates a new container/pod to retrieve CloudCost data. By default it uses + ## the same serviceaccount as the cost-analyzer pod. A custom serviceaccount + ## can be specified. + cloudCost: + # The cloudCost component of Aggregator depends on + # kubecostAggregator.deployMethod: + # kA.dM = "singlepod" -> cloudCost is run as container inside cost-analyzer + # kA.dM = "statefulset" -> cloudCost is run as single-replica Deployment + resources: {} + # requests: + # cpu: 1000m + # memory: 1Gi + # refreshRateHours: + # queryWindowDays: + # runWindowDays: + # serviceAccountName: + readinessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 200 + + ## Add a nodeSelector for aggregator cloud costs + # nodeSelector: {} + + ## Tolerations for the aggregator cloud costs + # tolerations: [] + + ## Affinity for the aggregator cloud costs + # affinity: {} + + ## ServiceAccount for the aggregator cloud costs + # serviceAccountName: "" + + ## Define environment variables for cloud cost + # env: {} + + ## Define extra volumes for the cloud cost pod + # extraVolumes: [] + + ## Define extra volumemounts for the cloud cost pod + # extraVolumeMounts: [] + + ## Configure the Collections service for aggregator. + # collections: + # cache: + # enabled: false + + # Jaeger is an optional container attached to wherever the Aggregator + # container is running. It is used for performance investigation. Enable if + # Kubecost Support asks. + jaeger: + enabled: false + image: jaegertracing/all-in-one + imageVersion: latest + # containerSecurityContext: + + service: + labels: {} + +## Kubecost Multi-cluster Diagnostics (beta) +## A single view into the health of all agent clusters. Each agent cluster sends +## its diagnostic data to a storage bucket. Future versions may include +## repairing & alerting from the primary. +## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/multi-cluster-diagnostics +## +diagnostics: + enabled: true + + ## The primary aggregates all diagnostic data and handles API requests. It's + ## also responsible for deleting diagnostic data (on disk & bucket) beyond + ## retention. When in readonly mode it does not push its own diagnostic data + ## to the bucket. + primary: + enabled: false + retention: "7d" + readonly: false + + ## How frequently to run & push diagnostics. Defaults to 5 minutes. + pollingInterval: "300s" + + ## Creates a new Diagnostic file in the bucket for every run. + keepDiagnosticHistory: false + + ## Pushes the cluster's Kubecost Helm Values to the bucket once upon startup. + ## This may contain sensitive information and is roughly 30kb per cluster. + collectHelmValues: false + + ## By default, the Multi-cluster Diagnostics service runs within the + ## cost-model container in the cost-analyzer pod. For higher availability, it + ## can be run as a separate deployment. + deployment: + enabled: false + resources: + requests: + cpu: "10m" + memory: "20Mi" + env: {} + labels: {} + securityContext: {} + containerSecurityContext: {} + nodeSelector: {} + tolerations: [] + affinity: {} + +## Provide a full name override for the diagnostics Deployment. +# diagnosticsFullnameOverride: "" + +# Kubecost Cluster Controller for Right Sizing and Cluster Turndown +clusterController: + enabled: false + image: + repository: gcr.io/kubecost1/cluster-controller + tag: v0.16.9 + imagePullPolicy: IfNotPresent + ## PriorityClassName + ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass + priorityClassName: "" + # Set custom tolerations for the cluster controller. + tolerations: [] + actionConfigs: + # this configures the Kubecost Cluster Turndown action + # for more details, see documentation at https://github.com/kubecost/cluster-turndown/tree/develop?tab=readme-ov-file#setting-a-turndown-schedule + clusterTurndown: [] + # - name: my-schedule + # start: "2024-02-09T00:00:00Z" + # end: "2024-02-09T12:00:00Z" + # repeat: daily + # - name: my-schedule2 + # start: "2024-02-09T00:00:00Z" + # end: "2024-02-09T01:00:00Z" + # repeat: weekly + # this configures the Kubecost Namespace Turndown action + # for more details, see documentation at https://docs.kubecost.com/using-kubecost/navigating-the-kubecost-ui/savings/savings-actions#namespace-turndown + namespaceTurndown: + # - name: my-ns-turndown-action + # dryRun: false + # schedule: "0 0 * * *" + # type: Scheduled + # targetObjs: + # - namespace + # keepPatterns: + # - ignorednamespace + # keepLabels: + # turndown: ignore + # params: + # minNamespaceAge: 4h + # this configures the Kubecost Cluster Sizing action + # for more details, see documentation at https://docs.kubecost.com/using-kubecost/navigating-the-kubecost-ui/savings/savings-actions#cluster-sizing + clusterRightsize: + # startTime: '2024-01-02T15:04:05Z' + # frequencyMinutes: 1440 + # lastCompleted: '' + # recommendationParams: + # window: 48h + # architecture: '' + # targetUtilization: 0.8 + # minNodeCount: 1 + # allowSharedCore: false + # allowCostIncrease: false + # recommendationType: '' + # This configures the Kubecost Continuous Request Sizing Action + # + # Using this configuration overrides annotation-based configuration of + # Continuous Request Sizing. Annotation configuration will be ignored while + # this configuration method is present in the cluster. + # + # For more details, see documentation at https://docs.kubecost.com/using-kubecost/navigating-the-kubecost-ui/savings/savings-actions#automated-request-sizing + containerRightsize: + # Workloads can be selected by an _exact_ key (namespace, controllerKind, + # controllerName). This will only match a single controller. The cluster + # ID is current irrelevant because Cluster Controller can only modify + # workloads within the cluster it is running in. + # workloads: + # - clusterID: cluster-one + # namespace: my-namespace + # controllerKind: deployment + # controllerName: my-controller + # An alternative to exact key selection is filter selection. The filters + # are syntactically identical to Kubecost's "v2" filters [1] but only + # support a small set of filter fields, those being: + # - namespace + # - controllerKind + # - controllerName + # - label + # - annotation + # + # If multiple filters are listed, they will be ORed together at the top + # level. + # + # See the examples below. + # + # [1] https://docs.kubecost.com/apis/filters-api + # filterConfig: + # - filter: | + # namespace:"abc"+controllerKind:"deployment" + # - filter: | + # controllerName:"abc123"+controllerKind:"daemonset" + # - filter: | + # namespace:"foo"+controllerKind!:"statefulset" + # - filter: | + # namespace:"bar","baz" + # schedule: + # start: "2024-01-30T15:04:05Z" + # frequencyMinutes: 5 + # recommendationQueryWindow: "48h" + # lastModified: '' + # targetUtilizationCPU: 0.8 # results in a cpu request setting that is 20% higher than the max seen over last 48h + # targetUtilizationMemory: 0.8 # results in a RAM request setting that is 20% higher than the max seen over last 48h + + kubescaler: + # If true, will cause all (supported) workloads to be have their requests + # automatically right-sized on a regular basis. + defaultResizeAll: false +# fqdn: kubecost-cluster-controller.kubecost.svc.cluster.local:9731 + namespaceTurndown: + rbac: + enabled: true + +reporting: + # Kubecost bug report feature: Logs access/collection limited to .Release.Namespace + # Ref: http://docs.kubecost.com/bug-report + logCollection: true + # Basic frontend analytics + productAnalytics: true + + # Report Javascript errors + errorReporting: true + valuesReporting: true + # googleAnalyticsTag allows you to embed your Google Global Site Tag to track usage of Kubecost. + # googleAnalyticsTag is only included in our Enterprise offering. + # googleAnalyticsTag: G-XXXXXXXXX + +serviceMonitor: # the kubecost included prometheus uses scrapeConfigs and does not support service monitors. The following options assume an existing prometheus that supports serviceMonitors. + enabled: false + interval: 1m + scrapeTimeout: 10s + additionalLabels: {} + metricRelabelings: [] + relabelings: [] + networkCosts: + enabled: false + interval: 1m + scrapeTimeout: 10s + additionalLabels: {} + metricRelabelings: [] + relabelings: [] + aggregatorMetrics: + enabled: false + interval: 1m + scrapeTimeout: 10s + additionalLabels: {} + metricRelabelings: [] + relabelings: + - action: replace + sourceLabels: + - __meta_kubernetes_namespace + targetLabel: namespace +prometheusRule: + enabled: false + additionalLabels: {} + +supportNFS: false +# initChownDataImage ensures all Kubecost filepath permissions on PV or local storage are set up correctly. +initChownDataImage: "busybox" # Supports a fully qualified Docker image, e.g. registry.hub.docker.com/library/busybox:latest +initChownData: + resources: {} + # requests: + # cpu: "50m" + # memory: "20Mi" + +grafana: + # namespace_datasources: kubecost # override the default namespace here + # namespace_dashboards: kubecost # override the default namespace here + rbac: + create: true + + serviceAccount: + create: true + name: "" + + ## Provide a full name override for the Grafana Deployment. + # fullnameOverride: "" + ## Provide a name override for the Grafana Deployment. + # nameOverride: "" + + ## Configure grafana datasources + ## ref: http://docs.grafana.org/administration/provisioning/#datasources + ## + # datasources: + # datasources.yaml: + # apiVersion: 1 + # datasources: + # - name: prometheus-kubecost + # type: prometheus + # url: http://kubecost-prometheus-server.kubecost.svc.cluster.local + # access: proxy + # isDefault: false + # jsonData: + # httpMethod: POST + # prometheusType: Prometheus + # prometheusVersion: 2.35.0 + # timeInterval: 1m + + ## Number of replicas for the Grafana deployment + replicas: 1 + + ## Deployment strategy for the Grafana deployment + deploymentStrategy: RollingUpdate + + ## Readiness probe for the Grafana deployment + readinessProbe: + httpGet: + path: /api/health + port: 3000 + + ## Liveness probe for the Grafana deployment + livenessProbe: + httpGet: + path: /api/health + port: 3000 + initialDelaySeconds: 60 + timeoutSeconds: 30 + failureThreshold: 10 + + ## Container image settings for the Grafana deployment + image: + repository: cgr.dev/chainguard/grafana + tag: latest + pullPolicy: IfNotPresent + + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + # pullSecrets: + # - myRegistrKeySecretName + + ## Pod-level security context for the Grafana deployment. Recommended let global defaults take effect. + securityContext: {} + # runAsUser: 472 + # fsGroup: 472 + + ## PriorityClassName for the Grafana deployment + priorityClassName: "" + + ## Container image settings for Grafana initContainer used to download dashboards. Will only be used when dashboards are present. + downloadDashboardsImage: + repository: curlimages/curl + tag: latest + pullPolicy: IfNotPresent + + ## Pod Annotations for the Grafana deployment + podAnnotations: {} + + ## Deployment annotations for the Grafana deployment + annotations: {} + + ## Expose the Grafana service to be accessed from outside the cluster (LoadBalancer service). + ## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it. + service: + type: ClusterIP + port: 80 + annotations: {} + labels: {} + + ## This template is not needed and is not supported. + ## It is here for backwards compatibility. + ## Kubecost exposes grafana by default with the + ## top level ingress template under /grafana/ + ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + labels: {} + path: / + pathType: Prefix + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + + ## Resource requests and limits for the Grafana deployment + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + ## Node labels for pod assignment of the Grafana deployment + nodeSelector: {} + + ## Tolerations for pod assignment of the Grafana deployment + tolerations: [] + + ## Affinity for pod assignment of the Grafana deployment + affinity: {} + + ## Enable persistence using Persistent Volume Claims of the Grafana deployment + persistence: + enabled: false + # storageClassName: default + # accessModes: + # - ReadWriteOnce + # size: 10Gi + # annotations: {} + # subPath: "" + # existingClaim: + + ## Admin user for Grafana + adminUser: admin + + ## Admin password for Grafana + adminPassword: strongpassword + + ## Use an alternate scheduler for the Grafana deployment + # schedulerName: + + ## Extra environment variables that will be passed onto Grafana deployment pods + env: {} + + ## The name of a secret for Grafana in the same Kubernetes namespace which contain values to be added to the environment + ## This can be useful for auth tokens, etc + envFromSecret: "" + + ## Additional Grafana server secret mounts + ## Defines additional mounts with secrets. Secrets must be manually created in the namespace. + extraSecretMounts: [] + # - name: secret-files + # mountPath: /etc/secrets + # secretName: grafana-secret-files + # readOnly: true + + ## List of Grafana plugins + plugins: [] + # - digrich-bubblechart-panel + # - grafana-clock-panel + + ## Grafana dashboard providers + ## ref: http://docs.grafana.org/administration/provisioning/#dashboards + ## + ## `path` must be /var/lib/grafana/dashboards/ + ## + dashboardProviders: {} + # dashboardproviders.yaml: + # apiVersion: 1 + # providers: + # - name: 'default' + # orgId: 1 + # folder: '' + # type: file + # disableDeletion: false + # editable: true + # options: + # path: /var/lib/grafana/dashboards/default + + ## Configure Grafana dashboard to import + ## NOTE: To use dashboards you must also enable/configure dashboardProviders + ## ref: https://grafana.com/dashboards + ## + ## dashboards per provider, use provider name as key. + ## + dashboards: {} + # default: + # prometheus-stats: + # gnetId: 3662 + # revision: 2 + # datasource: Prometheus + + ## Reference to external Grafana ConfigMap per provider. Use provider name as key and ConfiMap name as value. + ## A provider dashboards must be defined either by external ConfigMaps or in values.yaml, not in both. + ## ConfigMap data example: + ## + ## data: + ## example-dashboard.json: | + ## RAW_JSON + ## + dashboardsConfigMaps: {} + # default: "" + + ## LDAP Authentication for Grafana can be enabled with the following values on grafana.ini + ## NOTE: Grafana will fail to start if the value for ldap.toml is invalid + # auth.ldap: + # enabled: true + # allow_sign_up: true + # config_file: /etc/grafana/ldap.toml + + ## Grafana's LDAP configuration + ## Templated by the template in _helpers.tpl + ## NOTE: To enable the grafana.ini must be configured with auth.ldap.enabled + ## ref: http://docs.grafana.org/installation/configuration/#auth-ldap + ## ref: http://docs.grafana.org/installation/ldap/#configuration + ldap: + # `existingSecret` is a reference to an existing secret containing the ldap configuration + # for Grafana in a key `ldap-toml`. + existingSecret: "" + # `config` is the content of `ldap.toml` that will be stored in the created secret + config: "" + # config: |- + # verbose_logging = true + + # [[servers]] + # host = "my-ldap-server" + # port = 636 + # use_ssl = true + # start_tls = false + # ssl_skip_verify = false + # bind_dn = "uid=%s,ou=users,dc=myorg,dc=com" + + ## Grafana's SMTP configuration + ## NOTE: To enable, grafana.ini must be configured with smtp.enabled + ## ref: http://docs.grafana.org/installation/configuration/#smtp + smtp: + # `existingSecret` is a reference to an existing secret containing the smtp configuration + # for Grafana in keys `user` and `password`. + existingSecret: "" + + ## Grafana sidecars that collect the configmaps with specified label and stores the included files them into the respective folders + ## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards + sidecar: + image: + repository: cgr.dev/chainguard/k8s-sidecar + tag: latest + pullPolicy: IfNotPresent + resources: {} + dashboards: + enabled: true + # label that the configmaps with dashboards are marked with + label: grafana_dashboard + labelValue: "1" + # set sidecar ERROR_THROTTLE_SLEEP env var from default 5s to 0s -> fixes https://github.com/kubecost/cost-analyzer-helm-chart/issues/877 + annotations: {} + error_throttle_sleep: 0 + folder: /tmp/dashboards + datasources: + # dataSourceFilename: foo.yml # If you need to change the name of the datasource file + enabled: false + error_throttle_sleep: 0 + # label that the configmaps with datasources are marked with + label: grafana_datasource + + ## Grafana's primary configuration + ## NOTE: values in map will be converted to ini format + ## ref: http://docs.grafana.org/installation/configuration/ + ## + ## For grafana to be accessible, add the path to root_url. For example, if you run kubecost at www.foo.com:9090/kubecost + ## set root_url to "%(protocol)s://%(domain)s:%(http_port)s/kubecost/grafana". No change is necessary here if kubecost runs at a root URL + grafana.ini: + server: + serve_from_sub_path: false # Set to false on Grafana v10+ + root_url: "%(protocol)s://%(domain)s:%(http_port)s/grafana" + paths: + data: /var/lib/grafana/data + logs: /var/log/grafana + plugins: /var/lib/grafana/plugins + provisioning: /etc/grafana/provisioning + analytics: + check_for_updates: true + log: + mode: console + grafana_net: + url: https://grafana.net + auth.anonymous: + enabled: true + org_role: Editor + org_name: Main Org. + +serviceAccount: + create: true # Set this to false if you're bringing your own service account. + annotations: {} + # name: kc-test + +awsstore: + useAwsStore: false + imageNameAndVersion: gcr.io/kubecost1/awsstore:latest # Name and version of the container image for AWSStore. + createServiceAccount: false + ## PriorityClassName + ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass + priorityClassName: "" + # Use a custom nodeSelector for AWSStore. + nodeSelector: {} + # kubernetes.io/arch: amd64 + ## Annotations for the AWSStore ServiceAccount. + annotations: {} + +## Federated ETL Architecture +## Ref: https://docs.kubecost.com/install-and-configure/install/multi-cluster/federated-etl +## +federatedETL: + + ## If true, installs the minimal set of components required for a Federated ETL cluster. + agentOnly: false + + ## If true, push ETL data to the federated storage bucket + federatedCluster: false + + ## If true, this cluster will be able to read from the federated-store but will + ## not write to it. This is useful in situations when you want to deploy a + ## primary cluster, but don't want the primary cluster's ETL data to be + ## pushed to the bucket + readOnlyPrimary: false + + ## If true, changes the dir of S3 backup to the Federated combined store. + ## Commonly used when transitioning from Thanos to Federated ETL architecture. + redirectS3Backup: false + + ## If true, will query metrics from a central PromQL DB (e.g. Amazon Managed + ## Prometheus) + useMultiClusterDB: false + +## Kubecost Admission Controller (beta feature) +## To use this feature, ensure you have run the `create-admission-controller.sh` +## script. This generates a k8s secret with TLS keys/certificats and a +## corresponding CA bundle. +## +kubecostAdmissionController: + enabled: false + secretName: webhook-server-tls + caBundle: ${CA_BUNDLE} + +# Enables or disables the Cost Event Audit pipeline, which tracks recent changes at cluster level +# and provides an estimated cost impact via the Kubecost Predict API. +# +# It is disabled by default to avoid problems in high-scale environments. +costEventsAudit: + enabled: false + +## Disable updates to kubecost from the frontend UI and via POST request +## This feature is considered beta, entrprise users should use teams: +## https://docs.kubecost.com/using-kubecost/navigating-the-kubecost-ui/teams +# readonly: false + +# # These configs can also be set from the Settings page in the Kubecost product +# # UI. Values in this block override config changes in the Settings UI on pod +# # restart +# kubecostProductConfigs: +# # An optional list of cluster definitions that can be added for frontend +# # access. The local cluster is *always* included by default, so this list is +# # for non-local clusters. +# clusters: +# - name: "Cluster A" +# address: http://cluster-a.kubecost.com:9090 +# # Optional authentication credentials - only basic auth is currently supported. +# auth: +# type: basic +# # Secret name should be a secret formatted based on: https://github.com/kubecost/docs/blob/main/ingress-examples.md +# secretName: cluster-a-auth +# # Or pass auth directly as base64 encoded user:pass +# data: YWRtaW46YWRtaW4= +# # Or user and pass directly +# user: admin +# pass: admin +# - name: "Cluster B" +# address: http://cluster-b.kubecost.com:9090 +# # Enabling customPricesEnabled and defaultModelPricing instructs Kubecost to +# # use these custom monthly resource prices when reporting node costs. Note, +# # that the below configuration is for the monthly cost of the resource. +# # Kubecost considers there to be 730 hours in a month. Also note, that these +# # configurations will have no effect on metrics emitted such as +# # `node_ram_hourly_cost` or `node_cpu_hourly_cost`. +# # Ref: https://docs.kubecost.com/install-and-configure/install/provider-installations/air-gapped +# customPricesEnabled: false +# defaultModelPricing: +# enabled: true +# CPU: "28.0" +# spotCPU: "4.86" +# RAM: "3.09" +# spotRAM: "0.65" +# GPU: "693.50" +# spotGPU: "225.0" +# storage: "0.04" +# zoneNetworkEgress: "0.01" +# regionNetworkEgress: "0.01" +# internetNetworkEgress: "0.12" +# # The cluster profile represents a predefined set of parameters to use when calculating savings. +# # Possible values are: [ development, production, high-availability ] +# clusterProfile: production +# spotLabel: lifecycle +# spotLabelValue: Ec2Spot +# gpuLabel: gpu +# gpuLabelValue: true +# alibabaServiceKeyName: "" +# alibabaServiceKeyPassword: "" +# awsServiceKeyName: ACCESSKEYID +# awsServiceKeyPassword: fakepassword # Only use if your values.yaml are stored encrypted. Otherwise provide an existing secret via serviceKeySecretName +# awsSpotDataRegion: us-east-1 +# awsSpotDataBucket: spot-data-feed-s3-bucket +# awsSpotDataPrefix: dev +# athenaProjectID: "530337586277" # The AWS AccountID where the Athena CUR is. Generally your masterpayer account +# athenaBucketName: "s3://aws-athena-query-results-530337586277-us-east-1" +# athenaRegion: us-east-1 +# athenaDatabase: athenacurcfn_athena_test1 +# athenaTable: "athena_test1" +# athenaWorkgroup: "primary" # The default workgroup in AWS is 'primary' +# masterPayerARN: "" +# projectID: "123456789" # Also known as AccountID on AWS -- the current account/project that this instance of Kubecost is deployed on. +# gcpSecretName: gcp-secret # Name of a secret representing the gcp service key +# gcpSecretKeyName: compute-viewer-kubecost-key.json # Name of the secret's key containing the gcp service key +# bigQueryBillingDataDataset: billing_data.gcp_billing_export_v1_01AC9F_74CF1D_5565A2 +# labelMappingConfigs: # names of k8s labels or annotations used to designate different allocation concepts +# enabled: true +# owner_label: "owner" +# team_label: "team" +# department_label: "dept" +# product_label: "product" +# environment_label: "env" +# namespace_external_label: "kubernetes_namespace" # external labels/tags are used to map external cloud costs to kubernetes concepts +# cluster_external_label: "kubernetes_cluster" +# controller_external_label: "kubernetes_controller" +# product_external_label: "kubernetes_label_app" +# service_external_label: "kubernetes_service" +# deployment_external_label: "kubernetes_deployment" +# owner_external_label: "kubernetes_label_owner" +# team_external_label: "kubernetes_label_team" +# environment_external_label: "kubernetes_label_env" +# department_external_label: "kubernetes_label_department" +# statefulset_external_label: "kubernetes_statefulset" +# daemonset_external_label: "kubernetes_daemonset" +# pod_external_label: "kubernetes_pod" +# grafanaURL: "" +# # Provide a mapping from Account ID to a readable Account Name in a key/value object. Provide Account IDs as they are displayed in CloudCost +# # as the 'key' and the Account Name associated with it as the 'value' +# cloudAccountMapping: +# EXAMPLE_ACCOUNT_ID: EXAMPLE_ACCOUNT_NAME +# clusterName: "" # clusterName is the default context name in settings. +# clusterAccountID: "" # Manually set Account property for assets +# currencyCode: "USD" # official support for USD, AUD, BRL, CAD, CHF, CNY, DKK, EUR, GBP, IDR, INR, JPY, NOK, PLN, SEK +# azureBillingRegion: US # Represents 2-letter region code, e.g. West Europe = NL, Canada = CA. ref: https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes +# azureSubscriptionID: 0bd50fdf-c923-4e1e-850c-196dd3dcc5d3 +# azureClientID: f2ef6f7d-71fb-47c8-b766-8d63a19db017 +# azureTenantID: 72faf3ff-7a3f-4597-b0d9-7b0b201bb23a +# azureClientPassword: fake key # Only use if your values.yaml are stored encrypted. Otherwise provide an existing secret via serviceKeySecretName +# azureOfferDurableID: "MS-AZR-0003p" +# discount: "" # percentage discount applied to compute +# negotiatedDiscount: "" # custom negotiated cloud provider discount +# standardDiscount: "" # custom negotiated cloud provider discount, applied to all incoming asset compute costs in a federated environment. Overrides negotiatedDiscount on any cluster in the federated environment. +# defaultIdle: false +# serviceKeySecretName: "" # Use an existing AWS or Azure secret with format as in aws-service-key-secret.yaml or azure-service-key-secret.yaml. Leave blank if using createServiceKeySecret +# createServiceKeySecret: true # Creates a secret representing your cloud service key based on data in values.yaml. If you are storing unencrypted values, add a secret manually +# sharedNamespaces: "" # namespaces with shared workloads, example value: "kube-system\,ingress-nginx\,kubecost\,monitoring" +# sharedOverhead: "" # value representing a fixed external cost per month to be distributed among aggregations. +# shareTenancyCosts: true # enable or disable sharing costs such as cluster management fees (defaults to "true" on Settings page) +# metricsConfigs: # configuration for metrics emitted by Kubecost +# disabledMetrics: [] # list of metrics that Kubecost will not emit. Note that disabling metrics can lead to unexpected behavior in the cost-model. +# productKey: # Apply enterprise product license +# enabled: false +# key: "" +# secretname: productkeysecret # Reference an existing k8s secret created from a file named productkey.json of format { "key": "enterprise-key-here" }. If the secretname is specified, a configmap with the key will not be created. +# mountPath: "/some/custom/path/productkey.json" # (use instead of secretname) Declare the path at which the product key file is mounted (eg. by a secrets provisioner). The file must be of format { "key": "enterprise-key-here" }. +# # The following block enables the use of a custom SMTP server which overrides Kubecost's built-in, external SMTP server for alerts and reports +# smtp: +# config: | +# { +# "sender_email": "", +# "host": "", +# "port": 587, +# "authentication": true, +# "username": "", +# "password": "", +# "secure": true +# } +# secretname: smtpconfigsecret # Reference an existing k8s secret created from a file named smtp.json of format specified by config above. If the secretname is specified, a configmap with the key will not be created. +# mountPath: "/some/custom/path/smtp.json" # (use instead of secretname) Declare the path at which the SMTP config file is mounted (eg. by a secrets provisioner). The file must be of format specified by config above. +# carbonEstimates: false # Enables Kubecost beta carbon estimation endpoints /assets/carbon and /allocations/carbon +# The below options to hide UI elements are only supported in Enterprise +# hideDiagnostics: false # useful if the primary is not monitored. Supported in limited environments. +# hideOrphanedResources: false # OrphanedResources works on the primary-cluster's cloud-provider only. +# hideKubecostActions: false +# hideReservedInstances: false +# hideSpotCommander: false +# hideUnclaimedVolumes: false +# hideCloudIntegrationsUI: false +# hideBellIcon: false +# hideTeams: false +# savingsRecommendationsAllowLists: # Define select list of instance types to be evaluated in computing Savings Recommendations +# AWS: [] +# GCP: [] +# Azure: [] + + ## Specify an existing Kubernetes Secret holding the cloud integration information. This Secret must contain + ## a key with name `cloud-integration.json` and the contents must be in a specific format. It is expected + ## to exist in the release Namespace. This is mutually exclusive with cloudIntegrationJSON where only one must be defined. + # cloudIntegrationSecret: "cloud-integration" + + ## Specify the cloud integration information in JSON form if pointing to an existing Secret is not desired or you'd rather + ## define the cloud integration information directly in the values file. This will result in a new Secret being created + ## named `cloud-integration` in the release Namespace. It is mutually exclusive with the cloudIntegrationSecret where only one must be defined. + # cloudIntegrationJSON: |- + # { + # "aws": [ + # { + # "athenaBucketName": "s3://AWS_cloud_integration_athenaBucketName", + # "athenaRegion": "AWS_cloud_integration_athenaRegion", + # "athenaDatabase": "AWS_cloud_integration_athenaDatabase", + # "athenaTable": "AWS_cloud_integration_athenaBucketName", + # "projectID": "AWS_cloud_integration_athena_projectID", + # "serviceKeyName": "AWS_cloud_integration_athena_serviceKeyName", + # "serviceKeySecret": "AWS_cloud_integration_athena_serviceKeySecret" + # } + # ], + # "azure": [ + # { + # "azureSubscriptionID": "my-subscription-id", + # "azureStorageAccount": "my-storage-account", + # "azureStorageAccessKey": "my-storage-access-key", + # "azureStorageContainer": "my-storage-container" + # } + # ], + # "gcp": [ + # { + # "projectID": "my-project-id", + # "billingDataDataset": "detailedbilling.my-billing-dataset", + # "key": { + # "type": "service_account", + # "project_id": "my-project-id", + # "private_key_id": "my-private-key-id", + # "private_key": "my-pem-encoded-private-key", + # "client_email": "my-service-account-name@my-project-id.iam.gserviceaccount.com", + # "client_id": "my-client-id", + # "auth_uri": "auth-uri", + # "token_uri": "token-uri", + # "auth_provider_x509_cert_url": "my-x509-provider-cert", + # "client_x509_cert_url": "my-x509-cert-url" + # } + # } + # ] + # } + + # ingestPodUID: false # Enables using UIDs to uniquely ID pods. This requires either Kubecost's replicated KSM metrics, or KSM v2.1.0+. This may impact performance, and changes the default cost-model allocation behavior. + # regionOverrides: "region1,region2,region3" # list of regions which will override default costmodel provider regions + +# Explicit names of various ConfigMaps to use. If not set, a default will apply. +# pricingConfigmapName: "" +# productConfigmapName: "" +# smtpConfigmapName: "" + +# -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates +extraObjects: [] +# Cloud Billing Integration: +# - apiVersion: v1 +# kind: Secret +# metadata: +# name: cloud-integration +# namespace: kubecost +# type: Opaque +# data: +# cloud-integration.json: BASE64_SECRET +# Istio: +# - apiVersion: networking.istio.io/v1alpha3 +# kind: VirtualService +# metadata: +# name: my-virtualservice +# spec: +# hosts: +# - kubecost.myorg.com +# gateways: +# - my-gateway +# http: +# - route: +# - destination: +# host: kubecost.kubecost.svc.cluster.local +# port: +# number: 80 diff --git a/charts/redpanda/redpanda/5.9.4/.helmignore b/charts/redpanda/redpanda/5.9.4/.helmignore new file mode 100644 index 0000000000..d5bb5e6ba6 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/.helmignore @@ -0,0 +1,28 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +README.md.gotmpl +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ + +*.go +testdata/ +ci/ diff --git a/charts/redpanda/redpanda/5.9.4/Chart.lock b/charts/redpanda/redpanda/5.9.4/Chart.lock new file mode 100644 index 0000000000..7ef309e93e --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/Chart.lock @@ -0,0 +1,9 @@ +dependencies: +- name: console + repository: https://charts.redpanda.com + version: 0.7.29 +- name: connectors + repository: https://charts.redpanda.com + version: 0.1.12 +digest: sha256:ed0641d28d6174d865544a5948fdaddb3b766a27473b07b0cca979efc6c3c024 +generated: "2024-08-28T15:46:40.176857+02:00" diff --git a/charts/redpanda/redpanda/5.9.4/Chart.yaml b/charts/redpanda/redpanda/5.9.4/Chart.yaml new file mode 100644 index 0000000000..d021982640 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/Chart.yaml @@ -0,0 +1,40 @@ +annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v24.2.4 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.10.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda +apiVersion: v2 +appVersion: v24.2.4 +dependencies: +- condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' +- condition: connectors.enabled + name: connectors + repository: file://./charts/connectors + version: '>=0.1.2 <1.0' +description: Redpanda is the real-time engine for modern apps. +icon: file://assets/icons/redpanda.svg +kubeVersion: '>=1.21-0' +maintainers: +- name: redpanda-data + url: https://github.com/orgs/redpanda-data/people +name: redpanda +sources: +- https://github.com/redpanda-data/helm-charts +type: application +version: 5.9.4 diff --git a/charts/redpanda/redpanda/5.9.4/LICENSE b/charts/redpanda/redpanda/5.9.4/LICENSE new file mode 100644 index 0000000000..261eeb9e9f --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/charts/redpanda/redpanda/5.9.4/README.md b/charts/redpanda/redpanda/5.9.4/README.md new file mode 100644 index 0000000000..8ef35747ee --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/README.md @@ -0,0 +1,1244 @@ +# Redpanda Helm Chart Specification +--- +description: Find the default values and descriptions of settings in the Redpanda Helm chart. +--- + +![Version: 5.9.4](https://img.shields.io/badge/Version-5.9.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v24.2.4](https://img.shields.io/badge/AppVersion-v24.2.4-informational?style=flat-square) + +This page describes the official Redpanda Helm Chart. In particular, this page describes the contents of the chart’s [`values.yaml` file](https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/values.yaml). Each of the settings is listed and described on this page, along with any default values. + +For instructions on how to install and use the chart, including how to override and customize the chart’s values, refer to the [deployment documentation](https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-deploy/). + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1) + +## Source Code + +* + +## Requirements + +Kubernetes: `^1.21.0-0` + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.redpanda.com | connectors | >=0.1.2 <1.0 | +| https://charts.redpanda.com | console | >=0.5 <1.0 | + +## Settings + +### [affinity](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=affinity) + +Affinity constraints for scheduling Pods, can override this for StatefulSets and Jobs. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). + +**Default:** `{}` + +### [auditLogging](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging) + +Audit logging for a redpanda cluster, must have enabled sasl and have one kafka listener supporting sasl authentication for audit logging to work. Note this feature is only available for redpanda versions >= v23.3.0. + +**Default:** + +``` +{"clientMaxBufferSize":16777216,"enabled":false,"enabledEventTypes":null,"excludedPrincipals":null,"excludedTopics":null,"listener":"internal","partitions":12,"queueDrainIntervalMs":500,"queueMaxBufferSizePerShard":1048576,"replicationFactor":null} +``` + +### [auditLogging.clientMaxBufferSize](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.clientMaxBufferSize) + +Defines the number of bytes (in bytes) allocated by the internal audit client for audit messages. + +**Default:** `16777216` + +### [auditLogging.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.enabled) + +Enable or disable audit logging, for production clusters we suggest you enable, however, this will only work if you also enable sasl and a listener with sasl enabled. + +**Default:** `false` + +### [auditLogging.enabledEventTypes](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.enabledEventTypes) + +Event types that should be captured by audit logs, default is [`admin`, `authenticate`, `management`]. + +**Default:** `nil` + +### [auditLogging.excludedPrincipals](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.excludedPrincipals) + +List of principals to exclude from auditing, default is null. + +**Default:** `nil` + +### [auditLogging.excludedTopics](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.excludedTopics) + +List of topics to exclude from auditing, default is null. + +**Default:** `nil` + +### [auditLogging.listener](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.listener) + +Kafka listener name, note that it must have `authenticationMethod` set to `sasl`. For external listeners, use the external listener name, such as `default`. + +**Default:** `"internal"` + +### [auditLogging.partitions](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.partitions) + +Integer value defining the number of partitions used by a newly created audit topic. + +**Default:** `12` + +### [auditLogging.queueDrainIntervalMs](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.queueDrainIntervalMs) + +In ms, frequency in which per shard audit logs are batched to client for write to audit log. + +**Default:** `500` + +### [auditLogging.queueMaxBufferSizePerShard](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.queueMaxBufferSizePerShard) + +Defines the maximum amount of memory used (in bytes) by the audit buffer in each shard. + +**Default:** `1048576` + +### [auditLogging.replicationFactor](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auditLogging.replicationFactor) + +Defines the replication factor for a newly created audit log topic. This configuration applies only to the audit log topic and may be different from the cluster or other topic configurations. This cannot be altered for existing audit log topics. Setting this value is optional. If a value is not provided, Redpanda will use the `internal_topic_replication_factor cluster` config value. Default is `null` + +**Default:** `nil` + +### [auth](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth) + +Authentication settings. For details, see the [SASL documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/). + +**Default:** + +``` +{"sasl":{"bootstrapUser":{"mechanism":"SCRAM-SHA-256"},"enabled":false,"mechanism":"SCRAM-SHA-512","secretRef":"redpanda-users","users":[]}} +``` + +### [auth.sasl.bootstrapUser](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.bootstrapUser) + +Details about how to create the bootstrap user for the cluster. The secretKeyRef is optionally specified. If it is specified, the chart will use a password written to that secret when creating the "kubernetes-controller" bootstrap user. If it is unspecified, then the secret will be generated and stored in the secret "releasename"-bootstrap-user, with the key "password". + +**Default:** + +``` +{"mechanism":"SCRAM-SHA-256"} +``` + +### [auth.sasl.bootstrapUser.mechanism](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.bootstrapUser.mechanism) + +The authentication mechanism to use for the bootstrap user. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. + +**Default:** `"SCRAM-SHA-256"` + +### [auth.sasl.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.enabled) + +Enable SASL authentication. If you enable SASL authentication, you must provide a Secret in `auth.sasl.secretRef`. + +**Default:** `false` + +### [auth.sasl.mechanism](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.mechanism) + +The authentication mechanism to use for the superuser. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. + +**Default:** `"SCRAM-SHA-512"` + +### [auth.sasl.secretRef](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.secretRef) + +A Secret that contains your superuser credentials. For details, see the [SASL documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/#use-secrets). + +**Default:** `"redpanda-users"` + +### [auth.sasl.users](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=auth.sasl.users) + +Optional list of superusers. These superusers will be created in the Secret whose name is defined in `auth.sasl.secretRef`. If this list is empty, the Secret in `auth.sasl.secretRef` must already exist in the cluster before you deploy the chart. Uncomment the sample list if you wish to try adding sample sasl users or override to use your own. + +**Default:** `[]` + +### [clusterDomain](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=clusterDomain) + +Default Kubernetes cluster domain. + +**Default:** `"cluster.local"` + +### [commonLabels](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=commonLabels) + +Additional labels to add to all Kubernetes objects. For example, `my.k8s.service: redpanda`. + +**Default:** `{}` + +### [config](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config) + +This section contains various settings supported by Redpanda that may not work correctly in a Kubernetes cluster. Changing these settings comes with some risk. Use these settings to customize various Redpanda configurations that are not covered in other sections. These values have no impact on the configuration or behavior of the Kubernetes objects deployed by Helm, and therefore should not be modified for the purpose of configuring those objects. Instead, these settings get passed directly to the Redpanda binary at startup. For descriptions of these properties, see the [configuration documentation](https://docs.redpanda.com/docs/cluster-administration/configuration/). + +**Default:** + +``` +{"cluster":{},"node":{"crash_loop_limit":5},"pandaproxy_client":{},"rpk":{},"schema_registry_client":{},"tunable":{"compacted_log_segment_size":67108864,"kafka_connection_rate_limit":1000,"log_segment_size_max":268435456,"log_segment_size_min":16777216,"max_compacted_log_segment_size":536870912}} +``` + +### [config.cluster](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.cluster) + +[Cluster Configuration Properties](https://docs.redpanda.com/current/reference/properties/cluster-properties/) + +**Default:** `{}` + +### [config.node](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.node) + +[Broker (node) Configuration Properties](https://docs.redpanda.com/docs/reference/broker-properties/). + +**Default:** `{"crash_loop_limit":5}` + +### [config.node.crash_loop_limit](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.node.crash_loop_limit) + +Crash loop limit A limit on the number of consecutive times a broker can crash within one hour before its crash-tracking logic is reset. This limit prevents a broker from getting stuck in an infinite cycle of crashes. User can disable this crash loop limit check by the following action: * One hour elapses since the last crash * The node configuration file, redpanda.yaml, is updated via config.cluster or config.node or config.tunable objects * The startup_log file in the node’s data_directory is manually deleted Default to 5 REF: https://docs.redpanda.com/current/reference/broker-properties/#crash_loop_limit + +**Default:** `5` + +### [config.tunable](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable) + +Tunable cluster properties. Deprecated: all settings here may be specified via `config.cluster`. + +**Default:** + +``` +{"compacted_log_segment_size":67108864,"kafka_connection_rate_limit":1000,"log_segment_size_max":268435456,"log_segment_size_min":16777216,"max_compacted_log_segment_size":536870912} +``` + +### [config.tunable.compacted_log_segment_size](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.compacted_log_segment_size) + +See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#compacted_log_segment_size). + +**Default:** `67108864` + +### [config.tunable.kafka_connection_rate_limit](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.kafka_connection_rate_limit) + +See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#kafka_connection_rate_limit). + +**Default:** `1000` + +### [config.tunable.log_segment_size_max](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.log_segment_size_max) + +See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#log_segment_size_max). + +**Default:** `268435456` + +### [config.tunable.log_segment_size_min](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.log_segment_size_min) + +See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#log_segment_size_min). + +**Default:** `16777216` + +### [config.tunable.max_compacted_log_segment_size](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=config.tunable.max_compacted_log_segment_size) + +See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#max_compacted_log_segment_size). + +**Default:** `536870912` + +### [connectors](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=connectors) + +Redpanda Managed Connectors settings For a reference of configuration settings, see the [Redpanda Connectors documentation](https://docs.redpanda.com/docs/deploy/deployment-option/cloud/managed-connectors/). + +**Default:** + +``` +{"deployment":{"create":false},"enabled":false,"test":{"create":false}} +``` + +### [console](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=console) + +Redpanda Console settings. For a reference of configuration settings, see the [Redpanda Console documentation](https://docs.redpanda.com/docs/reference/console/config/). + +**Default:** + +``` +{"config":{},"configmap":{"create":false},"deployment":{"create":false},"enabled":true,"secret":{"create":false}} +``` + +### [enterprise](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=enterprise) + +Enterprise (optional) For details, see the [License documentation](https://docs.redpanda.com/docs/get-started/licenses/?platform=kubernetes#redpanda-enterprise-edition). + +**Default:** + +``` +{"license":"","licenseSecretRef":{}} +``` + +### [enterprise.license](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=enterprise.license) + +license (optional). + +**Default:** `""` + +### [enterprise.licenseSecretRef](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=enterprise.licenseSecretRef) + +Secret name and key where the license key is stored. + +**Default:** `{}` + +### [external](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external) + +External access settings. For details, see the [Networking and Connectivity documentation](https://docs.redpanda.com/docs/manage/kubernetes/networking/networking-and-connectivity/). + +**Default:** + +``` +{"enabled":true,"service":{"enabled":true},"type":"NodePort"} +``` + +### [external.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.enabled) + +Enable external access for each Service. You can toggle external access for each listener in `listeners..external..enabled`. + +**Default:** `true` + +### [external.service](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.service) + +Service allows you to manage the creation of an external kubernetes service object + +**Default:** `{"enabled":true}` + +### [external.service.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.service.enabled) + +Enabled if set to false will not create the external service type You can still set your cluster with external access but not create the supporting service (NodePort/LoadBalander). Set this to false if you rather manage your own service. + +**Default:** `true` + +### [external.type](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=external.type) + +External access type. Only `NodePort` and `LoadBalancer` are supported. If undefined, then advertised listeners will be configured in Redpanda, but the helm chart will not create a Service. You must create a Service manually. Warning: If you use LoadBalancers, you will likely experience higher latency and increased packet loss. NodePort is recommended in cases where latency is a priority. + +**Default:** `"NodePort"` + +### [fullnameOverride](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=fullnameOverride) + +Override `redpanda.fullname` template. + +**Default:** `""` + +### [image](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=image) + +Redpanda Docker image settings. + +**Default:** + +``` +{"pullPolicy":"IfNotPresent","repository":"docker.redpanda.com/redpandadata/redpanda","tag":""} +``` + +### [image.pullPolicy](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=image.pullPolicy) + +The imagePullPolicy. If `image.tag` is 'latest', the default is `Always`. + +**Default:** `"IfNotPresent"` + +### [image.repository](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=image.repository) + +Docker repository from which to pull the Redpanda Docker image. + +**Default:** + +``` +"docker.redpanda.com/redpandadata/redpanda" +``` + +### [image.tag](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=image.tag) + +The Redpanda version. See DockerHub for: [All stable versions](https://hub.docker.com/r/redpandadata/redpanda/tags) and [all unstable versions](https://hub.docker.com/r/redpandadata/redpanda-unstable/tags). + +**Default:** `Chart.appVersion`. + +### [imagePullSecrets](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=imagePullSecrets) + +Pull secrets may be used to provide credentials to image repositories See the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). + +**Default:** `[]` + +### [license_key](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=license_key) + +DEPRECATED Enterprise license key (optional). For details, see the [License documentation](https://docs.redpanda.com/docs/get-started/licenses/?platform=kubernetes#redpanda-enterprise-edition). + +**Default:** `""` + +### [license_secret_ref](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=license_secret_ref) + +DEPRECATED Secret name and secret key where the license key is stored. + +**Default:** `{}` + +### [listeners](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners) + +Listener settings. Override global settings configured above for individual listeners. For details, see the [listeners documentation](https://docs.redpanda.com/docs/manage/kubernetes/networking/configure-listeners/). + +**Default:** + +``` +{"admin":{"external":{"default":{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}}},"port":9644,"tls":{"cert":"default","requireClientAuth":false}},"http":{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30082],"authenticationMethod":null,"port":8083,"tls":{"cert":"external","requireClientAuth":false}}},"kafkaEndpoint":"default","port":8082,"tls":{"cert":"default","requireClientAuth":false}},"kafka":{"authenticationMethod":null,"external":{"default":{"advertisedPorts":[31092],"authenticationMethod":null,"port":9094,"tls":{"cert":"external"}}},"port":9093,"tls":{"cert":"default","requireClientAuth":false}},"rpc":{"port":33145,"tls":{"cert":"default","requireClientAuth":false}},"schemaRegistry":{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30081],"authenticationMethod":null,"port":8084,"tls":{"cert":"external","requireClientAuth":false}}},"kafkaEndpoint":"default","port":8081,"tls":{"cert":"default","requireClientAuth":false}}} +``` + +### [listeners.admin](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin) + +Admin API listener (only one). + +**Default:** + +``` +{"external":{"default":{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}}},"port":9644,"tls":{"cert":"default","requireClientAuth":false}} +``` + +### [listeners.admin.external](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.external) + +Optional external access settings. + +**Default:** + +``` +{"default":{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}}} +``` + +### [listeners.admin.external.default](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.external.default) + +Name of the external listener. + +**Default:** + +``` +{"advertisedPorts":[31644],"port":9645,"tls":{"cert":"external"}} +``` + +### [listeners.admin.external.default.tls](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.external.default.tls) + +The port advertised to this listener's external clients. List one port if you want to use the same port for each broker (would be the case when using NodePort service). Otherwise, list the port you want to use for each broker in order of StatefulSet replicas. If undefined, `listeners.admin.port` is used. + +**Default:** `{"cert":"external"}` + +### [listeners.admin.port](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.port) + +The port for both internal and external connections to the Admin API. + +**Default:** `9644` + +### [listeners.admin.tls](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.tls) + +Optional TLS section (required if global TLS is enabled) + +**Default:** + +``` +{"cert":"default","requireClientAuth":false} +``` + +### [listeners.admin.tls.cert](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.tls.cert) + +Name of the Certificate used for TLS (must match a Certificate name that is registered in tls.certs). + +**Default:** `"default"` + +### [listeners.admin.tls.requireClientAuth](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.admin.tls.requireClientAuth) + +If true, the truststore file for this listener is included in the ConfigMap. + +**Default:** `false` + +### [listeners.http](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.http) + +HTTP API listeners (aka PandaProxy). + +**Default:** + +``` +{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30082],"authenticationMethod":null,"port":8083,"tls":{"cert":"external","requireClientAuth":false}}},"kafkaEndpoint":"default","port":8082,"tls":{"cert":"default","requireClientAuth":false}} +``` + +### [listeners.kafka](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka) + +Kafka API listeners. + +**Default:** + +``` +{"authenticationMethod":null,"external":{"default":{"advertisedPorts":[31092],"authenticationMethod":null,"port":9094,"tls":{"cert":"external"}}},"port":9093,"tls":{"cert":"default","requireClientAuth":false}} +``` + +### [listeners.kafka.external.default.advertisedPorts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka.external.default.advertisedPorts) + +If undefined, `listeners.kafka.external.default.port` is used. + +**Default:** `[31092]` + +### [listeners.kafka.external.default.port](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka.external.default.port) + +The port used for external client connections. + +**Default:** `9094` + +### [listeners.kafka.port](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.kafka.port) + +The port for internal client connections. + +**Default:** `9093` + +### [listeners.rpc](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.rpc) + +RPC listener (this is never externally accessible). + +**Default:** + +``` +{"port":33145,"tls":{"cert":"default","requireClientAuth":false}} +``` + +### [listeners.schemaRegistry](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=listeners.schemaRegistry) + +Schema registry listeners. + +**Default:** + +``` +{"authenticationMethod":null,"enabled":true,"external":{"default":{"advertisedPorts":[30081],"authenticationMethod":null,"port":8084,"tls":{"cert":"external","requireClientAuth":false}}},"kafkaEndpoint":"default","port":8081,"tls":{"cert":"default","requireClientAuth":false}} +``` + +### [logging](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=logging) + +Log-level settings. + +**Default:** + +``` +{"logLevel":"info","usageStats":{"enabled":true}} +``` + +### [logging.logLevel](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=logging.logLevel) + +Log level Valid values (from least to most verbose) are: `warn`, `info`, `debug`, and `trace`. + +**Default:** `"info"` + +### [logging.usageStats](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=logging.usageStats) + +Send usage statistics back to Redpanda Data. For details, see the [stats reporting documentation](https://docs.redpanda.com/docs/cluster-administration/monitoring/#stats-reporting). + +**Default:** `{"enabled":true}` + +### [monitoring](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=monitoring) + +Monitoring. This will create a ServiceMonitor that can be used by Prometheus-Operator or VictoriaMetrics-Operator to scrape the metrics. + +**Default:** + +``` +{"enabled":false,"labels":{},"scrapeInterval":"30s"} +``` + +### [nameOverride](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=nameOverride) + +Override `redpanda.name` template. + +**Default:** `""` + +### [nodeSelector](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=nodeSelector) + +Node selection constraints for scheduling Pods, can override this for StatefulSets. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector). + +**Default:** `{}` + +### [post_install_job.affinity](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.affinity) + +**Default:** `{}` + +### [post_install_job.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.enabled) + +**Default:** `true` + +### [post_install_job.podTemplate.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.podTemplate.annotations) + +Additional annotations to apply to the Pods of this Job. + +**Default:** `{}` + +### [post_install_job.podTemplate.labels](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.podTemplate.labels) + +Additional labels to apply to the Pods of this Job. + +**Default:** `{}` + +### [post_install_job.podTemplate.spec](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_install_job.podTemplate.spec) + +A subset of Kubernetes' PodSpec type that will be merged into the final PodSpec. See [Merge Semantics](#merging-semantics) for details. + +**Default:** + +``` +{"containers":[{"env":[],"name":"post-install","securityContext":{}}],"securityContext":{}} +``` + +### [post_upgrade_job.affinity](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_upgrade_job.affinity) + +**Default:** `{}` + +### [post_upgrade_job.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_upgrade_job.enabled) + +**Default:** `true` + +### [post_upgrade_job.podTemplate.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_upgrade_job.podTemplate.annotations) + +Additional annotations to apply to the Pods of this Job. + +**Default:** `{}` + +### [post_upgrade_job.podTemplate.labels](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_upgrade_job.podTemplate.labels) + +Additional labels to apply to the Pods of this Job. + +**Default:** `{}` + +### [post_upgrade_job.podTemplate.spec](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=post_upgrade_job.podTemplate.spec) + +A subset of Kubernetes' PodSpec type that will be merged into the final PodSpec. See [Merge Semantics](#merging-semantics) for details. + +**Default:** + +``` +{"containers":[{"env":[],"name":"post-upgrade","securityContext":{}}],"securityContext":{}} +``` + +### [rackAwareness](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rackAwareness) + +Rack Awareness settings. For details, see the [Rack Awareness documentation](https://docs.redpanda.com/docs/manage/kubernetes/kubernetes-rack-awareness/). + +**Default:** + +``` +{"enabled":false,"nodeAnnotation":"topology.kubernetes.io/zone"} +``` + +### [rackAwareness.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rackAwareness.enabled) + +When running in multiple racks or availability zones, use a Kubernetes Node annotation value as the Redpanda rack value. Enabling this requires running with a service account with "get" Node permissions. To have the Helm chart configure these permissions, set `serviceAccount.create=true` and `rbac.enabled=true`. + +**Default:** `false` + +### [rackAwareness.nodeAnnotation](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rackAwareness.nodeAnnotation) + +The common well-known annotation to use as the rack ID. Override this only if you use a custom Node annotation. + +**Default:** + +``` +"topology.kubernetes.io/zone" +``` + +### [rbac](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rbac) + +Role Based Access Control. + +**Default:** + +``` +{"annotations":{},"enabled":false} +``` + +### [rbac.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rbac.annotations) + +Annotations to add to the `rbac` resources. + +**Default:** `{}` + +### [rbac.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=rbac.enabled) + +Enable for features that need extra privileges. If you use the Redpanda Operator, you must deploy it with the `--set rbac.createRPKBundleCRs=true` flag to give it the required ClusterRoles. + +**Default:** `false` + +### [resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources) + +Pod resource management. This section simplifies resource allocation by providing a single location where resources are defined. Helm sets these resource values within the `statefulset.yaml` and `configmap.yaml` templates. The default values are for a development environment. Production-level values and other considerations are documented, where those values are different from the default. For details, see the [Pod resources documentation](https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/). + +**Default:** + +``` +{"cpu":{"cores":1},"memory":{"container":{"max":"2.5Gi"}}} +``` + +### [resources.cpu](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.cpu) + +CPU resources. For details, see the [Pod resources documentation](https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/#configure-cpu-resources). + +**Default:** `{"cores":1}` + +### [resources.cpu.cores](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.cpu.cores) + +Redpanda makes use of a thread per core model. For details, see this [blog](https://redpanda.com/blog/tpc-buffers). For this reason, Redpanda should only be given full cores. Note: You can increase cores, but decreasing cores is not currently supported. See the [GitHub issue](https://github.com/redpanda-data/redpanda/issues/350). This setting is equivalent to `--smp`, `resources.requests.cpu`, and `resources.limits.cpu`. For production, use `4` or greater. To maximize efficiency, use the `static` CPU manager policy by specifying an even integer for CPU resource requests and limits. This policy gives the Pods running Redpanda brokers access to exclusive CPUs on the node. See https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy. + +**Default:** `1` + +### [resources.memory](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.memory) + +Memory resources For details, see the [Pod resources documentation](https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/#configure-memory-resources). + +**Default:** + +``` +{"container":{"max":"2.5Gi"}} +``` + +### [resources.memory.container](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.memory.container) + +Enables memory locking. For production, set to `true`. enable_memory_locking: false It is recommended to have at least 2Gi of memory per core for the Redpanda binary. This memory is taken from the total memory given to each container. The Helm chart allocates 80% of the container's memory to Redpanda, leaving the rest for the Seastar subsystem (reserveMemory) and other container processes. So at least 2.5Gi per core is recommended in order to ensure Redpanda has a full 2Gi. These values affect `--memory` and `--reserve-memory` flags passed to Redpanda and the memory requests/limits in the StatefulSet. Valid suffixes: k, M, G, T, P, Ki, Mi, Gi, Ti, Pi To create `Guaranteed` Pod QoS for Redpanda brokers, provide both container max and min values for the container. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a memory limit and a memory request. * For every container in the Pod, the memory limit must equal the memory request. + +**Default:** `{"max":"2.5Gi"}` + +### [resources.memory.container.max](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=resources.memory.container.max) + +Maximum memory count for each Redpanda broker. Equivalent to `resources.limits.memory`. For production, use `10Gi` or greater. + +**Default:** `"2.5Gi"` + +### [serviceAccount](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount) + +Service account management. + +**Default:** + +``` +{"annotations":{},"create":false,"name":""} +``` + +### [serviceAccount.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount.annotations) + +Annotations to add to the service account. + +**Default:** `{}` + +### [serviceAccount.create](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount.create) + +Specifies whether a service account should be created. + +**Default:** `false` + +### [serviceAccount.name](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=serviceAccount.name) + +The name of the service account to use. If not set and `serviceAccount.create` is `true`, a name is generated using the `redpanda.fullname` template. + +**Default:** `""` + +### [statefulset.additionalRedpandaCmdFlags](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.additionalRedpandaCmdFlags) + +Additional flags to pass to redpanda, + +**Default:** `[]` + +### [statefulset.additionalSelectorLabels](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.additionalSelectorLabels) + +Additional labels to be added to statefulset label selector. For example, `my.k8s.service: redpanda`. + +**Default:** `{}` + +### [statefulset.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.annotations) + +DEPRECATED Please use statefulset.podTemplate.annotations. Annotations are used only for `Statefulset.spec.template.metadata.annotations`. The StatefulSet does not have any dedicated annotation. + +**Default:** `{}` + +### [statefulset.budget.maxUnavailable](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.budget.maxUnavailable) + +**Default:** `1` + +### [statefulset.extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.extraVolumeMounts) + +**Default:** `""` + +### [statefulset.extraVolumes](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.extraVolumes) + +**Default:** `""` + +### [statefulset.initContainerImage.repository](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainerImage.repository) + +**Default:** `"busybox"` + +### [statefulset.initContainerImage.tag](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainerImage.tag) + +**Default:** `"latest"` + +### [statefulset.initContainers.configurator.extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.configurator.extraVolumeMounts) + +**Default:** `""` + +### [statefulset.initContainers.configurator.resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.configurator.resources) + +To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. + +**Default:** `{}` + +### [statefulset.initContainers.extraInitContainers](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.extraInitContainers) + +**Default:** `""` + +### [statefulset.initContainers.fsValidator.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.fsValidator.enabled) + +**Default:** `false` + +### [statefulset.initContainers.fsValidator.expectedFS](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.fsValidator.expectedFS) + +**Default:** `"xfs"` + +### [statefulset.initContainers.fsValidator.extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.fsValidator.extraVolumeMounts) + +**Default:** `""` + +### [statefulset.initContainers.fsValidator.resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.fsValidator.resources) + +To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. + +**Default:** `{}` + +### [statefulset.initContainers.setDataDirOwnership.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.setDataDirOwnership.enabled) + +In environments where root is not allowed, you cannot change the ownership of files and directories. Enable `setDataDirOwnership` when using default minikube cluster configuration. + +**Default:** `false` + +### [statefulset.initContainers.setDataDirOwnership.extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.setDataDirOwnership.extraVolumeMounts) + +**Default:** `""` + +### [statefulset.initContainers.setDataDirOwnership.resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.setDataDirOwnership.resources) + +To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. + +**Default:** `{}` + +### [statefulset.initContainers.setTieredStorageCacheDirOwnership.extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.setTieredStorageCacheDirOwnership.extraVolumeMounts) + +**Default:** `""` + +### [statefulset.initContainers.setTieredStorageCacheDirOwnership.resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.setTieredStorageCacheDirOwnership.resources) + +To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. + +**Default:** `{}` + +### [statefulset.initContainers.tuning.extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.tuning.extraVolumeMounts) + +**Default:** `""` + +### [statefulset.initContainers.tuning.resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.initContainers.tuning.resources) + +To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. + +**Default:** `{}` + +### [statefulset.livenessProbe.failureThreshold](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.livenessProbe.failureThreshold) + +**Default:** `3` + +### [statefulset.livenessProbe.initialDelaySeconds](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.livenessProbe.initialDelaySeconds) + +**Default:** `10` + +### [statefulset.livenessProbe.periodSeconds](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.livenessProbe.periodSeconds) + +**Default:** `10` + +### [statefulset.nodeSelector](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.nodeSelector) + +Node selection constraints for scheduling Pods of this StatefulSet. These constraints override the global `nodeSelector` value. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector). + +**Default:** `{}` + +### [statefulset.podAffinity](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAffinity) + +Inter-Pod Affinity rules for scheduling Pods of this StatefulSet. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). + +**Default:** `{}` + +### [statefulset.podAntiAffinity](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity) + +Anti-affinity rules for scheduling Pods of this StatefulSet. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). You may either edit the default settings for anti-affinity rules, or specify new anti-affinity rules to use instead of the defaults. + +**Default:** + +``` +{"custom":{},"topologyKey":"kubernetes.io/hostname","type":"hard","weight":100} +``` + +### [statefulset.podAntiAffinity.custom](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.custom) + +Change `podAntiAffinity.type` to `custom` and provide your own podAntiAffinity rules here. + +**Default:** `{}` + +### [statefulset.podAntiAffinity.topologyKey](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.topologyKey) + +The topologyKey to be used. Can be used to spread across different nodes, AZs, regions etc. + +**Default:** `"kubernetes.io/hostname"` + +### [statefulset.podAntiAffinity.type](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.type) + +Valid anti-affinity types are `soft`, `hard`, or `custom`. Use `custom` if you want to supply your own anti-affinity rules in the `podAntiAffinity.custom` object. + +**Default:** `"hard"` + +### [statefulset.podAntiAffinity.weight](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podAntiAffinity.weight) + +Weight for `soft` anti-affinity rules. Does not apply to other anti-affinity types. + +**Default:** `100` + +### [statefulset.podTemplate.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.annotations) + +Additional annotations to apply to the Pods of the StatefulSet. + +**Default:** `{}` + +### [statefulset.podTemplate.labels](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.labels) + +Additional labels to apply to the Pods of the StatefulSet. + +**Default:** `{}` + +### [statefulset.podTemplate.spec](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.podTemplate.spec) + +A subset of Kubernetes' PodSpec type that will be merged into the final PodSpec. See [Merge Semantics](#merging-semantics) for details. + +**Default:** + +``` +{"containers":[{"env":[],"name":"redpanda","securityContext":{}}],"securityContext":{}} +``` + +### [statefulset.priorityClassName](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.priorityClassName) + +PriorityClassName given to Pods of this StatefulSet. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). + +**Default:** `""` + +### [statefulset.readinessProbe.failureThreshold](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.readinessProbe.failureThreshold) + +**Default:** `3` + +### [statefulset.readinessProbe.initialDelaySeconds](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.readinessProbe.initialDelaySeconds) + +**Default:** `1` + +### [statefulset.readinessProbe.periodSeconds](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.readinessProbe.periodSeconds) + +**Default:** `10` + +### [statefulset.readinessProbe.successThreshold](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.readinessProbe.successThreshold) + +**Default:** `1` + +### [statefulset.replicas](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.replicas) + +Number of Redpanda brokers (Redpanda Data recommends setting this to the number of worker nodes in the cluster) + +**Default:** `3` + +### [statefulset.securityContext](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.securityContext) + +DEPRECATED: Prefer to use podTemplate.spec.securityContext or podTemplate.spec.containers[0].securityContext. + +**Default:** + +``` +{"fsGroup":101,"fsGroupChangePolicy":"OnRootMismatch","runAsUser":101} +``` + +### [statefulset.sideCars.configWatcher.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.configWatcher.enabled) + +**Default:** `true` + +### [statefulset.sideCars.configWatcher.extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.configWatcher.extraVolumeMounts) + +**Default:** `""` + +### [statefulset.sideCars.configWatcher.resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.configWatcher.resources) + +To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a memory limit and a memory request. * For every container in the Pod, the memory limit must equal the memory request. * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. To maximize efficiency, use the `static` CPU manager policy by specifying an even integer for CPU resource requests and limits. This policy gives the Pods running Redpanda brokers access to exclusive CPUs on the node. For details, see https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy + +**Default:** `{}` + +### [statefulset.sideCars.configWatcher.securityContext](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.configWatcher.securityContext) + +**Default:** `{}` + +### [statefulset.sideCars.controllers.createRBAC](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.createRBAC) + +**Default:** `true` + +### [statefulset.sideCars.controllers.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.enabled) + +**Default:** `false` + +### [statefulset.sideCars.controllers.healthProbeAddress](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.healthProbeAddress) + +**Default:** `":8085"` + +### [statefulset.sideCars.controllers.image.repository](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.image.repository) + +**Default:** + +``` +"docker.redpanda.com/redpandadata/redpanda-operator" +``` + +### [statefulset.sideCars.controllers.image.tag](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.image.tag) + +**Default:** `"v2.1.10-23.2.18"` + +### [statefulset.sideCars.controllers.metricsAddress](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.metricsAddress) + +**Default:** `":9082"` + +### [statefulset.sideCars.controllers.resources](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.resources) + +To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. * Every container in the Pod must have a CPU limit and a CPU request. * For every container in the Pod, the CPU limit must equal the CPU request. To maximize efficiency, use the `static` CPU manager policy by specifying an even integer for CPU resource requests and limits. This policy gives the Pods running Redpanda brokers access to exclusive CPUs on the node. For details, see https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy + +**Default:** `{}` + +### [statefulset.sideCars.controllers.run[0]](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.run[0]) + +**Default:** `"all"` + +### [statefulset.sideCars.controllers.securityContext](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.sideCars.controllers.securityContext) + +**Default:** `{}` + +### [statefulset.startupProbe](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.startupProbe) + +Adjust the period for your probes to meet your needs. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). + +**Default:** + +``` +{"failureThreshold":120,"initialDelaySeconds":1,"periodSeconds":10} +``` + +### [statefulset.terminationGracePeriodSeconds](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.terminationGracePeriodSeconds) + +Termination grace period in seconds is time required to execute preStop hook which puts particular Redpanda Pod (process/container) into maintenance mode. Before settle down on particular value please put Redpanda under load and perform rolling upgrade or rolling restart. That value needs to accommodate two processes: * preStop hook needs to put Redpanda into maintenance mode * after preStop hook Redpanda needs to handle gracefully SIGTERM signal Both processes are executed sequentially where preStop hook has hard deadline in the middle of terminationGracePeriodSeconds. REF: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination + +**Default:** `90` + +### [statefulset.tolerations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.tolerations) + +Taints to be tolerated by Pods of this StatefulSet. These tolerations override the global tolerations value. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). + +**Default:** `[]` + +### [statefulset.topologySpreadConstraints[0].maxSkew](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.topologySpreadConstraints[0].maxSkew) + +**Default:** `1` + +### [statefulset.topologySpreadConstraints[0].topologyKey](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.topologySpreadConstraints[0].topologyKey) + +**Default:** + +``` +"topology.kubernetes.io/zone" +``` + +### [statefulset.topologySpreadConstraints[0].whenUnsatisfiable](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.topologySpreadConstraints[0].whenUnsatisfiable) + +**Default:** `"ScheduleAnyway"` + +### [statefulset.updateStrategy.type](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=statefulset.updateStrategy.type) + +**Default:** `"RollingUpdate"` + +### [storage](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage) + +Persistence settings. For details, see the [storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/configure-storage/). + +**Default:** + +``` +{"hostPath":"","persistentVolume":{"annotations":{},"enabled":true,"labels":{},"nameOverwrite":"","size":"20Gi","storageClass":""},"tiered":{"config":{"cloud_storage_cache_size":5368709120,"cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false},"credentialsSecretRef":{"accessKey":{"configurationKey":"cloud_storage_access_key"},"secretKey":{"configurationKey":"cloud_storage_secret_key"}},"hostPath":"","mountType":"emptyDir","persistentVolume":{"annotations":{},"labels":{},"storageClass":""}}} +``` + +### [storage.hostPath](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.hostPath) + +Absolute path on the host to store Redpanda's data. If unspecified, then an `emptyDir` volume is used. If specified but `persistentVolume.enabled` is true, `storage.hostPath` has no effect. + +**Default:** `""` + +### [storage.persistentVolume](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume) + +If `persistentVolume.enabled` is true, a PersistentVolumeClaim is created and used to store Redpanda's data. Otherwise, `storage.hostPath` is used. + +**Default:** + +``` +{"annotations":{},"enabled":true,"labels":{},"nameOverwrite":"","size":"20Gi","storageClass":""} +``` + +### [storage.persistentVolume.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.annotations) + +Additional annotations to apply to the created PersistentVolumeClaims. + +**Default:** `{}` + +### [storage.persistentVolume.labels](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.labels) + +Additional labels to apply to the created PersistentVolumeClaims. + +**Default:** `{}` + +### [storage.persistentVolume.nameOverwrite](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.nameOverwrite) + +Option to change volume claim template name for tiered storage persistent volume if tiered.mountType is set to `persistentVolume` + +**Default:** `""` + +### [storage.persistentVolume.storageClass](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.persistentVolume.storageClass) + +To disable dynamic provisioning, set to `-`. If undefined or empty (default), then no storageClassName spec is set, and the default dynamic provisioner is chosen (gp2 on AWS, standard on GKE, AWS & OpenStack). + +**Default:** `""` + +### [storage.tiered.config](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config) + +Tiered Storage settings Requires `enterprise.licenseKey` or `enterprised.licenseSecretRef` For details, see the [Tiered Storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/). For a list of properties, see [Object Storage Properties](https://docs.redpanda.com/current/reference/properties/object-storage-properties/). + +**Default:** + +``` +{"cloud_storage_cache_size":5368709120,"cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false} +``` + +### [storage.tiered.config.cloud_storage_cache_size](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_cache_size) + +Maximum size of the disk cache used by Tiered Storage. Default is 20 GiB. See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_cache_size). + +**Default:** `5368709120` + +### [storage.tiered.config.cloud_storage_enable_remote_read](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_enable_remote_read) + +Cluster level default remote read configuration for new topics. See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enable_remote_read). + +**Default:** `true` + +### [storage.tiered.config.cloud_storage_enable_remote_write](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_enable_remote_write) + +Cluster level default remote write configuration for new topics. See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enable_remote_write). + +**Default:** `true` + +### [storage.tiered.config.cloud_storage_enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_enabled) + +Global flag that enables Tiered Storage if a license key is provided. See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enabled). + +**Default:** `false` + +### [storage.tiered.hostPath](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.hostPath) + +Absolute path on the host to store Redpanda's Tiered Storage cache. + +**Default:** `""` + +### [storage.tiered.persistentVolume.annotations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.persistentVolume.annotations) + +Additional annotations to apply to the created PersistentVolumeClaims. + +**Default:** `{}` + +### [storage.tiered.persistentVolume.labels](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.persistentVolume.labels) + +Additional labels to apply to the created PersistentVolumeClaims. + +**Default:** `{}` + +### [storage.tiered.persistentVolume.storageClass](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.persistentVolume.storageClass) + +To disable dynamic provisioning, set to "-". If undefined or empty (default), then no storageClassName spec is set, and the default dynamic provisioner is chosen (gp2 on AWS, standard on GKE, AWS & OpenStack). + +**Default:** `""` + +### [tests.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tests.enabled) + +**Default:** `true` + +### [tls](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls) + +TLS settings. For details, see the [TLS documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/kubernetes-tls/). + +**Default:** + +``` +{"certs":{"default":{"caEnabled":true},"external":{"caEnabled":true}},"enabled":true} +``` + +### [tls.certs](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs) + +List all Certificates here, then you can reference a specific Certificate's name in each listener's `listeners..tls.cert` setting. + +**Default:** + +``` +{"default":{"caEnabled":true},"external":{"caEnabled":true}} +``` + +### [tls.certs.default](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.default) + +This key is the Certificate name. To apply the Certificate to a specific listener, reference the Certificate's name in `listeners..tls.cert`. + +**Default:** `{"caEnabled":true}` + +### [tls.certs.default.caEnabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.default.caEnabled) + +Indicates whether or not the Secret holding this certificate includes a `ca.crt` key. When `true`, chart managed clients, such as rpk, will use `ca.crt` for certificate verification and listeners with `require_client_auth` and no explicit `truststore` will use `ca.crt` as their `truststore_file` for verification of client certificates. When `false`, chart managed clients will use `tls.crt` for certificate verification and listeners with `require_client_auth` and no explicit `truststore` will use the container's CA certificates. + +**Default:** `true` + +### [tls.certs.external](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.external) + +Example external tls configuration uncomment and set the right key to the listeners that require them also enable the tls setting for those listeners. + +**Default:** `{"caEnabled":true}` + +### [tls.certs.external.caEnabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.certs.external.caEnabled) + +Indicates whether or not the Secret holding this certificate includes a `ca.crt` key. When `true`, chart managed clients, such as rpk, will use `ca.crt` for certificate verification and listeners with `require_client_auth` and no explicit `truststore` will use `ca.crt` as their `truststore_file` for verification of client certificates. When `false`, chart managed clients will use `tls.crt` for certificate verification and listeners with `require_client_auth` and no explicit `truststore` will use the container's CA certificates. + +**Default:** `true` + +### [tls.enabled](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tls.enabled) + +Enable TLS globally for all listeners. Each listener must include a Certificate name in its `.tls` object. To allow you to enable TLS for individual listeners, Certificates in `auth.tls.certs` are always loaded, even if `tls.enabled` is `false`. See `listeners..tls.enabled`. + +**Default:** `true` + +### [tolerations](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tolerations) + +Taints to be tolerated by Pods, can override this for StatefulSets. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). + +**Default:** `[]` + +### [tuning](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tuning) + +Redpanda tuning settings. Each is set to their default values in Redpanda. + +**Default:** `{"tune_aio_events":true}` + +### [tuning.tune_aio_events](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=tuning.tune_aio_events) + +Increase the maximum number of outstanding asynchronous IO operations if the current value is below a certain threshold. This allows Redpanda to make as many simultaneous IO requests as possible, increasing throughput. When this option is enabled, Helm creates a privileged container. If your security profile does not allow this, you can disable this container by setting `tune_aio_events` to `false`. For more details, see the [tuning documentation](https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-tune-workers/). + +**Default:** `true` + +## Merging Semantics + +The redpanda chart implements a form of object merging that's roughly a +middleground of [JSON Merge Patch][k8s.jsonmp] and [Kubernetes' Strategic Merge +Patch][k8s.smp]. This is done to aid end users in setting or overriding fields +that are not directly exposed via the chart. + +- Directives are not supported. +- List fields that are merged by a unique key in Kubernetes' SMP (e.g. + `containers`, `env`) will be merged in a similar awy. +- Only fields explicitly allowed by the chart's JSON schema will be merged. +- Additional containers that are not present in the original value will NOT be added. + +[k8s.smp]: https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#use-a-strategic-merge-patch-to-update-a-deployment +[k8s.jsonmp]: https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#use-a-json-merge-patch-to-update-a-deployment diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/.helmignore b/charts/redpanda/redpanda/5.9.4/charts/connectors/.helmignore new file mode 100644 index 0000000000..04ecd888b5 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +README.md.gotmpl +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/Chart.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/Chart.yaml new file mode 100644 index 0000000000..100b252b9d --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/Chart.yaml @@ -0,0 +1,25 @@ +annotations: + artifacthub.io/images: | + - name: connectors + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + - name: rpk + image: docker.redpanda.com/redpandadata/redpanda:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ +apiVersion: v2 +appVersion: v1.0.29 +description: Redpanda managed Connectors helm chart +icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg +kubeVersion: ^1.21.0-0 +maintainers: +- name: redpanda-data + url: https://github.com/orgs/redpanda-data/people +name: connectors +sources: +- https://github.com/redpanda-data/helm-charts +type: application +version: 0.1.12 diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/LICENSE b/charts/redpanda/redpanda/5.9.4/charts/connectors/LICENSE new file mode 100644 index 0000000000..261eeb9e9f --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/README.md b/charts/redpanda/redpanda/5.9.4/charts/connectors/README.md new file mode 100644 index 0000000000..c48f682b98 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/README.md @@ -0,0 +1,574 @@ +# Redpanda Connectors Helm Chart Specification +--- +description: Find the default values and descriptions of settings in the Redpanda Connectors Helm chart. +--- + +![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.0.29](https://img.shields.io/badge/AppVersion-v1.0.29-informational?style=flat-square) + +This page describes the official Redpanda Connectors Helm Chart. In particular, this page describes the contents of the chart’s [`values.yaml` file](https://github.com/redpanda-data/helm-charts/blob/main/charts/connectors/values.yaml). Each of the settings is listed and described on this page, along with any default values. + +For instructions on how to install and use the chart, including how to override and customize the chart’s values, refer to the [deployment documentation](https://docs.redpanda.com/current/deploy/deployment-option/self-hosted/kubernetes/k-deploy-connectors/). + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1) + +## Source Code + +* + +## Requirements + +Kubernetes: `^1.21.0-0` + +## Settings + +### [auth](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=auth) + +Authentication settings. For details, see the [SASL documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/). The first line of the secret file is used. So the first superuser is used to authenticate to the Redpanda cluster. + +**Default:** + +``` +{"sasl":{"enabled":false,"mechanism":"scram-sha-512","secretRef":"","userName":""}} +``` + +### [auth.sasl.mechanism](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=auth.sasl.mechanism) + +The authentication mechanism to use for the superuser. Options are `scram-sha-256` and `scram-sha-512`. + +**Default:** `"scram-sha-512"` + +### [auth.sasl.secretRef](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=auth.sasl.secretRef) + +A Secret that contains your SASL user password. + +**Default:** `""` + +### [commonLabels](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=commonLabels) + +Additional labels to add to all Kubernetes objects. For example, `my.k8s.service: redpanda`. + +**Default:** `{}` + +### [connectors.additionalConfiguration](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.additionalConfiguration) + +A placeholder for any Java configuration settings for Kafka Connect that are not explicitly defined in this Helm chart. Java configuration settings are passed to the Kafka Connect startup script. + +**Default:** `""` + +### [connectors.bootstrapServers](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.bootstrapServers) + +A comma-separated list of Redpanda broker addresses in the format of IP:Port or DNS:Port. Kafka Connect uses this to connect to the Redpanda/Kafka cluster. + +**Default:** `""` + +### [connectors.brokerTLS.ca.secretNameOverwrite](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.brokerTLS.ca.secretNameOverwrite) + +If `secretRef` points to a Secret where the certificate authority (CA) is not under the `ca.crt` key, use `secretNameOverwrite` to overwrite it e.g. `corp-ca.crt`. + +**Default:** `""` + +### [connectors.brokerTLS.ca.secretRef](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.brokerTLS.ca.secretRef) + +The name of the Secret where the ca.crt file content is located. + +**Default:** `""` + +### [connectors.brokerTLS.cert.secretNameOverwrite](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.brokerTLS.cert.secretNameOverwrite) + +If secretRef points to secret where client signed certificate is not under tls.crt key then please use secretNameOverwrite to overwrite it e.g. corp-tls.crt + +**Default:** `""` + +### [connectors.brokerTLS.cert.secretRef](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.brokerTLS.cert.secretRef) + +The name of the secret where client signed certificate is located + +**Default:** `""` + +### [connectors.brokerTLS.enabled](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.brokerTLS.enabled) + +**Default:** `false` + +### [connectors.brokerTLS.key.secretNameOverwrite](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.brokerTLS.key.secretNameOverwrite) + +If secretRef points to secret where client private key is not under tls.key key then please use secretNameOverwrite to overwrite it e.g. corp-tls.key + +**Default:** `""` + +### [connectors.brokerTLS.key.secretRef](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.brokerTLS.key.secretRef) + +The name of the secret where client private key is located + +**Default:** `""` + +### [connectors.groupID](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.groupID) + +A unique string that identifies the Kafka Connect cluster. It's used in the formation of the internal topic names, ensuring that multiple Kafka Connect clusters can connect to the same Redpanda cluster without interfering with each other. + +**Default:** `"connectors-cluster"` + +### [connectors.producerBatchSize](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.producerBatchSize) + +The number of bytes of records a producer will attempt to batch together before sending to Redpanda. Batching improves throughput. + +**Default:** `131072` + +### [connectors.producerLingerMS](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.producerLingerMS) + +The time, in milliseconds, that a producer will wait before sending a batch of records. Waiting allows the producer to gather more records in the same batch and improve throughput. + +**Default:** `1` + +### [connectors.restPort](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.restPort) + +The port on which the Kafka Connect REST API listens. The API is used for administrative tasks. + +**Default:** `8083` + +### [connectors.schemaRegistryURL](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.schemaRegistryURL) + +**Default:** `""` + +### [connectors.secretManager.connectorsPrefix](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.secretManager.connectorsPrefix) + +**Default:** `""` + +### [connectors.secretManager.consolePrefix](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.secretManager.consolePrefix) + +**Default:** `""` + +### [connectors.secretManager.enabled](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.secretManager.enabled) + +**Default:** `false` + +### [connectors.secretManager.region](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.secretManager.region) + +**Default:** `""` + +### [connectors.storage.remote](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.remote) + +Indicates if read and write operations for the respective topics are allowed remotely. + +**Default:** + +``` +{"read":{"config":false,"offset":false,"status":false},"write":{"config":false,"offset":false,"status":false}} +``` + +### [connectors.storage.replicationFactor](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.replicationFactor) + +The number of replicas for each of the internal topics that Kafka Connect uses. + +**Default:** + +``` +{"config":-1,"offset":-1,"status":-1} +``` + +### [connectors.storage.replicationFactor.config](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.replicationFactor.config) + +Replication factor for the configuration topic. + +**Default:** `-1` + +### [connectors.storage.replicationFactor.offset](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.replicationFactor.offset) + +Replication factor for the offset topic. + +**Default:** `-1` + +### [connectors.storage.replicationFactor.status](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.replicationFactor.status) + +Replication factor for the status topic. + +**Default:** `-1` + +### [connectors.storage.topic.config](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.topic.config) + +The name of the internal topic that Kafka Connect uses to store connector and task configurations. + +**Default:** + +``` +"_internal_connectors_configs" +``` + +### [connectors.storage.topic.offset](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.topic.offset) + +The name of the internal topic that Kafka Connect uses to store source connector offsets. + +**Default:** + +``` +"_internal_connectors_offsets" +``` + +### [connectors.storage.topic.status](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=connectors.storage.topic.status) + +The name of the internal topic that Kafka Connect uses to store connector and task status updates. + +**Default:** + +``` +"_internal_connectors_status" +``` + +### [container.javaGCLogEnabled](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=container.javaGCLogEnabled) + +**Default:** `"false"` + +### [container.resources](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=container.resources) + +Pod resource management. + +**Default:** + +``` +{"javaMaxHeapSize":"2G","limits":{"cpu":"1","memory":"2350Mi"},"request":{"cpu":"1","memory":"2350Mi"}} +``` + +### [container.resources.javaMaxHeapSize](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=container.resources.javaMaxHeapSize) + +Java maximum heap size must not be greater than `container.resources.limits.memory`. + +**Default:** `"2G"` + +### [container.securityContext](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=container.securityContext) + +Security context for the Redpanda Connectors container. See also `deployment.securityContext` for Pod-level settings. + +**Default:** + +``` +{"allowPrivilegeEscalation":false} +``` + +### [deployment.annotations](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.annotations) + +Additional annotations to apply to the Pods of this Deployment. + +**Default:** `{}` + +### [deployment.budget.maxUnavailable](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.budget.maxUnavailable) + +**Default:** `1` + +### [deployment.create](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.create) + +**Default:** `true` + +### [deployment.extraEnv](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.extraEnv) + +Additional environment variables for the Pods. + +**Default:** `[]` + +### [deployment.extraEnvFrom](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.extraEnvFrom) + +Configure extra environment variables from Secrets and ConfigMaps. + +**Default:** `[]` + +### [deployment.livenessProbe](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.livenessProbe) + +Adjust the period for your probes to meet your needs. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). + +**Default:** + +``` +{"failureThreshold":3,"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1} +``` + +### [deployment.nodeAffinity](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.nodeAffinity) + +Node Affinity rules for scheduling Pods of this Deployment. The suggestion would be to spread Pods according to topology zone. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). + +**Default:** `{}` + +### [deployment.nodeSelector](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.nodeSelector) + +Node selection constraints for scheduling Pods of this Deployment. These constraints override the global `nodeSelector` value. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector). + +**Default:** `{}` + +### [deployment.podAffinity](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.podAffinity) + +Inter-Pod Affinity rules for scheduling Pods of this Deployment. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). + +**Default:** `{}` + +### [deployment.podAntiAffinity](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.podAntiAffinity) + +Anti-affinity rules for scheduling Pods of this Deployment. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). You may either edit the default settings for anti-affinity rules, or specify new anti-affinity rules to use instead of the defaults. + +**Default:** + +``` +{"custom":{},"topologyKey":"kubernetes.io/hostname","type":"hard","weight":100} +``` + +### [deployment.podAntiAffinity.custom](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.podAntiAffinity.custom) + +Change `podAntiAffinity.type` to `custom` and provide your own podAntiAffinity rules here. + +**Default:** `{}` + +### [deployment.podAntiAffinity.topologyKey](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.podAntiAffinity.topologyKey) + +The `topologyKey` to be used. Can be used to spread across different nodes, AZs, regions etc. + +**Default:** `"kubernetes.io/hostname"` + +### [deployment.podAntiAffinity.type](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.podAntiAffinity.type) + +Valid anti-affinity types are `soft`, `hard`, or `custom`. Use `custom` if you want to supply your own anti-affinity rules in the `podAntiAffinity.custom` object. + +**Default:** `"hard"` + +### [deployment.podAntiAffinity.weight](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.podAntiAffinity.weight) + +Weight for `soft` anti-affinity rules. Does not apply for other anti-affinity types. + +**Default:** `100` + +### [deployment.priorityClassName](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.priorityClassName) + +PriorityClassName given to Pods of this Deployment. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). + +**Default:** `""` + +### [deployment.progressDeadlineSeconds](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.progressDeadlineSeconds) + +The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. + +**Default:** `600` + +### [deployment.readinessProbe.failureThreshold](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.readinessProbe.failureThreshold) + +**Default:** `2` + +### [deployment.readinessProbe.initialDelaySeconds](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.readinessProbe.initialDelaySeconds) + +**Default:** `60` + +### [deployment.readinessProbe.periodSeconds](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.readinessProbe.periodSeconds) + +**Default:** `10` + +### [deployment.readinessProbe.successThreshold](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.readinessProbe.successThreshold) + +**Default:** `3` + +### [deployment.readinessProbe.timeoutSeconds](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.readinessProbe.timeoutSeconds) + +**Default:** `5` + +### [deployment.restartPolicy](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.restartPolicy) + +**Default:** `"Always"` + +### [deployment.revisionHistoryLimit](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.revisionHistoryLimit) + +The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. + +**Default:** `10` + +### [deployment.schedulerName](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.schedulerName) + +**Default:** `""` + +### [deployment.securityContext.fsGroup](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.securityContext.fsGroup) + +**Default:** `101` + +### [deployment.securityContext.fsGroupChangePolicy](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.securityContext.fsGroupChangePolicy) + +**Default:** `"OnRootMismatch"` + +### [deployment.securityContext.runAsUser](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.securityContext.runAsUser) + +**Default:** `101` + +### [deployment.strategy.type](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.strategy.type) + +**Default:** `"RollingUpdate"` + +### [deployment.terminationGracePeriodSeconds](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.terminationGracePeriodSeconds) + +**Default:** `30` + +### [deployment.tolerations](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.tolerations) + +Taints to be tolerated by Pods of this Deployment. These tolerations override the global tolerations value. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). + +**Default:** `[]` + +### [deployment.topologySpreadConstraints[0].maxSkew](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.topologySpreadConstraints[0].maxSkew) + +**Default:** `1` + +### [deployment.topologySpreadConstraints[0].topologyKey](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.topologySpreadConstraints[0].topologyKey) + +**Default:** + +``` +"topology.kubernetes.io/zone" +``` + +### [deployment.topologySpreadConstraints[0].whenUnsatisfiable](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=deployment.topologySpreadConstraints[0].whenUnsatisfiable) + +**Default:** `"ScheduleAnyway"` + +### [fullnameOverride](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=fullnameOverride) + +Override `connectors.fullname` template. + +**Default:** `""` + +### [image](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=image) + +Redpanda Docker image settings. + +**Default:** + +``` +{"pullPolicy":"IfNotPresent","repository":"docker.redpanda.com/redpandadata/connectors","tag":""} +``` + +### [image.pullPolicy](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=image.pullPolicy) + +The imagePullPolicy. If `image.tag` is 'latest', the default is `Always`. + +**Default:** `"IfNotPresent"` + +### [image.repository](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=image.repository) + +Docker repository from which to pull the Redpanda Docker image. + +**Default:** + +``` +"docker.redpanda.com/redpandadata/connectors" +``` + +### [image.tag](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=image.tag) + +The Redpanda version. See DockerHub for: [All stable versions](https://hub.docker.com/r/redpandadata/redpanda/tags) and [all unstable versions](https://hub.docker.com/r/redpandadata/redpanda-unstable/tags). + +**Default:** `Chart.appVersion`. + +### [imagePullSecrets](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=imagePullSecrets) + +Pull secrets may be used to provide credentials to image repositories See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + +**Default:** `[]` + +### [logging](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=logging) + +Log-level settings. + +**Default:** `{"level":"warn"}` + +### [logging.level](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=logging.level) + +Log level Valid values (from least to most verbose) are: `error`, `warn`, `info` and `debug`. + +**Default:** `"warn"` + +### [monitoring](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=monitoring) + +Monitoring. When set to `true`, the Helm chart creates a PodMonitor that can be used by Prometheus-Operator or VictoriaMetrics-Operator to scrape the metrics. + +**Default:** + +``` +{"annotations":{},"enabled":false,"labels":{},"namespaceSelector":{"any":true},"scrapeInterval":"30s"} +``` + +### [nameOverride](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=nameOverride) + +Override `connectors.name` template. + +**Default:** `""` + +### [service](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=service) + +Service management. + +**Default:** + +``` +{"annotations":{},"name":"","ports":[{"name":"prometheus","port":9404}]} +``` + +### [service.annotations](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=service.annotations) + +Annotations to add to the Service. + +**Default:** `{}` + +### [service.name](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=service.name) + +The name of the service to use. If not set, a name is generated using the `connectors.fullname` template. + +**Default:** `""` + +### [serviceAccount](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=serviceAccount) + +ServiceAccount management. + +**Default:** + +``` +{"annotations":{},"create":false,"name":""} +``` + +### [serviceAccount.annotations](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=serviceAccount.annotations) + +Annotations to add to the ServiceAccount. + +**Default:** `{}` + +### [serviceAccount.create](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=serviceAccount.create) + +Specifies whether a ServiceAccount should be created. + +**Default:** `false` + +### [serviceAccount.name](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=serviceAccount.name) + +The name of the ServiceAccount to use. If not set and `serviceAccount.create` is `true`, a name is generated using the `connectors.fullname` template. + +**Default:** `""` + +### [storage.volumeMounts[0].mountPath](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=storage.volumeMounts[0].mountPath) + +**Default:** `"/tmp"` + +### [storage.volumeMounts[0].name](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=storage.volumeMounts[0].name) + +**Default:** `"rp-connect-tmp"` + +### [storage.volume[0].emptyDir.medium](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=storage.volume[0].emptyDir.medium) + +**Default:** `"Memory"` + +### [storage.volume[0].emptyDir.sizeLimit](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=storage.volume[0].emptyDir.sizeLimit) + +**Default:** `"5Mi"` + +### [storage.volume[0].name](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=storage.volume[0].name) + +**Default:** `"rp-connect-tmp"` + +### [test.create](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=test.create) + +**Default:** `true` + +### [tolerations](https://artifacthub.io/packages/helm/redpanda-data/connectors?modal=values&path=tolerations) + +Taints to be tolerated by Pods. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). + +**Default:** `[]` + diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/chart_test.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/chart_test.go new file mode 100644 index 0000000000..d56e956e27 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/chart_test.go @@ -0,0 +1,144 @@ +package connectors + +import ( + "encoding/json" + "fmt" + "os" + "regexp" + "slices" + "testing" + + fuzz "github.com/google/gofuzz" + "github.com/redpanda-data/helm-charts/pkg/helm" + "github.com/redpanda-data/helm-charts/pkg/testutil" + "github.com/stretchr/testify/require" + "golang.org/x/tools/txtar" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/yaml" +) + +// TestValues asserts that the chart's values.yaml file can be losslessly +// loaded into our type [Values] struct. +// NB: values.yaml should round trip through [Values], not [PartialValues], as +// [Values]'s omitempty tags are models after values.yaml. +func TestValues(t *testing.T) { + var typedValues Values + var unstructuredValues map[string]any + + require.NoError(t, yaml.Unmarshal(DefaultValuesYAML, &typedValues)) + require.NoError(t, yaml.Unmarshal(DefaultValuesYAML, &unstructuredValues)) + + typedValuesJSON, err := json.Marshal(typedValues) + require.NoError(t, err) + + unstructuredValuesJSON, err := json.Marshal(unstructuredValues) + require.NoError(t, err) + + require.JSONEq(t, string(unstructuredValuesJSON), string(typedValuesJSON)) +} + +func TestTemplate(t *testing.T) { + ctx := testutil.Context(t) + client, err := helm.New(helm.Options{ConfigHome: testutil.TempDir(t)}) + require.NoError(t, err) + + casesArchive, err := txtar.ParseFile("testdata/template-cases.txtar") + require.NoError(t, err) + + generatedCasesArchive, err := txtar.ParseFile("testdata/template-cases-generated.txtar") + require.NoError(t, err) + + goldens := testutil.NewTxTar(t, "testdata/template-cases.golden.txtar") + + for _, tc := range append(casesArchive.Files, generatedCasesArchive.Files...) { + tc := tc + t.Run(tc.Name, func(t *testing.T) { + var values PartialValues + require.NoError(t, yaml.Unmarshal(tc.Data, &values)) + + out, err := client.Template(ctx, ".", helm.TemplateOptions{ + Name: "console", + Values: values, + Set: []string{ + // Tests utilize rng; Can't have that in snapshot testing + // so always disable them. + "test.create=false", + }, + }) + require.NoError(t, err) + goldens.AssertGolden(t, testutil.YAML, fmt.Sprintf("testdata/%s.yaml.golden", tc.Name), out) + }) + } +} + +// TestGenerateCases is not a test case (sorry) but a test case generator for +// the console chart. +func TestGenerateCases(t *testing.T) { + // Nasty hack to avoid making a main function somewhere. Sorry not sorry. + if !slices.Contains(os.Args, fmt.Sprintf("-test.run=%s", t.Name())) { + t.Skipf("%s will only run if explicitly specified (-run %q)", t.Name(), t.Name()) + } + + // Makes strings easier to read. + asciiStrs := func(s *string, c fuzz.Continue) { + const alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + var x []byte + for i := 0; i < c.Intn(25); i++ { + x = append(x, alphabet[c.Intn(len(alphabet))]) + } + *s = string(x) + } + smallInts := func(s *int, c fuzz.Continue) { + *s = c.Intn(501) + } + + fuzzer := fuzz.New().NumElements(0, 3).SkipFieldsWithPattern( + regexp.MustCompile("^(SELinuxOptions|WindowsOptions|SeccompProfile|TCPSocket|HTTPHeaders|VolumeSource|Image)$"), + ).Funcs( + asciiStrs, + smallInts, + func(t *corev1.ServiceType, c fuzz.Continue) { + types := []corev1.ServiceType{ + corev1.ServiceTypeClusterIP, + corev1.ServiceTypeExternalName, + corev1.ServiceTypeNodePort, + corev1.ServiceTypeLoadBalancer, + } + *t = types[c.Intn(len(types))] + }, + func(s *corev1.ResourceName, c fuzz.Continue) { asciiStrs((*string)(s), c) }, + func(_ *any, c fuzz.Continue) {}, + func(_ *[]corev1.ResourceClaim, c fuzz.Continue) {}, + func(_ *[]metav1.ManagedFieldsEntry, c fuzz.Continue) {}, + ) + + nilChance := float64(0.8) + + files := make([]txtar.File, 0, 50) + for i := 0; i < 50; i++ { + // Every 5 iterations, decrease nil chance to ensure that we're biased + // towards exploring most cases. + if i%5 == 0 && nilChance > .1 { + nilChance -= .1 + } + + var values PartialValues + fuzzer.NilChance(nilChance).Fuzz(&values) + + out, err := yaml.Marshal(values) + require.NoError(t, err) + + files = append(files, txtar.File{ + Name: fmt.Sprintf("case-%03d", i), + Data: out, + }) + } + + archive := txtar.Format(&txtar.Archive{ + Comment: []byte(fmt.Sprintf(`Generated by %s`, t.Name())), + Files: files, + }) + + require.NoError(t, os.WriteFile("testdata/template-cases-generated.txtar", archive, 0o644)) +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/ci/01-default-values.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/ci/01-default-values.yaml new file mode 100644 index 0000000000..d0dbb71c23 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/ci/01-default-values.yaml @@ -0,0 +1,34 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +connectors: + bootstrapServers: "redpanda-0.redpanda.redpanda.svc.cluster.local.:9093,redpanda-1.redpanda.redpanda.svc.cluster.local.:9093,redpanda-2.redpanda.redpanda.svc.cluster.local.:9093" + brokerTLS: + enabled: true + ca: + secretRef: redpanda-default-cert + +logging: + level: trace + +deployment: + annotations: + test: test + test2: test2 + +service: + annotations: + test: test + test2: test2 diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/ci/02-broker-tls-values.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/ci/02-broker-tls-values.yaml new file mode 100644 index 0000000000..42f0ebc173 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/ci/02-broker-tls-values.yaml @@ -0,0 +1,28 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +connectors: + bootstrapServers: "redpanda-0.redpanda.redpanda.svc.cluster.local.:9093,redpanda-1.redpanda.redpanda.svc.cluster.local.:9093,redpanda-2.redpanda.redpanda.svc.cluster.local.:9093" + brokerTLS: + enabled: true + ca: + secretRef: redpanda-default-cert + cert: + secretRef: redpanda-default-cert + key: + secretRef: redpanda-default-cert + +logging: + level: trace diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/deployment.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/deployment.go new file mode 100644 index 0000000000..2580668adf --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/deployment.go @@ -0,0 +1,394 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_deployment.go.tpl +package connectors + +import ( + "fmt" + + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" + "k8s.io/utils/ptr" +) + +func Deployment(dot *helmette.Dot) *appsv1.Deployment { + values := helmette.Unwrap[Values](dot.Values) + + if !values.Deployment.Create { + return nil + } + + var topologySpreadConstraints []corev1.TopologySpreadConstraint + for _, spread := range values.Deployment.TopologySpreadConstraints { + topologySpreadConstraints = append(topologySpreadConstraints, corev1.TopologySpreadConstraint{ + LabelSelector: &metav1.LabelSelector{ + MatchLabels: PodLabels(dot), + }, + MaxSkew: spread.MaxSkew, + TopologyKey: spread.TopologyKey, + WhenUnsatisfiable: spread.WhenUnsatisfiable, + }) + } + + ports := []corev1.ContainerPort{ + { + ContainerPort: values.Connectors.RestPort, + Name: "rest-api", + Protocol: corev1.ProtocolTCP, + }, + } + + for _, port := range values.Service.Ports { + ports = append(ports, corev1.ContainerPort{ + Name: port.Name, + ContainerPort: port.Port, + Protocol: corev1.ProtocolTCP, + }) + } + + var podAntiAffinity *corev1.PodAntiAffinity + if values.Deployment.PodAntiAffinity != nil { + if values.Deployment.PodAntiAffinity.Type == "hard" { + podAntiAffinity = &corev1.PodAntiAffinity{ + RequiredDuringSchedulingIgnoredDuringExecution: []corev1.PodAffinityTerm{{ + TopologyKey: values.Deployment.PodAntiAffinity.TopologyKey, + Namespaces: []string{dot.Release.Namespace}, + LabelSelector: &metav1.LabelSelector{ + MatchLabels: PodLabels(dot), + }, + }}, + } + } else if values.Deployment.PodAntiAffinity.Type == "soft" { + podAntiAffinity = &corev1.PodAntiAffinity{ + PreferredDuringSchedulingIgnoredDuringExecution: []corev1.WeightedPodAffinityTerm{{ + Weight: *values.Deployment.PodAntiAffinity.Weight, + PodAffinityTerm: corev1.PodAffinityTerm{ + TopologyKey: values.Deployment.PodAntiAffinity.TopologyKey, + Namespaces: []string{dot.Release.Namespace}, + LabelSelector: &metav1.LabelSelector{ + MatchLabels: PodLabels(dot), + }, + }, + }}, + } + } else if values.Deployment.PodAntiAffinity.Type == "custom" { + podAntiAffinity = values.Deployment.PodAntiAffinity.Custom + } + } + + return &appsv1.Deployment{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "apps/v1", + Kind: "Deployment", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Labels: helmette.Merge(FullLabels(dot), values.Deployment.Annotations), + }, + Spec: appsv1.DeploymentSpec{ + Replicas: values.Deployment.Replicas, + ProgressDeadlineSeconds: &values.Deployment.ProgressDeadlineSeconds, + RevisionHistoryLimit: values.Deployment.RevisionHistoryLimit, + Selector: &metav1.LabelSelector{ + MatchLabels: PodLabels(dot), + }, + Strategy: values.Deployment.Strategy, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: values.Deployment.Annotations, + Labels: PodLabels(dot), + }, + Spec: corev1.PodSpec{ + TerminationGracePeriodSeconds: values.Deployment.TerminationGracePeriodSeconds, + Affinity: &corev1.Affinity{ + NodeAffinity: values.Deployment.NodeAffinity, + PodAffinity: values.Deployment.PodAffinity, + PodAntiAffinity: podAntiAffinity, + }, + ServiceAccountName: ServiceAccountName(dot), + Containers: []corev1.Container{ + { + Name: "connectors-cluster", + Image: fmt.Sprintf("%s:%s", values.Image.Repository, Tag(dot)), + ImagePullPolicy: values.Image.PullPolicy, + SecurityContext: &values.Container.SecurityContext, + Command: values.Deployment.Command, + Env: env(&values), + EnvFrom: values.Deployment.ExtraEnvFrom, + LivenessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/", + Port: intstr.FromString("rest-api"), + Scheme: corev1.URISchemeHTTP, + }, + }, + InitialDelaySeconds: values.Deployment.LivenessProbe.InitialDelaySeconds, + TimeoutSeconds: values.Deployment.LivenessProbe.TimeoutSeconds, + PeriodSeconds: values.Deployment.LivenessProbe.PeriodSeconds, + SuccessThreshold: values.Deployment.LivenessProbe.SuccessThreshold, + FailureThreshold: values.Deployment.LivenessProbe.FailureThreshold, + }, + ReadinessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/connectors", + Port: intstr.FromString("rest-api"), + Scheme: corev1.URISchemeHTTP, + }, + }, + InitialDelaySeconds: values.Deployment.ReadinessProbe.InitialDelaySeconds, + TimeoutSeconds: values.Deployment.ReadinessProbe.TimeoutSeconds, + PeriodSeconds: values.Deployment.ReadinessProbe.PeriodSeconds, + SuccessThreshold: values.Deployment.ReadinessProbe.SuccessThreshold, + FailureThreshold: values.Deployment.ReadinessProbe.FailureThreshold, + }, + Ports: ports, + Resources: corev1.ResourceRequirements{ + Requests: values.Container.Resources.Request, + Limits: values.Container.Resources.Limits, + }, + TerminationMessagePath: "/dev/termination-log", + TerminationMessagePolicy: "File", + VolumeMounts: volumeMountss(&values), + }, + }, + DNSPolicy: corev1.DNSClusterFirst, + RestartPolicy: values.Deployment.RestartPolicy, + SchedulerName: values.Deployment.SchedulerName, + NodeSelector: values.Deployment.NodeSelector, + ImagePullSecrets: values.ImagePullSecrets, + SecurityContext: values.Deployment.SecurityContext, + Tolerations: values.Deployment.Tolerations, + TopologySpreadConstraints: topologySpreadConstraints, + Volumes: volumes(&values), + }, + }, + }, + } +} + +func env(values *Values) []corev1.EnvVar { + env := []corev1.EnvVar{ + { + Name: "CONNECT_CONFIGURATION", + Value: connectorConfiguration(values), + }, + { + Name: "CONNECT_ADDITIONAL_CONFIGURATION", + Value: values.Connectors.AdditionalConfiguration, + }, + { + Name: "CONNECT_BOOTSTRAP_SERVERS", + Value: values.Connectors.BootstrapServers, + }, + } + + if !helmette.Empty(values.Connectors.SchemaRegistryURL) { + env = append(env, corev1.EnvVar{ + Name: "SCHEMA_REGISTRY_URL", + Value: values.Connectors.SchemaRegistryURL, + }) + } + + env = append(env, corev1.EnvVar{ + Name: "CONNECT_GC_LOG_ENABLED", + Value: values.Container.JavaGCLogEnabled, + }, corev1.EnvVar{ + Name: "CONNECT_HEAP_OPTS", + Value: fmt.Sprintf("-Xms256M -Xmx%s", values.Container.Resources.JavaMaxHeapSize), + }, corev1.EnvVar{ + Name: "CONNECT_LOG_LEVEL", + Value: values.Logging.Level, + }) + + if values.Auth.SASLEnabled() { + env = append(env, corev1.EnvVar{ + Name: "CONNECT_SASL_USERNAME", + Value: values.Auth.SASL.UserName, + }, corev1.EnvVar{ + Name: "CONNECT_SASL_MECHANISM", + Value: values.Auth.SASL.Mechanism, + }, corev1.EnvVar{ + Name: "CONNECT_SASL_PASSWORD_FILE", + Value: "rc-credentials/password", + }) + } + + env = append(env, corev1.EnvVar{ + Name: "CONNECT_TLS_ENABLED", + Value: fmt.Sprintf("%v", values.Connectors.BrokerTLS.Enabled), + }) + + if !helmette.Empty(values.Connectors.BrokerTLS.CA.SecretRef) { + ca := helmette.Default("ca.crt", values.Connectors.BrokerTLS.CA.SecretNameOverwrite) + env = append(env, corev1.EnvVar{ + Name: "CONNECT_TRUSTED_CERTS", + Value: fmt.Sprintf("ca/%s", ca), + }) + } + + if !helmette.Empty(values.Connectors.BrokerTLS.Cert.SecretRef) { + cert := helmette.Default("tls.crt", values.Connectors.BrokerTLS.Cert.SecretNameOverwrite) + env = append(env, corev1.EnvVar{ + Name: "CONNECT_TLS_AUTH_CERT", + Value: fmt.Sprintf("cert/%s", cert), + }) + } + + if !helmette.Empty(values.Connectors.BrokerTLS.Key.SecretRef) { + key := helmette.Default("tls.key", values.Connectors.BrokerTLS.Key.SecretNameOverwrite) + env = append(env, corev1.EnvVar{ + Name: "CONNECT_TLS_AUTH_KEY", + Value: fmt.Sprintf("key/%s", key), + }) + } + + return append(env, values.Deployment.ExtraEnv...) +} + +func connectorConfiguration(values *Values) string { + lines := []string{ + fmt.Sprintf("rest.advertised.port=%d", values.Connectors.RestPort), + fmt.Sprintf("rest.port=%d", values.Connectors.RestPort), + "key.converter=org.apache.kafka.connect.converters.ByteArrayConverter", + "value.converter=org.apache.kafka.connect.converters.ByteArrayConverter", + fmt.Sprintf("group.id=%s", values.Connectors.GroupID), + fmt.Sprintf("offset.storage.topic=%s", values.Connectors.Storage.Topic.Offset), + fmt.Sprintf("config.storage.topic=%s", values.Connectors.Storage.Topic.Config), + fmt.Sprintf("status.storage.topic=%s", values.Connectors.Storage.Topic.Status), + fmt.Sprintf("offset.storage.redpanda.remote.read=%t", values.Connectors.Storage.Remote.Read.Offset), + fmt.Sprintf("offset.storage.redpanda.remote.write=%t", values.Connectors.Storage.Remote.Write.Offset), + fmt.Sprintf("config.storage.redpanda.remote.read=%t", values.Connectors.Storage.Remote.Read.Config), + fmt.Sprintf("config.storage.redpanda.remote.write=%t", values.Connectors.Storage.Remote.Write.Config), + fmt.Sprintf("status.storage.redpanda.remote.read=%t", values.Connectors.Storage.Remote.Read.Status), + fmt.Sprintf("status.storage.redpanda.remote.write=%t", values.Connectors.Storage.Remote.Write.Status), + fmt.Sprintf("offset.storage.replication.factor=%d", values.Connectors.Storage.ReplicationFactor.Offset), + fmt.Sprintf("config.storage.replication.factor=%d", values.Connectors.Storage.ReplicationFactor.Config), + fmt.Sprintf("status.storage.replication.factor=%d", values.Connectors.Storage.ReplicationFactor.Status), + fmt.Sprintf("producer.linger.ms=%d", values.Connectors.ProducerLingerMS), + fmt.Sprintf("producer.batch.size=%d", values.Connectors.ProducerBatchSize), + "config.providers=file,secretsManager,env", + "config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider", + } + + if values.Connectors.SecretManager.Enabled { + lines = append( + lines, + "config.providers.secretsManager.class=com.github.jcustenborder.kafka.config.aws.SecretsManagerConfigProvider", + fmt.Sprintf("config.providers.secretsManager.param.secret.prefix=%s%s", values.Connectors.SecretManager.ConsolePrefix, values.Connectors.SecretManager.ConnectorsPrefix), + fmt.Sprintf("config.providers.secretsManager.param.aws.region=%s", values.Connectors.SecretManager.Region), + ) + } + + lines = append( + lines, + "config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider", + ) + + return helmette.Join("\n", lines) +} + +func volumes(values *Values) []corev1.Volume { + var volumes []corev1.Volume + if !helmette.Empty(values.Connectors.BrokerTLS.CA.SecretRef) { + volumes = append(volumes, corev1.Volume{ + Name: "truststore", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + DefaultMode: ptr.To[int32](0o444), + SecretName: values.Connectors.BrokerTLS.CA.SecretRef, + }, + }, + }) + } + if !helmette.Empty(values.Connectors.BrokerTLS.Cert.SecretRef) { + volumes = append(volumes, corev1.Volume{ + Name: "cert", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + DefaultMode: ptr.To[int32](0o444), + SecretName: values.Connectors.BrokerTLS.Cert.SecretRef, + }, + }, + }) + } + if !helmette.Empty(values.Connectors.BrokerTLS.Key.SecretRef) { + volumes = append(volumes, corev1.Volume{ + Name: "key", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + DefaultMode: ptr.To[int32](0o444), + SecretName: values.Connectors.BrokerTLS.Key.SecretRef, + }, + }, + }) + } + + if values.Auth.SASLEnabled() { + volumes = append(volumes, corev1.Volume{ + Name: "rc-credentials", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + DefaultMode: ptr.To[int32](0o444), + SecretName: values.Auth.SASL.SecretRef, + }, + }, + }) + } + + return append(volumes, values.Storage.Volume...) +} + +func volumeMountss(values *Values) []corev1.VolumeMount { + var mounts []corev1.VolumeMount + + if values.Auth.SASLEnabled() { + mounts = append(mounts, corev1.VolumeMount{ + MountPath: "/opt/kafka/connect-password/rc-credentials", + Name: "rc-credentials", + }) + } + + if !helmette.Empty(values.Connectors.BrokerTLS.CA.SecretRef) { + // The /opt/kafka/connect-certs is fixed path within Connectors + mounts = append(mounts, corev1.VolumeMount{ + Name: "truststore", + MountPath: "/opt/kafka/connect-certs/ca", + }) + } + + if !helmette.Empty(values.Connectors.BrokerTLS.Cert.SecretRef) { + // The /opt/kafka/connect-certs is fixed path within Connectors + mounts = append(mounts, corev1.VolumeMount{ + Name: "cert", + MountPath: "/opt/kafka/connect-certs/cert", + }) + } + + if !helmette.Empty(values.Connectors.BrokerTLS.Key.SecretRef) { + // The /opt/kafka/connect-certs is fixed path within Connectors + mounts = append(mounts, corev1.VolumeMount{ + Name: "key", + MountPath: "/opt/kafka/connect-certs/key", + }) + } + + return append(mounts, values.Storage.VolumeMounts...) +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/helpers.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/helpers.go new file mode 100644 index 0000000000..9440b61e28 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/helpers.go @@ -0,0 +1,101 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_helpers.go.tpl +package connectors + +import ( + "fmt" + + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" +) + +func Name(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + name := helmette.Default(dot.Chart.Name, values.NameOverride) + return trunc(name) +} + +func Fullname(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + + if !helmette.Empty(values.FullnameOverride) { + return trunc(values.FullnameOverride) + } + + name := helmette.Default(dot.Chart.Name, values.NameOverride) + + if helmette.Contains(name, dot.Release.Name) { + return trunc(dot.Release.Name) + } + return trunc(fmt.Sprintf("%s-%s", dot.Release.Name, name)) +} + +func FullLabels(dot *helmette.Dot) map[string]string { + return helmette.Merge(map[string]string{ + "helm.sh/chart": Chart(dot), + "app.kubernetes.io/managed-by": dot.Release.Service, + }, PodLabels(dot)) +} + +func PodLabels(dot *helmette.Dot) map[string]string { + values := helmette.Unwrap[Values](dot.Values) + return helmette.Merge(map[string]string{ + "app.kubernetes.io/name": Name(dot), + "app.kubernetes.io/instance": dot.Release.Name, + "app.kubernetes.io/component": Name(dot), + }, values.CommonLabels) +} + +func Chart(dot *helmette.Dot) string { + chart := fmt.Sprintf("%s-%s", dot.Chart.Name, dot.Chart.Version) + return trunc(helmette.Replace("+", "_", chart)) +} + +func Semver(dot *helmette.Dot) string { + return helmette.TrimPrefix("v", Tag(dot)) +} + +func ServiceAccountName(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + if values.ServiceAccount.Create { + return helmette.Default(Fullname(dot), values.ServiceAccount.Name) + } + return helmette.Default("default", values.ServiceAccount.Name) +} + +func ServiceName(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + return helmette.Default(Fullname(dot), values.Service.Name) +} + +func Tag(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + + tag := helmette.Default(dot.Chart.AppVersion, values.Image.Tag) + matchString := "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" + + if !helmette.MustRegexMatch(matchString, tag) { + // This error message is for end users. This can also occur if + // AppVersion doesn't start with a 'v' in Chart.yaml. + panic("image.tag must start with a 'v' and be a valid semver") + } + + return tag +} + +func trunc(s string) string { + return helmette.TrimSuffix("-", helmette.Trunc(63, s)) +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/podmonitor.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/podmonitor.go new file mode 100644 index 0000000000..fbee5c59e5 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/podmonitor.go @@ -0,0 +1,56 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_pod-monitor.go.tpl +package connectors + +import ( + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func PodMonitor(dot *helmette.Dot) *monitoringv1.PodMonitor { + values := helmette.Unwrap[Values](dot.Values) + + // TODO Add check for .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" + if !values.Monitoring.Enabled { + return nil + } + + return &monitoringv1.PodMonitor{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "monitoring.coreos.com/v1", + Kind: "PodMonitor", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Labels: values.Monitoring.Labels, + Annotations: values.Monitoring.Annotations, + }, + Spec: monitoringv1.PodMonitorSpec{ + NamespaceSelector: values.Monitoring.NamespaceSelector, + PodMetricsEndpoints: []monitoringv1.PodMetricsEndpoint{ + { + Path: "/", + Port: "prometheus", + }, + }, + Selector: metav1.LabelSelector{ + MatchLabels: PodLabels(dot), + }, + }, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/service.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/service.go new file mode 100644 index 0000000000..17d39fba8b --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/service.go @@ -0,0 +1,74 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_service.go.tpl +package connectors + +import ( + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" + "k8s.io/utils/ptr" +) + +func Service(dot *helmette.Dot) *corev1.Service { + values := helmette.Unwrap[Values](dot.Values) + + ports := []corev1.ServicePort{ + { + Name: "rest-api", + Port: values.Connectors.RestPort, + TargetPort: intstr.FromInt32(values.Connectors.RestPort), + Protocol: corev1.ProtocolTCP, + }, + } + + for _, port := range values.Service.Ports { + ports = append(ports, corev1.ServicePort{ + Name: port.Name, + Port: port.Port, + TargetPort: intstr.FromInt32(port.Port), + Protocol: corev1.ProtocolTCP, + }) + } + + return &corev1.Service{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Service", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: ServiceName(dot), + // TODO this isn't 100% correct as users could have previously + // added: `annotations: {}` as the value for annotations to get + // them to render correctly. + Labels: helmette.Merge( + FullLabels(dot), + values.Service.Annotations, + ), + }, + Spec: corev1.ServiceSpec{ + IPFamilies: []corev1.IPFamily{ + corev1.IPv4Protocol, + }, + IPFamilyPolicy: ptr.To(corev1.IPFamilyPolicySingleStack), + Ports: ports, + Selector: PodLabels(dot), + SessionAffinity: corev1.ServiceAffinityNone, + Type: corev1.ServiceTypeClusterIP, + }, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/serviceaccount.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/serviceaccount.go new file mode 100644 index 0000000000..2b689effd6 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/serviceaccount.go @@ -0,0 +1,44 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_serviceaccount.go.tpl +package connectors + +import ( + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func ServiceAccount(dot *helmette.Dot) *corev1.ServiceAccount { + values := helmette.Unwrap[Values](dot.Values) + + if !values.ServiceAccount.Create { + return nil + } + + return &corev1.ServiceAccount{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "ServiceAccount", + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: values.ServiceAccount.Annotations, + Labels: FullLabels(dot), + Name: ServiceAccountName(dot), + Namespace: dot.Release.Namespace, + }, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_deployment.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_deployment.go.tpl new file mode 100644 index 0000000000..f785c1ad92 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_deployment.go.tpl @@ -0,0 +1,136 @@ +{{- /* Generated from "deployment.go" */ -}} + +{{- define "connectors.Deployment" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.deployment.create) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $topologySpreadConstraints := (coalesce nil) -}} +{{- range $_, $spread := $values.deployment.topologySpreadConstraints -}} +{{- $topologySpreadConstraints = (concat (default (list ) $topologySpreadConstraints) (list (mustMergeOverwrite (dict "maxSkew" 0 "topologyKey" "" "whenUnsatisfiable" "" ) (dict "labelSelector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r") )) "maxSkew" ($spread.maxSkew | int) "topologyKey" $spread.topologyKey "whenUnsatisfiable" $spread.whenUnsatisfiable )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $ports := (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "containerPort" ($values.connectors.restPort | int) "name" "rest-api" "protocol" "TCP" ))) -}} +{{- range $_, $port := $values.service.ports -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" $port.name "containerPort" ($port.port | int) "protocol" "TCP" )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $podAntiAffinity := (coalesce nil) -}} +{{- if (ne $values.deployment.podAntiAffinity (coalesce nil)) -}} +{{- if (eq $values.deployment.podAntiAffinity.type "hard") -}} +{{- $podAntiAffinity = (mustMergeOverwrite (dict ) (dict "requiredDuringSchedulingIgnoredDuringExecution" (list (mustMergeOverwrite (dict "topologyKey" "" ) (dict "topologyKey" $values.deployment.podAntiAffinity.topologyKey "namespaces" (list $dot.Release.Namespace) "labelSelector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r") )) ))) )) -}} +{{- else -}}{{- if (eq $values.deployment.podAntiAffinity.type "soft") -}} +{{- $podAntiAffinity = (mustMergeOverwrite (dict ) (dict "preferredDuringSchedulingIgnoredDuringExecution" (list (mustMergeOverwrite (dict "weight" 0 "podAffinityTerm" (dict "topologyKey" "" ) ) (dict "weight" $values.deployment.podAntiAffinity.weight "podAffinityTerm" (mustMergeOverwrite (dict "topologyKey" "" ) (dict "topologyKey" $values.deployment.podAntiAffinity.topologyKey "namespaces" (list $dot.Release.Namespace) "labelSelector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r") )) )) ))) )) -}} +{{- else -}}{{- if (eq $values.deployment.podAntiAffinity.type "custom") -}} +{{- $podAntiAffinity = $values.deployment.podAntiAffinity.custom -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "selector" (coalesce nil) "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) "strategy" (dict ) ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "apps/v1" "kind" "Deployment" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "connectors.Fullname" (dict "a" (list $dot) ))) "r") "labels" (merge (dict ) (get (fromJson (include "connectors.FullLabels" (dict "a" (list $dot) ))) "r") $values.deployment.annotations) )) "spec" (mustMergeOverwrite (dict "selector" (coalesce nil) "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) "strategy" (dict ) ) (dict "replicas" $values.deployment.replicas "progressDeadlineSeconds" ($values.deployment.progressDeadlineSeconds | int) "revisionHistoryLimit" $values.deployment.revisionHistoryLimit "selector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r") )) "strategy" $values.deployment.strategy "template" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "annotations" $values.deployment.annotations "labels" (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict "containers" (coalesce nil) ) (dict "terminationGracePeriodSeconds" $values.deployment.terminationGracePeriodSeconds "affinity" (mustMergeOverwrite (dict ) (dict "nodeAffinity" $values.deployment.nodeAffinity "podAffinity" $values.deployment.podAffinity "podAntiAffinity" $podAntiAffinity )) "serviceAccountName" (get (fromJson (include "connectors.ServiceAccountName" (dict "a" (list $dot) ))) "r") "containers" (list (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "connectors-cluster" "image" (printf "%s:%s" $values.image.repository (get (fromJson (include "connectors.Tag" (dict "a" (list $dot) ))) "r")) "imagePullPolicy" $values.image.pullPolicy "securityContext" $values.container.securityContext "command" $values.deployment.command "env" (get (fromJson (include "connectors.env" (dict "a" (list $values) ))) "r") "envFrom" $values.deployment.extraEnvFrom "livenessProbe" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "httpGet" (mustMergeOverwrite (dict "port" 0 ) (dict "path" "/" "port" "rest-api" "scheme" "HTTP" )) )) (dict "initialDelaySeconds" ($values.deployment.livenessProbe.initialDelaySeconds | int) "timeoutSeconds" ($values.deployment.livenessProbe.timeoutSeconds | int) "periodSeconds" ($values.deployment.livenessProbe.periodSeconds | int) "successThreshold" ($values.deployment.livenessProbe.successThreshold | int) "failureThreshold" ($values.deployment.livenessProbe.failureThreshold | int) )) "readinessProbe" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "httpGet" (mustMergeOverwrite (dict "port" 0 ) (dict "path" "/connectors" "port" "rest-api" "scheme" "HTTP" )) )) (dict "initialDelaySeconds" ($values.deployment.readinessProbe.initialDelaySeconds | int) "timeoutSeconds" ($values.deployment.readinessProbe.timeoutSeconds | int) "periodSeconds" ($values.deployment.readinessProbe.periodSeconds | int) "successThreshold" ($values.deployment.readinessProbe.successThreshold | int) "failureThreshold" ($values.deployment.readinessProbe.failureThreshold | int) )) "ports" $ports "resources" (mustMergeOverwrite (dict ) (dict "requests" $values.container.resources.request "limits" $values.container.resources.limits )) "terminationMessagePath" "/dev/termination-log" "terminationMessagePolicy" "File" "volumeMounts" (get (fromJson (include "connectors.volumeMountss" (dict "a" (list $values) ))) "r") ))) "dnsPolicy" "ClusterFirst" "restartPolicy" $values.deployment.restartPolicy "schedulerName" $values.deployment.schedulerName "nodeSelector" $values.deployment.nodeSelector "imagePullSecrets" $values.imagePullSecrets "securityContext" $values.deployment.securityContext "tolerations" $values.deployment.tolerations "topologySpreadConstraints" $topologySpreadConstraints "volumes" (get (fromJson (include "connectors.volumes" (dict "a" (list $values) ))) "r") )) )) )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.env" -}} +{{- $values := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $env := (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_CONFIGURATION" "value" (get (fromJson (include "connectors.connectorConfiguration" (dict "a" (list $values) ))) "r") )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_ADDITIONAL_CONFIGURATION" "value" $values.connectors.additionalConfiguration )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_BOOTSTRAP_SERVERS" "value" $values.connectors.bootstrapServers ))) -}} +{{- if (not (empty $values.connectors.schemaRegistryURL)) -}} +{{- $env = (concat (default (list ) $env) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "SCHEMA_REGISTRY_URL" "value" $values.connectors.schemaRegistryURL )))) -}} +{{- end -}} +{{- $env = (concat (default (list ) $env) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_GC_LOG_ENABLED" "value" $values.container.javaGCLogEnabled )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_HEAP_OPTS" "value" (printf "-Xms256M -Xmx%s" $values.container.resources.javaMaxHeapSize) )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_LOG_LEVEL" "value" $values.logging.level )))) -}} +{{- if (get (fromJson (include "connectors.Auth.SASLEnabled" (dict "a" (list $values.auth) ))) "r") -}} +{{- $env = (concat (default (list ) $env) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_SASL_USERNAME" "value" $values.auth.sasl.userName )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_SASL_MECHANISM" "value" $values.auth.sasl.mechanism )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_SASL_PASSWORD_FILE" "value" "rc-credentials/password" )))) -}} +{{- end -}} +{{- $env = (concat (default (list ) $env) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_TLS_ENABLED" "value" (printf "%v" $values.connectors.brokerTLS.enabled) )))) -}} +{{- if (not (empty $values.connectors.brokerTLS.ca.secretRef)) -}} +{{- $ca := (default "ca.crt" $values.connectors.brokerTLS.ca.secretNameOverwrite) -}} +{{- $env = (concat (default (list ) $env) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_TRUSTED_CERTS" "value" (printf "ca/%s" $ca) )))) -}} +{{- end -}} +{{- if (not (empty $values.connectors.brokerTLS.cert.secretRef)) -}} +{{- $cert := (default "tls.crt" $values.connectors.brokerTLS.cert.secretNameOverwrite) -}} +{{- $env = (concat (default (list ) $env) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_TLS_AUTH_CERT" "value" (printf "cert/%s" $cert) )))) -}} +{{- end -}} +{{- if (not (empty $values.connectors.brokerTLS.key.secretRef)) -}} +{{- $key := (default "tls.key" $values.connectors.brokerTLS.key.secretNameOverwrite) -}} +{{- $env = (concat (default (list ) $env) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONNECT_TLS_AUTH_KEY" "value" (printf "key/%s" $key) )))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $env) (default (list ) $values.deployment.extraEnv))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.connectorConfiguration" -}} +{{- $values := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $lines := (list (printf "rest.advertised.port=%d" ($values.connectors.restPort | int)) (printf "rest.port=%d" ($values.connectors.restPort | int)) "key.converter=org.apache.kafka.connect.converters.ByteArrayConverter" "value.converter=org.apache.kafka.connect.converters.ByteArrayConverter" (printf "group.id=%s" $values.connectors.groupID) (printf "offset.storage.topic=%s" $values.connectors.storage.topic.offset) (printf "config.storage.topic=%s" $values.connectors.storage.topic.config) (printf "status.storage.topic=%s" $values.connectors.storage.topic.status) (printf "offset.storage.redpanda.remote.read=%t" $values.connectors.storage.remote.read.offset) (printf "offset.storage.redpanda.remote.write=%t" $values.connectors.storage.remote.write.offset) (printf "config.storage.redpanda.remote.read=%t" $values.connectors.storage.remote.read.config) (printf "config.storage.redpanda.remote.write=%t" $values.connectors.storage.remote.write.config) (printf "status.storage.redpanda.remote.read=%t" $values.connectors.storage.remote.read.status) (printf "status.storage.redpanda.remote.write=%t" $values.connectors.storage.remote.write.status) (printf "offset.storage.replication.factor=%d" ($values.connectors.storage.replicationFactor.offset | int)) (printf "config.storage.replication.factor=%d" ($values.connectors.storage.replicationFactor.config | int)) (printf "status.storage.replication.factor=%d" ($values.connectors.storage.replicationFactor.status | int)) (printf "producer.linger.ms=%d" ($values.connectors.producerLingerMS | int)) (printf "producer.batch.size=%d" ($values.connectors.producerBatchSize | int)) "config.providers=file,secretsManager,env" "config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider") -}} +{{- if $values.connectors.secretManager.enabled -}} +{{- $lines = (concat (default (list ) $lines) (list "config.providers.secretsManager.class=com.github.jcustenborder.kafka.config.aws.SecretsManagerConfigProvider" (printf "config.providers.secretsManager.param.secret.prefix=%s%s" $values.connectors.secretManager.consolePrefix $values.connectors.secretManager.connectorsPrefix) (printf "config.providers.secretsManager.param.aws.region=%s" $values.connectors.secretManager.region))) -}} +{{- end -}} +{{- $lines = (concat (default (list ) $lines) (list "config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (join "\n" $lines)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.volumes" -}} +{{- $values := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $volumes := (coalesce nil) -}} +{{- if (not (empty $values.connectors.brokerTLS.ca.secretRef)) -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "defaultMode" (0o444 | int) "secretName" $values.connectors.brokerTLS.ca.secretRef )) )) (dict "name" "truststore" )))) -}} +{{- end -}} +{{- if (not (empty $values.connectors.brokerTLS.cert.secretRef)) -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "defaultMode" (0o444 | int) "secretName" $values.connectors.brokerTLS.cert.secretRef )) )) (dict "name" "cert" )))) -}} +{{- end -}} +{{- if (not (empty $values.connectors.brokerTLS.key.secretRef)) -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "defaultMode" (0o444 | int) "secretName" $values.connectors.brokerTLS.key.secretRef )) )) (dict "name" "key" )))) -}} +{{- end -}} +{{- if (get (fromJson (include "connectors.Auth.SASLEnabled" (dict "a" (list $values.auth) ))) "r") -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "defaultMode" (0o444 | int) "secretName" $values.auth.sasl.secretRef )) )) (dict "name" "rc-credentials" )))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $volumes) (default (list ) $values.storage.volume))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.volumeMountss" -}} +{{- $values := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $mounts := (coalesce nil) -}} +{{- if (get (fromJson (include "connectors.Auth.SASLEnabled" (dict "a" (list $values.auth) ))) "r") -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "mountPath" "/opt/kafka/connect-password/rc-credentials" "name" "rc-credentials" )))) -}} +{{- end -}} +{{- if (not (empty $values.connectors.brokerTLS.ca.secretRef)) -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "truststore" "mountPath" "/opt/kafka/connect-certs/ca" )))) -}} +{{- end -}} +{{- if (not (empty $values.connectors.brokerTLS.cert.secretRef)) -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "cert" "mountPath" "/opt/kafka/connect-certs/cert" )))) -}} +{{- end -}} +{{- if (not (empty $values.connectors.brokerTLS.key.secretRef)) -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "key" "mountPath" "/opt/kafka/connect-certs/key" )))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $mounts) (default (list ) $values.storage.volumeMounts))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_helpers.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_helpers.go.tpl new file mode 100644 index 0000000000..49b7115382 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_helpers.go.tpl @@ -0,0 +1,131 @@ +{{- /* Generated from "helpers.go" */ -}} + +{{- define "connectors.Name" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $name := (default $dot.Chart.Name $values.nameOverride) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "connectors.trunc" (dict "a" (list $name) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.Fullname" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not (empty $values.fullnameOverride)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "connectors.trunc" (dict "a" (list $values.fullnameOverride) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $name := (default $dot.Chart.Name $values.nameOverride) -}} +{{- if (contains $name $dot.Release.Name) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "connectors.trunc" (dict "a" (list $dot.Release.Name) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "connectors.trunc" (dict "a" (list (printf "%s-%s" $dot.Release.Name $name)) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.FullLabels" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) (dict "helm.sh/chart" (get (fromJson (include "connectors.Chart" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/managed-by" $dot.Release.Service ) (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.PodLabels" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) (dict "app.kubernetes.io/name" (get (fromJson (include "connectors.Name" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/instance" $dot.Release.Name "app.kubernetes.io/component" (get (fromJson (include "connectors.Name" (dict "a" (list $dot) ))) "r") ) $values.commonLabels)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.Chart" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $chart := (printf "%s-%s" $dot.Chart.Name $dot.Chart.Version) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "connectors.trunc" (dict "a" (list (replace "+" "_" $chart)) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.Semver" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (trimPrefix "v" (get (fromJson (include "connectors.Tag" (dict "a" (list $dot) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.ServiceAccountName" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if $values.serviceAccount.create -}} +{{- $_is_returning = true -}} +{{- (dict "r" (default (get (fromJson (include "connectors.Fullname" (dict "a" (list $dot) ))) "r") $values.serviceAccount.name)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (default "default" $values.serviceAccount.name)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.ServiceName" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (default (get (fromJson (include "connectors.Fullname" (dict "a" (list $dot) ))) "r") $values.service.name)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.Tag" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $tag := (default $dot.Chart.AppVersion $values.image.tag) -}} +{{- $matchString := "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" -}} +{{- if (not (mustRegexMatch $matchString $tag)) -}} +{{- $_ := (fail "image.tag must start with a 'v' and be a valid semver") -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $tag) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "connectors.trunc" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (trimSuffix "-" (trunc (63 | int) $s))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_helpers.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_helpers.tpl new file mode 100644 index 0000000000..89c888eeef --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_helpers.tpl @@ -0,0 +1,79 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{/* +Expand the name of the chart. +*/}} +{{- define "connectors.name" -}} +{{- get ((include "connectors.Name" (dict "a" (list .))) | fromJson) "r" }} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "connectors.fullname" }} +{{- get ((include "connectors.Fullname" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +full helm labels + common labels +*/}} +{{- define "full.labels" -}} +{{- (get ((include "connectors.FullLabels" (dict "a" (list .))) | fromJson) "r") | toYaml }} +{{- end -}} + +{{/* +pod labels merged with common labels +*/}} +{{- define "connectors-pod-labels" -}} +{{- (get ((include "connectors.PodLabels" (dict "a" (list .))) | fromJson) "r") | toYaml }} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "connectors.chart" -}} +{{- get ((include "connectors.Chart" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Get the version of redpanda being used as an image +*/}} +{{- define "connectors.semver" -}} +{{- get ((include "connectors.Tag" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "connectors.serviceAccountName" -}} +{{- get ((include "connectors.ServiceAccountName" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Create the name of the service to use +*/}} +{{- define "connectors.serviceName" -}} +{{- get ((include "connectors.ServiceName" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Use AppVersion if image.tag is not set +*/}} +{{- define "connectors.tag" -}} +{{- get ((include "connectors.Tag" (dict "a" (list .))) | fromJson) "r" }} +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_pod-monitor.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_pod-monitor.go.tpl new file mode 100644 index 0000000000..4e12b20084 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_pod-monitor.go.tpl @@ -0,0 +1,18 @@ +{{- /* Generated from "podmonitor.go" */ -}} + +{{- define "connectors.PodMonitor" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.monitoring.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "podMetricsEndpoints" (coalesce nil) "selector" (dict ) "namespaceSelector" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "monitoring.coreos.com/v1" "kind" "PodMonitor" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "connectors.Fullname" (dict "a" (list $dot) ))) "r") "labels" $values.monitoring.labels "annotations" $values.monitoring.annotations )) "spec" (mustMergeOverwrite (dict "podMetricsEndpoints" (coalesce nil) "selector" (dict ) "namespaceSelector" (dict ) ) (dict "namespaceSelector" $values.monitoring.namespaceSelector "podMetricsEndpoints" (list (mustMergeOverwrite (dict "bearerTokenSecret" (dict "key" "" ) ) (dict "path" "/" "port" "prometheus" ))) "selector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r") )) )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_service.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_service.go.tpl new file mode 100644 index 0000000000..54a7ce8a05 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_service.go.tpl @@ -0,0 +1,20 @@ +{{- /* Generated from "service.go" */ -}} + +{{- define "connectors.Service" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $ports := (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" "rest-api" "port" ($values.connectors.restPort | int) "targetPort" ($values.connectors.restPort | int) "protocol" "TCP" ))) -}} +{{- range $_, $port := $values.service.ports -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" $port.name "port" ($port.port | int) "targetPort" ($port.port | int) "protocol" "TCP" )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Service" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "connectors.ServiceName" (dict "a" (list $dot) ))) "r") "labels" (merge (dict ) (get (fromJson (include "connectors.FullLabels" (dict "a" (list $dot) ))) "r") $values.service.annotations) )) "spec" (mustMergeOverwrite (dict ) (dict "ipFamilies" (list "IPv4") "ipFamilyPolicy" "SingleStack" "ports" $ports "selector" (get (fromJson (include "connectors.PodLabels" (dict "a" (list $dot) ))) "r") "sessionAffinity" "None" "type" "ClusterIP" )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_serviceaccount.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_serviceaccount.go.tpl new file mode 100644 index 0000000000..31b5ac2acd --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_serviceaccount.go.tpl @@ -0,0 +1,18 @@ +{{- /* Generated from "serviceaccount.go" */ -}} + +{{- define "connectors.ServiceAccount" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.serviceAccount.create) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "ServiceAccount" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "annotations" $values.serviceAccount.annotations "labels" (get (fromJson (include "connectors.FullLabels" (dict "a" (list $dot) ))) "r") "name" (get (fromJson (include "connectors.ServiceAccountName" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_shims.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_shims.tpl new file mode 100644 index 0000000000..e3bb40e415 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_shims.tpl @@ -0,0 +1,289 @@ +{{- /* Generated from "bootstrap.go" */ -}} + +{{- define "_shims.typetest" -}} +{{- $typ := (index .a 0) -}} +{{- $value := (index .a 1) -}} +{{- $zero := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs $typ $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $zero false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.typeassertion" -}} +{{- $typ := (index .a 0) -}} +{{- $value := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (not (typeIs $typ $value)) -}} +{{- $_ := (fail (printf "expected type of %q got: %T" $typ $value)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $value) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.dicttest" -}} +{{- $m := (index .a 0) -}} +{{- $key := (index .a 1) -}} +{{- $zero := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (hasKey $m $key) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (index $m $key) true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $zero false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.compact" -}} +{{- $args := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $out := (dict ) -}} +{{- range $i, $e := $args -}} +{{- $_ := (set $out (printf "T%d" ((add (1 | int) $i) | int)) $e) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $out) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.deref" -}} +{{- $ptr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $ptr (coalesce nil)) -}} +{{- $_ := (fail "nil dereference") -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $ptr) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.len" -}} +{{- $m := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $m (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (0 | int)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (len $m)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.ptr_Deref" -}} +{{- $ptr := (index .a 0) -}} +{{- $def := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $ptr (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $ptr) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $def) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.ptr_Equal" -}} +{{- $a := (index .a 0) -}} +{{- $b := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (and (eq $a (coalesce nil)) (eq $b (coalesce nil))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (eq $a $b)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.lookup" -}} +{{- $apiVersion := (index .a 0) -}} +{{- $kind := (index .a 1) -}} +{{- $namespace := (index .a 2) -}} +{{- $name := (index .a 3) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (lookup $apiVersion $kind $namespace $name) -}} +{{- if (empty $result) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (coalesce nil) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $result true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.asnumeric" -}} +{{- $value := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs "float64" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (typeIs "int64" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (typeIs "int" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (0 | int) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.asintegral" -}} +{{- $value := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (or (typeIs "int64" $value) (typeIs "int" $value)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (and (typeIs "float64" $value) (eq (floor $value) $value)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (0 | int) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.parseResource" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs "float64" $repr) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (float64 $repr) 1.0)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (not (typeIs "string" $repr)) -}} +{{- $_ := (fail (printf "invalid Quantity expected string or float64 got: %T (%v)" $repr $repr)) -}} +{{- end -}} +{{- if (not (regexMatch `^[0-9]+(\.[0-9]{0,6})?(k|m|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$` $repr)) -}} +{{- $_ := (fail (printf "invalid Quantity: %q" $repr)) -}} +{{- end -}} +{{- $reprStr := (toString $repr) -}} +{{- $unit := (regexFind "(k|m|M|G|T|P|Ki|Mi|Gi|Ti|Pi)$" $repr) -}} +{{- $numeric := (float64 (substr (0 | int) ((sub ((get (fromJson (include "_shims.len" (dict "a" (list $reprStr) ))) "r") | int) ((get (fromJson (include "_shims.len" (dict "a" (list $unit) ))) "r") | int)) | int) $reprStr)) -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list (dict "" 1.0 "m" 0.001 "k" (1000 | int) "M" (1000000 | int) "G" (1000000000 | int) "T" (1000000000000 | int) "P" (1000000000000000 | int) "Ki" (1024 | int) "Mi" (1048576 | int) "Gi" (1073741824 | int) "Ti" (1099511627776 | int) "Pi" (1125899906842624 | int) ) $unit (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_1.T2 -}} +{{- $scale := ($tmp_tuple_1.T1 | float64) -}} +{{- if (not $ok) -}} +{{- $_ := (fail (printf "unknown unit: %q" $unit)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $numeric $scale)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_MustParse" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_2.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_2.T1 | float64) -}} +{{- $strs := (list "" "m" "k" "M" "G" "T" "P" "Ki" "Mi" "Gi" "Ti" "Pi") -}} +{{- $scales := (list 1.0 0.001 (1000 | int) (1000000 | int) (1000000000 | int) (1000000000000 | int) (1000000000000000 | int) (1024 | int) (1048576 | int) (1073741824 | int) (1099511627776 | int) (1125899906842624 | int)) -}} +{{- $idx := -1 -}} +{{- range $i, $s := $scales -}} +{{- if (eq ($s | float64) ($scale | float64)) -}} +{{- $idx = $i -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- if (eq $idx -1) -}} +{{- $_ := (fail (printf "unknown scale: %v" $scale)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s%s" (toString $numeric) (index $strs $idx))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_Value" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_3.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_3.T1 | float64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (int64 (ceil ((mulf $numeric $scale) | float64)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_MilliValue" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_4.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_4.T1 | float64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (int64 (ceil ((mulf ((mulf $numeric 1000.0) | float64) $scale) | float64)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.render-manifest" -}} +{{- $tpl := (index . 0) -}} +{{- $dot := (index . 1) -}} +{{- $manifests := (get ((include $tpl (dict "a" (list $dot))) | fromJson) "r") -}} +{{- if not (typeIs "[]interface {}" $manifests) -}} +{{- $manifests = (list $manifests) -}} +{{- end -}} +{{- range $_, $manifest := $manifests -}} +{{- if ne $manifest nil }} +--- +{{toYaml (unset (unset $manifest "status") "creationTimestamp")}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_values.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_values.go.tpl new file mode 100644 index 0000000000..9b304d4bf6 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/_values.go.tpl @@ -0,0 +1,15 @@ +{{- /* Generated from "values.go" */ -}} + +{{- define "connectors.Auth.SASLEnabled" -}} +{{- $c := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $saslEnabled := (not (empty $c.sasl.userName)) -}} +{{- $saslEnabled = (and $saslEnabled (not (empty $c.sasl.mechanism))) -}} +{{- $saslEnabled = (and $saslEnabled (not (empty $c.sasl.secretRef))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $saslEnabled) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/deployment.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/deployment.yaml new file mode 100644 index 0000000000..ee78b69ebf --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/deployment.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "connectors.Deployment" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/pod-monitor.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/pod-monitor.yaml new file mode 100644 index 0000000000..42c1457546 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/pod-monitor.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "connectors.PodMonitor" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/service.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/service.yaml new file mode 100644 index 0000000000..0b8825befc --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/service.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "connectors.Service" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/serviceaccount.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/serviceaccount.yaml new file mode 100644 index 0000000000..eda755fb14 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/serviceaccount.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "connectors.ServiceAccount" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/tests/01-mm2-values.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/tests/01-mm2-values.yaml new file mode 100644 index 0000000000..f74732def8 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/templates/tests/01-mm2-values.yaml @@ -0,0 +1,176 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- define "curl-options" -}} +{{- print " -svm3 --fail --retry \"120\" --retry-max-time \"120\" --retry-all-errors -o - -w \"\\nstatus=%{http_code} %{redirect_url} size=%{size_download} time=%{time_total} content-type=\\\"%{content_type}\\\"\\n\" "}} +{{- end -}} +{{- if .Values.test.create -}} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "connectors.fullname" . }}-mm2-test-{{ randNumeric 3 }} + namespace: {{ .Release.Namespace | quote }} + labels: +{{- with include "full.labels" . }} + {{- . | nindent 4 }} +{{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: create-mm2 + image: docker.redpanda.com/redpandadata/redpanda:latest + command: + - /bin/bash + - -c + - | + set -xe + + trap connectorsState ERR + + connectorsState () { + echo check connectors expand status + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors?expand=status + echo check connectors expand info + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors?expand=info + echo check connector configuration + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors/$CONNECTOR_NAME + echo check connector topics + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors/$CONNECTOR_NAME/topics + } + + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors + + SASL_MECHANISM="PLAIN" + {{- if .Values.auth.sasl.enabled }} + set -e + set +x + + IFS=: read -r CONNECT_SASL_USERNAME KAFKA_SASL_PASSWORD CONNECT_SASL_MECHANISM < $(find /mnt/users/* -print) + CONNECT_SASL_MECHANISM=${CONNECT_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + if [[ -n "$CONNECT_SASL_USERNAME" && -n "$KAFKA_SASL_PASSWORD" && -n "$CONNECT_SASL_MECHANISM" ]]; then + rpk profile set user=$CONNECT_SASL_USERNAME pass=$KAFKA_SASL_PASSWORD sasl.mechanism=$CONNECT_SASL_MECHANISM + SASL_MECHANISM=$CONNECT_SASL_MECHANISM + JAAS_CONFIG_SOURCE="\"source.cluster.sasl.jaas.config\": \"org.apache.kafka.common.security.scram.ScramLoginModule required username=\\\\"\"${CONNECT_SASL_USERNAME}\\\\"\" password=\\\\"\"${KAFKA_SASL_PASSWORD}\\\\"\";\"," + JAAS_CONFIG_TARGET="\"target.cluster.sasl.jaas.config\": \"org.apache.kafka.common.security.scram.ScramLoginModule required username=\\\\"\"${CONNECT_SASL_USERNAME}\\\\"\" password=\\\\"\"${KAFKA_SASL_PASSWORD}\\\\"\";\"," + fi + + set -x + set +e + {{- end }} + + rpk profile create test + rpk profile set tls.enabled={{.Values.connectors.brokerTLS.enabled}} brokers={{ .Values.connectors.bootstrapServers }} + {{- if .Values.connectors.brokerTLS.ca.secretRef }} + rpk profile set tls.ca={{ printf "/redpanda-certs/%s" (default "ca.crt" .Values.connectors.brokerTLS.ca.secretNameOverwrite) }} + {{- end }} + + {{- if .Values.connectors.brokerTLS.enabled }} + CONNECT_TLS_ENABLED=true + {{- else }} + CONNECT_TLS_ENABLED=false + {{- end }} + SECURITY_PROTOCOL=PLAINTEXT + if [[ -n "$CONNECT_SASL_MECHANISM" && $CONNECT_TLS_ENABLED == "true" ]]; then + SECURITY_PROTOCOL="SASL_SSL" + elif [[ -n "$CONNECT_SASL_MECHANISM" ]]; then + SECURITY_PROTOCOL="SASL_PLAINTEXT" + elif [[ $CONNECT_TLS_ENABLED == "true" ]]; then + SECURITY_PROTOCOL="SSL" + fi + + rpk topic list + rpk topic create test-topic + rpk topic list + echo "Test message!" | rpk topic produce test-topic + + CONNECTOR_NAME=mm2-$RANDOM + cat << 'EOF' > /tmp/mm2-conf.json + { + "name": "CONNECTOR_NAME", + "config": { + "connector.class": "org.apache.kafka.connect.mirror.MirrorSourceConnector", + "topics": "test-topic", + "replication.factor": "1", + "tasks.max": "1", + "source.cluster.bootstrap.servers": {{ .Values.connectors.bootstrapServers | quote }}, + "target.cluster.bootstrap.servers": {{ .Values.connectors.bootstrapServers | quote }}, + "target.cluster.alias": "test-only", + "source.cluster.alias": "source", + "key.converter": "org.apache.kafka.connect.converters.ByteArrayConverter", + "value.converter": "org.apache.kafka.connect.converters.ByteArrayConverter", + "source->target.enabled": "true", + "target->source.enabled": "false", + "sync.topic.configs.interval.seconds": "5", + "sync.topics.configs.enabled": "true", + "source.cluster.ssl.truststore.type": "PEM", + "target.cluster.ssl.truststore.type": "PEM", + "source.cluster.ssl.truststore.location": {{ printf "/opt/kafka/connect-certs/ca/%s" (default "ca.crt" .Values.connectors.brokerTLS.ca.secretNameOverwrite) | quote }}, + "target.cluster.ssl.truststore.location": {{ printf "/opt/kafka/connect-certs/ca/%s" (default "ca.crt" .Values.connectors.brokerTLS.ca.secretNameOverwrite) | quote }}, + JAAS_CONFIG_SOURCE + JAAS_CONFIG_TARGET + "source.cluster.security.protocol": "SECURITY_PROTOCOL", + "target.cluster.security.protocol": "SECURITY_PROTOCOL", + "source.cluster.sasl.mechanism": "SASL_MECHANISM", + "target.cluster.sasl.mechanism": "SASL_MECHANISM", + "offset-syncs.topic.replication.factor": 1 + } + } + EOF + + sed -i "s/CONNECTOR_NAME/$CONNECTOR_NAME/g" /tmp/mm2-conf.json + sed -i "s/SASL_MECHANISM/$SASL_MECHANISM/g" /tmp/mm2-conf.json + sed -i "s/SECURITY_PROTOCOL/$SECURITY_PROTOCOL/g" /tmp/mm2-conf.json + set +x + sed -i "s/JAAS_CONFIG_SOURCE/$JAAS_CONFIG_SOURCE/g" /tmp/mm2-conf.json + sed -i "s/JAAS_CONFIG_TARGET/$JAAS_CONFIG_TARGET/g" /tmp/mm2-conf.json + set -x + + curl {{ template "curl-options" . }} -H 'Content-Type: application/json' http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors -d @/tmp/mm2-conf.json + + # The rpk topic consume could fail for the first few times as kafka connect needs + # to spawn the task and copy one message from the source topic. To solve this race condition + # the retry should be implemented in bash for rpk topic consume or other mechanism that + # can confirm source connectors started its execution. As a fast fix fixed 30 second fix is added. + sleep 30 + + rpk topic consume source.test-topic -n 1 | grep "Test message!" + + curl {{ template "curl-options" . }} -X DELETE http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors/$CONNECTOR_NAME + + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" . }}:{{ .Values.connectors.restPort }}/connectors + + rpk topic delete test-topic source.test-topic mm2-offset-syncs.test-only.internal + volumeMounts: + {{- if .Values.connectors.brokerTLS.ca.secretRef }} + - mountPath: /redpanda-certs + name: redpanda-ca + {{- end }} + {{- toYaml .Values.storage.volumeMounts | nindent 8 }} + volumes: + {{- if .Values.connectors.brokerTLS.ca.secretRef }} + - name: redpanda-ca + secret: + defaultMode: 0444 + secretName: {{ .Values.connectors.brokerTLS.ca.secretRef }} + {{- end }} + {{- toYaml .Values.storage.volume | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases-generated.txtar b/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases-generated.txtar new file mode 100644 index 0000000000..575120e324 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases-generated.txtar @@ -0,0 +1,13778 @@ +Generated by TestGenerateCases +-- case-000 -- +fullnameOverride: rpVz +imagePullSecrets: +- name: "Y" +- name: oCy +- name: M +logging: + level: 0rksB2 +monitoring: + enabled: true + labels: + 5Fm2d5: 8GfL + HhgyOa: "1" + L9qHqt6R: LhlwQrUay + namespaceSelector: {} +nameOverride: pO5m +test: {} +tolerations: +- effect: 險CƅN奚4z攷Ȭ懿ǩi + key: ftgtOR + operator: 轧ǎɄHL骮磊胦Ĥ鰭 + value: HNRvd3P +- effect: $駏AF + key: QEX + operator: TŦ + tolerationSeconds: 9130697478155031191 + value: gFhGwGYsZj8 +- effect: Ð(Ƨ4ýZ_体}ʢ + key: Skz0OP3K + operator: oEa@w瑭 + value: 3G +-- case-001 -- +auth: {} +container: + javaGCLogEnabled: t1lDqf0PT8Xy + securityContext: {} +fullnameOverride: WtC +nameOverride: nZ +service: + name: 5wkC +storage: {} +-- case-002 -- +container: + javaGCLogEnabled: YUlcy4 + resources: {} +fullnameOverride: xp6vcIlb +imagePullSecrets: +- name: Tm0bmByz +- name: gSGPB +- name: 58yP +nameOverride: ZZ5 +serviceAccount: + annotations: + gM: gxAdfFrD + create: true + name: AN +storage: + volume: + - name: AhJ + volumeMounts: + - mountPath: hVlmCfXmla + mountPropagation: ÇƭȊ餧鵣鋚蕛ʖ诂瑧)ɍĿ8šȪ轭ʌ倈 + name: 482T + readOnly: true + subPath: Un28M + subPathExpr: weDK9jo + - mountPath: YWN6OS + name: 5ijm8 + subPath: safiSmZ + - mountPath: MBW5 + name: ibiELmf2 + readOnly: true + subPath: E + subPathExpr: piX +test: {} +tolerations: +- effect: 翀ɫŧ(馕Ť B + key: z4CO9NIHr + operator: =ǒ旔Īz尰淅ȜL + tolerationSeconds: -3342574177579699030 + value: 6qB +- effect: f + operator: Jǂ繦緮:Ǥ鄒鉠V}璊澘苚澞邍 + value: eAj9 +- effect: ʥ龦ȏ櫕3ø½ + key: mVGM5 + operator: pȩ纆s;畞"ŀ凓ɿ®ĄǤ_ + tolerationSeconds: 8874959473893236931 + value: S97vJbOM +-- case-003 -- +container: + javaGCLogEnabled: AGZOKrMs + securityContext: {} +fullnameOverride: kNrkCdEuw9V +imagePullSecrets: +- name: QIa +- name: 9QE3ez +- name: np1QDs89l +logging: + level: s2fGu +monitoring: + scrapeInterval: 1275505h31m51.442697795s +nameOverride: Wvpgs +tolerations: +- effect: 蠉ŊWƎ-ɄM@腒z饊4宝芵D + key: ZA +- effect: 桋 + key: 89yJQ + operator: 統nȓ璝,搼匪¨蕂Z酺ŕ賀枴蕧颥 + tolerationSeconds: 404439244630337484 + value: 6CGQZY +-- case-004 -- +fullnameOverride: 74qyne +imagePullSecrets: +- name: lnn +nameOverride: xhLPt0 +test: {} +-- case-005 -- +auth: {} +container: + javaGCLogEnabled: u12AMM +deployment: + nodeSelector: + ppXWIa: yWFoE + priorityClassName: MVCo + readinessProbe: + exec: {} + failureThreshold: -321470157 + grpc: + port: -157736567 + service: lkRxi7xVArBg7 + initialDelaySeconds: 1821796808 + periodSeconds: -469069323 + successThreshold: -1171276641 + terminationGracePeriodSeconds: -6163690760469911235 + timeoutSeconds: 1191785929 + revisionHistoryLimit: -544556764 + schedulerName: Lwp + securityContext: + fsGroupChangePolicy: eĻȊ4愻' + runAsGroup: 7076055353387776300 + runAsUser: 1448978345039473532 + supplementalGroups: + - 6910305894952865149 + strategy: + type: AT9FgtX + terminationGracePeriodSeconds: 1820238753 + topologySpreadConstraints: + - topologyKey: OAvMKg + whenUnsatisfiable: pasNu + - topologyKey: izYRz + whenUnsatisfiable: V2RO2 +fullnameOverride: J +nameOverride: W +serviceAccount: + name: VLlCi +storage: + volumeMounts: + - mountPath: 9hR6GGwna + name: f9h8iHd + subPath: u6UaQTj + subPathExpr: A13AGT +-- case-006 -- +commonLabels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + m2DRq: cS +fullnameOverride: R93VG +logging: + level: 0aZ +nameOverride: Vlci +service: + name: gkX +serviceAccount: + annotations: + 2oUsUW: r + lx: u6Li342dNU + create: true + name: "7" +test: {} +tolerations: +- effect: ']粢GDž洉鼭i簾Ƹȑȼ裋#' + key: XVr + operator: rȷ,xdk« + value: S7cZC +-- case-007 -- +connectors: + additionalConfiguration: ZQu + bootstrapServers: ue + brokerTLS: {} + groupID: y2 + schemaRegistryURL: kS0A8GucOgn + secretManager: + connectorsPrefix: I072i1u + consolePrefix: ppQ9x2 + region: uohiz + storage: {} +fullnameOverride: NUTO +logging: + level: n3s7 +monitoring: + enabled: false + scrapeInterval: 758193h55m31.821599286s +nameOverride: Gb7J7k +service: + name: 9PY0 +test: + create: true +tolerations: +- key: Mq8z6HgsAvY + tolerationSeconds: 2615803531399402268 + value: hlJeDG2R +- effect: Æ弽ʟʍb³Y庻啱Ŧ頱ɛ隕蜐m鼋焜 + key: h + operator: P涉晣 ľ÷ɇV湣庻/ + value: Q +- effect: k + key: rt + operator: 菔xn + tolerationSeconds: 9166113446651272576 + value: kkW +-- case-008 -- +container: + javaGCLogEnabled: pq3jgGoeY +deployment: + budget: {} + extraEnvFrom: + - prefix: W + - prefix: 6Cgj + - prefix: YV + livenessProbe: + failureThreshold: -1790317528 + httpGet: + host: qAB + path: Eim2yxc + port: qhcH6h + scheme: 5捰¥­鎻藦 + initialDelaySeconds: -853917423 + periodSeconds: 1730314559 + successThreshold: -1047272333 + terminationGracePeriodSeconds: -6159328979217767494 + timeoutSeconds: 478977165 + podAntiAffinity: + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + faNCB: E4juJ + oIG4a9Wa: Fca0z9t + mismatchLabelKeys: + - 5lmh + - zy + namespaces: + - E2xl + topologyKey: 8N3 + - namespaceSelector: {} + topologyKey: hrMRkZSK + topologyKey: 9ZbeCsEgDC + type: jUSv + priorityClassName: T6Ndpl0PL + progressDeadlineSeconds: 467220788 + schedulerName: iVovlD + terminationGracePeriodSeconds: 1520290623 +fullnameOverride: PNw8 +imagePullSecrets: +- name: EzI +- {} +- name: rjR6q +nameOverride: tPhRiQRK +test: {} +-- case-009 -- +auth: + sasl: + enabled: false + mechanism: ECm + secretRef: Udgkf + userName: nhJO6Xj +container: + javaGCLogEnabled: K + resources: + limits: {} + request: {} + securityContext: + allowPrivilegeEscalation: true +deployment: + create: false + livenessProbe: + failureThreshold: -999329257 + grpc: + port: -155863346 + service: bWO + initialDelaySeconds: 1584729597 + periodSeconds: -1715701628 + successThreshold: 729966777 + timeoutSeconds: 696662707 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + priorityClassName: oEOG + schedulerName: FzFE73 +fullnameOverride: Ygj9B +nameOverride: wCD97n +service: + name: H +serviceAccount: + annotations: + LWQ09i: tiLdCrApld + v2D6hTB: NGlgEEm + create: true + name: eyeD +test: + create: true +tolerations: +- effect: Q笜ƿ]0Ƒ5Ġ瞙镆 + key: JHnNnpNn4wHeL + operator: 羛矖暓(ĵ蕥}撟CťI精Ů + value: 5k0 +- effect: 牭顭Ů"ɇ郿ƛ摒炽?ƗlûǤ眗ɣ@ģb + key: pcwgtTr + operator: ř + value: zs +-- case-010 -- +auth: {} +commonLabels: + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL +container: + javaGCLogEnabled: "" + resources: {} +fullnameOverride: LsGZn +monitoring: + enabled: true + labels: + wsUYAN3C: BzMz48 + namespaceSelector: + any: true +nameOverride: 9fz +serviceAccount: + create: false + name: bZ1w2 +storage: {} +-- case-011 -- +auth: + sasl: + mechanism: eTh + secretRef: H5TroU8 + userName: 8MR9Bee +commonLabels: + bX: vmmkhH2NHvdt + mO: pT +connectors: + additionalConfiguration: "" + bootstrapServers: vucld + brokerTLS: + enabled: false + key: + secretNameOverwrite: VT + secretRef: lz9QFe + groupID: X + producerBatchSize: 606208011 + producerLingerMS: 1644100599 + schemaRegistryURL: mGj8 + secretManager: + connectorsPrefix: uTTGy6JO572 + consolePrefix: TFKp + enabled: true + region: Zga57aiC +deployment: + budget: + maxUnavailable: -1825328882 + extraEnv: + - name: ogAtm + value: mJfm + - name: 2dTzgfH + value: sNiAP + valueFrom: + configMapKeyRef: + key: gSl56 + name: c + optional: true + resourceFieldRef: + containerName: AXKLF + divisor: "0" + resource: "" + - name: N1yV1 + value: nLSeqDK + extraEnvFrom: + - prefix: 9HB6W4t + secretRef: + name: NYC3bKPQWLc + optional: false + livenessProbe: + exec: {} + failureThreshold: -757710692 + initialDelaySeconds: -949475509 + periodSeconds: 1423942066 + successThreshold: 1080931760 + timeoutSeconds: -1902342435 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: qi12DQkzc + operator: 駣>蕐k泌蚮奘5d墥7Ȋ + values: + - Sp + weight: 1587628539 + podAntiAffinity: + topologyKey: rero1 + type: u + weight: 2087428837 + priorityClassName: ulsVLH + revisionHistoryLimit: -1010709730 + schedulerName: g + securityContext: + fsGroupChangePolicy: b + strategy: + type: XhI1Zz + updateStrategy: + type: OwYo +fullnameOverride: etuP +logging: + level: 20R9 +nameOverride: xiBXju +serviceAccount: + annotations: + OZRRPON: npX3 + Y1hvwE727: rZI + i1rZ2cwr: "" + name: dr5NDVhU0W3x +storage: + volumeMounts: + - mountPath: NIVHRdAc + name: BHPad + readOnly: true + subPath: z + subPathExpr: iwiB7uVoG + - mountPath: S6g7 + mountPropagation: $+g"訜駄 + name: 1iwfb + readOnly: true + subPath: 5XRI + subPathExpr: zNyXts +test: + create: false +-- case-012 -- +container: + javaGCLogEnabled: L9Ab4 +deployment: + annotations: + qhL: NwcVhzqvm + wjUv: xruF36CXB6YP + budget: {} + create: false + livenessProbe: + failureThreshold: -2109366246 + grpc: + port: -1015383620 + service: ritV + initialDelaySeconds: 1360388115 + periodSeconds: 768065118 + successThreshold: 1600450204 + terminationGracePeriodSeconds: -7255894925502993587 + timeoutSeconds: -1772311361 + nodeAffinity: {} + nodeSelector: + TPLQj2m: 7U6MPf + podAntiAffinity: + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + "": lEtTbibY + KL: "9" + cRAELbm: o7TNTG + namespaceSelector: {} + topologyKey: 65ytaH + - matchLabelKeys: + - cxFsG + - kfVIsSK1 + - k + namespaceSelector: {} + topologyKey: YL8 + topologyKey: lxPsOox + type: T + weight: -864722068 + priorityClassName: CX + progressDeadlineSeconds: 368835309 + revisionHistoryLimit: 1912936765 + schedulerName: FfXGO1 + strategy: + type: mjPaU + updateStrategy: + type: 0u +fullnameOverride: Tpn +monitoring: + labels: + "0": m4M + VAD3Bq: LIrfcIp + Zc7e: Ixb + namespaceSelector: + matchNames: + - 24w + scrapeInterval: 175243h15m49.218935959s +nameOverride: MexiU +service: + name: Ac +test: {} +tolerations: +- effect: 村ɭȢvɝ>Á阣ǵ«彼Ċȣ庯蕠ń + key: XLicRkmamr + operator: É晱鄼9腁 +- effect: FkËT鋏T碻 + key: DbJOt + operator: 涛ĩ差s坥閵;ĺ%堢醧 1?`脪雯! + value: RKg76fjFC +- effect: ƐlǎÜʛdž壟嚲A厪ļk.BF + key: r + operator: ']縖' + value: 0f +-- case-013 -- +auth: + sasl: + enabled: true + mechanism: SDp7 + secretRef: 4WR + userName: MwyeN8 +deployment: + budget: + maxUnavailable: 24384073 + create: false + livenessProbe: + exec: {} + failureThreshold: 2001873995 + grpc: + port: -570073675 + service: VF + initialDelaySeconds: 1435901271 + periodSeconds: -1827120891 + successThreshold: 543681313 + terminationGracePeriodSeconds: 7623134148266453805 + timeoutSeconds: -602096728 + nodeSelector: + pflZ7G: A0jyH + priorityClassName: zjQ2B + revisionHistoryLimit: -841820257 + schedulerName: h3uqMw4N + tolerations: + - key: 5o5Syu + operator: _ɤʞƏ穆rPNij9ʯP缪Ƈǿw + tolerationSeconds: -1826520063540927425 + value: 1VpdZ + - effect: Ǒ±Ǖ;ʐ覓朊c$迂Ƀȣf + key: "1" + operator: '"轜N_''ğ)Í5Iu:+Ņe嶵薏' + tolerationSeconds: -7530147871827456803 +fullnameOverride: bAtOao +monitoring: + enabled: true + scrapeInterval: 66327h16m50.874180173s +nameOverride: w8tCi3K +service: + name: InI +serviceAccount: + name: 6le +test: + create: true +tolerations: +- effect: ^嚿潷 + key: Xth0FkarCwDhRM + operator: ']ǒŘMpU謵Mɗ缿@篦3qǴ ʝ諜费' + tolerationSeconds: -2483428479265143204 +- effect: 堟Y注ʥ骊țL芮|łfÆ + key: IF9M6x + operator: y;旴XƬ糔剰Ǜ鮡 + value: USzGY +-- case-014 -- +auth: + sasl: + mechanism: ntVNf + secretRef: mQuWoG00Z + userName: "" +connectors: + additionalConfiguration: E + bootstrapServers: cywT8MNAo + groupID: 6AsORVCaYJ + producerBatchSize: -831136974 + schemaRegistryURL: cSf + secretManager: + connectorsPrefix: RnHNJ7bJD0 + consolePrefix: GMeK0dod3 + enabled: false + region: t77zc +fullnameOverride: u7DU +monitoring: + enabled: true + labels: + aVoQ7: vECqlu0Pe + namespaceSelector: + matchNames: + - alQT6bxHho + - jKf + - p +nameOverride: dA1zsc +serviceAccount: + name: HAAJtAWrjJ +-- case-015 -- +auth: {} +commonLabels: + 96Kx: 1DW5QoLP + LY: nDw + etW: "9" +deployment: + budget: + maxUnavailable: -1737560958 + create: false + extraEnv: + - name: Bc + value: pB + valueFrom: + configMapKeyRef: + key: RStSG + name: rpc1FHY + resourceFieldRef: + containerName: sKpIz + divisor: "0" + resource: GM5pHA + secretKeyRef: + key: gM8EqA + name: KmFME + optional: false + - name: "" + value: me8paXgJ + - name: nLU + value: "6" + valueFrom: + fieldRef: + apiVersion: rsTk + fieldPath: Hs + resourceFieldRef: + containerName: TvVr1l + divisor: "0" + resource: HH4x1 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: null + nodeSelector: + fh9: xbk + jILeDZ3: SJ16 + uzP02S: iZVVMqQ + podAffinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: null + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - namespaceSelector: + matchExpressions: + - key: 57Js + operator: "" + values: + - EdjUMt + - key: mJ8aRtIDW2S + operator: Ɨ3綂ȕ0蘗Iɉ8Ȟ怶Ⱥ门ʛC嫾ʑªƛ + values: + - 7eo + - 004AeS + - key: EJ + operator: dP + values: + - IgSuQGAK6gx + - oNFCGVbRN + - C5qeL + matchLabels: + gbheV: 6ZDyWDt + namespaces: + - elkM9HO + - 8C7YR9 + - IYYqJs + topologyKey: "" + podAntiAffinity: {} + priorityClassName: 7M + progressDeadlineSeconds: -660403045 + restartPolicy: zy莃:`KEȈ乭Ş璡o髞ůKė趡ʭ + revisionHistoryLimit: -1404737890 + schedulerName: z6D0iC + terminationGracePeriodSeconds: -194304314 + updateStrategy: + type: xSEGKS +fullnameOverride: 5eY7 +logging: + level: lk9GZiF6 +nameOverride: bpgtWxol +service: + name: x +storage: + volume: + - name: pD + - name: MmiQZ4o + volumeMounts: + - mountPath: Fk9qDh + mountPropagation: OV棴ǝɃ箪 + name: GHi + readOnly: true + subPath: MHNGOL2dBmh + subPathExpr: wZHGIC2B3 + - mountPath: k97wi + mountPropagation: 摪ƝH迒LhĂ + name: A2 + subPath: ij8 + subPathExpr: vMM + - mountPath: 7iD + mountPropagation: Dè轖#KŵÅi轓m癈跔 + name: JOhkrajKTFMI + subPath: krtU + subPathExpr: cxblS +test: {} +-- case-016 -- +container: + javaGCLogEnabled: NSE + resources: + javaMaxHeapSize: "0" + request: + cpu: "0" + securityContext: {} +fullnameOverride: bGMfavR +logging: + level: oj4P +monitoring: + scrapeInterval: 1616184h3m28.108622923s +nameOverride: Cex3v +service: + annotations: + IUeOwNT: T3w1nV + Si: dNUY + name: B5Y + ports: + - name: HzTtdut + port: 741893604 + - name: yT6vYOdszF + port: -1916404761 +serviceAccount: + name: cxOBE +storage: + volume: + - name: X7ZZu + - name: KkkMA7 + - name: Btxy +test: {} +-- case-017 -- +commonLabels: + wR: GAm +connectors: + additionalConfiguration: ro5XOd9Tf + bootstrapServers: RKH + brokerTLS: + cert: + secretNameOverwrite: khTfK + secretRef: qXwTCH + enabled: true + key: + secretNameOverwrite: u0 + secretRef: OCzzkl + groupID: hPUA1m7 + producerBatchSize: 1121174748 + producerLingerMS: -221329759 + schemaRegistryURL: dt2Vd1bTg + secretManager: + connectorsPrefix: Z5Cv + consolePrefix: X1zP + enabled: true + region: LrK6I + storage: + remote: + read: + config: false + offset: false + write: + config: false + offset: false + topic: + config: Uf + offset: "n" + status: kNLwla +container: + javaGCLogEnabled: x3dH + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + request: + cpu: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + annotations: + fet: YGwnq + create: true + extraEnvFrom: + - prefix: Ci6EGf + secretRef: + name: cDwbNN + livenessProbe: + failureThreshold: 1181508047 + grpc: + port: 1103363052 + service: BghH + httpGet: + path: 5Io5 + port: fXmkdb + scheme: ɚ + initialDelaySeconds: -215289091 + periodSeconds: 918675027 + successThreshold: -1707139863 + timeoutSeconds: 1673866844 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "2" + operator: 箓Ęȁ銵鷝Ā喳Ăɀ} + - key: j + operator: ɓ + matchFields: + - key: "" + operator: vǃ鞳邪§Ț皾6 + - key: Yi7SzM + operator: Ǎ浹籥岷Ħ + values: + - Czu9d1V + - key: r6y + operator: 牁p认ð_蠡hHiÖq肓ǭʤe)ĉB扝 + - {} + podAntiAffinity: + topologyKey: MECG5Y + type: bTzd + weight: -803515299 + priorityClassName: "N" + progressDeadlineSeconds: 444536561 + readinessProbe: + exec: + command: + - TGFiXP + - Z79QNgs + failureThreshold: -1832996555 + grpc: + port: 431368512 + service: eUPPAkf + httpGet: + host: f + path: KJ + port: NNA + scheme: $ǡH庋Y¶闣ĸǽv蘈 + initialDelaySeconds: 877141221 + periodSeconds: 2102410645 + successThreshold: 1537121792 + terminationGracePeriodSeconds: -8439557874955512884 + timeoutSeconds: -2026548303 + revisionHistoryLimit: 1418020237 + schedulerName: FQjdKmjClI5B + strategy: + type: WVP1Q8 + terminationGracePeriodSeconds: 1127207064 + topologySpreadConstraints: + - maxSkew: -1487816419 + topologyKey: Mw7m + whenUnsatisfiable: "" + - maxSkew: -1469244889 + topologyKey: HuZRY + whenUnsatisfiable: NX + - maxSkew: -346884429 + topologyKey: xVWCd + whenUnsatisfiable: p + updateStrategy: + type: "" +fullnameOverride: u1Dk +nameOverride: DAE +serviceAccount: + annotations: + GPwb: rsHTj2N + c4: HTI5lp + vUnChIysI: ZfUINMh + create: false + name: zF +test: + create: true +tolerations: +- effect: f + key: RDN + operator: 狀番ǵ曻縖=&Ɛʤe佥墺辅x7絼櫓 + tolerationSeconds: 4568597810181054356 + value: 7zNQUA +-- case-018 -- +auth: + sasl: + mechanism: VtLC5 + secretRef: ng2m + userName: 1Iwn7 +connectors: + additionalConfiguration: l3aLVX5 + bootstrapServers: hj4Aab + brokerTLS: + key: + secretNameOverwrite: z4oRSGo + secretRef: Ee + groupID: m + producerBatchSize: 1913291774 + producerLingerMS: -313398730 + restPort: 1476502274 + schemaRegistryURL: nL5qOV + secretManager: + connectorsPrefix: 2KQcX + consolePrefix: NnQ + region: 0P7 +fullnameOverride: hX1VdtP7gp7c +imagePullSecrets: +- name: W1 +monitoring: + annotations: + JZgY7gH: ZeFjP9nhvOjMI + gS26QJ5: cAc + labels: + DORM: tayRzd99 + yc2ti: kI0liqp5YBMr + namespaceSelector: + any: true +nameOverride: C +service: + name: CVJfMb + ports: + - name: DT +serviceAccount: + create: false + name: 3xqtRwRI +storage: + volumeMounts: + - mountPath: 5koRVhJz + mountPropagation: 穠耱誕Ȝ躰灬灺Ķ輔硯dzȦ1e蘄ò.o + name: 5lp + subPath: bEZmgVKO + subPathExpr: 5UCo6 +test: {} +-- case-019 -- +commonLabels: + 1sF: 45XnA + a1rMZK: Jzq +connectors: + additionalConfiguration: "" + bootstrapServers: ezzGY + groupID: CL5YFuVD + producerLingerMS: -936976440 + restPort: 2065008586 + schemaRegistryURL: XTAQJ + secretManager: + connectorsPrefix: Q + consolePrefix: "79" + enabled: true + region: 3EfPcaJPeL +deployment: + budget: {} + create: true + extraEnv: + - name: s + value: q7x401sB3R + - name: p + value: Odn + valueFrom: + fieldRef: + apiVersion: Tmp29KLiQ5 + fieldPath: "2" + secretKeyRef: + key: RRlr0C + name: jx + - name: M + value: dHu2S + valueFrom: + configMapKeyRef: + key: YT + name: x84MM29Kc5u + optional: true + fieldRef: + apiVersion: AKdDlUG8v + fieldPath: wHCWO + extraEnvFrom: + - configMapRef: + name: MF8pnsf + optional: false + prefix: lT + secretRef: + name: W + livenessProbe: + exec: {} + failureThreshold: 832341066 + httpGet: + host: 2YhKEXGGy + path: Er43b4o + port: 523079005 + scheme: '-' + initialDelaySeconds: -493754907 + periodSeconds: -888317874 + successThreshold: -1792385861 + timeoutSeconds: -359586002 + podAntiAffinity: + topologyKey: 4YPfUs + type: 62y + priorityClassName: HXWM5 + readinessProbe: + exec: {} + failureThreshold: -2059548026 + httpGet: + host: z + path: jn + port: k1cVehfSqQ + scheme: 筭洰a恥¾兼ƍV5 + initialDelaySeconds: 438569678 + periodSeconds: 2034323562 + successThreshold: -1007748590 + timeoutSeconds: -1489292970 + revisionHistoryLimit: -656791059 + schedulerName: Wrjb3H + tolerations: + - effect: Ƿ闄 + key: O + operator: 鵉鼌q穋R譼驪妼擕`ƛ駴ň + tolerationSeconds: -8397972967079996177 + value: 1KZwe4 +fullnameOverride: S9NS5c +monitoring: + enabled: false + namespaceSelector: {} + scrapeInterval: 1263504h12m50.743340543s +nameOverride: qQY +service: + name: iPsih4 +storage: {} +test: + create: false +tolerations: +- effect: '}´ƃë\]Ä嗍6u乡嗹v鄭°' + key: E1j + operator: 滲 + value: OA +-- case-020 -- +auth: {} +deployment: + annotations: + hM5Ozaprm: lIZA9 + mT: 0LKs + create: false + extraEnvFrom: + - configMapRef: + name: FLR + optional: false + prefix: eDtm + - configMapRef: + name: t + optional: false + prefix: dlW1 + secretRef: + name: y3pc2pFWSm + livenessProbe: + exec: + command: + - h + failureThreshold: 2104262150 + httpGet: + host: Ah8pO + path: CRw + port: -1437145013 + scheme: y崬lAJ埰u<~ţ馜哶炽nj荻Ȩ淣 @ + initialDelaySeconds: 1024187677 + periodSeconds: 913677726 + successThreshold: 1848348137 + terminationGracePeriodSeconds: 3692284600662469393 + timeoutSeconds: 414675637 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: bYDy + operator: 5ȺĜƒ靍殌ȌƗǢ4;幄 + values: + - EF9 + - FQ + - key: oxk5s + operator: '}Ū椣Ğn' + values: + - lgx + - NcKuJ + - key: NC4kwCJt + operator: ńƕÅǽȄʛ + values: + - f0 + - 7yXJIG + - W + weight: -806977733 + - preference: {} + weight: -1752665730 + - preference: + matchFields: + - key: BE + operator: +ÐQ斴T"wǶ偌T脍Ş逢 + values: + - zMTwun9 + - CeAjK + - key: TYVhhI1HI + operator: ǚůƍ嬀ĸȮ-(0玖ž[Ǚ炓檓se + weight: -1752262723 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: TmnaP + operator: ´ĵ3QI馉ȿʊ}ƻ + values: + - EcGCXgcAX + - key: k9Y9tmH + operator: ĕÏ呇ǔƘ綹* + - key: "" + operator: 铈ş< ƞ'Sķ筋e7,=冘蚖詞 + matchFields: + - key: zc5PoF + operator: "" + values: + - y7IJrN + - F8X + - PSmazIp + - key: keuZoH + operator: Sy + values: + - 7sXP + - 37w3o9wjEfLo + - "3" + - {} + - matchExpressions: + - key: "" + operator: 賋è霺ghoơz闠Ĉ«ƍq + values: + - rhFXXif7v + - ixPCwn + - O3 + matchFields: + - key: FNmh89toZo + operator: '''勃ʇ夛浵欑"鋫驾{êPǪvÍ襑' + values: + - dV + - vRVfIecf + podAntiAffinity: + topologyKey: DK7g + type: "" + weight: 2116118619 + priorityClassName: Wy3x + progressDeadlineSeconds: -2099104625 + readinessProbe: + failureThreshold: 1384600958 + grpc: + port: -2111497644 + service: U62KFYODDp + httpGet: + host: i3U2 + path: u3nsOY + port: -120629401 + scheme: Ɲ H齧責欖Ğâ柷ɒł + initialDelaySeconds: -1607019514 + periodSeconds: 1117157063 + successThreshold: -2017370070 + terminationGracePeriodSeconds: -6500262321144121445 + timeoutSeconds: -689176139 + schedulerName: MXeR + securityContext: + fsGroupChangePolicy: Ɛ6佒ʕ + runAsGroup: 993874004271065493 + runAsUser: -6188102389190039866 + sysctls: + - name: NnI7Pde1 + value: E8nl + terminationGracePeriodSeconds: 708995785 + updateStrategy: + type: cIAjo4 +fullnameOverride: IAukfjAiE +imagePullSecrets: +- name: Jm0uOuT +logging: + level: g +monitoring: + enabled: false + labels: + IwGT2: U9Mez5Vvz + RTBh: DcL3Cfz3j + Scvr6HhI: TcOJcRH + namespaceSelector: + any: true + scrapeInterval: -90129h16m11.711713376s +nameOverride: kUuRn +storage: + volumeMounts: + - mountPath: TTEa + name: h + subPath: tG52z + subPathExpr: eh4wQ + - mountPath: iY66G4 + mountPropagation: 5ŀÖTcĿƠĎ躵9[Ãw胍 + name: WB3KpIQZ + subPath: hd + subPathExpr: Ekw2NtL7 + - mountPath: hB + mountPropagation: Ɲv抡吾蒩2ʛ + name: r7V + subPath: 4YrJ + subPathExpr: 4bIK9CT +tolerations: +- effect: Ź褦齸稽2舦胢襉`cq~ + key: iusZ5 + operator: LƩîmOv丌Þlɢɮ&żő子ʫƅq + tolerationSeconds: 1567502669304402305 + value: v1rTmQCoOJX +- effect: q#2崫 + key: rn1ih + operator: ă#暻vÔtgiɿ + value: K1 +-- case-021 -- +commonLabels: + 5D3dcbYcmq: bkcA + "y": TxHhxVY2tRx1i +connectors: + additionalConfiguration: jzE + bootstrapServers: as60 + brokerTLS: + ca: + secretNameOverwrite: fifa + secretRef: BmRMpc + cert: + secretNameOverwrite: MY5Ss + secretRef: gy7g + groupID: eOkhi4 + producerBatchSize: -500780400 + producerLingerMS: -1955065214 + schemaRegistryURL: Jrt + storage: + remote: + read: + config: false + offset: false + status: true + write: + config: true + status: true + replicationFactor: + config: -1860412640 + offset: -1901393869 + status: -4761328 + topic: + config: EI + offset: IK4 + status: WIZGj +container: + javaGCLogEnabled: HG + resources: + limits: + cpu: "0" + memory: "0" + request: + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + annotations: + "8": 6L8d + budget: + maxUnavailable: -1972147103 + extraEnv: + - name: mbyKA5WPoY + value: bhMRx + extraEnvFrom: + - configMapRef: + name: e7KgN9ff + optional: false + prefix: ug4D + secretRef: + name: CzuiueSY + optional: false + - configMapRef: + name: TlIbaiI + optional: true + prefix: I + - configMapRef: + name: IuBuoY8u5xD1D7 + optional: false + prefix: 2xqoZ + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: j3g + operator: ŷǘȵiì渭ʫ抁Ğŋ + values: + - DJoN22 + - 4Kszk + - key: KYKZgrf + operator: 櫮ƣ+Ź藦vď蔸聺3vMʪ + matchFields: + - key: di6 + operator: ɫ0l5璠û介ɗ蟦ǘ厁ɂh磊 + values: + - ct + - 3e + - YICL + weight: 1941396141 + - preference: + matchExpressions: + - key: PRs0G0 + operator: ©MʥȩɅ2ď鏓 + - key: L83 + operator: °¥¶ĕ焲粮剚e喏鑝梋ƃ5~Ìnidž + matchFields: + - key: 78fF + operator: =ŞŽ熧曪ń + weight: 1964511070 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: AHvs + operator: ɵȝʩm幃 + - key: 0ac + operator: MWæ諒鸠 + - {} + - matchExpressions: + - key: wRdw + operator: VP萺鵷 + - key: "" + operator: x + values: + - Fx + - I1rNR + - key: JZ + operator: 訖 + nodeSelector: + 88m: ofL96viVG + lM: uR4 + podAntiAffinity: + topologyKey: ug + type: dMLFJ2vJ + weight: -1646642412 + priorityClassName: dirA + progressDeadlineSeconds: 741558819 + readinessProbe: + exec: + command: + - Cnn275T + - 90rjZczLp + - Hi + failureThreshold: 137175425 + grpc: + port: -990908140 + service: "n" + initialDelaySeconds: 385463317 + periodSeconds: 1814148060 + successThreshold: -2130595018 + terminationGracePeriodSeconds: 1602275511469638547 + timeoutSeconds: -1983859400 + restartPolicy: 奡ʄ臔ȁ + revisionHistoryLimit: 1560482462 + schedulerName: v + securityContext: + fsGroup: 2775178225296577779 + runAsGroup: -873168801110302232 + runAsNonRoot: true + runAsUser: -8949664932683740838 + sysctls: + - name: u + value: 0mDq + - name: UDLOQRVGXH + value: "" + - name: eakEWdkHQ + value: UWw + strategy: + type: "9" + terminationGracePeriodSeconds: 1135949557 + tolerations: + - effect: ɖ + key: lzvKb + operator: V毣«mpAp餂ĵ$İƊ俊ĺ + tolerationSeconds: 1365476841054063816 + value: HqnJ8gfT + - effect: T鏚裦黂 + key: vgU + operator: 訹gǷ×婚ǀ + tolerationSeconds: -8509532606436755290 + value: KI + - effect: ?遗x + key: 6fxivUhl + operator: KŸȘ绒Nj赤 + value: mK2Hz + updateStrategy: + type: jz1E9Ra +fullnameOverride: "" +imagePullSecrets: +- name: kq1gha8w +- {} +logging: + level: rb +nameOverride: Cg +service: + annotations: + g: Haj2trb + nQCD85u: 7ENE + name: kt3xi + ports: + - name: ZD6QnCdlL + - name: kUQU +serviceAccount: + annotations: + QvndcW2wD: JmD + create: true + name: ABdKo +storage: {} +test: {} +tolerations: +- effect: -ā;CpĔ霬ie + key: S9EFzL6 + operator: ƥǝYǾĶi¢pÔ + tolerationSeconds: -8069168009016427174 + value: KpBi0ZYe +- effect: ɸ怭酟Tɛ;淸ayËz + key: jCr + operator: \qʑVȎ汕qʜźʊ圙$h袪ʅ) + tolerationSeconds: -573606976387196365 + value: sVZZ5RB +- key: cuDMjsSUzeD + operator: 注SʯLV臙?Ⱥ祉萼禝!DŽKɋ中N + tolerationSeconds: -220176424743278478 + value: ZsR4KEl1X +-- case-022 -- +commonLabels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb +connectors: + additionalConfiguration: faRWi + bootstrapServers: XngcT + brokerTLS: + ca: + secretNameOverwrite: MDvyt3bw + secretRef: b809b + cert: + secretNameOverwrite: LP7Pcx1xGT + secretRef: Gg + enabled: true + groupID: 3SgngS9vl + producerBatchSize: 889009746 + schemaRegistryURL: b4VVbJxS + secretManager: + connectorsPrefix: ALseg + consolePrefix: JoDngQ + region: X +deployment: + create: true + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: Ro3T + operator: aĒĴŪ*3ɀ 币6鳴Ã偯d?A`åȏ + - key: 7XExK + operator: 濻舒^T莄1Â]葉 + values: + - A61yP5MBIRlE + - PvGUE + - 3dEaVo + - key: cLddzEo + operator: 櫜毉FÊi嶙# + matchFields: + - key: 5d + operator: 葜.¼v詝擽Ĉ + - key: WSMmbygG + operator: "" + weight: 1129540323 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kwkzOO8tl + operator: ']勋Į掬+' + matchFields: + - key: CQBwi20 + operator: 餞ǚe%Af埧Q哝窓煰 + - key: 9dTBxx + operator: Ĉ|^ + - matchFields: + - key: "" + operator: Á捛ɬĿ脦ǒĈ闲F秿翕卫Ŷ~?ʞŷȎ + values: + - Lg + - key: "42" + operator: 瞍 + values: + - QQMQ + - matchExpressions: + - key: en + operator: HË熙軯-ȓ簩羗č ʏ栽竬熄s)Ó鸰 + - key: Gc9Ntp + operator: "" + matchFields: + - key: 2ZLK4z1 + operator: 捚n匸竟-6ȐÒƑ|ʁĄEʕȘ + values: + - 0GiQ + - FI + - iXXs3k + - key: uujaIM5Y0Eo + operator: Āũ7 + podAffinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: null + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - matchLabelKeys: + - wx6 + - pZWizn + - YalB + namespaceSelector: {} + namespaces: + - VIJ8 + - "" + - "897" + topologyKey: a3iKu + podAntiAffinity: + topologyKey: E0D + type: VvN + priorityClassName: rs1 + progressDeadlineSeconds: 457348204 + readinessProbe: + exec: + command: + - 9NasaU + - gSgxcK + failureThreshold: 511258221 + httpGet: + host: Mho + path: fy80Va + port: 595852956 + scheme: Ț籦绺č擯夭fÀdcq鬎DŽƬ礛 + initialDelaySeconds: 948711230 + periodSeconds: 19027716 + successThreshold: -1810396970 + terminationGracePeriodSeconds: 1798521938678531879 + timeoutSeconds: 1797719976 + revisionHistoryLimit: -700610054 + schedulerName: 6Fuyr + strategy: + type: IbrqLLHodX + terminationGracePeriodSeconds: 1222617058 + tolerations: + - key: 9v + operator: ƱSjc(ϼ霌ʒ酁2Ɣ8kRâ + tolerationSeconds: 699537150416724653 + value: w8QXL + - effect: 旼`BȞ*ąɦ纇åʝ + key: vj3BwiVyW1t + operator: 鼦詡dƅ + tolerationSeconds: -9093487529989850129 + value: i8Agp + topologySpreadConstraints: + - topologyKey: AFVo + whenUnsatisfiable: M4 + - maxSkew: -1157554939 + topologyKey: oF + whenUnsatisfiable: juzJPaV2L03 + - topologyKey: P6ooy + whenUnsatisfiable: svPI + updateStrategy: + type: "" +fullnameOverride: cZ4G4 +monitoring: + enabled: true + labels: + Eedv: 65ZfBI + namespaceSelector: {} + scrapeInterval: 2515390h35m37.419426312s +nameOverride: 6MJPA +service: + name: x4Vu7vj + ports: + - name: G4 + port: -201865350 +tolerations: +- effect: ' ʫȲ嬮+簻' + key: qIS + operator: 奎唐涵¥ȗ咦壥縌筺 + tolerationSeconds: -7358513382849221288 + value: tiRW0E7sm +-- case-023 -- +auth: {} +container: + javaGCLogEnabled: t7nvcU + resources: + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: {} +fullnameOverride: 9tds +imagePullSecrets: +- name: t +- name: 9jeO +- name: h +logging: + level: bP +monitoring: + enabled: false + scrapeInterval: 1421023h45m34.121658414s +nameOverride: ZI341xw +serviceAccount: + create: false + name: TIG +storage: + volume: + - name: naPNMJ + volumeMounts: + - mountPath: YeET3weL4N8g + mountPropagation: d/嬈Ñ內q謯ƶ8ɳƓ肵 + name: ssEfPGv8 + readOnly: true + subPath: "7" +-- case-024 -- +connectors: + additionalConfiguration: LWHk + bootstrapServers: jn + brokerTLS: + ca: + secretNameOverwrite: qv + secretRef: LRHozVF + enabled: true + groupID: d + producerBatchSize: 1166879364 + producerLingerMS: 714735160 + restPort: -1930935263 + schemaRegistryURL: sz + secretManager: + connectorsPrefix: xoZinJy1V + consolePrefix: kjqs + enabled: false + region: hsKN +container: + javaGCLogEnabled: XS5 + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + annotations: + FU4J: "" + HJZjva: jC8uET + budget: {} + livenessProbe: + exec: + command: + - OG + - YBVu + failureThreshold: -1400952913 + grpc: + port: -2029643906 + service: 0a7ILy + httpGet: + host: Z7sbsKoc + path: RhCEkYS + port: 1662747518 + scheme: 巐ȹƠK + initialDelaySeconds: 1536143416 + periodSeconds: -971919376 + successThreshold: 1841265139 + timeoutSeconds: 1519706329 + nodeSelector: + ZBtz30: MaN + wEyS43Wq6sS: A + podAntiAffinity: + topologyKey: H0cu + type: TCF8Ne + weight: 1443189624 + priorityClassName: xL + progressDeadlineSeconds: 5438195 + readinessProbe: + failureThreshold: 2057031608 + httpGet: + host: nCaW7a + path: KggIsy + port: jP + scheme: ʆçɇ滾镡Lj癲:Ą隸C乑鏀贄e監篍z + initialDelaySeconds: 1457702974 + periodSeconds: -1732886 + successThreshold: -723791053 + terminationGracePeriodSeconds: 7303344607566636133 + timeoutSeconds: -547087401 + revisionHistoryLimit: -2103181148 + schedulerName: tXdQ7X + securityContext: + fsGroup: -1024384248472849622 + runAsNonRoot: false + runAsUser: -2673836885766820786 + sysctls: + - name: z + value: 1Xx7BcpTtc + - name: ik + value: mn7hZ2O + - name: 0tRcSAR + value: s3Fmk + strategy: + type: 7Ma6SKn + terminationGracePeriodSeconds: 1680781404 + tolerations: + - effect: '[Ȝ%1@拌魋?>Q[' + key: CM6To + operator: ȫƤP箴ɉ戮嗯嬑lwĶƼ§ʜ + tolerationSeconds: -4298573611145221598 + value: ERnxlMnsbt + updateStrategy: + type: 9jfYH2 +fullnameOverride: e4W +logging: + level: i1QoQHfki73v +nameOverride: Y47 +serviceAccount: + create: false + name: AepmYU +tolerations: +- effect: ',虔wxÓ[bÁ男ɂʁ.ʋ鎊惡&ŵÓ#' + key: M4W + operator: ¿ȉȇ滻[濱喭噫誘蝝Wť揢奬ƕ畐Ǻ + tolerationSeconds: 5209749606101630382 + value: la6lMRP +-- case-025 -- +auth: + sasl: + enabled: false + mechanism: uxD + secretRef: "" + userName: 8yKwAYM +commonLabels: + VGEccN: 1S6Om +connectors: + additionalConfiguration: "n" + bootstrapServers: JhxRF4 + groupID: 2Fy + restPort: -1355681307 + schemaRegistryURL: 9uSqcQk +container: + javaGCLogEnabled: TmzFHzZvwn + resources: + limits: + memory: "0" +deployment: + annotations: + p7R: EjfLOeG + th6: enWXwqe + extraEnv: + - name: 5j0yE + value: O9bMi + valueFrom: + configMapKeyRef: + key: byf25 + name: RIZv + optional: false + fieldRef: + apiVersion: NrtU + fieldPath: 3LC + resourceFieldRef: + containerName: AjmWfg6HqMgn + divisor: "0" + resource: OV + - name: 6hTC + value: r + valueFrom: + configMapKeyRef: + key: 0u + name: 7xxySBjT + optional: true + resourceFieldRef: + containerName: qAO + divisor: "0" + resource: XP + extraEnvFrom: + - configMapRef: + name: uLvK + optional: false + prefix: 2Ij + secretRef: + name: leDGyXv + optional: true + - configMapRef: + name: GK + prefix: dCB + secretRef: + name: u + optional: false + livenessProbe: + exec: {} + failureThreshold: -94764338 + grpc: + port: 1195513848 + service: "" + httpGet: + host: FeqfL8uSFE + path: "57" + port: -1477884035 + scheme: 彀ǥ篠 + initialDelaySeconds: 407315123 + periodSeconds: 165966784 + successThreshold: 970096625 + terminationGracePeriodSeconds: -292284363880963466 + timeoutSeconds: 2091942472 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: 6nwZP6 + operator: 乆`Eɪ妶窓o黥屢! + values: + - cJtx + weight: -559166881 + - preference: + matchExpressions: + - key: eyw69 + operator: 獶ʎ^ȁ耦ǚy蝸殽虄X敉${ + values: + - cLTjur + - Ab + - key: iMnx + operator: ßljƨb委揋ǖyǭɮHɋȱ钵瑴= + values: + - oTbQw + matchFields: + - key: peZc + operator: 韨醤H3擅ĭýǚɃ氤徣»嬞籍* + - key: BwW + operator: "" + values: + - lj0f + - key: RTfBwhMV7h + operator: 愐哣碍clȲ + weight: 1712242968 + podAffinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: null + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 5pRrPC5 + operator: lj莇殎璑cy畟2ƫ啔2蜍揈黻~VNjj + - key: Vx5A + operator: 蔞 + values: + - TuNksgudWu + - "4" + matchLabels: + 9yQx2r0z0VT: wKG3GY + m: D7p + matchLabelKeys: + - A94QEh4T + namespaceSelector: {} + namespaces: + - m2oXksKrIQE + - IbVp + topologyKey: aR1q + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + namespaceSelector: + matchExpressions: + - key: affUCeIp + operator: Ǭ\傁斘8ĝG=W¢xŔV + values: + - cGxdE + - WWR + namespaces: + - 8PQ + - IhAKP + topologyKey: mNEK4 + weight: 1622675667 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 3mP + operator: ƛ)ʥ湯ǥð鸥蝪侀śv + - key: Yjw + operator: 锖膳Ǣ + values: + - JyH6LD + matchLabels: + "Y": 8Dv8Z09h + kV8iai: kRB + uyro3: N2Hv + namespaceSelector: + matchExpressions: + - key: 0r + operator: 嘏X孷Nj,ƦäMD妸*" + values: + - dl11s14 + - x2zsZLYX2j + - key: Sv + operator: 頇r蜿ǚ/ǷȦG络/脾 + namespaces: + - 5z + - AC + - F2RsWTf + topologyKey: N5mg + weight: -1962604072 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + GNdtPS: wYTu + LNoX7W: Tp6mRq + Sq7: bqR0 + matchLabelKeys: + - hlwJOaAy + - 3md + - X + mismatchLabelKeys: + - 4TLXNX + namespaceSelector: + matchExpressions: + - key: uoR + operator: Ȩd²ʜĽNj + - key: k + operator: 杜|漍á疦菁拙螃ɣjʆʕ瘎 + values: + - DcZ7LTc + matchLabels: + xu: U1A7mo + namespaces: + - B5 + topologyKey: Wdm54UR + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + matchLabelKeys: + - "3" + - xz82vVz + - vEhkI + mismatchLabelKeys: + - vic9n + - Szo + - 0c + namespaceSelector: + matchLabels: + 3X: TPrUq + r1mxgoL: pg + topologyKey: RsMDTIE + weight: -1153984436 + topologyKey: LZJ6PJ1 + type: NwnuPNXi + weight: -417232056 + priorityClassName: e1exaXYQ + progressDeadlineSeconds: 202187696 + readinessProbe: + failureThreshold: 1857603986 + grpc: + port: 1093232805 + service: DU1FQs + httpGet: + host: Osa + path: CX74t + port: OxeuD39 + scheme: 覠尐_媶粷拝紾Iȡb帶墵Ò + initialDelaySeconds: -1402792412 + periodSeconds: 879643685 + successThreshold: 1435235361 + timeoutSeconds: 1464897550 + restartPolicy: '{悛Qª槟ĈW得蹏淂專驁sēɹƐ軋剭' + revisionHistoryLimit: 1394995435 + schedulerName: aA + tolerations: + - effect: cȩ飙 + key: 4Y9saWpr + operator: 輋ƾ跴Ȫ徐1Aǡ{gm櫩茻 + value: yI4k + topologySpreadConstraints: + - maxSkew: 425976069 + topologyKey: aThb + whenUnsatisfiable: G + updateStrategy: + type: CkmVnc9viBQ +fullnameOverride: uv4tHoO +imagePullSecrets: +- name: wd +- name: O +monitoring: + annotations: + hvh: "" + mDK0: OWEQ0y + zpG: XWCs + enabled: true + labels: + Ie5J5: fYnrHO + YkM4u7v: iTjIow + iP2Di: ptlD2Xuar + namespaceSelector: + matchNames: + - 9LShi + - klNT12U + - 9e + scrapeInterval: 74012h59m47.17763594s +nameOverride: z3C +service: + name: UFYrvO +test: + create: true +tolerations: +- effect: 弱伹ljȓƱ递$h鬾 + key: DK + operator: Ɨ + tolerationSeconds: -5698206097095774785 + value: D13SrG6 +- effect: =J叶步Ö + key: bk + operator: ȗ¦eŢƓ逺 + tolerationSeconds: 6164794697823934570 + value: X3Lat6r +-- case-026 -- +commonLabels: + op: VnL9o7 +connectors: + additionalConfiguration: T9YzRko + bootstrapServers: 6x4 + brokerTLS: + ca: + secretNameOverwrite: g3oj + secretRef: Dw6 + cert: + secretNameOverwrite: wSXlgsek + secretRef: i8CF9ffAM6p + enabled: true + key: + secretNameOverwrite: lyf69Al + secretRef: deo + groupID: uDg + producerLingerMS: -2006060261 + schemaRegistryURL: fT + secretManager: + connectorsPrefix: 3zl + consolePrefix: EnXNUH + enabled: true + region: cyQNlFt + storage: + remote: + read: + config: false + offset: false + status: true +container: + javaGCLogEnabled: uAsH + resources: + javaMaxHeapSize: "0" + limits: + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + budget: + maxUnavailable: -2138199446 + create: false + extraEnv: + - name: fSlx6jZkW + value: Gidecru6M + valueFrom: + configMapKeyRef: + key: kDgPE80UsJ + name: VokSO + optional: false + fieldRef: + apiVersion: m0pc + fieldPath: TDq6b1g + resourceFieldRef: + containerName: aHY + divisor: "0" + resource: qGyhyCA + secretKeyRef: + key: Lab + name: XS7bBHw + optional: false + extraEnvFrom: + - configMapRef: + name: "94" + optional: true + prefix: cO1J + secretRef: + name: 5g16 + optional: false + nodeSelector: + d: H2kDk + podAffinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: Fx6h + operator: ă瑡周n + matchLabels: + 4iB: XqVe + hjWyR: NY + matchLabelKeys: + - 1p + - 3kVC + namespaceSelector: + matchExpressions: + - key: 0miz + operator: K9輰隂ȧlȆ*¼'酞Ŏ + - key: 99O + operator: "" + - key: SP + operator: '`Čɪ!?钾R|櫊È' + values: + - "y" + - kAhysp4 + - GCV1j6 + matchLabels: + YUuE3XZX: X4t + kDqSk7iDzH: fkcnl + vTp: n2nALh + topologyKey: 64PeJ5 + podAntiAffinity: + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: vQ1crSV + operator: 7nujʠ駺鬺|救 + - key: iOIw8g7V + operator: 萸繴裉ɕ~ŕf!ǿı棨 + - key: n6LU + operator: ȓbR筌ǫLJ + matchLabels: + NC0: "" + XGU5qvzYMs: QmNwb + cc: Ks + namespaces: + - 4pVveJZ + topologyKey: 65SB9i + - namespaceSelector: {} + namespaces: + - SDARb + - 0u + - n82TB + topologyKey: l1 + - labelSelector: + matchExpressions: + - key: h8JZN9ndz + operator: 瓇Ȟù + - key: BbnA + operator: 莾ʩ1ǔƇf楘銷Bqzʁ祤Ĉ肙 + values: + - RPGl + - fCF + - key: 7u + operator: 棣m\羨压ć$ + matchLabels: + 82yA8rU: JjJF0yf2o + 184fSrLtK: msSakH + Bq: "" + mismatchLabelKeys: + - P + namespaceSelector: + matchExpressions: + - key: h + operator: "" + values: + - mqn8Yv + - gdHikJUK + - key: 3lPz + operator: BD + - key: 0baPldJBjJn9 + operator: 樢饓4ʂ + values: + - 2AX + - UbR4z8bGYUVr + matchLabels: + DXgZ163y: 80ssC + sxdB: AWv0 + namespaces: + - qUoe + - WE + topologyKey: fZqb + topologyKey: jghLUT + type: YgTAAdKC + weight: 457351545 + priorityClassName: cMPpGa + progressDeadlineSeconds: 592124572 + readinessProbe: + exec: {} + failureThreshold: -581438581 + grpc: + port: 488383519 + service: l7batCCnvJq + httpGet: + host: FQqXfIuR + path: iUAUmylNEAU + port: -881355027 + scheme: Ȗ% + initialDelaySeconds: 1450868933 + periodSeconds: 84140252 + successThreshold: -349726428 + terminationGracePeriodSeconds: 6323959655336028953 + timeoutSeconds: 226228279 + revisionHistoryLimit: -739568709 + schedulerName: 14z62c7xgckN + securityContext: + fsGroupChangePolicy: 诅S~=ɲ*旫ĺ¬d堤Eq篣 + runAsGroup: 4871537600984265230 + runAsNonRoot: true + runAsUser: -7571157018510467782 + supplementalGroups: + - 7137947427600072682 + - -3730781858194361576 + - 6854632843582773166 + sysctls: + - name: r23vPM + value: 5UfknjwXh + strategy: + type: Je + terminationGracePeriodSeconds: 1594904318 + tolerations: + - effect: è埩仆ȅ<ǭɉ毱暏攦3q + operator: 弦ͼH昽E濄ɻ + tolerationSeconds: 3114895080936277785 + value: Y6vPY2uD + - effect: ŏȉ}葘魼A訇ɍOĩ旽ġ遌墚¦颢Ŏ + operator: 蠥ëV祍竛Ƅ-杸孡t + tolerationSeconds: 47406346758114986 + value: z + - effect: '>' + key: qdKVY + operator: 5m + value: kCCZxwF + updateStrategy: + type: apGLWC +fullnameOverride: XfK7 +logging: + level: e +monitoring: + annotations: + Ap4hj4: hGNy + IWIMYW: dOV6M + enabled: false + labels: + LSnRh7: o + OUKIb: "" + hOs: Jeldy + namespaceSelector: + any: true + matchNames: + - csE6iNb + - 0vF3H6v + - rnL + scrapeInterval: 601737h12m36.927932959s +nameOverride: ATJ +serviceAccount: + create: true + name: jmzfCmHq +storage: + volumeMounts: + - mountPath: kTnYVd0 + mountPropagation: )ȡ蟑 + name: LQoqAJrPB + readOnly: true + subPath: eogR7 + subPathExpr: jd + - mountPath: nL4z + mountPropagation: E驻ʄƒ椺Ņ熆伓1 + name: AC6X7664kgZ + readOnly: true +-- case-027 -- +auth: {} +commonLabels: + LuCiH: SWR3zOt +container: + javaGCLogEnabled: Rk2lueKjUZ + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + request: + memory: "0" + securityContext: + allowPrivilegeEscalation: false +fullnameOverride: OL1 +nameOverride: ffe2 +service: + annotations: + JXMpPkd: YoI + Z: DVS9WjadC + name: uSz +serviceAccount: + annotations: + N7gZ: ExrpJkw + PD23ZYO: jlj + create: true + name: maeWLc +storage: + volumeMounts: + - mountPath: RDO + mountPropagation: 縖ʯLj觻ĶR腉赙CèS咍Xz + name: NFJO + readOnly: true + subPath: i4tgwgPir + subPathExpr: 8C3d4ln + - mountPath: I + mountPropagation: "" + name: okJHlIlhWWGN + subPath: UQu + subPathExpr: 1D7d +test: + create: false +tolerations: +- effect: 炩CżCX褒ȁŃ詳Ð剘畭@Tj縶 + key: 5GekCX8zF1Cj + operator: aµ + tolerationSeconds: 728571265301214109 + value: 81x9S +-- case-028 -- +auth: {} +container: + javaGCLogEnabled: 3ahn64ZT + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + create: true + extraEnv: + - name: DvkYw9Pk + value: USGTgIYZwyPh + valueFrom: + configMapKeyRef: + key: xomkxxc + name: 7a + optional: false + fieldRef: + apiVersion: tnGFZ3 + fieldPath: H + resourceFieldRef: + containerName: UD5gAM615 + divisor: "0" + resource: EplPSqP + - name: "" + valueFrom: + configMapKeyRef: + key: 2n + name: vw5ZWohT + optional: true + fieldRef: + apiVersion: THSyklTdw + fieldPath: KDDja + resourceFieldRef: + containerName: ha2tB3cM0 + divisor: "0" + resource: 467hL5 + secretKeyRef: + key: I + name: vv9hXsUY + optional: false + extraEnvFrom: + - configMapRef: + name: "y" + optional: true + prefix: 8yKCF + secretRef: + name: 7B5wyZ16F + optional: true + - configMapRef: + name: zqz + prefix: iYiSC0Au26P + - prefix: w + secretRef: + name: p4 + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 6kZhQ + operator: k赊炈ǽ|e椩骔Ɛȶ猔 + - key: gqK + operator: Ǚ胵$ğ\f35D辕叞Ǐ + values: + - pcEO171jJq + - LY + - GfNUi6qekSD + - key: k7gF + operator: 17鮅Ƒ灝1ʐɢ艹藩軞K.@媎5ɸ[ + values: + - 54w + - FSM + - 3z7CuL + matchLabels: + 9S3kV3el: 7MbZM6 + NlghDpU1T: Cli8O8lnK + OcV: "" + matchLabelKeys: + - mZggvA8 + - rJkWPc + namespaceSelector: + matchExpressions: + - key: ly0G + operator: $ȝQd睬H剹崈ł + values: + - As + - key: 7eyD22 + operator: 贻Ēa介ţ棨ʘ蝭玴 釷 + values: + - RzMGltB4 + - SFV4v + namespaces: + - Va8Nghyl5Xi7e + topologyKey: 1drlL0V + weight: -1531757892 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "" + operator: ʬy驮蹲ÆʎŘJ + values: + - 4knxh35 + - u + matchLabels: + CJiPPT: SI + rgLMgFHL: xLCR7k9 + matchLabelKeys: + - n2L6 + mismatchLabelKeys: + - Xm + - 8rT + namespaces: + - 1oMw4m + - b + topologyKey: WyZe3ZI + weight: -1225398774 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: TW2 + operator: ʁ¦_bƻýK正¿őȦŭ'Ƭ1 + values: + - OvaLf52 + - KZf + - key: W80 + operator: _CEvNjn集L鲵ōF簠踑TĚƀa肆 + values: + - h1VYlc + - MKbR + - wxafhmYM + - key: d0o1Q5b2 + operator: "" + values: + - SVkBA + matchLabelKeys: + - nIc + - "" + namespaces: + - i + - B0zuARW3Ulvn9Q + - doQcG3 + topologyKey: g4 + weight: 553767105 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: {} + mismatchLabelKeys: + - XRCSn + - udG + namespaceSelector: + matchLabels: + I7Tlp: gcBQUH + ZD: NK + wMdEcQY4E: "" + namespaces: + - Zp + - IEP7 + - R2B8UbaSFe + topologyKey: V + - labelSelector: {} + mismatchLabelKeys: + - cXL65W + - "y" + - apcJBy + namespaceSelector: + matchLabels: + 96JY: wVF0LERIzj6 + namespaces: + - vWBUXL + topologyKey: RqV9B + topologyKey: i8Sj + type: lp + weight: 1933092510 + priorityClassName: j + restartPolicy: my + revisionHistoryLimit: 1716132030 + schedulerName: KL8nKi + securityContext: + fsGroup: 6950905231485893521 + fsGroupChangePolicy: 4駝ɧɍ匑ĿŃjH(ƨ鏝搲³欍荭 + runAsNonRoot: false + runAsUser: -3842777327443310041 + sysctls: + - name: ADfyWTN + value: "" + - name: A2KbAFX + value: vfiwuHLZA3z + strategy: + type: GG3n + terminationGracePeriodSeconds: -1876643927 + tolerations: + - effect: 幉cè禟ɴ + operator: ġ襜莪_ð迾uɈkʫ~鲕Lɻ戦ʡ2ȠǷ + tolerationSeconds: -3325398021525833538 + value: QDDTEv + - effect: hǝ + key: JwoXCcww + operator: ªA[wƸ + value: NvIa14 + - effect: ŐȜŻ-簀Ȟo/.濈s呁ī + key: v + operator: 7幔ÍX靹蟳 + tolerationSeconds: -8856646878602495698 + value: zOvR +fullnameOverride: ZvvoA +imagePullSecrets: +- name: H +- name: HOE +logging: + level: k1wsL2of +monitoring: + enabled: true + namespaceSelector: + any: true + scrapeInterval: -2272665h1m59.977529594s +nameOverride: "3" +service: + annotations: + 3yehn: hb1JTt4bE6 + 8kZ: syTRQDJ + QFMui15S766: gMn5Cet2XRLMo + name: 9VQ +serviceAccount: + annotations: + kTXPsd: S4sMQbj + name: Ms3WxpzY6U +storage: {} +test: + create: false +-- case-029 -- +auth: + sasl: + mechanism: pVvPbLq8PH + secretRef: a8g3R + userName: "206" +connectors: + additionalConfiguration: Mq9r58Wn2 + bootstrapServers: GhGh + brokerTLS: + ca: + secretNameOverwrite: "" + secretRef: u + enabled: false + key: + secretNameOverwrite: kn1yG + secretRef: CE + groupID: F3e + producerBatchSize: -1760140219 + producerLingerMS: -410672871 + restPort: 1337396066 + schemaRegistryURL: eVOEb + secretManager: + connectorsPrefix: emUV + consolePrefix: pC3 + enabled: true + region: l6uFeZtI + storage: + remote: + read: + offset: true + status: true + write: + config: true + offset: false + status: true +container: + javaGCLogEnabled: "" + resources: + request: + cpu: "0" + securityContext: {} +deployment: + budget: + maxUnavailable: -1357187310 + create: true + extraEnv: + - name: "" + value: a + valueFrom: + configMapKeyRef: + key: S + optional: false + fieldRef: + apiVersion: cAFu3Wwm4O + fieldPath: "" + resourceFieldRef: + containerName: K + divisor: "0" + resource: pYz + secretKeyRef: + key: rrusH7t + name: 6hR1vtMek + optional: true + - name: 62b + value: b4k + valueFrom: + resourceFieldRef: + containerName: 9Zuqk + divisor: "0" + resource: wDbwci + secretKeyRef: + key: q + name: a3Go0SITja + optional: false + - name: CAn + value: r + valueFrom: + configMapKeyRef: + key: oBsj + name: f + optional: true + fieldRef: + apiVersion: K + fieldPath: e60DM + resourceFieldRef: + containerName: 9xyY28RraQXtmbHZs9v + divisor: "0" + resource: ddr6SE + secretKeyRef: + key: HIl + name: 6i + extraEnvFrom: + - prefix: J + secretRef: + name: 4niuc27 + optional: false + - configMapRef: + name: dVR + optional: false + prefix: WUotCc + secretRef: + optional: true + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: Th8xQ0 + operator: '};ƾ:Ơȏ旊苆$ź榘ę[Ş悈ȥ' + values: + - gOPH1k + - KOsql + priorityClassName: 3ogB9tWXV + progressDeadlineSeconds: 533336746 + readinessProbe: + exec: + command: + - 4ndWdZzqE2k + failureThreshold: 2079208961 + grpc: + port: 892171148 + service: CsKUHVZ + httpGet: + host: gYLBe6Cp + path: qmK3f8GwgZ + port: 8pIb + scheme: ʥ>Yj14寧枌A|íF + initialDelaySeconds: 1156905473 + periodSeconds: -1924622812 + successThreshold: -1575566868 + terminationGracePeriodSeconds: 5810637601195744899 + timeoutSeconds: -450997563 + revisionHistoryLimit: -121719569 + schedulerName: Z7Ne6 + securityContext: + fsGroup: -790114255836881973 + runAsGroup: 4623887472960955175 + runAsNonRoot: true + runAsUser: 7622666161830127482 + supplementalGroups: + - -3228001931932573252 + - -7141992959148915907 + - -17407268992027108 + sysctls: + - name: 8qCsQ + value: RwRLG + - name: f2Rn + value: afHwsU + - name: 3jYk9 + value: V + strategy: + type: "" + terminationGracePeriodSeconds: -1948657833 + tolerations: + - effect: 冮味Pf鵸q\)霰¢玲&糦Ŀ怋ɌÁ燹 + key: uTzXciQ + operator: 3IJuʙNj + value: FB0Hu +fullnameOverride: IyM +imagePullSecrets: +- name: 1tlBA +logging: + level: MM8vHtxMK +monitoring: + enabled: false + namespaceSelector: + any: true + scrapeInterval: 1950385h21m49.305979755s +nameOverride: tl2YFI +service: + annotations: + PGxtxZYXR: X5 + name: "" + ports: + - name: 9xn + port: -684513812 + - name: u4xF + port: -391479350 + - name: rDTiR56X + port: 382665278 +test: + create: false +tolerations: +- effect: ĝȈÛ + key: W0K + operator: ɺ$嶩鸦Ę+Ŝ鞬 + tolerationSeconds: -8698254857049033349 + value: AXGq +- effect: Ǜǻ鎃ǥ蹔t處 + key: U6Kwl + operator: 袕ʒ掊蓵 + value: sP +- effect: ɷ蒱Ď脢嚼S劣Ó + key: tXkIQEUaW + operator: 絈:愅ŚŻɵl + tolerationSeconds: 6194136677012499657 + value: G8 +-- case-030 -- +auth: + sasl: + enabled: true + mechanism: rw21b + secretRef: Pmr6Q + userName: VZItSFI +commonLabels: + GCdbeC: cQ4P1cHbv +connectors: + additionalConfiguration: dIZd0USbP + bootstrapServers: znZ + brokerTLS: + ca: + secretNameOverwrite: "" + secretRef: kHUZvj2QDUh4 + cert: + secretNameOverwrite: sskJ + secretRef: l + enabled: true + key: + secretNameOverwrite: iOnKoNxj + secretRef: dRzfIju + groupID: "3" + producerBatchSize: -1998620825 + producerLingerMS: -1373192817 + restPort: -1808248501 + schemaRegistryURL: j7 + secretManager: + connectorsPrefix: 6Bx2Qil2o + consolePrefix: C6KUfZ + enabled: false + region: IkJbzZ + storage: + remote: + read: + config: true + offset: true + status: true + write: + offset: false + status: true + topic: + config: J + offset: b + status: DTmRi +container: + javaGCLogEnabled: hmX8lr55 + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + annotations: + co: d + create: false + extraEnv: + - name: U7ZgJptiGP + value: VIyGo + valueFrom: + configMapKeyRef: + key: qxBGDLH + name: RaBlc + optional: false + fieldRef: + apiVersion: ypCq1 + fieldPath: GOf + resourceFieldRef: + containerName: MtGKY + divisor: "0" + resource: I4 + secretKeyRef: + key: qV + name: "9" + optional: false + extraEnvFrom: + - configMapRef: + name: H84ze + optional: false + prefix: VTwW + secretRef: + name: gEsSRAwz + optional: false + - configMapRef: + name: eDeZ0DugXo + optional: true + prefix: SsakeA + secretRef: + name: bG0Sy7 + optional: false + - prefix: ZKPXsAv + secretRef: + name: kxqMF05 + optional: false + livenessProbe: + exec: {} + failureThreshold: 20072615 + grpc: + port: -311576311 + service: cH6 + httpGet: + host: x + path: 2cVqcw + port: 929216339 + scheme: ƇsʯDSĉʍ.RAp鷌噫蕪ʚ + initialDelaySeconds: 1309506491 + periodSeconds: 848313974 + successThreshold: -1895468765 + terminationGracePeriodSeconds: 2309372029983841470 + timeoutSeconds: -1767944726 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + nodeSelector: + 1ZriYn8T: 6W5ORGSM + "8": tu + Fn2RxRqX: HUwiz + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: kxw601 + operator: Ǘ裝g彋ɨ戣Ɓ乑侇ƞĉ + values: + - h7 + - "84" + - lskjSC + matchFields: + - key: jX7lO + operator: ȼf糎*¼wA漏捅ǟ#ûç潝Ɖ藪V + values: + - X3sQ + weight: -1964816880 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: null + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + a8p2hiBJSP3TS: yXy733 + matchLabelKeys: + - "" + namespaceSelector: + matchExpressions: + - key: 2YU7Rzi + operator: ō{ʗ劆譄粫 + values: + - LwQ + - KpKr + - iA5gLm + - key: QLh2Y7fPtYq + operator: v掺ÂIA"Ƃ秐ǿ傇ȴOę + matchLabels: + 88xytHI: a + namespaces: + - GkdcO + topologyKey: Gk9 + weight: 1965172043 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: QXrC + operator: ']ƲD檖埙貊' + values: + - sBL + - M + - c + matchLabels: + M5: EqfNjRxqt + matchLabelKeys: + - eDIBN + namespaceSelector: + matchExpressions: + - key: TkA + operator: 乥摟`篿ǫ`鯛d柊朞#=粟ë0"g + values: + - pCd + - tjm1 + - key: L8komgF + operator: 牱鐦騵d公ƅ麭 + values: + - ih77z + namespaces: + - rvCrqx10 + topologyKey: ylag3 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + matchLabelKeys: + - jJxZ6Rd3 + - "n" + - zUM + namespaceSelector: + matchExpressions: + - key: LgKlZv + operator: 蹉Dǭ乜u3嘴țýȰ¢əfɓ9M + - key: focLN + operator: 峍溌諪ɻɀ鶡凛硓Hʆ&醓y璬P且h晼Ȫ + values: + - 7M + - o + - key: PyRpMu + operator: 軏ƀʪ;ƶ1 + matchLabels: + TLgWRgpL: 6KxhJ8 + topologyKey: R + weight: -2017519918 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: QAEMOx5 + operator: 聚Ē + values: + - ufw1Z3 + - i8Oos + matchLabels: + o6xfK8a: SfPP2rf7Roji + matchLabelKeys: + - le78Yu + - HUTODaS + namespaceSelector: + matchExpressions: + - key: 66vP + operator: u7Ƞ>懝U¤蕃 + values: + - "7" + - GK + - key: J0dXv7ZJJB + operator: 蜸薼野碇甞ĚȤ哕鈁尮"Ǘ枿話Ȕ狏 + values: + - RAX4t + - nPF + - 3ju448C + matchLabels: + M: tVDx2e + jf2: K6SX + xPh3: QQRbks + namespaces: + - "" + - 81J2ER + topologyKey: P0YlKv + weight: 1281715791 + podAntiAffinity: + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - namespaceSelector: + matchExpressions: + - key: xfHcOZ + operator: R ȫ-$<¥;ʗǛ;嶗C臷l + - key: F + operator: '{剽ŢÑ?' + values: + - 4gvxHy + - 8KDxHDtm + - key: dVAZ + operator: ƶG荦鯺x硕=pŮlý:` + values: + - wfeV + - IK + matchLabels: + 31ix: HdDM + S4lHSJCMD2: lu3wExQ2H + namespaces: + - E + - 4tZ + - T + topologyKey: 7sVtS9TK + topologyKey: 7kZ3GBTH + type: ijo + weight: 575486983 + priorityClassName: kVuF7b + progressDeadlineSeconds: 1067800182 + readinessProbe: + failureThreshold: 685579944 + grpc: + port: -2063577057 + service: eR7 + httpGet: + host: EvLo + path: JpKUinL + port: 1426508719 + scheme: ?纙硺ưů溋šwš + initialDelaySeconds: -343905380 + periodSeconds: 1220161608 + successThreshold: -1225720048 + terminationGracePeriodSeconds: 5142513156327389695 + timeoutSeconds: -158246671 + restartPolicy: ȭÕpg琛>盿噸ɸ罀ʊ溠凝ï燘3宓 + revisionHistoryLimit: -867909477 + schedulerName: Cw1 + securityContext: + fsGroup: -1048504685354459048 + fsGroupChangePolicy: 紪兊B©忾iL醒Ɏ}E譮À猃#慆V" + runAsGroup: -5540900310826845836 + runAsNonRoot: true + runAsUser: 1960710021236792309 + supplementalGroups: + - -5069008871988065584 + - 1052747353682433741 + sysctls: + - name: XNC + value: H2sA + strategy: + type: jUn6q9 + terminationGracePeriodSeconds: 1204736887 + topologySpreadConstraints: + - maxSkew: -122908749 + topologyKey: Sx + whenUnsatisfiable: kzg + updateStrategy: + type: "9" +fullnameOverride: IVe +imagePullSecrets: +- name: IDsL67Xzs +- name: j3s2 +- name: rsV +logging: + level: LEXhtAdMw +monitoring: + annotations: + 8UnZf: QuGXzt2iFf + enabled: false + labels: + 5bKl7ZL: OULoJ + rjszo: x + namespaceSelector: + any: true + matchNames: + - SYEcgAmD1 + - pkOAzK + scrapeInterval: 1337119h5m47.177426828s +nameOverride: P7 +serviceAccount: + create: true + name: UQ27oL +storage: + volumeMounts: + - mountPath: T0skfqLM2b + mountPropagation: 訶)5蘳慢墰葭ƓȇkȡʑȆ\&算毳 + name: Xw + subPath: 48LdxME5 + subPathExpr: 3Z +test: + create: false +-- case-031 -- +auth: + sasl: + enabled: false + mechanism: OKrEkY + secretRef: 8nzj + userName: s +connectors: + additionalConfiguration: rJQp + bootstrapServers: 0y2l8XHWK + brokerTLS: + ca: + secretNameOverwrite: "" + secretRef: J + cert: + secretNameOverwrite: copKWn2 + secretRef: DNF6s + enabled: false + key: + secretNameOverwrite: IlMv6 + secretRef: NI3VUhJks3aM + groupID: chzc6 + producerBatchSize: 164004875 + producerLingerMS: -1169688418 + restPort: -1300816856 + schemaRegistryURL: qb + secretManager: + connectorsPrefix: e + consolePrefix: QToud + enabled: false + region: rDADY + storage: + remote: + read: + config: true + offset: true + status: false + write: + config: false + offset: true + status: true + topic: + config: vOa + offset: NoMzWmd + status: UX +container: + javaGCLogEnabled: FZNoDU + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +fullnameOverride: pPZgwOOt +logging: + level: mw +monitoring: + annotations: + 5DX9hu1: TudyZCCNj + A6h88N: VYLm + labels: + bt9lo: o + mnL: cq + namespaceSelector: + any: true + matchNames: + - Oq9en + - SYEqp + - XG13YJtsJ + scrapeInterval: 48406h44m12.186557056s +nameOverride: pLehdV +service: + annotations: + RER: AU + name: MnW8I02 + ports: + - name: 5bgCNjS + - name: gh + port: 792720017 +serviceAccount: + create: false + name: "5" +storage: + volume: + - name: T6INhQ + - name: p0 + - name: EO + volumeMounts: + - mountPath: "" + mountPropagation: Ǜ绕:O+ + name: 4JTdCoLQd + readOnly: true + subPath: RUx + subPathExpr: 0E +test: + create: false +tolerations: +- effect: eǏ=ij醲55 + key: u7vPGy + operator: 欿漎蠶Ðã&¸ŭ垨甕Tàm?Ɣ + tolerationSeconds: -521603474102550743 +- effect: '&縐斮璗ɂĤǤǬŽ56=v謿ȭV囪''' + key: X + value: WYufSN7QfU +-- case-032 -- +auth: + sasl: + enabled: true + mechanism: MJPD + secretRef: SOj + userName: uc7UDCO6UyDA +connectors: + additionalConfiguration: ALs + bootstrapServers: xxQNBWz7 + brokerTLS: + ca: + secretNameOverwrite: tx69jfpT + secretRef: trj6 + cert: + secretNameOverwrite: 5wer + secretRef: zNPqap9 + enabled: false + key: + secretNameOverwrite: 3z6qEC5 + secretRef: "6" + groupID: zqmIj + producerBatchSize: -1704513512 + producerLingerMS: 1028506959 + restPort: 108700971 + schemaRegistryURL: 5EM1GqOCR + secretManager: + connectorsPrefix: CjMvZg3JUj + consolePrefix: zyHuMqq + enabled: false + region: kr + storage: + replicationFactor: + config: -1678993933 + status: -154444750 + topic: + config: lw + offset: QcAJT + status: Cg +container: + javaGCLogEnabled: PB4k + resources: + javaMaxHeapSize: "0" + limits: + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + budget: + maxUnavailable: -2014617172 + create: false + extraEnvFrom: + - configMapRef: + name: uiS + optional: false + prefix: JBs5bsgvti + secretRef: + name: ctUZi + optional: true + - configMapRef: + optional: false + prefix: tBLmRa + secretRef: + name: 5Y + optional: false + livenessProbe: + exec: + command: + - qSrxe9 + - Ofev8Bf + - nfwKAZufiqv1b + failureThreshold: -1742098812 + grpc: + port: -703296778 + service: JNtb + httpGet: + host: E8hIJ8 + path: Kl96M5dD4rvo + port: 654133412 + scheme: 慌屢癱ž塛F侱鬶7罧鿧P体玿».黾ƺ + initialDelaySeconds: 1821929188 + periodSeconds: -181833766 + successThreshold: 1453387906 + terminationGracePeriodSeconds: -411476157523094884 + timeoutSeconds: -54624232 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: LGd + operator: Ʌ + values: + - cBY + - nFQxMQr + - tEAxJ + - key: BVKZ + operator: 觹IJ坌s椉08扸ʥ毄葖0z絓ȍƌII + values: + - 69up + - yC + - HYp + - key: X + operator: ¡Ʋ眭LJqśȚ0ǹ侔T + values: + - UYuQ9O + - matchExpressions: + - key: aH + operator: 倿Ź?Y峬爰R鑾Ȳǜ辇抲縷Ł + - matchFields: + - key: qg + operator: "" + values: + - IDEoPBP + - "" + - 0lyO + - key: aFD + operator: S[橧馐畷蒜ĦţƦxȪ + - key: PPBiwi + operator: Ɖ埓yxȨ崪ǒ圣ǥɳƹ涿跉礃s + values: + - Oim4eTI + - Q + nodeSelector: + PcQX0bVt: 3G + zZB: WG + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 8u0nAOFL + operator: 甼 + values: + - tGVYkHw + matchFields: + - key: Fx7oaUO + operator: 辫â8ŸÍc莄ʠʧ + values: + - TbB0SsDhMS + - M9bg + - B + - key: EZlVGKXh5f + operator: d渚竵铃染訧鑩曠辕Sds±Z;œȽ + values: + - CrZH5k2 + - c0oyqS + - key: jiER + operator: b杒嘡ǒ堷©Ƣp髼ö + weight: -1261259648 + - preference: + matchExpressions: + - key: FarFKE + operator: ő%ȫƗ¥+Ŝę恏率偻z髋0BĖ乌 + values: + - LY14XZEILK2 + - d + - key: 70ON9Dm + operator: 1瑚秤¤m½m + values: + - 3gTEM4ST + - key: TKDlMr + operator: ȍ + values: + - L + matchFields: + - key: "" + operator: žE#烊0Ľ曆熥o圉釣XĂ\i螜 + values: + - Qx2kr52zB + - 31Gxk + - cMRkpXPFx + weight: 302435895 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "" + operator: 浘L# + values: + - LaaH + - 9zM + - Ph29 + - key: B6I + operator: 孞 + values: + - "" + - key: wsS + operator: PȚʀ鑋#栧^ + - matchExpressions: + - key: iflb + operator: MĽ扶C隕ÿ僬í + values: + - o + - kCQif + matchFields: + - key: "1" + operator: 桼ǎsc?ɇ銂 + values: + - rj5 + - wZ8 + - 28Qk + - key: ivMKhM6Ng + operator: Ō/DHT + values: + - gPzgA8 + - Cn + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: s7LHzr + operator: 抧胏$,鵩zǑC©\0vǻɛdz + values: + - rXF + - key: vqysFQX7b + operator: 網Ɉ諌繶ŃbĔj¡ + - key: EUeMa4 + operator: '''鱿pKp馚獮Ú' + values: + - S + - Dz + - wfXfb + matchLabels: + PKUW: Ve + bJOsUOZaJuvc26: XCVIx1 + mismatchLabelKeys: + - OKf + - EzEPAt + namespaceSelector: + matchExpressions: + - key: RKK1 + operator: "" + - key: qDcP4rJ + operator: ƊƣŋsŅ癳鷝3饔¶醐偹 + values: + - s + - "" + - key: 3Np + operator: 揷1Ä[昲ļ莶瀵ƄDŽG~満蒺醟ɟ + matchLabels: + RYJVB: I1y + yc03l: Ifbv6Y + namespaces: + - Z0 + - H80DAh + - 2GH6 + topologyKey: cqxmR1v1 + weight: 885036961 + - podAffinityTerm: + matchLabelKeys: + - OgTFlLP + - W8V + - 2H + mismatchLabelKeys: + - avBvdF + - CTPHay7gi8D + - CUr + namespaceSelector: + matchLabels: + tVu: 6F6BjVP + topologyKey: e + weight: -1410166394 + podAntiAffinity: + topologyKey: 0DOToT + type: 8KfZon1YzpW + priorityClassName: uANVq3U + progressDeadlineSeconds: -1510581315 + restartPolicy: vȺW + revisionHistoryLimit: 2114813392 + schedulerName: CR + securityContext: + fsGroup: -4345780033128932342 + fsGroupChangePolicy: ŧ抱煿ɋM莱皥櫾u$zȉx + runAsGroup: -6541979602773327729 + runAsNonRoot: false + runAsUser: -2014124308289474379 + supplementalGroups: + - -5994021217522109572 + - 3115969151950428485 + - 1514830751691567190 + sysctls: + - name: Is0j + value: JRx4T5 + strategy: + type: g5YzTXRKD + terminationGracePeriodSeconds: 1682090836 + tolerations: + - effect: U褛ɡʇ栂DzǞɴ鲀ǟŻ9 + key: FA2 + operator: 7泏舰ʒ佦ıã}譏'nʣ + value: MyulL3h + - effect: '"dz蜢过7ɏʀ' + key: kOQC0mIA6 + operator: '{僈ʐ' + tolerationSeconds: -9100644779241505077 + value: ROuVy0AbXRg + topologySpreadConstraints: + - maxSkew: -1084227068 + topologyKey: Ux0A3NJk3z6 + whenUnsatisfiable: w + - maxSkew: -1233692580 + topologyKey: oKELv + whenUnsatisfiable: "" + - maxSkew: 1321736372 + topologyKey: FKXPNh + whenUnsatisfiable: CqkZsey + updateStrategy: + type: Ml6hC +fullnameOverride: 8geRNocLQ +imagePullSecrets: +- name: vEXV +logging: + level: 6BNIG1 +monitoring: + annotations: + IPxJONB: hl8rm + iBHXKAAq: hRyn + wPazmhbAf: VofDQ + enabled: false + labels: + 8H: b5A0R8i + AisU: 65Df + oJbv: "" + namespaceSelector: + any: true + matchNames: + - n7CaGZiO + scrapeInterval: 251223h36m21.463919144s +nameOverride: "" +serviceAccount: + annotations: + 3R: vWbEq + 4dl9GK: DwjEF + name: 1Fc +storage: {} +test: + create: true +tolerations: +- effect: B獲鑽RłŠc + key: Zqpy + operator: '`瓋ßW§陆tPǶ' + tolerationSeconds: 6401684450581885663 + value: Vdg8va +- effect: 7婾!彡í萿ǜ暸4*ǝ瀒ɛāɈ琝ɢ + key: NRABB0k8z + operator: ǡ纈g旆Ǿ璈Iôÿ + tolerationSeconds: 1163412628738463513 + value: qkbLHbkA1 +- effect: ɻKpP詮aŁ齱隘' + key: 960b + operator: 諻勵灵ʙƈ3ɋH瓴_ǹĝ屳ݬ8-霖) + tolerationSeconds: -8804703866897420576 +-- case-033 -- +auth: + sasl: + enabled: false + mechanism: eEWwk + secretRef: SH + userName: x +commonLabels: + KZj1Dby: 4SqUXw +connectors: + additionalConfiguration: NbkZ2Rd4mDlY + bootstrapServers: f2 + brokerTLS: + ca: + secretNameOverwrite: tvY + secretRef: L + cert: + secretNameOverwrite: CO + secretRef: f + enabled: false + key: + secretNameOverwrite: 6aXwjPggIiB3 + secretRef: Me + groupID: JyPpZo7 + producerBatchSize: -1287630260 + producerLingerMS: 823182257 + restPort: -1714220122 + schemaRegistryURL: xFi + secretManager: + connectorsPrefix: 6EBYOEL + consolePrefix: Vbhe + enabled: false + region: CuG + storage: + remote: + read: + config: true + status: true + write: + config: false + offset: true + status: true + replicationFactor: + config: -808584898 + offset: -1416545391 + status: 224731880 + topic: + config: XunwY9Z + offset: 6q5 + status: "" +container: + javaGCLogEnabled: LSKF + resources: + javaMaxHeapSize: "0" + limits: + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + annotations: + EaNQ34T: okvsiPGFK + ZsH7Q: LEUOL + zgKn: 48IBtjSW + budget: + maxUnavailable: 1153958610 + create: false + extraEnv: + - name: Plcb + value: j5YPI + valueFrom: + configMapKeyRef: + key: kD + name: 7v + optional: true + fieldRef: + apiVersion: fb1Ci + fieldPath: P6f4Va + secretKeyRef: + key: 2S40J + name: V + optional: false + - name: YU0bfO + value: jT5 + valueFrom: + configMapKeyRef: + key: "" + name: OBQye + optional: true + fieldRef: + apiVersion: UN3v + fieldPath: N3NnHg + resourceFieldRef: + containerName: TM7dU9JK8Y + divisor: "0" + resource: T + secretKeyRef: + key: drFdfsyL + name: Wn2 + optional: true + extraEnvFrom: + - prefix: glV + secretRef: + optional: false + - configMapRef: + name: F2 + optional: true + prefix: sYg3PgmtONE + secretRef: + name: 4jj + optional: false + livenessProbe: + exec: {} + failureThreshold: 573208914 + grpc: + port: -638612534 + service: wnmWj + initialDelaySeconds: -1420646333 + periodSeconds: -1027365231 + successThreshold: 1837320543 + timeoutSeconds: -508996840 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: HDmW + operator: ;ȶR啗xǐy焇灠黰&TɟĬ&啛ɀǕĬ + values: + - dLkZmcXwkLs + - key: bSlNFm + operator: "" + values: + - 3b + - k + - "" + weight: 1914081742 + - preference: + matchFields: + - key: xHLN5 + operator: Eõ虾¤ + values: + - PU + - F4 + - key: REzxn + operator: 唺fµȾHſ劫藦92ţ5刀īȓĥ + values: + - X2vhuqGtb + - 1R + - key: r + operator: )勢ƞʚTćĬ:湭Ǽ焿0\Dzl[邉缝髶 + values: + - PVMaw + - GUlDync + weight: 742714062 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: qtAZ + operator: ən翪洤 + values: + - SD4d + matchFields: + - key: 7NKbhI + operator: 絀^Ŕɛ¢Șl磹Ĺ(ȊO转z菙 + - key: ENUX + operator: Z鞏ƞ慧榷ǐéĕeʫ + values: + - NsTlbi6Hmxvy3 + - "6" + - "" + - key: 0Yz + operator: R£tsb蜗壤筧=鳪e侳V3ƻœ鏮ʖ + values: + - drirgX8L + weight: -1974323169 + - preference: + matchFields: + - key: OulPYnl + operator: ʑȆ&v爆 + values: + - QAbG + - "5" + - vThiAm4DKnR + weight: 1744834253 + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: RZ0 + operator: ƘɁÏą穼ß箮skhƗ + - key: 5yUXaY + operator: 澊 + matchLabels: + EO: wphVPH + Kl28xmWooSwuDBr: nRALc + bOnK6: 8h3Kg0kj3h + matchLabelKeys: + - ntr + - X + namespaceSelector: + matchExpressions: + - key: JYy4u + operator: +ʭkV閁ʏʜ + values: + - jkE8rylM + - wh5eUaC + matchLabels: + "": Hjs7g + QD3Y: EidIPZjSBG9K + namespaces: + - j4WhLEEpQb + topologyKey: 7HX2euiB + weight: -1553649478 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 93LTmJdbA + operator: 釨鼟峷°DX砛熏Ʋ + - key: Qk + operator: G·ck玫昿圜Ŝ#ʢohȉ$( + values: + - LmlJeSGYq9n + - C9Z73 + matchLabels: + PVQO0E: 3jKFJCwD + p8om: GjoV + matchLabelKeys: + - UrJ + - doKW + mismatchLabelKeys: + - uW4b1SK + - u + - RL + namespaceSelector: + matchExpressions: + - key: KDCwy + operator: ']ȏ jë众膱wɯ.I<¿Ú' + values: + - XYHrwjquv + - Hyk4Lj + - key: wAwVtJ + operator: '''Qxť\ț(f簛ȩ:@&庈Ť橁覡ů帳' + matchLabels: + Axf: NWQcZ + MCs: i4TQ2Fe8F + vL0h88SLvP7: E6 + topologyKey: s + - labelSelector: + matchLabels: + "": eTRlnmbOW + 9RkO: jLG + ZDom: GB + matchLabelKeys: + - Lkfq9 + - NugOS + mismatchLabelKeys: + - rI + - BLa6OVk + namespaceSelector: {} + namespaces: + - qNM17 + topologyKey: FWQOV7 + - labelSelector: + matchLabels: + 99oIA: 7kSmhXyDAZ + UFkHemc59: lgVte + poY7Q: cWSM + matchLabelKeys: + - jVKy + - Fi4Zzb0QUZ + mismatchLabelKeys: + - nYl + - oIFzB + topologyKey: wc4Xr + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 2WfHC + operator: cĚ任纽a嘟ü庙孋ā槣. + values: + - hZ5fwO + - "Y" + - RD + - key: Joz0bWO + operator: 燎Dkʆ)湽ƫd逯[榄TȽǍ + matchLabels: + RdfPjfak: D + nXYCGG0nf: v7uex1KBj + matchLabelKeys: + - Mmq2 + namespaces: + - VWlNF + - 8RCQE + topologyKey: SAT9 + weight: -812925678 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: "" + operator: ŇɈPĉɳ芏({#'蒛腟敐ų狂釽ƇǴh + values: + - e + - SsHkkcDn + - key: m + operator: śC芲c佟m + - key: ycN + operator: ȭ + matchLabelKeys: + - C + - EUsKF + namespaceSelector: + matchExpressions: + - key: 08sB7HIXW + operator: '{' + values: + - g498LM + - JTB + - key: sLymAyu + operator: 卤{蓍.蕕[纄( + values: + - 0jdLbJ + - "" + - RCaa + matchLabels: + 7M54ahTjl7: NUmm3 + Uw2: t + n9UP: q2uq5Q + topologyKey: Xx329oG + - labelSelector: {} + mismatchLabelKeys: + - jL + - uGU2PnM + - c3qyD + topologyKey: oD9hq + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: WoYoJXLV0TP + operator: ' ǵeMsɌÆ' + - key: MSdKGV36l83Ke + operator: Ǩj檨ȭ囨氀R钣吏祦ǘR鴛鿾fA + values: + - bEiF39wz + - EWyj4AH + matchLabels: + blQ: brhb + matchLabelKeys: + - 5J81 + - pc + namespaceSelector: {} + namespaces: + - zbPsR + - "" + - Im2BK + topologyKey: uaWl + weight: -1926616342 + - podAffinityTerm: + labelSelector: + matchLabels: + Ye: GUeM + bVTC: "" + matchLabelKeys: + - If + - J9b4 + mismatchLabelKeys: + - "2" + - 9WhJ + namespaces: + - ySEUgx + - R + - M + topologyKey: K + weight: 1801940585 + requiredDuringSchedulingIgnoredDuringExecution: + - mismatchLabelKeys: + - s70p + - xK2tPDm9 + namespaceSelector: + matchLabels: + 3kt5: 95iXhN + miVTQ: Wwsg + namespaces: + - "2" + - U9S1v0ZrRM + topologyKey: xbCfBpsr + - labelSelector: + matchExpressions: + - key: 5sbyp + operator: ÓKzɑĐ®w 辪,厑bʏ佢 + values: + - HBC5IGEufvb + - RJeM + - e8DsOIb + matchLabels: + 0x: ei2F + matchLabelKeys: + - CVu + mismatchLabelKeys: + - Y1y0LR5js + - AdDsZLbi + namespaceSelector: + matchExpressions: + - key: "" + operator: ɮ囧ʪy纽Ŀl騦糭9ɼ騏鋂@_Dï + name: 1NfYEa + readOnly: true + subPath: LtO +test: + create: true +-- case-035 -- +auth: + sasl: + enabled: true + mechanism: 9y9We1zI + secretRef: "" + userName: hK +commonLabels: + co: MffSo + fdioW3StBvzyh: z + wle: mprjb +connectors: + additionalConfiguration: xCn + bootstrapServers: lueYFRx + brokerTLS: + ca: + secretNameOverwrite: "N" + secretRef: lIHvSGq + cert: + secretNameOverwrite: 8ke7H + secretRef: 7EnI0fI + enabled: false + key: + secretNameOverwrite: gUW + secretRef: en9C + groupID: Ue8y5CIOm1s9 + producerBatchSize: 1967229260 + producerLingerMS: -2029655136 + restPort: -559590357 + schemaRegistryURL: BkE6kE + secretManager: + connectorsPrefix: jMsIX + consolePrefix: CI19 + enabled: false + region: xbUhDB40j + storage: + remote: + read: + config: false + offset: false + status: false + write: + config: false + offset: true + status: true + replicationFactor: + config: 1605214820 + offset: 707115192 + status: 233180346 + topic: + config: "" + offset: F + status: JwDpg0NW +container: + javaGCLogEnabled: ciu04f65 + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + annotations: + 1XmrLdtzO: x6 + 6ZEV8g: jYUmAT7zj + ziKge: "" + budget: + maxUnavailable: -628496383 + create: false + extraEnvFrom: + - configMapRef: + name: Qi + optional: true + prefix: rvhE + secretRef: + name: iOK + optional: true + - configMapRef: + name: D7eYG4k + optional: false + prefix: mrA + secretRef: + name: q0wiP + optional: true + - configMapRef: + name: dGrcQT + optional: false + prefix: H01JO9 + secretRef: + name: AzjE + optional: true + livenessProbe: + exec: + command: + - teEwkHR + failureThreshold: 822446899 + grpc: + port: 1454930159 + service: Eiw + httpGet: + host: OL + path: YZ5Z0 + port: 1894574353 + scheme: 9Wƾ + initialDelaySeconds: 689975920 + periodSeconds: -1584300544 + successThreshold: -1437519051 + terminationGracePeriodSeconds: -3687935972297794657 + timeoutSeconds: -1664535334 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - {} + nodeSelector: + yTNxFo: PwiZc65 + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: hua3lxe + operator: ȅ覝nȔl癋薳ǭ鳳e楉輴ʛ膧Ɵ + - key: JhcL + operator: 趸ƺ胀½+? + values: + - mP + - key: S1hp5 + operator: ï蹃S"KO蔨ʬV虴ķçȁ + matchFields: + - key: xNvhdu0t + operator: ʉ菋3į6娡褛Ǿ襚蛶髳sxZƯ铴 + values: + - zOLf + weight: -62270409 + - preference: + matchFields: + - key: BL + operator: ƓťĿ誁W'鬂ƫqʚ姸轈晾H>至Ƒ欌5 + - key: nS + operator: 塘ijʬ¢| + values: + - CeKuW + - lSaF + - "" + - key: "" + operator: c;锢%Â簰 + values: + - RProQwMwq + weight: 29536709 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: 1Ejbb9t + operator: \9ɫǡ¥ȇ賗 + - key: XlWI4o + operator: '`ȍ泆ɮȴ湨齀Nn2衅' + matchFields: + - key: ZfkSvnt + operator: oơq斡K + values: + - m5k + - A + - "7" + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: tSj + operator: 亁Dž{裧箼e褰ʟ¿Ěv.劮-Col + matchLabels: + xT: 5w6 + mismatchLabelKeys: + - sFVA7a + - rQptjq + namespaceSelector: + matchExpressions: + - key: a8z5P + operator: N戡fȤȴ/栎承\ƽʧs + values: + - vQO1HBT + - key: nuT4ryYMW + operator: ȐƑ蕙.R<偳ř + values: + - g + - IsCtuvE + - 1e + matchLabels: + 6i2L: ffkUfVgqn5 + topologyKey: DFMnWiQikvU3OC + weight: 270744476 + - podAffinityTerm: + labelSelector: + matchLabels: + aKLo8qtH5FR: ZM4Ko + pVf1B: 08llv + pxd: D1 + matchLabelKeys: + - "Y" + - LnTPn + - dD6f + mismatchLabelKeys: + - DKe + namespaceSelector: + matchExpressions: + - key: K4Jk0qV + operator: 蔴桲mȴ + matchLabels: + 842orL5dk0V: i328gg + WUC2Th8PnM: nsm8 + topologyKey: stQ + weight: -2095359713 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: y4 + operator: "" + - key: Jmz + operator: G#ɽ¤伖;ƶ迸,øn阽w + values: + - h1qfybGhqVz + - wzaLoKm + - key: mkmqLc + operator: "" + values: + - fV0Lk + matchLabels: + W: UNez + matchLabelKeys: + - MsmG7dsI + - 18RDxZo3 + - GtxTNKicmIW3H + mismatchLabelKeys: + - i83G + namespaceSelector: + matchLabels: + DsA: dEEI + l6KxKO: K + nf1q: 8t0TDWCLm + topologyKey: 0Bnjw + weight: -2070111635 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Go7711 + operator: 皞蹾t蝧)ď巧M迢ɍ`ɸ垕Ĩ瑟J拣實 + - key: iSBfvzSgq + operator: Ȕ:奧焸N_鵪疉ǂF>Ėƿ颛Ǩ)UÝ + values: + - "" + - mOh + - h + matchLabels: + Ei3jdSr8rf: T0VF + KpOUQNu: LVu + matchLabelKeys: + - 3R9wM + - jYR + mismatchLabelKeys: + - OYdNi + - FFUZW + - gL + namespaceSelector: + matchExpressions: + - key: ne81Y49o + operator: 且逼÷A橼­U鐀 + - key: MPlYsS + operator: 馇漹2懛ɒȡ + - key: kz59leD + operator: ȓ3șGzäǧ畬ź*S遯ɱö + values: + - "" + matchLabels: + DnxHc: IIMKKTh7 + jytoiQ: CVq + wJ: B2fd06 + namespaces: + - Gc6fCxz1v + - PzUKSWVR + topologyKey: xQdglfgw + weight: 52691844 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: XXROV5RgOi + operator: '* 鄠hɨ乛ɝĞ#.瓏R蹎倮IJ:嚾' + values: + - e2js0jjV + matchLabels: + BtjCwBEeW5: 2c5wlpNtqI + matchLabelKeys: + - A + - J1Q + namespaceSelector: + matchExpressions: + - key: fHsfsI + operator: 工轹檏嚮ɁǤlňȋ + values: + - LKuQ + - t9Ik + - key: q6a2D3dkj2IO + operator: Ĕ时KɯU抃oʐ董5ŀ + values: + - XP + matchLabels: + 8FEMj: "" + lQqA5yzol27: r + namespaces: + - YIB8e78c + - NBpb4zKSXKv + - yrQw3s + topologyKey: OM7 + weight: 227615315 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + ditk2i184: 1H + fYAoB1dq: u + mismatchLabelKeys: + - 40o7Pt2t + - 6M8vIjdH + namespaceSelector: + matchExpressions: + - key: k0CLLWJ + operator: "" + values: + - PKnQ + - lk5fQk + - ZsVT + - key: 9xJA + operator: 売綺脕cƍʆ + values: + - wzppcOCF1 + - 8vNtmtdYsi + matchLabels: + K4NQB: GbVVmB + Tp: locia + topologyKey: "" + - labelSelector: + matchExpressions: + - key: GNUe + operator: ȳ魴饑揁´ƷLj敧 + values: + - 7cPl9 + - Ku1R6PGe9 + - 0GN2ik0 + - key: OKhwX1 + operator: 'ǒgǝǓ<鋓ʞ墝y浧þ:' + values: + - fJu93tqNe + - PI1Mfnnd + matchLabels: + 5P: o1Q7aT6 + CN8OViOmJe: 58saw + LQa: beDgm + matchLabelKeys: + - TUwrwr + mismatchLabelKeys: + - axK7kBkv + - BiYeKoe + namespaceSelector: + matchLabels: + TNPCe: "0" + Xr: 8j1rURg + c: o9r3qP0D957 + namespaces: + - rtD + - ZemRs0 + - xQ + topologyKey: YB8SGwhpwV + - labelSelector: + matchLabels: + A: 7q2fmfhX + Glg6E: MED4T + sixl1: H33xj + matchLabelKeys: + - BPsroSH0 + - 6z + - CRCc1 + namespaceSelector: + matchExpressions: + - key: KjSwLS6aQ + operator: 8B + values: + - BWWAR + - yVGIt + - poDVRjb + matchLabels: + 7cdkrUS: 5BC + D2Wtwzg: etyr + QIrgRhA: LrxtNTzNr + namespaces: + - DxkXW + - NR4 + topologyKey: 28GQ5Xo + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: f + operator: ʇŨ礤Z<ǴjyG|wƦ + values: + - ejvRuuwpt1 + - gLMIfr + matchLabels: + 78L: e + Ohko: iVVK + U: I9 + matchLabelKeys: + - IC + namespaceSelector: + matchExpressions: + - key: yuDaghaX7MsB + operator: q蔧ƙÇ¿ƣ鷒啈? + values: + - 8j4L6QsQ + - Uth + - key: Na + operator: "" + values: + - UGpe7wJGcv + - gOerw7DKX + - key: Aibu + operator: tĶʉĺA8p撪ȟ骁)5ĩ碦Ƴ + matchLabels: + pUncJd: pIfYj + namespaces: + - z6PvXvcdOJ + topologyKey: "" + weight: -369728494 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: VqyjJ1pe6s + operator: ɗ嵓 + values: + - 3I + - 3UKCu + - key: XguC + operator: 紂2(ɦ-ɒ煭5U + - key: JDe77b + operator: '*糆忮.ʊ认t昢Õ3' + values: + - H8WZa + matchLabels: + iPqYx: DhnnZ4xOm + matchLabelKeys: + - Js + - ouXfTI + namespaceSelector: {} + namespaces: + - 2OLQUB2p + - 3mETX8a + - lR3 + topologyKey: Jrv + weight: 514367026 + - podAffinityTerm: + labelSelector: + matchLabels: + 1mp6: 99m + 4Efw2wZ: bkoOfCrTsAtp1I + K7eVPls: FPhVHNRC + matchLabelKeys: + - e + - k8c29C + mismatchLabelKeys: + - 8jFnMm + - ajCfcK + namespaceSelector: + matchExpressions: + - key: SD + operator: 騔遲榌 + - key: seFza + operator: ʨĶ躾 + values: + - lWQMf + - key: aKMU + operator: łĩǼƬ\ɲÛ + values: + - 9O + - "" + matchLabels: + fWl: rvQ + topologyKey: vK45 + weight: 780671227 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: YPiAewyLf7 + operator: ǿHżǕ|厪载ț菖Rŧ緽甀4懅Ŭǘ泛 + values: + - "4" + - k + matchLabels: + 6m44: Px5C0 + mismatchLabelKeys: + - SW + - "" + namespaceSelector: + matchExpressions: + - key: bia9 + operator: "" + values: + - uEN + - i + - RneeyW + matchLabels: + 2z4sJnMZ0zanj: XsE9K9qNs3R9d + FE3xnQiMzs: pH + "y": AuxHvFSO5 + topologyKey: Ahkr + - labelSelector: + matchLabels: + 1BI9O: TK + mismatchLabelKeys: + - ADboVaek + namespaceSelector: + matchExpressions: + - key: "" + operator: 挭ɴ + values: + - mN + - "5" + - key: "4" + operator: 庘 + values: + - SNA + - X4aO + - key: "3" + operator: ȲmǪǯy`H腂Ǭɚė;a豮塃ŨB墻 + values: + - rFKRGJSh7izi + namespaces: + - Eu + - ukjSfz + topologyKey: 5p9 + topologyKey: B4OXuwDjfXhpv + type: 3k8SY + weight: -646418769 + priorityClassName: PgbnRKfoNZ9 + progressDeadlineSeconds: 896415388 + readinessProbe: + exec: + command: + - NOohSUxF4B + failureThreshold: 1326051879 + grpc: + port: 167069356 + service: KOkYxO + httpGet: + host: iod + path: cv + port: -1874700217 + initialDelaySeconds: -286116672 + periodSeconds: 215270432 + successThreshold: -1666168294 + terminationGracePeriodSeconds: -4429146824329263796 + timeoutSeconds: 1016008226 + restartPolicy: ʘ鿕1 + revisionHistoryLimit: -756285031 + schedulerName: wkog + securityContext: + fsGroup: -7875411171408920752 + fsGroupChangePolicy: 8^ʝȽ袈gǖ陘&X + runAsGroup: -6294097412272475416 + runAsNonRoot: true + runAsUser: -5578668191823418258 + supplementalGroups: + - -8360179017668391912 + - -5953270946476852863 + sysctls: + - name: QCC + value: 6BUk + - name: OblhYC + value: 69u + - name: 6wi2Dp7MdE + value: wk + strategy: + type: ovF4f + terminationGracePeriodSeconds: 1666535039 + tolerations: + - effect: 賥蟽 + key: Ib7 + tolerationSeconds: -5135177309592069822 + value: sbwrIR + topologySpreadConstraints: + - maxSkew: 1411650727 + topologyKey: ajVI22c + whenUnsatisfiable: GTjhhGH + - maxSkew: -1481674415 + topologyKey: Ed + whenUnsatisfiable: 3Y59WCet0 + - maxSkew: 2066507739 + topologyKey: EVEZo + whenUnsatisfiable: dGL6aGB + updateStrategy: + type: IxL7 +fullnameOverride: 6fr +logging: + level: je +monitoring: + annotations: + "4": kTkxkO + enabled: true + namespaceSelector: + any: true + matchNames: + - FKCzSYm7gaXuLQ + scrapeInterval: 1559435h40m40.991511561s +nameOverride: PeueQ +service: + annotations: + YaiOBiXa: rQx + ofToM: "n" + name: mC3vFeP +serviceAccount: + annotations: + "": 9hOutlF7d + PgHx: nJWqenXs4B + create: false + name: WnDtqu +storage: + volume: + - name: 4W + volumeMounts: + - mountPath: "" + mountPropagation: 泽{9ǸSĝy鯘匉ʩ顎 + name: K + readOnly: true + subPath: ZYmQ0MFTxpFIcfQ + subPathExpr: 6Eof +test: + create: false +tolerations: +- effect: 珧卣硁 + key: q + operator: f甗垈ɰ喸ɋʍLi邦痔昝 + tolerationSeconds: -3369346527291309714 + value: 8CRfBsQ +-- case-036 -- +auth: + sasl: + enabled: true + mechanism: 4pr3gf + secretRef: Na4b + userName: ZTak1O6cR +commonLabels: + 1qqW32x: "" +connectors: + additionalConfiguration: LhQU + bootstrapServers: PJXgS + brokerTLS: + ca: + secretNameOverwrite: pMccWpS50Tt + secretRef: MyH + cert: + secretNameOverwrite: c4sa0FA + secretRef: Iv + enabled: false + key: + secretNameOverwrite: EOAKr + secretRef: no0Ke + groupID: XuGw0bAvU4mCl29 + producerBatchSize: 1402635005 + producerLingerMS: 1479365932 + restPort: -1153123375 + schemaRegistryURL: owIrcBoHKcGy + secretManager: + connectorsPrefix: FtgUV7wBq + consolePrefix: wUj + enabled: false + region: 3d60 + storage: + remote: + read: + config: true + offset: false + status: true + write: + config: false + offset: true + status: false + replicationFactor: + config: 935026050 + offset: 1816899175 + status: 1556885434 + topic: + config: BKIQd85 + offset: AqMgsp + status: cB +container: + javaGCLogEnabled: 92CKlhkT1dY + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + budget: + maxUnavailable: 867420096 + create: true + livenessProbe: + exec: {} + failureThreshold: -1589865511 + grpc: + port: 397887456 + service: aC + httpGet: + host: RIACQ5bT + path: ubCDRTj0 + port: G6dz + scheme: v怑撴碥dz/Ȱĩ褔ć咫眜 + initialDelaySeconds: -621095822 + periodSeconds: 280342995 + successThreshold: -167276282 + terminationGracePeriodSeconds: -787336059945079524 + timeoutSeconds: -1535167124 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: 3bTiSjGL + operator: Pʡdz饿n抈Ʊt嬩癘Ƈ + values: + - AGfqyUGQXxyY + - FVcNDfkQ + - v3hp7MN8nVKE + - key: L3S + operator: -殊 + values: + - 97iUcu + - dXmY + - KUxQvBTJu + - key: YNi + operator: ijS泉ľ;ŒvS阸多嵠{ + values: + - xf0B + weight: -207219009 + - preference: + matchExpressions: + - key: EAkVkI70 + operator: 钚寽蛺izȭ7_掅桘 + values: + - aAWkk + - ze + - 3wGu + - key: 3RyfQc6N + operator: 5ɔ螗śLƆ扒\ƃ"氧ɉ + values: + - Vv + - key: 1vVqYpX + operator: Yto%Iƈ?暊I)琣?Ć痕猖ȕ + values: + - 9yyhe2i + weight: 2145655584 + - preference: + matchExpressions: + - key: vYGC + operator: 缈饜代u灧Ȼ + matchFields: + - key: Xbz + operator: ż苡訖ɑʟĨı齻@IJ騮削ƽ蹄濁榷鰠 + values: + - qFq5zh0O + - yG0 + - nT + - key: P3 + operator: ǧ唾潣PNJ掉ơ\庱吳.,OLX + - key: 3ATe + operator: ʦ恀^ + values: + - LUm4b + weight: 351084922 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: XLalOY + operator: 挝R凗ŵ莁5E7?Ȓʍm篫l{Č蒄 + values: + - YrzbvR + - 5awUoV + - a + - key: bhAd + operator: 鴵鈌ąt烿æy伸?^đĔʎ{Ç柧 + values: + - GqRb + - key: 8WgrpCvg + operator: bAMƺ惸鹖ŏ垇ɔǁI庫û*ɔ嶢ɚ菑 + values: + - BRd8A5 + - "9" + - K9hDIBU + matchFields: + - key: FntInb + operator: '{@əɃðŗ8''4' + - key: cPqf3 + operator: Ƌ娔殺慑 + - key: o + operator: ɧlǬ量GJ恉əŏ滸IōĈwǝ栢Jȡ + nodeSelector: + gQqg: rQO1 + podAffinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: zOF + operator: 朜褜虳忈笊=^ŦĀæ珆.ļǥ禼%鄍u坳 + - matchExpressions: + - key: 1c49YQG + operator: 鉃) + matchFields: + - key: 8VgAhL + operator: 鲼緊+靠侠婎SiǛ + values: + - xRTpCX4 + - key: nMJRs5gZCA + operator: j¯4x篭竪嗎餀箈aƦğt勤 + values: + - bJ + - matchExpressions: + - key: w2ZrgZZ + operator: 枓2ǘI1~MCʮ毳鲠紱$ + values: + - 2m4u9O + - key: V21P + operator: GɫȎt铊ʍ + values: + - LMhd + - "1" + - key: M4HbYG + operator: pƘá褊ŋɃ縷Ř4#r珩伌 + values: + - 2J0tPZtjgGXw + matchFields: + - key: ZIVyS8kWnnfkYw + operator: c耑 + values: + - Us3BB9T8ZiR + - key: Qhnd7 + operator: 醻墽Pʚ'pQĘ咒|庋Atǯ + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: IBWHBnu + operator: 陡陂ȗÍ + values: + - KiVSuBwz + - EKMAH2 + - KltN4D + matchLabels: + Uy: ndCtZ + matchLabelKeys: + - aH + - Jm1CJxCAOFTsTH + namespaceSelector: + matchLabels: + gNqMg: 4uZV + namespaces: + - IRrBPIF + topologyKey: gH + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: W7CLLYL + operator: p + values: + - wBg43v + - jjBoD + - key: mQi + operator: '鏷ï®Ɉʗ:' + - key: zZDCy + operator: ķËʢŖźg6 + matchLabels: + 16OpXu: Jv7c6Z + b: l7o9GuH6 + vHrx7Q7: AJ9NoDNx + matchLabelKeys: + - kuQP + mismatchLabelKeys: + - EOOVnE5 + - JATz6Dw + namespaceSelector: + matchExpressions: + - key: P82eyO3 + operator: .@薉敤 + matchLabels: + 9vDs: Q6Zs + topologyKey: sfoIVZS + weight: -135173201 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + jdVqK: 6uhB + matchLabelKeys: + - Pm + mismatchLabelKeys: + - Hn + namespaceSelector: + matchLabels: + n3Y: Z1 + namespaces: + - TCw + topologyKey: 7K8KHn + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: EinF5FXZ + operator: bȓ1勳ɭ佽 + values: + - wqg6r + - 779ys6y76nH + - x0ataGm + - key: B25ck + operator: )罎ʟ²倮?.iÃw恷曇 + values: + - lAr5 + - key: tG5hyCt + operator: 葚鍍{ + values: + - VkGpC + - PTmNKiFT + matchLabels: + JcqEAka: 4bOR7 + PPatn0wk: 4tEsp0P7yU + vy1Z: MKK1V + mismatchLabelKeys: + - QRybRT + namespaceSelector: + matchExpressions: + - key: 45Q9A + operator: ũǁɩ + values: + - KlwquGdC + - 3vG + - YOsj4 + - key: uV + operator: Ȗ卑 + values: + - PDpyaQk + - 36Yc + - key: jiY1 + operator: "" + values: + - e4G2 + - QA0U + matchLabels: + zam9TqK: tw8 + topologyKey: Cm + weight: 1308300246 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: oZ + operator: 峜Ɂ墶Ă廮 + - key: 4hL + operator: Ǡ侩歹 + values: + - "" + - 26I2B2P + - 3d + - key: qG + operator: č 榢ĘJŔ + values: + - 6pCF + matchLabels: + QAJb6: zB + namespaceSelector: {} + topologyKey: oR + - labelSelector: + matchExpressions: + - key: aFlMv8 + operator: Ɖa獝^kÖįȆǶnjo愋Ɵ + values: + - pvg + - key: 1A9MoKhHv + operator: ĥ6t+飔鋹ɦ¨怙p|ɽ飏Ɗ軖ʎ沌 + values: + - zHCQw + - "" + - qmFwLPdm + - key: 91HCIQfS + operator: ɿĐ唁 + values: + - IFd + - A8I2KrfF7y + matchLabels: + 9CL: QuOz + RQ4ARy: ynSUOh2CV + matchLabelKeys: + - q + mismatchLabelKeys: + - WKzkVK + - "" + - Sx1Rq8OW2G + namespaceSelector: + matchExpressions: + - key: nZr2S + operator: šp釹%0Lj呱Ʌ + values: + - Ke1J + - key: xSGJ + operator: "" + - key: ZQqukWS + operator: 犨·UaíƄ(ɸ + values: + - tv8GH9 + - RG9n + matchLabels: + 2eHPmc: tu41f + namespaces: + - Q5fw + - GJCz + topologyKey: 6gB + - labelSelector: + matchExpressions: + - key: NL47lV + operator: ǽʼnõ颷 攬 + values: + - QbM1FbtaaCmsyj + - key: Jp0SssgWqj + operator: 糕]ÖXȨ佫 A澡 + values: + - fd + - XmxC3TWsEmq9 + - y0 + matchLabelKeys: + - n3UP0A + - W + - jr3hc + mismatchLabelKeys: + - bvXXaN6hJq + - nEpSV + - "5" + namespaceSelector: + matchExpressions: + - key: CNfZvS4 + operator: ʕ氼呟燌ƴ偻ʧ + values: + - vGHTqK + matchLabels: + "": QYu + 5sSOpIp: ojU2Q + aF4: 7so + namespaces: + - m0TP87i + - Dbr1WY4S6 + - Ddl9oOUe5 + topologyKey: k0qv0ARQ + topologyKey: PK + type: n8LqK + weight: 1862848677 + priorityClassName: xotT7T5AcOs + progressDeadlineSeconds: -1260879447 + readinessProbe: + exec: {} + failureThreshold: 1985429634 + grpc: + port: 1193887492 + service: Nqfbjui + httpGet: + host: W + path: cMG + port: BNN + scheme: ƅÉ鐴ƠÙ + initialDelaySeconds: 520999520 + periodSeconds: 1834416895 + successThreshold: -2144235192 + terminationGracePeriodSeconds: 5498268243526196931 + timeoutSeconds: -1654928979 + restartPolicy: '>Ȏ縂ɴ垍ū*' + revisionHistoryLimit: -1294473838 + schedulerName: mlm5OhgsGh + securityContext: + fsGroup: -24635125662907280 + fsGroupChangePolicy: Ŏ痿1>a茫ȡ跦 þ + runAsGroup: -3967780041970194819 + runAsNonRoot: true + runAsUser: 8970781034706956029 + supplementalGroups: + - -8270543106812796306 + sysctls: + - name: KljKqWpUKsb3 + value: 9Zv + - name: z8scvHARn + value: sk + strategy: + type: 5cn + terminationGracePeriodSeconds: 446877207 + tolerations: + - effect: ɟ + key: J906H + operator: Ȇ:龳虹$鿲Ȥ.t齹Ń5 + tolerationSeconds: 6789201977316389154 + value: vV1 + - effect: ©Ǯ膗Ǖ盉浝Ŝɟ + key: ju6amcMPM8UK + operator: 衭蛩ņý + tolerationSeconds: -8177010640192863674 + value: S + - effect: cÑ + operator: L晚G& + tolerationSeconds: 8159638238997450391 + value: OyDyWZoaY + topologySpreadConstraints: + - maxSkew: 1646710512 + topologyKey: MbS + whenUnsatisfiable: Ia0hRF8y + updateStrategy: + type: v85FBu8J +fullnameOverride: VW0lF +imagePullSecrets: +- name: zaKvtKNIW0 +- name: "9" +- name: fG +logging: + level: PAOVCu +monitoring: + annotations: + FZ: Lz + Hn: kspXbct2sc + enabled: false + namespaceSelector: {} + scrapeInterval: 2385507h10m25.926950118s +nameOverride: taotfWzUIl +service: + annotations: + lp92O: 1QnD84Dhxl + name: GxFDpR9IkU +serviceAccount: + annotations: + 3Of: dCI + qQF2N: p + qRJTCP06eO4: st9XdjpkUTE + create: false + name: srWYjAnpR +storage: + volume: + - name: qx + - name: XeUJ + volumeMounts: + - mountPath: MMqGiv5CN + mountPropagation: 鳮耐uíȪr + name: jHofb9BQ3 + readOnly: true + subPath: aDzkmP + subPathExpr: 4sgTWM4H + - mountPath: KhsFs + mountPropagation: Ǎ繟ƣʜ + name: V02ibh + readOnly: true + subPath: LF + subPathExpr: mi +test: + create: false +tolerations: +- key: Hsie1qK + operator: 7禝Řm蟷8š\ăɴń! + tolerationSeconds: -4804202694445470283 + value: UcY +- effect: 0þ嵡壱ʄ{祗Ů< + key: 7NdQZ + operator: '{#遲TƯ|薚嫛oQ¢龀êƶȈ肯A]Ħ' + tolerationSeconds: 4179143239755402759 + value: VzOAMkU +-- case-037 -- +auth: + sasl: + enabled: false + mechanism: 4jrWn + secretRef: "" + userName: 2sGSSni +commonLabels: + HSu1: FRG692y + QExXAto3Ub2T: etTOY4y8iSmyDOe +connectors: + additionalConfiguration: FTlQkC + bootstrapServers: LeVg + brokerTLS: + ca: + secretNameOverwrite: 49XwYgsyn + secretRef: 28O + cert: + secretNameOverwrite: Wf + secretRef: EDOE + enabled: false + key: + secretNameOverwrite: 7rwbl + secretRef: TaD + groupID: q + producerBatchSize: -1100237413 + producerLingerMS: 982363719 + restPort: 1885084612 + schemaRegistryURL: N8 + secretManager: + connectorsPrefix: zyFCC0ac + consolePrefix: VGoEYwVGt + enabled: false + region: gsEq + storage: + remote: + read: + config: true + offset: true + status: true + write: + config: true + offset: false + status: false + replicationFactor: + config: 575483838 + offset: -1765361377 + status: -1294780557 + topic: + config: fiLg3L + offset: WDtxRL37SvNV + status: Guofk9 +container: + javaGCLogEnabled: mn + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + annotations: + PsITu: LgrI + budget: + maxUnavailable: 527993762 + create: true + extraEnv: + - name: 7PtPut9 + value: 4Uo + valueFrom: + configMapKeyRef: + key: H6 + name: JEPQ + optional: true + fieldRef: + apiVersion: yCSfB + fieldPath: HD + resourceFieldRef: + containerName: v0wW + divisor: "0" + resource: BliOlDq + secretKeyRef: + key: AOod + name: Ljqm + optional: false + - name: FItx + value: cZIyVQPdqZ + valueFrom: + configMapKeyRef: + key: O3 + name: KlO + optional: true + fieldRef: + apiVersion: BnfYTBc + fieldPath: xw + resourceFieldRef: + containerName: qzV549 + divisor: "0" + resource: sctpzNUt + secretKeyRef: + key: Ff4vJm + name: hoEa + optional: false + livenessProbe: + exec: + command: + - aAxGQ + - sdk0 + failureThreshold: 1572051601 + grpc: + port: -2511945 + service: mqDAn69OdiR + httpGet: + host: Cw + path: l2JEc34o3Oe + port: -1821016511 + scheme: E嫺S崕襅@卢莩ŹÍ + initialDelaySeconds: -455418157 + periodSeconds: 31037144 + successThreshold: 1836675270 + terminationGracePeriodSeconds: 3628590034628485216 + timeoutSeconds: -722680942 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: tmEGf + operator: "" + values: + - yCcLCb + - O1NTsHk78miTJ + - key: KuvLpSp4X + operator: 獴ĝB违写õʕĠEɊ繎ª + values: + - oqAB + - "y" + - cLExkHCRfD + - key: tMxc + operator: 1Ņ鸩瀚羨鱬c)0ƶ音êA{ǷZŁȃ + values: + - W2 + - rXnf + matchFields: + - key: dvXtkKrlxr + operator: m駠祸¯獒ɌƗ'Ñnj嗰蒩,幔Ǣ + values: + - vDUy + - vzx4 + - key: UU6d + operator: 惂PqbKɕ`ǃȒCʉ鞊Ĩ% + - key: qm03jaCk + operator: a靔Pƴy%(AĔð勶乀ĥČI#ɃǙ蘨 + weight: -1872535291 + - preference: + matchExpressions: + - key: GjG + operator: űŌ + - key: UQ + operator: d欻Ɲ + values: + - zpBqznM + matchFields: + - key: gKn2 + operator: ÁŠ9玫Ʌ + values: + - Iij79g + weight: 1456486091 + - preference: + matchExpressions: + - key: 1Ef + operator: G飔8`ɒ蕸祹&匪璳拖嶴6s['%邗 + values: + - iBr + - "" + - key: RXMgUipZ + operator: Qāȃ鋘ǖ0iNɭȂuŦ褌7Èȝ鹊淋廽 + values: + - NB + - key: nb6 + operator: 杘ɯ#`慐 + weight: -1381009180 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: YGfExP + operator: I喝ƀıjXĴǞư + values: + - gMwxOyRC964 + weight: 670180912 + - preference: + matchExpressions: + - key: PG + operator: 軋 + values: + - "" + - key: UG + operator: '#驇qeʩǏ¿貽帇2ʒ士眯隋ƋǨ' + values: + - QegWF3oN + - oatkrd + matchFields: + - key: 3eS + operator: ¼漒2踦{KǗ薵俧©2汻EÁ涼Nz珹瀝 + - key: X6L + operator: '|' + values: + - sEK2 + - qEPmyB + - VYZ + - key: 7RelIlVvL + operator: 幓賵ɱÞ + values: + - pDayYj + - z5Hu + - 4m + weight: -2031437615 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 2FJDM9 + operator: Ŋ>剫嫝"Ą樴娽Gɚ苊绬髻F + values: + - oHS + matchLabelKeys: + - "" + mismatchLabelKeys: + - p + - YjU + - 2odlypNfA95k + namespaceSelector: + matchExpressions: + - key: BT + operator: j^Ƹʥɩ缲摭沕 + values: + - dowWlQ + - bgMn + matchLabels: + X7j: En8zXY + namespaces: + - y2KQMu + - "9" + - zzZnV + topologyKey: tL + weight: 1287421908 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: o + operator: ſo{t柇壚乜狸羧{Xǽ桨嗂 + - key: xwmYvKHx + operator: oDžȫ涳ùY劣²ȩl,s槿ğ壽 + values: + - aWhHkHzjX + - UD9vL + - 0RGjdmKAyBU + matchLabelKeys: + - 1H + - JcEmqhN + mismatchLabelKeys: + - "" + - PDJ5Ju + - dXck + namespaceSelector: + matchExpressions: + - key: f + operator: C喅ŞiŒÔY屜槅*l$SXǙ + values: + - 9x + - key: 3W + operator: ȴ + - key: k + operator: c1ȝ鿋-灯G¸匱矝©YS)3 + values: + - iAgdu918eA + - Vh + - Ay + matchLabels: + 73TP8W: pyVmznhs + qk4vn9ey: Zo338 + r15l: msN3 + namespaces: + - yd6ggcat + topologyKey: 6ASZY + weight: 897890087 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: yVR + operator: e + matchLabels: + 0JR7: "" + 7h: tsaIv + zJUMBFb: 73VNvB2hGIG + matchLabelKeys: + - "" + - F6e + mismatchLabelKeys: + - pQx3050 + - 48sjiLtK1OX + namespaceSelector: + matchExpressions: + - key: G0S2x + operator: 舥$Ƴ諺襔`Č詊Ù佱i^ + matchLabels: + KiIaV: 9VV + namespaces: + - "" + - wqDGw + - X8fMvo + topologyKey: PQ + weight: -234450005 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: y95Eu + operator: 鎲鼳C羝 + values: + - rVqdBdT + - VS + - key: hcv + operator: lɏɘ顷k§4uĭ_Ǩ + values: + - oOC + - GcSQ7eMK + matchLabels: + bhI1zyBLWzjf: zMQO + iEDKDYY: "1" + matchLabelKeys: + - wc + - CQ + namespaceSelector: + matchExpressions: + - key: dXMvM0 + operator: '#欚@Khú4腠?炼DC' + values: + - "" + - P7LAsv + - key: T3JJIOe0 + operator: wƞ鱽用 + matchLabels: + WR1yFB: 1p8kbHuc + hvXw: Q + namespaces: + - r + - G83y0Rb + topologyKey: MG + weight: -1355438616 + - podAffinityTerm: + labelSelector: + matchLabels: + ng: k4 + y07PoU: lAmDC + matchLabelKeys: + - vXtdl9TKf + - w + - 5ne5 + namespaceSelector: + matchExpressions: + - key: S + operator: ȥśĭ醝U + values: + - E4 + - key: uAocj4wN + operator: żǞŃȢDǩ彇馥或 + values: + - QT + namespaces: + - vDbd + - bBdeHkb + - 2qHmj6f8r20 + topologyKey: "" + weight: 1121806715 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: Q + operator: ĶÖ}鏀襹*貳ɇɱ + values: + - IhHh9y + - Twz + - "" + - key: wA + operator: ǘ焓緉ķĐƞ橝许椕NŬ + values: + - zH + - key: kNVTA5c5 + operator: 磰À弰¥ + matchLabels: + 3HCFedhUu: m3REU6b5 + matchLabelKeys: + - MAmo + - QMqy5uJI + - "" + mismatchLabelKeys: + - s0qo8x + namespaceSelector: + matchExpressions: + - key: wI1MBZM + operator: '&3帐箮WƑ擙Ǜƻ{®ǩ靡Ý羷觕ʛ' + values: + - 74aJ + - PJyXLgY + - XHNS8s4 + - key: aA0AN3t + operator: 旓樮ʉs鬞ǵù + values: + - SgO7 + - key: 4R + operator: p3尐\ + values: + - IB + namespaces: + - 0lYJ + - 2D + - zoo + topologyKey: qeuhMV5b + podAntiAffinity: + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 20PY3f + operator: 茟踹 + - key: ASopYP + operator: Ȭ + - key: 3ABJJ + operator: ʀ嵜瑎WR裛寋嚊韍Ȉ瑷谾ʇXɂƵ掸踷 + values: + - vN9Qn + - KTrN + matchLabels: + FEtqF1P: da9Y6HCr + TaC8ul: lKZj7JT + nKtu: 0dAf + matchLabelKeys: + - jWp + mismatchLabelKeys: + - 8ghGuz0Zts + - 2W + namespaceSelector: + matchExpressions: + - key: uQ + operator: Fȭ0 + values: + - EZNyEqasw + - nh + - 7mUbUIiNekjf + - key: 8m0i9Gw + operator: 誠öT%=%专O螆挪uv敁 + values: + - "" + - chJrkkoa9 + - XpOAIuKt1 + namespaces: + - 11BBEfT + - B9Yw + - mMPq + topologyKey: gUcmhv4Wymn + - labelSelector: + matchExpressions: + - key: jr + operator: 萺L(Š鼁嶵謝鿹犈=ŗB粦ú纑 + values: + - qV9 + - N3wxU + - gGa + matchLabels: + 5LE6Fz: ihjmXy + 8O: WL9 + matchLabelKeys: + - LF4 + - Iw5KCY + mismatchLabelKeys: + - Yj + namespaceSelector: + matchLabels: + 4g: CWx + RpPK4ak3: 5APfgG0 + namespaces: + - zlH1Ayq + - iN5A0H + - gHs0AD6 + topologyKey: ROQ5F + topologyKey: pxtZlO5o + type: yt + weight: -1822679559 + priorityClassName: E6rwXY + progressDeadlineSeconds: -1761307563 + readinessProbe: + exec: + command: + - F1Ji + failureThreshold: 1393918041 + grpc: + port: -402186756 + service: weWQs7z + httpGet: + host: W7 + path: "1" + port: -2008006258 + scheme: ƗǺƑȹƱ哮黰"bZ + initialDelaySeconds: -1529972341 + periodSeconds: 1791885136 + successThreshold: -1003238871 + terminationGracePeriodSeconds: -6904279593611975807 + timeoutSeconds: 516179111 + restartPolicy: tAȍ_祴珗ƨŐ飔矜ƧŸȺ8Ù凿吱 + revisionHistoryLimit: -1377004535 + schedulerName: k + securityContext: + fsGroup: -8943063634632832728 + fsGroupChangePolicy: 樜3g罡Sɺ:礁j + runAsGroup: -8183677367766309518 + runAsNonRoot: false + runAsUser: 6257019186377025309 + supplementalGroups: + - 6349796974429449397 + - -6495960424240767705 + sysctls: + - name: tNzNhbs + value: Li + - name: xw + value: wQYd + - name: rijilGaE1rE + value: O1VB + strategy: + type: qVm + terminationGracePeriodSeconds: -340872360 + tolerations: + - effect: 旽ǷȬƱĬɔH辂W'ʩ菽懝 + key: NRzfhGYG1Y + operator: 皏棵FɁÈ棿X + tolerationSeconds: 4658882017834992565 + value: Lu + - effect: "~" + key: k + operator: 垫 + tolerationSeconds: -950306177981439209 + value: j2wtF4uhca + topologySpreadConstraints: + - maxSkew: -1481065440 + topologyKey: SER + whenUnsatisfiable: 5L7rrGecd + updateStrategy: + type: 9C8ybQ +fullnameOverride: vRXgQsUzl3 +imagePullSecrets: +- name: d18 +logging: + level: Y0gfv +monitoring: + annotations: + Hr: 7uW + gZeic8h0Pp: C9ox + ggG9V: 0HgD + enabled: false + namespaceSelector: + matchNames: + - twAaqe5jt + scrapeInterval: -2278442h2m26.413746462s +nameOverride: 03U7 +service: + annotations: + 5bK2xe: ZRy + name: "87" + ports: + - name: yMA8tJxHo + port: -582141187 + - name: "9" + port: 830415771 +serviceAccount: + annotations: + 4XITA7: dwhbdLpr + G6zvz: "" + create: false + name: 1J +storage: + volume: + - name: QbE11Wi + - name: 5p + volumeMounts: + - mountPath: FMieal + mountPropagation: q睢1Êb2y"ğJĢ + name: GRAaf7 + readOnly: true + subPath: Wvz + subPathExpr: K4St + - mountPath: E6 + mountPropagation: 2`| + name: yu + subPath: 1Qyv + subPathExpr: lq + - mountPath: "9" + mountPropagation: J仅<Ⱦù觏牨¼Ǐ蒜,J偛l挨 + name: CkWy + subPath: 1YtfYCwcHU3 + subPathExpr: xUIPjXS +test: + create: true +tolerations: +- effect: 鮻 + key: TnWM + operator: 6yĢ置ǟȶų(ʌ寵Ůu诀. + tolerationSeconds: -4327555826581044156 + value: zsh6p +-- case-038 -- +auth: + sasl: + enabled: false + mechanism: r6Ew + secretRef: feyz + userName: p3MeX +connectors: + additionalConfiguration: eFqd + bootstrapServers: vF9T9o1K + brokerTLS: + ca: + secretNameOverwrite: nvP + secretRef: 4cOI2 + cert: + secretNameOverwrite: ZAZH + secretRef: pa6XYq09 + enabled: true + key: + secretNameOverwrite: JTIF7f + secretRef: wFZhDXH + groupID: NgUalZU70 + producerBatchSize: -1494749189 + producerLingerMS: 1372991769 + restPort: 436787525 + schemaRegistryURL: c + secretManager: + connectorsPrefix: Ed + consolePrefix: 8bUfufKV + enabled: false + region: GdY5AF + storage: + remote: + read: + config: true + offset: true + status: true + write: + config: true + offset: true + status: false + replicationFactor: + config: -1726135850 + offset: -1194630723 + status: 1047213359 + topic: + config: 5ipmMylSvvfF + offset: UVjBc + status: 5plTTvTKV +container: + javaGCLogEnabled: jIw1 + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + annotations: + Wk: JaAXs + ku: f3BwiPJdI9MX + budget: + maxUnavailable: -683730360 + create: false + extraEnvFrom: + - configMapRef: + name: xM0JJY + optional: true + prefix: MdrcdYg + secretRef: + name: md9h + optional: false + livenessProbe: + exec: + command: + - wskd + - qt9q0 + failureThreshold: -2043749481 + grpc: + port: -1703450062 + service: TBMlp + httpGet: + host: RHQg3u + path: bi2McNI + port: 2127214512 + scheme: D4¿@駉也òV雕7徑篍衾 + initialDelaySeconds: 1969882690 + periodSeconds: 412101592 + successThreshold: 1426526420 + terminationGracePeriodSeconds: 2990769791924451128 + timeoutSeconds: -65595943 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: KmRBa + operator: ʯ惱ȷQ墨閙榈Ř欋觗 + - key: A9jxPVS + operator: ux$ + values: + - dxNjKzWbRnUM + - eXHweVWL2Pz2OY + - WV2g + - key: HNX + operator: 檯嫋R躞ĝ螩 + values: + - Rn8TX3 + matchFields: + - key: 5T5Xer2S + operator: 帯斢桁įē=搞 + values: + - J1c4aNW + - kBL + - key: kWlWYP + operator: 砱鸾ʦrO³ʬǬÒ銘`陶V + values: + - 8rj + - tRn1g + - JNMw + - key: FcK + operator: ÐDŨDř术ÛÅ謮¿錔qʃƾ + values: + - yX + - x8Y + - matchExpressions: + - key: 8H + operator: Ȥ肌 + values: + - p0ggz + - piU + - key: puh + operator: ',鑍' + values: + - iDpZ6XA1 + - FUhQ0R + - oT1raqx + - key: qevYLhMPR + operator: Wx鏅L;Ɏ擔qƑ鐿.Xʩ鍌檓ř1(柌 + values: + - RpnGZEk + - "" + nodeSelector: + "": "y" + 6Dk: 2fxwA + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: teMRu2T + operator: Ɲʪ·8çƋǴ肊N|蒚Ɲ啉yìɧ扶I + values: + - Bd + - "" + - key: qrADH + operator: 讉eĚ翫ÜU郂g乖ljơ絣謧帮:$棎m + matchFields: + - key: "3" + operator: 簆L叅nǜ欕巅 + weight: -1648909491 + - preference: + matchExpressions: + - key: 2Q6H + operator: 棞犺櫗dž媇僤Ȝ橴$荌 + values: + - n2zWd + - key: iv + operator: gƦ甗ì + values: + - "Y" + - HkyZzJUQa + weight: 1775867956 + - preference: + matchFields: + - key: 3Km + operator: Ƥ + values: + - HdpB + - FFce4C + - key: DDfe3Br + operator: ǣ@澳轒 + weight: -1363992583 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: nOZtJ6 + operator: 臭ƞ亁ǃzzŘGc`ţ憝魃軠÷柆踗dz+ + values: + - 1lsA + - key: NitAsm + operator: ʛ凃ď + values: + - qXRXHjOFv + - gKZECIIQ3 + - key: i + operator: '[蹦ɑ邺絡6y罝ȘƋȆ皼殸pȲDz' + values: + - 8JPcGR + - XX + - UjJ + matchFields: + - key: evL + operator: 籬愡 + values: + - a + - key: "6" + operator: ZƾPȢu实ƯƊ讅 + - matchExpressions: + - key: "1" + operator: 2苺Œzʀ)%ŭ姀FĢȿ蹨İÎ锨lj螙 + values: + - zmAKL + - YwUOGPS + - key: SH + operator: 饓緔箈* + - matchFields: + - key: B0p + operator: 榫!Ż«rE弬摢 + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: OcA0Nz + operator: ƒ卺ɞ塼{ťD4櫡ĆGɐåÑHK + values: + - oGEU4xtS + - jIQQO + - "" + - key: vgsCex + operator: cü鏚.Ʀ)ǿcʕ賏狔D{ + values: + - XX13 + - key: KJfwWv9 + operator: ëe + matchLabels: + ntGxX7: se + sE2: Tm9 + matchLabelKeys: + - gHCbAaW + namespaceSelector: + matchExpressions: + - key: m24 + operator: '>Ⱥɴ燝ǭ蹞ƥ捅ƾ' + values: + - ThKy + matchLabels: + 1C: K6xD + mmCBd9: "" + namespaces: + - EiJj + topologyKey: MB7Ffl17s + weight: 849538477 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 7swY + operator: A鉅圁ƫŊq羹m簷 + - key: d6SeWSh + operator: 5rʮǦƎ + values: + - dm1R + - key: d + operator: '}u§kɒ改滘ɹ磆' + values: + - 41yZvs7 + - cfQ + matchLabels: + "Y": SHn4 + k: v04 + qdVWBKTq: D8 + matchLabelKeys: + - xdJ1 + - Efbwu + - GoWrIvE + namespaceSelector: + matchExpressions: + - key: RBmbA0 + operator: Wɋ痒Ɣ诖×濹綕ŠA湹8ŭ9&Ȱ镤糣E + - key: 3AYh0S4PFUGFT1Q4 + operator: 俾粶e喎鷗bFŹ + values: + - BXmjN + - "" + - X + - key: Rw + operator: 赖鏰 + values: + - lsr9z45 + namespaces: + - Le + - QR0YVKV7 + topologyKey: Pdl + weight: -1148243505 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: IXPMNZa + operator: 杆Ų奧 + values: + - 46KgE6 + matchLabels: + KiDaIrgAdj2i6: WUooNk + S1BO: aC32zkEY + ggqE: "" + matchLabelKeys: + - nmwrQ + - l0EMEawrM + - yIo3pm + namespaceSelector: + matchExpressions: + - key: pp + operator: 襊Țj槟瓼帪ȴʨĈ¶ijH + values: + - hW + matchLabels: + y6: D4hcq4 + namespaces: + - "" + - fe + - 6mdE + topologyKey: MO8Zrjss + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: K4dO7 + operator: XgƔ6 + values: + - dedFsXyHQrV6 + - "" + - qIv + namespaceSelector: + matchExpressions: + - key: Ok + operator: ȝ.fƛ審 + values: + - IltM + - VM + - IQ + namespaces: + - XQ3u + - Z + topologyKey: 8EBdM6LA + weight: 619790919 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: ZM + operator: To圄K岫崐ɳ紩舀氦 + values: + - ef + - 5NXS + - wHs + - key: Wz7hwea + operator: Už4Yg柹蘫ȏ凂;3u- + values: + - S8CKq + - IELC + - 4LfAe9mU21nt3m + - key: nDk7 + operator: Wy仏蚐uĨƞ + values: + - 9pI + mismatchLabelKeys: + - NWO5gU2td + - EWcIg6zintP5M + - Cylo0 + namespaceSelector: + matchLabels: + qTAJ0Ku: Kl0 + namespaces: + - 5JQb + topologyKey: rf4Nr + weight: 425635824 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: vUAgkTO + operator: ^y醷 + values: + - Zkmn + - ALk + - key: ny + operator: 鞨[į郞Ƞʩʓ雈ßŧ嗹^Ċʌʋ烫Ơ + values: + - QI0nu16ho17 + - IHyQuhB9gR + - key: Ztr4LMZo1hL6 + operator: ô籞bü歃ɃGǡ監麧ɈFŌ- + values: + - 2UpYa + - CScTi6 + matchLabels: + TTB0NFAm0: Txb5 + sb7CDUXLD9ga: JHh565 + zAWL: xg9JgA0 + matchLabelKeys: + - "" + - kzCaeoA + mismatchLabelKeys: + - RBz + - uIX + namespaceSelector: + matchLabels: + 7bE: BVKqBxuluopC + namespaces: + - Oj9 + topologyKey: ZX4zl + weight: 160846374 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: HH7 + operator: 緳{ƚ盧âĭ湻3÷:频:7 + values: + - gy + - Vsq + - HSl + - key: sy + operator: ƭǂʉ篸ē穯;ū戋茮酖 + values: + - qCr + - key: 5RI + operator: 涓ɨƚ攁ʋ + values: + - fIJ9 + - znCw + - ew + matchLabels: + 8wxwIB8: 5dR44Q + i6JV: nwXAFeaqSfd91 + mismatchLabelKeys: + - vxwL + - nG9S9I + - pODo + namespaceSelector: + matchExpressions: + - key: mRWuukKFvy + operator: 蛴!:Ć"ɀm¯es獞ĜŚ + values: + - hm3mu5Yy0VB + - 2f0GpZ + matchLabels: + YTpqtey0x: ktPRo + ilti14: wvhcYqTCtrQ + namespaces: + - wLUE + topologyKey: FQ + - labelSelector: + matchExpressions: + - key: Hkoj6F95em + operator: 亿懿0ʙ5Ǣ譨ŷQ + values: + - K + - k4 + - key: "n" + operator: ș郏 + values: + - AU + - 1n0T1IC + matchLabels: + XmZ: 7x + matchLabelKeys: + - ObyO + - "" + mismatchLabelKeys: + - Z1ZPMR1Zt5 + namespaceSelector: + matchExpressions: + - key: ry + operator: ~水ē鎙tj¤禬萃fÒà + values: + - l0Kd3 + matchLabels: + 5j: m8Pm + h1kue6nt: M56ZcLx + xq: "" + topologyKey: 8u1rls3h + - labelSelector: + matchExpressions: + - key: G3 + operator: 櫛Ƞ,=畾 + values: + - U3q4 + - kmv4 + - G1psh + - key: "" + operator: F宗3溜0ȺL + values: + - ZA0 + - 9qmizMS + - fTsusd7wkK0msJD + matchLabels: + N7Ngf: ya + mismatchLabelKeys: + - cgHDLS + - pZfnA + namespaceSelector: + matchExpressions: + - key: Lj3nK + operator: 墜踮vXǡMʉ1ďž熍琾竽Þ醇Ąũ + values: + - Itf + - TI6n + matchLabels: + O2XhtOAcnc: 6PW1x + matchLabelKeys: + - 59yp76ky6 + - S0trr + - G57 + namespaceSelector: + matchExpressions: + - key: oMZ + operator: 蜤 + matchLabels: + MZXascOLD: S + namespaces: + - IIhvh + - 8U + topologyKey: TQy8B4r8b + topologyKey: xuo5iwF + type: xMymP + weight: -1034622956 + priorityClassName: mUbO1P2 + progressDeadlineSeconds: -1221802348 + readinessProbe: + exec: {} + failureThreshold: 316564184 + grpc: + port: -28967743 + service: RteTOOJppyrxjp + httpGet: + host: KoK + path: i + port: 1238653747 + scheme: 蜛Ϥ餕 + initialDelaySeconds: -678114858 + periodSeconds: -1932943963 + successThreshold: -1295008485 + terminationGracePeriodSeconds: -3458096367496475490 + timeoutSeconds: 1251310237 + restartPolicy: 刊ǵ椉Ž5荭¶@Ǻ + revisionHistoryLimit: 1248617462 + schedulerName: NtMcVkr + securityContext: + fsGroup: -7790002735836358939 + fsGroupChangePolicy: '猰tą3圇épțU串ɭ惟璼ʜ ' + runAsGroup: 7078321909676639038 + runAsNonRoot: true + runAsUser: -3795473018051875448 + sysctls: + - name: 4bbbOThlM9 + value: OeQ + - name: KzYDmoPm + value: RQkJ4 + - name: gSEB + value: fCw + strategy: + type: qsB + terminationGracePeriodSeconds: 1536232091 + tolerations: + - key: Kme1g + operator: 鸋傚脨ʌȰę,缶 + tolerationSeconds: 9185074187324502073 + value: HP1mcWeehE + updateStrategy: + type: EMvj5gD +fullnameOverride: jio8f +logging: + level: A9j +monitoring: + annotations: + B4Q2a: VlA + WnWMB0U1lR9: ZFtiwVrCZ + gukX6: JE + enabled: false + labels: + HK92: SBAJug3 + namespaceSelector: + any: true + matchNames: + - knSJx6Z + - L0F + - zfWi9TED7ybZ5 + scrapeInterval: 2546609h10m30.192081859s +nameOverride: mn +service: + name: El70 +serviceAccount: + annotations: + UCvD: zlN0tsbA + create: true + name: ZkHM +storage: + volume: + - name: PQgVp5UAKMh + - name: m + - name: "" +test: + create: true +tolerations: +- effect: egɕ=1粊憎Ț$òɎ噸庤ɯ + key: do9aqZLTZ6HKm + operator: ÚǘDz姦éy便 + tolerationSeconds: -8194188728085215250 + value: kaktY +- effect: Ŷ)営雲 + key: LUyN34n + operator: ȲxȖÊǢʓȦ孻 + tolerationSeconds: 8850115598563487459 + value: au +- effect: ʄę媚醌1酙1驏ȴʦXœć + key: I9iCfca + operator: ~贙k閷Ɉ_蜦硺楚Ir廜匳&ğ-5Ō + tolerationSeconds: 5427922333042530071 + value: 2KaG3k +-- case-040 -- +auth: + sasl: + enabled: false + mechanism: eXWm9 + secretRef: M4pqhD32D + userName: KF7Nnx +commonLabels: + 4bQpba: iVh + "n": "" +connectors: + additionalConfiguration: qvMttAMx + bootstrapServers: LRTyIJY + brokerTLS: + ca: + secretNameOverwrite: rRP + secretRef: E + cert: + secretNameOverwrite: peG + secretRef: P5mPIj + enabled: false + key: + secretNameOverwrite: Tbz + secretRef: mBxPtYNUs + groupID: br + producerBatchSize: -2033745427 + producerLingerMS: -1500250091 + restPort: -1022927047 + schemaRegistryURL: cL1M + secretManager: + connectorsPrefix: cS + consolePrefix: J4nFaA + enabled: false + region: REh2 + storage: + remote: + read: + config: false + offset: false + status: true + write: + config: true + offset: true + status: false + replicationFactor: + config: -1386973481 + offset: -1418511808 + status: -748221252 + topic: + config: 9Qtxti + offset: H + status: BP +container: + javaGCLogEnabled: QXA6zua + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + annotations: + 6WNO: UvMxPC + ItkfXr: HoRGq + OqfY9eu: U + budget: + maxUnavailable: 175031450 + create: true + extraEnv: + - name: pwJ0I3ZEUK7 + value: aaFCEfM + valueFrom: + configMapKeyRef: + key: DXmjvM9 + name: JYBPb + optional: false + fieldRef: + apiVersion: 9fI + fieldPath: 90keHRVll + resourceFieldRef: + containerName: rBYEwmI + divisor: "0" + resource: Sn9Gkn + secretKeyRef: + key: T3YsImGDrshtv + name: w + optional: false + livenessProbe: + exec: + command: + - f + failureThreshold: 285554662 + grpc: + port: -2014863639 + service: vhVVIzVohs + httpGet: + path: vvG1 + port: "9" + scheme: 阖ŅxĦ鍾?翽 + initialDelaySeconds: 620513520 + periodSeconds: -983699293 + successThreshold: 537883135 + terminationGracePeriodSeconds: -6388371474898008574 + timeoutSeconds: 843588973 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 19IV1NC + operator: ȃ}CĚ蟡ɨvǢȺ + values: + - "" + matchFields: + - key: xl + operator: VĦɓ洽Ă滕煂 + values: + - jreFryn + weight: 1586123299 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + nodeSelector: + ne: QT3mjpm7B + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: lCaMS + operator: 膳ƶHʭ暍鮊ŏŕǶp9繒Ȍ鐦M~ŲT + values: + - vWH + - i9bXTrq + - key: 9i + operator: ħ}楆$滚 + - key: 7Cy + operator: 曀螱ʞp茟{骺嘅共鞥x逈¢ƣ' + weight: -116851189 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + Z1tWVGm: e7EmPW + Z3d: 5iGMNPlYG + matchLabelKeys: + - xbzQW + - xgW + - cQ2cTvDEvI + mismatchLabelKeys: + - yLsV + - 3ywbXylVu + - WUm9vGoqT1xY + namespaceSelector: + matchExpressions: + - key: "6" + operator: Q晦ŅǒƂȇ + values: + - ka1gnhq + - 7F + - DeX0 + - key: YoH7Cwsbl + operator: 恴j$'%P嘇 + values: + - "" + - FgHmtv7Dv + matchLabels: + E: q3RqGm + VFHD: l5 + namespaces: + - JDVu + - Jp + - sgN + topologyKey: 0Y30wF + - labelSelector: + matchExpressions: + - key: jMaH + operator: 侢ǻ蹒-Vmɓɛ廏潂譈ƤR + - key: 9B9oc51 + operator: 靏Q|g&ʂ覂 + - key: r + operator: "" + values: + - Pi + matchLabels: + RWbEj: G + matchLabelKeys: + - GQ6u + - DoezHg + - VucamL + mismatchLabelKeys: + - DZV8i + - Q5w4 + - GIR + namespaceSelector: + matchExpressions: + - key: pH + operator: Q袼ʆµ禔q + values: + - "" + - key: q47oWCI + operator: ǖ櫗ã諚框郓ǧy(M橠Ⱥȗ紶Ġ?镏{Ĺ + matchLabels: + XC9g: X9vW + ay7: HDfiZS + hk: oZm0oN + namespaces: + - 099SbHnMR + - D83JPVR + topologyKey: egq2DL + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: DiR + operator: Ɠ;苖,ɳȓ麛H[qʗcȟ.&齧į_Ȥ + matchLabelKeys: + - A35AJ5Fx + mismatchLabelKeys: + - jq4 + namespaceSelector: + matchExpressions: + - key: 618BPJ + operator: 揇õ亏暍WƳ`繥zjĞ已ǧɤ + values: + - Sd + namespaces: + - w3CMzZV + - 4YrTjo + topologyKey: RQOw + weight: -2037086478 + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - z4roLehGIu + mismatchLabelKeys: + - iPnBzD + - we5NI + namespaceSelector: + matchExpressions: + - key: QNrHklC + operator: 鬫崤駂懄鐻君x8ʇ潩ɥžTE¬*Sɹ + values: + - MJ + matchLabels: + M8: T + namespaces: + - msRwtqnkMck + topologyKey: rCJ1sQw + weight: -1311337064 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: Yh25gQp + operator: "" + matchLabels: + MH9S: W39vSzna + U7ph0fJ: U + Wfisq: tp + matchLabelKeys: + - hUEM + - bwGbM3B + - 7qA3sIzD + namespaceSelector: + matchExpressions: + - key: Y6zd + operator: IWţ>ɖǮ嵑Q姝銄嶅躣ĸTʡ煛妪)ǻ + values: + - RYq + - key: XE6b + operator: 獘琬DGí麮煙U8ɴ揅懌À圪y齁Z. + values: + - tg5RzsV33R + - njO + - gwxHfV + - key: kUf + operator: z`牸,尿圗薷ɱ暞Üɫ驛Ɯ + values: + - N3 + - "" + matchLabels: + UPANoyszO3: DqKx + namespaces: + - q + - T + - RntZN + topologyKey: A6n8rjlMHwlgliat + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: aSxOcR + operator: _齯嫉Ħ + - key: AZePAX + operator: wɦ 蓋ʏ炚ȚǐĂfzŵ嫊Ǵǡe釕 + values: + - llnNm + - mksz + - rhSgv + - key: jmu0L6njnJ + operator: Àčťt§ƚʎ莽5謹W胱V嫻ŠMİ啫7 + values: + - MA6 + - xyGSDP + - wykiW + matchLabels: + "": geXhh7JgW + BPr4JUbf: T + c: P2G + matchLabelKeys: + - bIlVRSd + - LxbTkE1 + mismatchLabelKeys: + - 5CJ + - Q1 + namespaceSelector: + matchExpressions: + - key: MHL + operator: O败 + values: + - 6HK + - key: TlK + operator: «V念VáƂ>糸猠-滜 + values: + - aAqd + - DU2IY + - 8TmjiCQPB + - key: J + operator: 泛İɉGȜȻ豦岫ƎŚd檯Ɏq + values: + - JWMWurN + - ist + matchLabels: + IyOEuM9iLPf0m: 2M3Oz + topologyKey: 5FMo + weight: -1885128402 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: cx + operator: KȵG[呖ǸbřǾ:5Z峕鱒 + values: + - cb1gAuU + - 5SR + - key: VhMrp + operator: 枇ā癣#u兂ʘ°ï]ł鋃Ȁ÷|锕+UɎ + matchLabels: + 1w: GVqua + VTVC: "N" + zJs2: 8J0rkyK + matchLabelKeys: + - eD8nG + mismatchLabelKeys: + - VBc + - Ps61 + namespaceSelector: + matchExpressions: + - key: c + operator: WVQ殰ȃ邵ʧ壤Ȃ餝HW稙癑0婝/苤ʝ + values: + - Wo9PeYtzAH4 + - Pd6 + - key: LKb + operator: iwU籇Ǜ螜撉ɦ緓 + values: + - hfFaR + - SYO + - key: jaWpOQ + operator: 葅輴ʤuş馀ťUpƟƨB頎b軖+ + values: + - S + matchLabels: + 0rs2: 6U624Rs + Jm9: qw5 + UXkt0l: Nnny + namespaces: + - pp6 + - PpD43UPH + - yGyzDnb + topologyKey: dOQt + weight: 2027685501 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: FQ + operator: Ě$唵ljs忼ƍ崛ǦA羣捌偾粳Hu銐狣 + values: + - cjD + - key: p4ovi + operator: 厌`(茮ǰ厅ì瞐Za髭幟 + values: + - N9uzrid + matchLabels: + Aj: SkF5 + WSdwL: "70" + namespaceSelector: + matchExpressions: + - key: VnuF + operator: WXç缅紷&goc忷ĕ瀸 + values: + - o + - key: 6blyAM + operator: 菹ƚ摎枵NJ + - key: Pk8z6pc5 + operator: mǁŦ歃Ǽ + values: + - 1YIsb + - fOGtzStos4e + matchLabels: + cNN: k + tH7VC: "" + namespaces: + - hWILh + - "" + topologyKey: 6dn + weight: -670386716 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: ffMQ7m2 + operator: 鴮爫ƞP{j伮浸軠ɭ[PȖQɓ尼M + - key: RTdpF + operator: ; + - key: IHf + operator: "" + matchLabels: + EVhEM: ni9keKo + mismatchLabelKeys: + - 4MUn + namespaceSelector: + matchExpressions: + - key: EkFrl5BBSn8NItyWV + operator: ./c + values: + - "" + - XHbe + - bn0Ln0gKL + - key: Uah + operator: Ʈ6枪伛泿VMĪƍTƤæL櫾ț酞 + values: + - OUjy + - QBmPfr + - mA1eXp8C + matchLabels: + tJ: dZ6 + topologyKey: KpySEIcfuNz + - labelSelector: + matchExpressions: + - key: wA5FZmh + operator: ?V謳抑鼺挑ǥ冺刎 + values: + - 3LYczXN9xVC + - key: S1 + operator: 7nc埊獳ŌR椾&?sʙß(ú + values: + - Tz2Vt + - "Y" + - kpC + - key: Jw + operator: .|?ȏǣv{M沪/ + values: + - AGyJ + - c1CKs5 + - "" + matchLabels: + Rp: iHT + matchLabelKeys: + - o4R + - JIi9IrD + - 7pRw + mismatchLabelKeys: + - Nnk + - 951ew + - DP + namespaceSelector: + matchExpressions: + - key: 7BmzMWwSRU + operator: 儰秘# + values: + - "" + matchLabels: + G5mmHJKQ: H5MG + namespaces: + - ACoFip + topologyKey: HuYKSfDqKssl + topologyKey: e0F8oLDkCTd + type: WlI + weight: -2036050375 + priorityClassName: gSQWfwbf + progressDeadlineSeconds: 570610379 + readinessProbe: + exec: + command: + - jSxwiEDOrw + - 0Dcuuj + - H + failureThreshold: -473671565 + grpc: + port: 2072344414 + service: Tb + httpGet: + host: OSJEX + path: C + port: n136psopLQ + scheme: ɢ糺sªǟ驲gɶUʩč02跡Ť苚2 + initialDelaySeconds: -2130499066 + periodSeconds: -39801992 + successThreshold: -1693089511 + terminationGracePeriodSeconds: 289625866324453619 + timeoutSeconds: -1707372527 + restartPolicy: °č + revisionHistoryLimit: 1380150017 + schedulerName: O26H + securityContext: + fsGroup: 7015643872446876 + fsGroupChangePolicy: 烳=~沽侣X + runAsGroup: -3630702614293936724 + runAsNonRoot: true + runAsUser: 4388805261963142582 + supplementalGroups: + - -7755253763247302204 + - -3310400039802531810 + - 2051254341870837963 + sysctls: + - name: 7UwNr + value: tkn + - name: nGm + value: V + - name: KhS + value: jbpUUVGjT + strategy: + type: 7Mz64 + terminationGracePeriodSeconds: -1194184480 + tolerations: + - effect: 曶ámɶ役ōœE顾坳4Ńɟ蒷Ǚó + key: 3u + operator: 卭ƺ?o + tolerationSeconds: 701640152884990149 + value: N1ekj + - effect: '[ȝ伨]鸲Z;ʞ9阏' + key: 6jmY + operator: n骯Ǩ + tolerationSeconds: 6874204552685767957 + value: saUOHQxkY9 + topologySpreadConstraints: + - maxSkew: 1898212660 + topologyKey: Ovevl + whenUnsatisfiable: PFGhR + updateStrategy: + type: KdJp +fullnameOverride: NCw6T6UcQY +imagePullSecrets: +- name: u +- name: 13J +- name: q9t1lU0k +logging: + level: Tb +monitoring: + annotations: + eZHJsIIV4Rky: Pk + enabled: true + labels: + n5El: sDg0twGSFjIgP + namespaceSelector: + any: true + scrapeInterval: 239636h9m22.788738258s +nameOverride: 4iNcef5 +service: + annotations: + LG: ZJQw2J8u + g: 0z9gQt4Yj + name: KxK + ports: + - name: 61dR + port: 9129423 + - name: p0D + port: 1391241101 + - name: 0MZ6s8 + port: 708219631 +serviceAccount: + annotations: + "": s + 6aAoyzS: BVK + SV0dnqH: Rk + create: true + name: FKhGHe3aO +storage: + volume: + - name: kXFFnM +test: + create: false +tolerations: +- effect: 錨 + key: MlBJ + operator: 菛垜 + tolerationSeconds: 8052990160895509636 + value: DUs0Wq9 +- effect: 鸯¨ŭ.6罘逢YĊCK蕛ʭ姪 + key: Iz26 + operator: ',F鐖烁喷' + tolerationSeconds: -4458555514794455537 + value: 32m +-- case-041 -- +auth: + sasl: + enabled: true + mechanism: I9OZ + secretRef: 2h + userName: BxNfJ +commonLabels: + AwT: yIHdj1wxg + Lr: zYUtd + eP0gw: ZlmzgOXE +connectors: + additionalConfiguration: "9" + bootstrapServers: jts02PD + brokerTLS: + ca: + secretNameOverwrite: i + secretRef: zmW + cert: + secretNameOverwrite: TU4R4tW0Nd + secretRef: G485 + enabled: false + key: + secretNameOverwrite: hDX + secretRef: dQ5 + groupID: KfcZtgISe + producerBatchSize: 1953552561 + producerLingerMS: 540861319 + restPort: -1621274024 + schemaRegistryURL: Esqu + secretManager: + connectorsPrefix: FwZ + consolePrefix: "" + enabled: false + region: e + storage: + remote: + read: + config: true + offset: true + status: true + write: + config: false + offset: false + status: true + replicationFactor: + config: 1120929712 + offset: -1861439076 + status: -1718786575 + topic: + config: n4 + offset: V + status: fLR +container: + javaGCLogEnabled: cjZh + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + budget: + maxUnavailable: 440511891 + create: true + extraEnv: + - name: WRSeLSQyxsq + value: 0xespo + valueFrom: + configMapKeyRef: + key: gsjkH + name: hjYCF8i3u + optional: false + fieldRef: + apiVersion: ilis2lH + fieldPath: slhYb + resourceFieldRef: + containerName: ufey2VJTCmS + divisor: "0" + resource: "" + secretKeyRef: + key: nR + name: GKz3 + optional: false + - name: ic + value: N8MdK + valueFrom: + configMapKeyRef: + key: 1QJrX + name: LxK + optional: false + fieldRef: + apiVersion: 0z + fieldPath: UgaSLG1n + resourceFieldRef: + containerName: i + divisor: "0" + resource: "4" + secretKeyRef: + key: "2" + name: ZCqRHp + optional: true + - name: 2TZr + value: P1UUXZH9 + valueFrom: + configMapKeyRef: + key: wgHcFon6xI + name: 6aZcc + optional: false + fieldRef: + apiVersion: dt8 + fieldPath: THGVGMQc + resourceFieldRef: + containerName: Ml + divisor: "0" + resource: tSc + secretKeyRef: + key: L2StNK + name: Qhiy + optional: false + extraEnvFrom: + - configMapRef: + name: "8" + optional: false + prefix: Z3pv + secretRef: + name: c + optional: false + - configMapRef: + name: O3v + optional: false + prefix: eXtX5G3zTnAr + secretRef: + name: FU1b + optional: true + - configMapRef: + name: cLEurajaTv1 + optional: false + prefix: YX + secretRef: + optional: false + livenessProbe: + exec: + command: + - 9lV + failureThreshold: 724202040 + grpc: + port: -1896907397 + service: 1WWZMqI + httpGet: + host: 44PUVI + path: b6Qps + port: 0Hvh0 + scheme: 陙+霒ȁ + initialDelaySeconds: 1171548340 + periodSeconds: 1136904972 + successThreshold: 1663228806 + terminationGracePeriodSeconds: 1596899246031282013 + timeoutSeconds: 1255816268 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: poCuXUDdP + operator: 3m脄Lj伭ĸ_ȢV!fĩ聿粵昫Ȼ_Ȁ + values: + - bGZy + - key: mxZi7 + operator: 噴姷ʃƸUl>" 噸Lj#ǖHǑv + values: + - vBoyb + - 2VHyI + - key: T + operator: 汜!NJ + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: nLpF + operator: pʭ:DkƚȗP´紽= + weight: -2090871760 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + P: cLp + R11HacB3: 9RqZ + a58: An2 + matchLabelKeys: + - 0O + - gUHbxc0r + - oVpvDVeeBt + mismatchLabelKeys: + - Wv9b + - ZMrNSw + namespaceSelector: + matchExpressions: + - key: TxV + operator: 暌枀R櫇杭 + matchLabels: + "": 1zdSdekKNMM + Cvc9SWB: ayTsVhL + R3BCuM: D2nQvdp + namespaces: + - 86sX + - mS0MBJIxjuB + - uz + topologyKey: a3E + weight: 1708458023 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: QyM + operator: ñ謵g鄜Ǫ莀ś震帑X + values: + - HfAl + matchLabels: + P: TC3 + fThGsVJlo: "" + p6OA8NR: YqzS + mismatchLabelKeys: + - i8o + - SjkWvAG + namespaceSelector: + matchExpressions: + - key: LNn0eU + operator: ƻěµ揁ȟɤ桢Ɛ>绿M\»?Ʉ烐= + values: + - aNRS + - L1NpnUi92 + - key: A + operator: ȀE俫囇Ð鑒Ŕɕj揿J4 ƜƕȔ顠Z + - key: Lol + operator: 鋑祏¤m{\w'潐揥 + matchLabels: + "": eWRv + wRe: 9IuckN + topologyKey: 0D4 + weight: 2119475842 + - podAffinityTerm: + labelSelector: {} + namespaceSelector: + matchExpressions: + - key: AjGs + operator: (R瀳拊ǥit豁菻粸 + - key: b3nRH + operator: ćȹK圎盎I鼆呫痼 + values: + - Dom + - RQMg52 + - BcBODCwowaWn + matchLabels: + NMMTJCj: UsPDH + ip: baDNC39iM + rDr: p + namespaces: + - Byn5KSoK71 + - vF + topologyKey: Yw + weight: 1950258213 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 3qpdG + operator: c4-ÖS杺束1d煵ȩ簂嶎倖骄Ɍ$#Z + values: + - "3" + - key: L + operator: 耦V@­繙ť烗荝Dž @顕>Ĺm葍(B + values: + - ADR + matchLabels: + Ks6: 4H + crEfPdZ: M5mH + wWc0: w + matchLabelKeys: + - y0gl0w + - nuOpg5 + - Ro1eMA + mismatchLabelKeys: + - ohqF + namespaceSelector: + matchExpressions: + - key: "" + operator: 乻ũ鳅ǸƹņƜ茀ǹm歸ǃǧ殯WqW + values: + - c6wHwn4V + - bnabZlF + matchLabels: + CNJ9it: Pdp + namespaces: + - 6P + topologyKey: mws + - labelSelector: + matchExpressions: + - key: FM + operator: '{欲齜L!ƅnji!T菞ɜc珡坹|' + values: + - 5hjp + - key: OXfaexE + operator: H桄鲩§ſ/cUKG廾cLǾ瘃崚 + values: + - X9rSbDb + - key: Po94eM + operator: ®餑鑱崾歀驽 + values: + - ZaHXvJdaV + - JUq1 + - eR6 + matchLabels: + 9AR: ImAe77 + mismatchLabelKeys: + - DB2GXoYzO + namespaceSelector: + matchExpressions: + - key: scq + operator: 樰mǼ + - key: XPlg + operator: 抷½鉞H膑愭 ē + values: + - Zcqeo + - "" + - RrYuQZzQ + - key: X8GK + operator: ǧŷ + values: + - Oo2Rf + matchLabels: + anEo53b: yblBZcNB + ymCkjK6fCfH: 5k5uIkVNy + namespaces: + - dThUvgS + - p2ts + - eS56TMUxGp + topologyKey: TEvh + topologyKey: cW + type: "" + weight: 1923787359 + priorityClassName: AO + progressDeadlineSeconds: 1079618075 + readinessProbe: + exec: + command: + - Rb + - RI + - "" + failureThreshold: -1131780392 + grpc: + port: -599447137 + service: cq7 + httpGet: + host: SsaWorg + path: UpplF + port: 516047544 + scheme: 牋Ƙ榊 + initialDelaySeconds: 1799248585 + periodSeconds: 373984687 + successThreshold: -1503317917 + terminationGracePeriodSeconds: -7669958782954712463 + timeoutSeconds: 266568456 + restartPolicy: Õ験蘺Sg怰S²蜵-Ǿ笭ī庩X圂蓦5< + revisionHistoryLimit: 485115195 + schedulerName: MF3RwzBCk + securityContext: + fsGroup: -3871220937207142458 + fsGroupChangePolicy: Y蹐\¢倅J趚i転 + runAsGroup: -8140185145867863431 + runAsNonRoot: true + runAsUser: 1443110212215096345 + supplementalGroups: + - 4202411183995629949 + - 9074875661218953213 + - 3682145535007526084 + sysctls: + - name: a9wm1 + value: V48LpVsGVpu + strategy: + type: z1MRV5BXaS20 + terminationGracePeriodSeconds: 1526850382 + tolerations: + - effect: k積Lj + key: YsgfsWrB + operator: Žʚ8鋤縅÷ʪ镲 + tolerationSeconds: 8712200771279582343 + value: 0BC0Sc1 + - effect: a + key: pWUIfI + operator: ā5NƑ鬜牣^,儕髬ǖ藍 ŠɯǦ + tolerationSeconds: 7946113276490164519 + value: lsKkYhoC + - effect: 燀芜/ƶ@犩ɫƭ紱刃飚dēW帠 + key: VQfdy + operator: 腼ʮǬĴǠɬ + tolerationSeconds: -8924157374760987206 + value: UlBiper + topologySpreadConstraints: + - maxSkew: -623096425 + topologyKey: fFI6B + whenUnsatisfiable: PdDm + updateStrategy: + type: Hm36839yLnm +fullnameOverride: AqjekuF +imagePullSecrets: +- name: JeYmHo +logging: + level: fhSGoGeOVO +monitoring: + annotations: + 7gh5s: YcQQPJlU + W2IS: vZNG + bcuaxtS8Sj: F8QJd4 + enabled: false + labels: + CHV: zTXw0 + f: xv + i7b: 5Icwid + namespaceSelector: + any: true + matchNames: + - yTNHdgcpfYS + - 7ezGBhn1FJ + scrapeInterval: 1305701h8m48.166311732s +nameOverride: Ur +service: + annotations: + Z2dqRWb: FmF + name: bjGFkzr + ports: + - name: PoEHOjF + port: -510390395 + - name: DH7c + port: 369451694 +serviceAccount: + annotations: + j5DbR: "" + create: false + name: 1LIGRd6z +storage: + volume: + - name: JoBYh + - name: 4s31 +test: + create: false +-- case-042 -- +auth: + sasl: + enabled: true + mechanism: N6 + secretRef: zV + userName: ksTD03R +commonLabels: + 0F3sU: SaJRcWm + GUF2flpqQUL: KKAcWWY5 + NIiGBL37: eCFaXQGs +connectors: + additionalConfiguration: VHWNn7cM + bootstrapServers: Cufj + brokerTLS: + ca: + secretNameOverwrite: 6CC2 + secretRef: ahw + cert: + secretNameOverwrite: pCPJclf + secretRef: XynCs + enabled: false + key: + secretNameOverwrite: c2jX1p + secretRef: 4JoKw + groupID: 3QzOolf5 + producerBatchSize: -227006427 + producerLingerMS: 282669617 + restPort: -1489153770 + schemaRegistryURL: 0NFMF6Sql + secretManager: + connectorsPrefix: XkmA + consolePrefix: uOHBYjCeV + enabled: true + region: HAnfg7IX + storage: + remote: + read: + config: false + offset: false + status: false + write: + config: true + offset: false + status: true + replicationFactor: + config: -948402977 + offset: -529217276 + status: -1552614518 + topic: + config: P + offset: It + status: wF +container: + javaGCLogEnabled: "" + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + budget: + maxUnavailable: 1629881483 + create: false + extraEnv: + - name: Fif + value: 3tSkpD + valueFrom: + configMapKeyRef: + key: REro1Fq + name: L9wKUwjKABNYV + optional: false + fieldRef: + apiVersion: Jpb2 + fieldPath: 8UAa6RrFC + resourceFieldRef: + divisor: "0" + resource: 54CvEvHC + secretKeyRef: + key: F + name: cByAdOH + optional: false + extraEnvFrom: + - configMapRef: + name: YcRcIU + optional: false + prefix: kBHfd8qG + secretRef: + name: qYDGh8F + optional: true + - configMapRef: + name: RqArRvKcx + optional: false + prefix: Nk + secretRef: + name: o66DF3e + optional: false + - configMapRef: + name: FAcAyd6s + optional: true + prefix: 6MjNWd + secretRef: + name: 8B + optional: false + livenessProbe: + exec: + command: + - RyaDt95rbS + - xB48 + failureThreshold: 784891686 + grpc: + port: 390551496 + service: fVkZ + httpGet: + host: rIuzFin + path: NGsJoEcvH + port: BMI + scheme: '{銧澅ŗ妪ɑ鱄Xŋɘ@癳:­g' + initialDelaySeconds: -1933904380 + periodSeconds: 276259650 + successThreshold: 2046548753 + terminationGracePeriodSeconds: -6638478800684614739 + timeoutSeconds: 1573691516 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: WdCi3K + operator: K愉獝8ʊ_-DŽ + values: + - z + - a8fo2i + - jFI + matchFields: + - key: A + operator: ǪŊe>?啚竈鹿蜩-¿ʒ + values: + - LO1mpxYfL + - key: Izo + operator: -Ù=粆貘ʼnɟph + values: + - HXsf + - i8G + - key: VTyRD + operator: ɸ + values: + - WPVh + - 0tmIEB4c + - matchFields: + - key: oohVNIkSc + operator: ǎ8鸗襋ãƋ[ + values: + - k5ac + - Rqt1Oi + - ccc + - key: Jb9lgJhH + operator: Vjʁy笊# + values: + - Kkpi + - jTlWbv5UPrD + - matchFields: + - key: Rg + operator: 洂{Ŋ秗AƵė蕸ʚʨT³遫< + values: + - zZDzBsm + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 0PWrKZSAA8EIc + operator: Hʯ匎)1G蹩Ð趦Ȃ禽Ų{ǘÒƶżn\ + values: + - fXOr + - 7U1Ics + - "" + - key: STfde + operator: 銲 + values: + - 29Vn + - wNjqS + weight: 741986916 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + NhiZwhBuO: h5IvAFqx + matchLabelKeys: + - hSkqAMLm + - PQ3KCpn + mismatchLabelKeys: + - Vyc + - 57y + - LdH + namespaceSelector: + matchExpressions: + - key: I8 + operator: 猊ɑÒ昍ő游 + - key: LD0xPi + operator: 掯6Ȓ骁 + - key: sqVE6U + operator: ɧǓR麐H`&驯苨镪覕ɚWʁ繊5 + values: + - UC + - p + matchLabels: + 7XjD: kIxut + F2tD: m6 + Z: 9fj + namespaces: + - Epk + topologyKey: K2kmRJbaS + weight: -1127986578 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: HAxkB + operator: 'w ' + values: + - Rbl + matchLabels: + hlZgiLqv: "" + mbw: qzC2I + mismatchLabelKeys: + - h9W + namespaceSelector: + matchExpressions: + - key: RsAXrqlW7 + operator: f+医屨Ȫfƣʥõ巻隒ȱ繗镗}琸ƪ + values: + - xpQj + namespaces: + - Z + - fL86 + - yjWwvzz3HL + topologyKey: ReSGOlVKW + weight: 1976075077 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: PVC + operator: '}霬变滑铒;ȝPõ割ņɥ' + values: + - hH + - SyoM + - key: wEUm4 + operator: O>垽Xk*Ȟ + values: + - LP7TxsN + - yA0qMiZhntz + - key: z5ej + operator: 叶濯šŀ瞺Dj撂Ü$鬉 + values: + - "3" + - SayBRwXjLss + matchLabels: + kryupfr: "N" + mismatchLabelKeys: + - 7v58Aijbbzr + - 5Td + - "" + namespaceSelector: + matchExpressions: + - key: NPR + operator: ĆŽPǶǣǜ,t鍋特,簬 + values: + - Echt + - S2zBVD + matchLabels: + b5m: JCUgN4 + namespaces: + - 5tFo + - ROQBeEaCa + topologyKey: "" + - labelSelector: + matchExpressions: + - key: H0 + operator: GƇbǼuȌx舺®茳Ǣ憻°r鯗 + values: + - 2pWjFL + - Pd + - key: iF395JQy + operator: 翭薯³e觙窒_e{kĘ + values: + - ElB9TE + matchLabels: + arlQ1: 5Ji3V + cfD527SUZXN: B95nY + npPKK3n: jQ2Nk + matchLabelKeys: + - fZh6WLiv + mismatchLabelKeys: + - jmBW33O + - vczPF99 + namespaceSelector: + matchExpressions: + - key: "" + operator: $^.鼖顧誑>:×兾 + values: + - 33sh + - MkhT + - aceo88Nxvo + matchLabels: + IMizQHA: m + fbOw: Et79k + t: 4BlF + namespaces: + - "" + topologyKey: j + - labelSelector: + matchExpressions: + - key: DBm + operator: 6<Ɠƍ柵ƹK鷨Žů胞朱 + - key: EW + operator: Ȼȇ϶綎渗DzȜȕC庮辞ɔ + values: + - bkmB + - lH + matchLabels: + "8": vrm + F: 9LRR + G: Qknw + matchLabelKeys: + - XDBVVJD + mismatchLabelKeys: + - k1vdw + - JHcKRmh + - YBaCax + namespaceSelector: + matchExpressions: + - key: hRX + operator: ɡÐbïſ佖蘑播譽h3`Ƀ騅\尲- + values: + - 9xi4 + - QwOFfbmV + - key: bcA + operator: _%ó=©~ÈƦ>Ä礜 + values: + - typiPHsA2 + - tR52 + matchLabels: + "": Jtgef4L + topologyKey: sKnzsZj + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + Ng12: "0" + QyudSu: tsRA5y + VN9G: l + matchLabelKeys: + - K + mismatchLabelKeys: + - KRP2 + - eII2WRDSD + - irPHaS + namespaceSelector: + matchExpressions: + - key: TKoBwC + operator: ʧʋ騊鸦)ĮeUðVXI鍵Ǵ + values: + - mLxI0Wg + - Mzb0A1w + - tvF + matchLabels: + OkqFT: fweHH + Z9p: ubKfGhvxM + xNNR: ZJOxMl + topologyKey: uooEh1P + weight: 1385222265 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 02mz3TF + operator: Uë帴Ƙºb顛Î< + matchLabels: + 6GGA: pc6WNhW + nApBYzP: DYF4RQ + w: d + matchLabelKeys: + - pHV + - QHr + mismatchLabelKeys: + - vyygwe + - x + - yjf + namespaceSelector: + matchExpressions: + - key: CVbZ4UXGJU + operator: d虌|芈 + values: + - X + - CQOoQv4J + - baPs + - key: 9CRLLSg + operator: 灈选/塄Jª佨5漍Ĩ鑐+婨$斕«圪Ɯ + values: + - TOZk6JD + - key: R9NR + operator: ú-ZƗ餦ĵ跇:ō擱饍 + values: + - NCPg + matchLabels: + "": I3WuOi1b2 + oo: jY0oqR + namespaces: + - Tqrc6Ze2N + - cwqJG8fEZ + - Enix + topologyKey: G + weight: -1520224775 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Ycp3KvRGz + operator: ɪ惐ʕ漲竹虣pȤ= + values: + - 2UO + - 6M + - HxThxOi2V + - key: o592O0 + operator: Į~Ȩɇ煢贯嗼 + values: + - DoHIEpQDxot + - CHQTeD + - key: 2u8kQT + operator: ʃ + matchLabels: + 1yzAgQmi: ksb6DdF + matchLabelKeys: + - cHo96 + - kuHW + namespaceSelector: + matchExpressions: + - key: u4 + operator: 懌V炠劭迈țġ + values: + - k9FIUOj + - J + - key: uwMyy2qYx6hy + operator: h/ÆƴɆ腿F聈 + values: + - uei + - key: sswBKfF4e + operator: 牍Ǖ啳ɸ碟l鞢=叠喜ī=Ų齣墛靰Ô + values: + - R9KxFV + - Voq6Z + namespaces: + - qywMPFgqR + topologyKey: 4bTD + weight: 607381810 + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: SFS4n + operator: \喆Zơ穿蹇膣憮 + values: + - 7XfjCE9 + - key: 1qwRrI + operator: Ǹ8\棧係 + values: + - EftX4 + - key: GJO + operator: ɮ件ǚ謮Ǿ佄 + values: + - ZPiBXBh + matchLabelKeys: + - U + - NYI + mismatchLabelKeys: + - RPvU + - tsP + - UTI + namespaceSelector: + matchExpressions: + - key: ZAM + operator: 3¿ťM彅 + values: + - DMm3F4GI + matchLabels: + KS6no: xRO + Ljsiegm: JJhji + tpre: EKt + namespaces: + - KceYF6pL + - "" + - I3c9p9ndODqy5 + topologyKey: x + weight: -453783752 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "" + operator: 柨2½vq舀髼齔Í蠔 + values: + - "" + - 89A2 + - vu + mismatchLabelKeys: + - uj + - 9DS4IruvqS + - 5hiI + namespaceSelector: + matchLabels: + a: 5oM + kfAKrh: i + o3XC: Lmn + namespaces: + - O + - wzhuV + topologyKey: bJsgWL + weight: 811646551 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: Ks + operator: 钷ǀʝ + - key: GA + operator: :ĕū温槑蹥Ʃ + values: + - x5h0N + - xs + matchLabels: + 2R: 0uO + 6lkH: 9mu + k4L4vQRyl: bER4lJ + matchLabelKeys: + - cPXNS + - U6 + mismatchLabelKeys: + - xUdn + - HmU + - tnS2Jk + namespaceSelector: + matchExpressions: + - key: HmYpl + operator: p恾TȽCú瀺i4LĎƀɎƉ7A{Ț + - key: CwHHd + operator: 讥磖厒槡c7\ɞ晧懊 + key: b + operator: ĸ傜郠Ĩ沲INJ5ȴW离Úǣ' + tolerationSeconds: -4016572537968724845 + value: wLj4YcHC7E + updateStrategy: + type: 6P2B5DOkpdaY +fullnameOverride: GhHS +imagePullSecrets: +- name: KKI2K +- name: t5qixoHm +logging: + level: MkT53E +monitoring: + annotations: + kSsMHYkP: hdg + enabled: false + labels: + "": rbJDO + 3qrEiU: On6nePI + c: aQavQj9 + namespaceSelector: + matchNames: + - Pp + scrapeInterval: -1405670h6m56.58808485s +nameOverride: s9WyH2Y +service: + annotations: + fzz: CLoaDJm9w + rryVp: TZ + name: 8Tb8k + ports: + - name: GYfGwLr + port: -1114107001 +serviceAccount: + create: true + name: w +storage: + volume: + - name: aWdnfP53 + - name: 88Qdn0Y +test: + create: true +tolerations: +- effect: y寫ÃY=ÿ勓霌猆7訚篹 + operator: 秹yƂj + tolerationSeconds: -808124645233925629 + value: MEkdJx +- effect: 阔ɛHĠP灃oN伎Dz遽ų + key: KSBOWC + tolerationSeconds: -2431873710746455413 + value: A1eQM +-- case-043 -- +auth: + sasl: + enabled: false + mechanism: gsR + secretRef: PIWVDNSJ5h2 + userName: Nb +commonLabels: + Mv: hvvf9ur + aWpK: fy05 + xYCcuP: zC +connectors: + additionalConfiguration: d9YXDim9 + bootstrapServers: r + brokerTLS: + ca: + secretNameOverwrite: 3ULc + secretRef: db + cert: + secretNameOverwrite: xB + secretRef: u + enabled: true + key: + secretNameOverwrite: Lof + secretRef: Nm + groupID: tAHp058 + producerBatchSize: 326061542 + producerLingerMS: -812360105 + restPort: 2118887935 + schemaRegistryURL: QoRmKviP + secretManager: + connectorsPrefix: CrfpXnLE + consolePrefix: O5i8fAPb + enabled: true + region: HMVvAZ + storage: + remote: + read: + config: true + offset: true + status: true + write: + config: false + offset: true + status: true + replicationFactor: + config: 814601878 + offset: -486723389 + status: -28524957 + topic: + config: 5fJu + offset: TD4L69vOIK + status: O4GNLUy0b +container: + javaGCLogEnabled: JgX + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + budget: + maxUnavailable: 275053237 + create: false + extraEnv: + - name: Kf3T + value: A + valueFrom: + configMapKeyRef: + key: y58L3y2j + name: 935KHbGnvvRU + optional: false + fieldRef: + apiVersion: d3KFOU + fieldPath: 7L6 + resourceFieldRef: + containerName: t2Zr + divisor: "0" + resource: 6Vma1 + secretKeyRef: + key: "4" + name: wRw9G65Ia + optional: false + - name: x5pHL7nk + value: BqVjA6 + valueFrom: + configMapKeyRef: + key: Qz + name: Tv5Yk + optional: false + fieldRef: + apiVersion: Cwp2TnKc + fieldPath: phqwy + resourceFieldRef: + containerName: IRPmIS + divisor: "0" + resource: T2b4IkoE + secretKeyRef: + key: 49QU9 + name: VJexY9PvmE + optional: true + extraEnvFrom: + - configMapRef: + optional: false + prefix: ZX0G + secretRef: + name: 7d8 + optional: true + livenessProbe: + exec: + command: + - JTuvS30g + failureThreshold: -1640702378 + grpc: + port: 967836932 + service: DHJo2M + httpGet: + host: tSNAs + path: oumIal + port: 1497455731 + scheme: 敜毑穏羋4Ć徸塍灶广 + initialDelaySeconds: 580277422 + periodSeconds: 1352858518 + successThreshold: -288162847 + terminationGracePeriodSeconds: -3550736034833886440 + timeoutSeconds: 1134857368 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 9l + operator: /脀夻粀ǁT繐窲ɋ譎Yʫ蓶¶ɐ­ + values: + - ilYoM + - KRlxfBr + - pkOnwv + - key: JPeTO00 + operator: EƱ遂øɗHi檁襡Ǥ姾踖VyǤǃ錂枴 + values: + - EKHBGGOr + - key: 97Edg + operator: Ȫ + values: + - S1s7J7oI + - Vxj7AJSI + matchFields: + - key: DDK41B9 + operator: 崦 + values: + - YI1ISW + weight: 684587648 + - preference: + matchExpressions: + - key: DJA7gLPH + operator: Əuya¬Dz鸓-毗 + values: + - Q61pLQH + matchFields: + - key: sjT + operator: 璠ɩ髓ƺ + values: + - Y7p + - S09Ii5EB + - "" + - key: b + operator: '*ŃƤÒ軿觳DŽż蠪' + weight: 346231665 + - preference: + matchExpressions: + - key: Nr3PF + operator: 劶ǽ + values: + - 5cD + - 3nxp5qH + matchFields: + - key: xEJEaTIM0JIYQ + operator: '@熹`)k殣 ' + values: + - K + weight: 1016822803 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "" + operator: ɐ裔x艥滦Hł¯軋Ǚǰ!荦Ŭƫ踼)肩朦 + values: + - VTc + - key: nuazd + operator: 檋魋ç厸m/ʜ + values: + - FgRAHGQAPP + - key: Qmku + operator: 遢ǪůLJ鷳莵瞸永荅Rɤ悌 + - matchExpressions: + - key: EkoeuAS9eFK + operator: "" + values: + - SZW + - 5G5EtcG + - key: lIcNlSIO6YTW + operator: B駽qçǐ鵊`w鏬鐜^釵c#î嚩Èa + - key: 9I0A + operator: 'h駨瞾蠪檾ʌ2Ǔ細Ɲe ' + values: + - 2zd + - GigtgQi + matchFields: + - key: QpMXTyA + operator: 昐 + - matchExpressions: + - key: tb84 + operator: :ëKȂ鐛顟÷!) + values: + - Fv + - AGwpAxy2 + - key: 2JS2BTg + operator: ɝư_ļX溢嵦ʞɥȢ橲ƅ(ç3Ȟƭ徔 + - key: 2dM + operator: 儗羇d肜ɢ鲵ɑ\毊ɤ嫱邁珧Ș + values: + - hcjpSwjiNZb2he + - i7r + matchFields: + - key: Z4 + operator: 2'§ + values: + - pipyk5ygBGjgjjb + nodeSelector: + 1ckyXyf: Cif + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 72I + operator: .O厪> + values: + - qy + - key: qDkN + operator: 腽R雀Ȓ镚ȋŦ彼仵ƨ碦Q挪iń兟Ƨɷ + values: + - IFT + - FB + - ZV + - key: Hik4 + operator: 烳=氂ť珈臼帑淬nwȻHÖ鮑7 + values: + - 5qz + weight: -1431971269 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: Q + operator: ɦĐƠì>Z2Ɂ-撅 + values: + - Hggu8 + - wfTW27ko + - gdO + - key: PgRx5hRr + operator: "" + matchFields: + - key: 91PYj0Wim + operator: p紃x岜|鄊ǖ眜殼"Ü洹過eY尺 + - matchExpressions: + - key: jvmYjph + operator: ǘH)2ǧŀɸU# + values: + - HkV7 + - o + - key: kbIqE7D + operator: '"Eât`ʃ進癹''0皭Ģ鶰' + - key: CXgvWZ0 + operator: Ċ舞°u箸g ƀ姲Ƹ= + values: + - 4e1oZk + - 0N3m9UO + - r2Nc2 + matchFields: + - key: kUSBT + operator: Ȧ弒祩冕毾聒Ăwv譧势H + values: + - Mtfk + - ThywTd + - pTxY9Z + - key: ty + operator: .ɐN鎁ɜ=ɯ憎2Y!}% + values: + - a4o + - O20 + - gfU + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: gTv61 + operator: '[徵<»ȕDZŖȿ钶蘐潿ɠ菙鈣ƦO' + matchLabels: + GNi1: XTv3 + agO1: rNYRcx + matchLabelKeys: + - q + - "" + - 4u + mismatchLabelKeys: + - E28Dz + namespaceSelector: + matchExpressions: + - key: 0j + operator: 凵TU啜Ŋ螢馹ʍſ + values: + - rRA51 + - igqVL3dl + - cMQsgEymY + - key: 2gObxnA9 + operator: .埑9±Ľ + values: + - 7xXJ3 + - b5YaQ6 + - WISJEcAF + - key: bwy + operator: ȼ殦ʬR颥Ǭʌa鴸&ąFjɚ` + values: + - w6clsK + - bjYH + matchLabels: + TY0: bhwBS + u9trttO: lGYO8h + namespaces: + - qn + - BYd2 + - kmeXHHG + topologyKey: 1Ft72IT + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Yi + operator: '"' + values: + - k3wctb + matchLabels: + IUEo7: Wvj4K + VZH: s1lVwq7 + matchLabelKeys: + - pVo0yd + - tH2 + namespaceSelector: + matchLabels: + TW0C: fKUjlPkN5 + cpGUpaXo: xC3 + giVV: oOcx4 + namespaces: + - kaYiZrU + - Mx5F + - ty + topologyKey: 7cL + weight: -796426395 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 4IQ + operator: ~炷ŀ邛嵪ó5F墪ȍ驇揷A§ƚf{>ȹ + values: + - "" + - GpsIXxXhAo9 + - qs + - key: La + operator: n;憂莰 囒GȋhȆ熨e鑜Jƫ + - key: 8BkIi + operator: '}ȴ藆¨ʄk鵢ʡm' + values: + - U + - FDzLXdzU + mismatchLabelKeys: + - A2CjGC8H + - c + - IYWbM + namespaceSelector: + matchLabels: + LnrpS9obyu: 1n + wKRnL: "" + topologyKey: njqm3p7G + - labelSelector: + matchExpressions: + - key: CG + operator: §顲º + values: + - "" + - 41vsmSfIvpw + - yyVdBOWqYG3JK + - key: imA + operator: µ欤!k;壁ƶ + values: + - D2tGL + - "N" + - IzBvfEz + matchLabels: + L1: Y5MT6 + mismatchLabelKeys: + - gP42KfEC + - ON2I7o + - hYr40 + namespaceSelector: {} + namespaces: + - "6" + - uO2 + - yLgyfiR + topologyKey: zjRcu + - labelSelector: + matchExpressions: + - key: luBI + operator: ʃ>ȲºPũɹ霄F6ʣ­鴙 + values: + - cBmF8 + matchLabels: + 0vH: 9N + 2lClMO: iDGDJsP + Rbm: SV4R0ij0kv + matchLabelKeys: + - tbbRcpcmE + namespaceSelector: + matchExpressions: + - key: elN6 + operator: MȧJǐt + values: + - cfxfv + - W + - "" + matchLabels: + CZ7: KJ1 + hh6xT9iBgnx: 680J7Ww3 + topologyKey: I + podAntiAffinity: + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: "8" + operator: "" + values: + - KM + - lAT + - NN6ch + - key: an9V9F7e + operator: 蒖瞗ƕ3É伿)ƒ売c+HɑHŀ礽{¿K + - key: SbRvHE + operator: ~ú+銃刅ȱ + values: + - S6tzqFt + - zKss3W + - R3XXZp + matchLabelKeys: + - N5 + mismatchLabelKeys: + - Rt8aa + - "" + - NWv + namespaceSelector: + matchLabels: + EX: HZGSzbFGX + QYppQ: jVvw0V + topologyKey: g7HL + topologyKey: FhZosc + type: smnyiuV + weight: -589206663 + priorityClassName: xuvUg + progressDeadlineSeconds: 625787929 + readinessProbe: + exec: + command: + - D6pWcMRx + - f + - WJoWsx + failureThreshold: -1732496585 + grpc: + port: 2008777 + service: EH9aue + httpGet: + host: 27wRHd + path: z5 + port: gBHMh6 + scheme: ŇZ罡î孷Ď凯IJ穮臈g嚄=榓ʄ + initialDelaySeconds: 41316909 + periodSeconds: -1536340211 + successThreshold: -872033350 + terminationGracePeriodSeconds: 755864549545305461 + timeoutSeconds: 641817532 + restartPolicy: 莺N + revisionHistoryLimit: -1523772697 + schedulerName: pAjniqNhZyOs + securityContext: + fsGroup: 4315889566768146013 + fsGroupChangePolicy: 4ŋu攠Įȯʟ%闓諗ɸDž= + runAsGroup: -2570730350940379829 + runAsNonRoot: false + runAsUser: 8876786175168037156 + supplementalGroups: + - 8106893607739023128 + - -3191337886248958794 + - -9161390975044730852 + strategy: + type: t19cLk + terminationGracePeriodSeconds: 955744914 + tolerations: + - effect: 洪 + key: RsZkLxkjJ + operator: N鱕 + tolerationSeconds: -7968213159538961006 + value: x + - effect: 送孺糯{\ȸ!¦d + key: XS + operator: Łʼn抂ôƨQ敊ȈǤ|f揻渪ʫô!iȔ + tolerationSeconds: -6845197254618999245 + value: Lw1e + topologySpreadConstraints: + - maxSkew: -1978515794 + topologyKey: g + whenUnsatisfiable: iC + - maxSkew: -755886947 + topologyKey: AMp0C4H + whenUnsatisfiable: NNjCNE + updateStrategy: + type: jtzm3 +fullnameOverride: DPRe +imagePullSecrets: +- name: iNrm +- name: tXVc4 +- name: 2FI6svfYzUT +logging: + level: xYn +monitoring: + annotations: + k8EzKZ: oXYkaOnH + enabled: true + labels: + 07sPUbsx7a: "4" + namespaceSelector: + any: true + scrapeInterval: -1922855h59m11.982156464s +nameOverride: WdYlcGB +service: + annotations: + 25swrT: LyMk + AgV: 2ZT + LR7E9YY7J: rc + name: L + ports: + - name: "0" + port: 1958832246 +serviceAccount: + annotations: + tUrOJRs: sa + u5pe: o5HFd6E + create: false + name: 2QWHyV8 +storage: + volume: + - name: 6mgHY + - name: aPVxgB + - name: ml + volumeMounts: + - mountPath: YuAZg + mountPropagation: Ŭ鷾/1p[睘6nƴ攝ŝ'Xǯ鍻市 + name: uA5mP95UbWz2DU + readOnly: true + subPath: Rd + subPathExpr: HjiP + - mountPath: I8PeS4vph6 + mountPropagation: ȁ8ǁ + name: "" + subPath: KXRi25s3l + subPathExpr: J2VIP0O + - mountPath: kMp9FbjBpDZFC + mountPropagation: Ƿ + name: h + subPath: D0waN + subPathExpr: uBJAJhe1iu +test: + create: false +tolerations: +- effect: Ȳɯ廝T憎Ľ摛lN&ƫ'ɸwc¢Vh + key: IDKt + operator: 趉 + tolerationSeconds: -769067857200268382 + value: gRii1 +-- case-044 -- +auth: + sasl: + enabled: false + mechanism: LO + secretRef: mhOAME + userName: "n" +connectors: + additionalConfiguration: xypAC + bootstrapServers: AJo + brokerTLS: + ca: + secretNameOverwrite: LZ8 + secretRef: Qd + cert: + secretNameOverwrite: "N" + secretRef: 4Hwd2 + enabled: true + key: + secretNameOverwrite: NGmzeL6Y + secretRef: ak + groupID: S7uyvF + producerBatchSize: 577860685 + producerLingerMS: -1432617314 + restPort: 871084350 + schemaRegistryURL: BMfK + secretManager: + connectorsPrefix: MIv88J + consolePrefix: 5dJ + enabled: true + region: ToqBft85 + storage: + remote: + read: + config: true + offset: true + status: true + write: + config: true + offset: false + status: false + replicationFactor: + config: 1110431616 + offset: -1272331222 + status: 342664574 + topic: + config: MSUfKAm + offset: 1EER + status: d6yOc +container: + javaGCLogEnabled: "2" + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + annotations: + e1: EPUL4 + budget: + maxUnavailable: -853711840 + create: true + extraEnv: + - name: Hn + value: RLmuTFKt + valueFrom: + configMapKeyRef: + key: u8iVw + name: l8S7wk + optional: true + fieldRef: + apiVersion: 5q4Wkck9Yhn + fieldPath: e56i1D + resourceFieldRef: + containerName: MP6 + divisor: "0" + resource: W + secretKeyRef: + key: Sow4h93xH + name: tK6mZbO + optional: true + extraEnvFrom: + - configMapRef: + name: 6a + optional: true + prefix: wqO + secretRef: + name: eZxNk + optional: false + livenessProbe: + exec: + command: + - 6AVfWWiU + - gjBVfhPqm87 + failureThreshold: -179099947 + grpc: + port: 2055240519 + service: 85th + httpGet: + host: aY98zm4 + path: qhNVygpz + port: D5cj4qxJ + scheme: 训珙仾ɠ/a]"蒟ɩ蓫nµ@- + initialDelaySeconds: -741511239 + periodSeconds: -301254020 + successThreshold: -1795354231 + terminationGracePeriodSeconds: -1555270337534101901 + timeoutSeconds: 17970381 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: ggOgs + operator: ʆ=Ǭ + values: + - 6xOHO + weight: 1438312308 + - preference: + matchExpressions: + - key: sVT + operator: Nj溚K$P" + - key: 3i + operator: 状w¿鄏荤džöǹĄ + values: + - hl9dZyPnxN + - C87 + - key: Pt + operator: ʬƴXw/8綷 + values: + - S9I6Qrsfz + matchFields: + - key: Gvnxn3 + operator: â氠喬 + values: + - d + weight: -886172272 + - preference: + matchExpressions: + - key: oy973i + operator: 圅¢璸'ɆʥʚvǴMĴ + values: + - OBP + - "1" + - YNoey99 + - key: Zy0iQotc + operator: +g + values: + - FO1apzD9 + - epCNQ66B + matchFields: + - key: 8nakITBFg + operator: '|ȍ' + values: + - 9z + - RX + - key: "" + operator: Mȃ"ô薱黭夃< + values: + - "" + - C + - YE3 + - key: iZFE5e + operator: nǮ + values: + - LHp7ijJ + weight: 567068826 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: we + operator: ɜP苞崉汊S + values: + - 1zCAp + - DVu + - key: piI + operator: Ǔɽ觩-鸭諣0ʙɮ鈿莳CyJ2 + values: + - 8oy + - HijL4M2 + - key: Xjq + operator: d遢豾9藌NJəBǔ,ɿǸ5Ƶº'芎婑( + values: + - kGBJo + - MpcP0e2Tga + matchFields: + - key: JhC5vQ1U8 + operator: "" + values: + - t + nodeSelector: + m8ypcZn: yD + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: QqHIF + operator: SČA窚R顒e涜efʩCá盻ɭ峄觘1 + - key: lOM35 + operator: Ljw盫励饇脧 + matchFields: + - key: Xvd + operator: 俍郖=璻Ęb錽Ȫ碄尫ɋ硣!)桂寥 + values: + - qt + - y3U08eS + weight: 2109206004 + - preference: + matchExpressions: + - key: S + operator: ɃƗA尯DɮǪȽʎƥ銐Ǧ + values: + - "46" + - p0eIl + matchFields: + - key: Ih + operator: "" + values: + - tf3 + - yiPSH6Zx + - C + - key: uZ70o + operator: "" + values: + - 4UJb + - oH8P43gtksh + weight: -709859925 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: QTE13xnu + operator: ŝ + values: + - VHR0qG + - MOvO + - tb1sLuv + matchFields: + - key: g + operator: Yʝz_GBDŽ糎腄Z:*秡*kƗ + values: + - tLOJ + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: pwXEKFjBU + operator: "" + - key: feqEDUfP + operator: 慐;姁ƣ憙c蚖J + values: + - TJyZpGt + matchLabels: + B1R: sAy6clnGGjf + mismatchLabelKeys: + - G56 + - 3U + namespaceSelector: + matchExpressions: + - key: Irk + operator: 朩š­ȅ擋fħʎ;脕擿 + values: + - fR + - HI6qMSx + - kKz + namespaces: + - 2Gjzz + - p1ZzhD4REnP + topologyKey: 6Qb + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: yCd1 + operator: "" + values: + - w + - RGxbGQ + - F01lOE + - key: gFNsh + operator: ɢ渖ŕň詌& + values: + - Qf2 + - U9ebth375LF + - key: Eym8DG + operator: 軩榺骧F鑣槙ƹ=懸 + values: + - "" + matchLabelKeys: + - e + - I + - a1moWz + mismatchLabelKeys: + - GB + namespaceSelector: + matchExpressions: + - key: br8ud4ME + operator: _粡垵Ȁu|Ňɾǡ + values: + - IRAa3b + - mJaeH + matchLabels: + QzUL: lBDdFKkr + YCq8PhpxP: pFQirOBS + topologyKey: 9fEh + weight: -1030104992 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: HGoREM + operator: /咹ȱ駧裀 + values: + - afgtBu + - 62p2cohE + - LcvApZ + matchLabelKeys: + - Q + mismatchLabelKeys: + - a6cO + namespaceSelector: + matchExpressions: + - key: n6x6j + operator: ô萿Ɍ昙ʉĄ髪ƭ囯ğĠʏxC萓ɝzjZ + values: + - pFL5xvt + - key: s + operator: Ö祻Ř + values: + - bTZ7C33 + - 7rM4m + matchLabels: + DgZsb: m6XWnS + namespaces: + - yJgfZk + - Yf7For + - XF2ycSW + topologyKey: "4" + weight: -2000314685 + - podAffinityTerm: + labelSelector: {} + mismatchLabelKeys: + - pfRhN + - dtRA + - iTYieI78 + namespaceSelector: + matchLabels: + IF7T: rAjc + mCuB: rL0bjM3 + namespaces: + - b + topologyKey: qb + weight: 507067570 + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "1" + operator: rʒ±&Bc'慈棊r9ş噱ȅ + values: + - hTfTJGI + - hCkH6FF2Si + - AZSo18hB + - key: Z6aBXlU + operator: P-ŋLǃGȐ + values: + - UnrL + - 8SKSgIl + - XyUUHq + - key: mX + operator: ȂcǍ*饻蜵yȔ7 + values: + - wZkqm + - 6fK + - bLHwoiWtxS + matchLabels: + wqj3bNcE3: 7PXUv + mismatchLabelKeys: + - 95VHWEv + - oc + - XvcBqP + namespaceSelector: + matchExpressions: + - key: T2L + operator: 悪ȵǠȸR&>S%%­ + values: + - T51z8Xf + namespaces: + - 2akt + - 97MqCK + topologyKey: q + weight: 1571306470 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: AdbAjo + operator: ɠ¡苋H籲Ž蛏LjKHw銮梀 + values: + - UFW + - RzRYQce8u + - iL + matchLabels: + JiS2: 1H8Jf + namespaceSelector: {} + namespaces: + - C8 + - ghqER + topologyKey: utHH + weight: -696696597 + - podAffinityTerm: + labelSelector: + matchLabels: + "": Bbi + eYzf2x: "2" + matchLabelKeys: + - dCIk + - 3Vwvq + - vJu + mismatchLabelKeys: + - a7 + namespaceSelector: + matchExpressions: + - key: drG3i8uijLu + operator: +ȟk崓ȆGƥ + values: + - flTafhZKt + namespaces: + - KXcRu9Rvr + - bf0AY + topologyKey: 6Hp + weight: -1330375242 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: rlde + operator: ŗ嚩魟ʂ洁ʌº騛匱ũ閳Ŵ蕄禱0銜_犢 + values: + - 6J + - key: bI + operator: 哱{謶HKƜ滞彟 錃 + values: + - 2XcglJ8jt + - h6dh + matchLabels: + "": DJ + QbwFkC: rtU + matchLabelKeys: + - Ywe5PNR6 + mismatchLabelKeys: + - oyq + - j + namespaceSelector: + matchExpressions: + - key: AM9Vlx + operator: ɚ瀣 + values: + - YDBHwbSJx11 + matchLabels: + J: aFw + oqgO2J: EQq9cWAp + namespaces: + - fmF1dGO9 + - f2pZ93 + - IUUP + topologyKey: "" + topologyKey: YFCQ + type: Tuxria5udfO0g6l + weight: -612629711 + priorityClassName: u + progressDeadlineSeconds: -1210754760 + readinessProbe: + exec: {} + failureThreshold: 1162556666 + grpc: + port: 1033949401 + service: 0xDhM + httpGet: + host: FFe6 + path: jXYC + port: -1764755290 + scheme: 姕鯼ñ赇邬N[ƥ + initialDelaySeconds: -1796420049 + periodSeconds: 940741811 + successThreshold: 1628971624 + terminationGracePeriodSeconds: 906647697820167459 + timeoutSeconds: -1878581735 + restartPolicy: OL恟´跒ɴ珛姌Ŋ + revisionHistoryLimit: 400792738 + schedulerName: FfnrLnAtn3 + securityContext: + fsGroup: 5186362895627063604 + fsGroupChangePolicy: E甗dbƾ潸 + runAsGroup: 4738220116750422009 + runAsNonRoot: true + runAsUser: 4123601200118601914 + supplementalGroups: + - 5067618254965113558 + - 2922991898118782560 + sysctls: + - name: 1idwf + value: RtGFIRLv + - name: toxsb + value: "" + - name: bC + value: IcMTnt + strategy: + type: AQc + terminationGracePeriodSeconds: 1834992377 + tolerations: + - effect: r"ǘ + key: 7FvMPWDDP + operator: 杍Ɍ + tolerationSeconds: -4685795240412632399 + value: G9czii + topologySpreadConstraints: + - maxSkew: -1990808403 + topologyKey: y1s + whenUnsatisfiable: bxCWoMA + updateStrategy: + type: S6j +fullnameOverride: ZNfeDYT +imagePullSecrets: +- name: HaLjyQ02L +- name: yjimP +- name: 5KCFV6 +logging: + level: p +monitoring: + annotations: + SF8: t7jzDFP + enabled: true + labels: + "3": P + GGM8HrAa: AroHM7WrsoM + namespaceSelector: {} + scrapeInterval: -947976h35m5.865272977s +nameOverride: R64C +service: + annotations: + t7u5eHUdpR: nq6injR + name: L + ports: + - name: 2Pm + port: -597719959 + - name: z + port: -1354836854 +serviceAccount: + create: true + name: c +storage: + volume: + - name: RXJ + - name: JJ +test: + create: false +tolerations: +- effect: /褫ţ\軳銑Ü雷倮Ų婏$ŮƩĚ + key: 5HSJSb6w + operator: 煬3獽渷VUȁM喎_鎼崞PA1廫Á + tolerationSeconds: 5989052173653210891 + value: 02lqbv +- effect: 笶雟襠¼Ⱥc芽"鵙ȓ矎Ş赈Ɓzŭ帆弯 + key: q + tolerationSeconds: -3826318230045492347 + value: 9hOSh +- effect: ă庡泣dƤÇ漰-Čɺ阂垑 + key: Uj + operator: 蓐}à]@ƚʀ0#Ĵ.Ɓ> + tolerationSeconds: -603362735954808522 + value: ONkOq +-- case-045 -- +auth: + sasl: + enabled: true + mechanism: xG0RkV + secretRef: BIwqKvbDzty + userName: QhJxq +commonLabels: + MbBpaa: UzKZX + h52qwPFCCL1xE: q +connectors: + additionalConfiguration: zhdlWU + bootstrapServers: r1Qjuz + brokerTLS: + ca: + secretNameOverwrite: vu5uhRVRV + secretRef: sv4 + cert: + secretNameOverwrite: c + secretRef: NXfOTPmR0 + enabled: false + key: + secretNameOverwrite: xHLx8Dd + secretRef: j674MI8jFC + groupID: "1" + producerBatchSize: -816839187 + producerLingerMS: -182038831 + restPort: 1110004877 + schemaRegistryURL: lpElMB + secretManager: + connectorsPrefix: sN + consolePrefix: a0o9mHxTvK + enabled: true + region: zhGJZW + storage: + remote: + read: + config: true + offset: false + status: true + write: + config: true + offset: false + status: false + replicationFactor: + config: 1812077740 + offset: 1243553126 + status: -829555769 + topic: + config: jwiijthRuB + offset: C53fN + status: JY +container: + javaGCLogEnabled: E + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + annotations: + 51a3: g2ULKf + 91y: DbHu4ZZ + E42Z4BCZaV: rYnLAo4y + budget: + maxUnavailable: -1040325689 + create: false + extraEnv: + - name: UPHAx9 + value: QbO4m + valueFrom: + configMapKeyRef: + key: 5Z + name: fIO1tsT4L + optional: true + fieldRef: + apiVersion: k6XVQx1bizA + fieldPath: aDTDwvyQ2EkZlp + resourceFieldRef: + containerName: gARZ4U + divisor: "0" + resource: LnJW0S3driTR + secretKeyRef: + key: t4ZmT + name: fOXC9P + optional: true + extraEnvFrom: + - configMapRef: + name: aNWPY + optional: true + prefix: MuH8ACn + secretRef: + name: JkiHQd + optional: true + - configMapRef: + name: s + optional: true + prefix: v + secretRef: + name: jWW04 + optional: true + livenessProbe: + exec: + command: + - "" + - "" + failureThreshold: -1532177375 + grpc: + port: 130895075 + service: DEDl0lcO + httpGet: + host: men + path: VPV + port: VOrs + scheme: 7id{=崂妐"蘆償ʙ^v疷k` + initialDelaySeconds: -1596982922 + periodSeconds: 56768361 + successThreshold: 592299817 + terminationGracePeriodSeconds: -3570152852783991929 + timeoutSeconds: 841818051 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: HT + operator: 笔ư -汯糵O, + values: + - W + - wa4yZu8SI + - key: bGRL28 + operator: "" + - matchExpressions: + - key: aczzo + operator: 瞦Ɖ¸ + values: + - NSkH0Tn + - key: BcZ + operator: ȗʪb蒘Ơ + values: + - YPr6 + - irqBr + - c5yp13P + - key: mJl + operator: 穚Z踿> + matchFields: + - key: p2Za + operator: "" + values: + - 2qA + - hUhp4Y + - key: sP5fxY + operator: đʜi芻u(喏eƠ=扑腧ń虮损磎 + values: + - O4 + - key: Ic4jA + operator: '"Ě钄蝼Ş' + values: + - Z + - matchExpressions: + - key: AnlK + operator: 顷媵z貢嵟v埾Ɗzv学ʑ別¼ɷ齕穁漕 + values: + - f + - ggWBzmm + - MhgW + - key: cC + operator: "" + values: + - "y" + - tPa8q + - ZQfr6 + - key: YsiT0s + operator: æ脣ǻ熛&PK$Ė.£'sVq + values: + - 86vjg + - WJVZECB + - Ois6M + matchFields: + - key: 0cMl8NXDE + operator: 8¡尗;鍼WN睧>MȼÙ斴}Xx + values: + - LjHKAAyI + - MBJl + - "" + - key: DLPymz + operator: 僔ʯ煎Q礔 + values: + - k + - dpS5fQi8cuuj + matchLabels: + O71m8d1PjMco: z + RnzP: moJ2 + b8S6njSwAa: u3InH7A + namespaces: + - 5Uf0lBWUp + topologyKey: eVQ4ec + topologyKey: tm + type: "" + weight: -887302512 + priorityClassName: O1Kw + progressDeadlineSeconds: 346316441 + readinessProbe: + exec: + command: + - C1rtCjV + - xVJ + failureThreshold: 264449477 + grpc: + port: -691797345 + service: lcF + httpGet: + host: u + path: O7iQge0AMQ + port: j3 + scheme: 猡9ȹǵ + initialDelaySeconds: -1669763451 + periodSeconds: 977763135 + successThreshold: 1558580703 + terminationGracePeriodSeconds: -6309681110777439769 + timeoutSeconds: -1984487220 + restartPolicy: 鏄纽潘翙i宫ǃŬZI摌嚶S媏§Ŵ + revisionHistoryLimit: -1788607261 + schedulerName: F8EoeT + securityContext: + fsGroup: 6765195282399752912 + fsGroupChangePolicy: ɹ緟/xZ}纨SŖ奝杆ü詁Sij徖 + runAsGroup: -5644369168799206336 + runAsNonRoot: true + runAsUser: 7294021627851308883 + supplementalGroups: + - 8068234294449949843 + sysctls: + - name: mf + value: r9jQF6Qmf + - name: lTWR1RE8VW + value: qgy + strategy: + type: rtCVvHc + terminationGracePeriodSeconds: -1972969881 + topologySpreadConstraints: + - maxSkew: -532646137 + topologyKey: jF + whenUnsatisfiable: MyH6gO2 + - maxSkew: -1392634033 + topologyKey: tu7J2 + whenUnsatisfiable: QyTBF + updateStrategy: + type: A5hk +fullnameOverride: uLr8eH +imagePullSecrets: +- name: 4E +- name: 4lLe +- name: OsAOb +logging: + level: kR +monitoring: + annotations: + ADPu3ozSd: q + IirIQ: nU4N + z1: CMu8InAI + enabled: true + namespaceSelector: + any: true + matchNames: + - UCZpu + scrapeInterval: -2400738h41m36.27693474s +nameOverride: 8UJFy +service: + annotations: + H8XRE: XmuXsN + name: 58KMN + ports: + - name: 7oEiI3 + port: -1730203461 + - name: pxPCPLymcj + port: 1857328046 +serviceAccount: + create: true + name: Vk +storage: + volume: + - name: wYHcQRdOs + - name: "" + - name: ttvGMzWGLl + volumeMounts: + - mountPath: dIJTWQIJ + mountPropagation: 摢闟2喟搩 + name: uTG + readOnly: true + subPath: L + subPathExpr: tp +test: + create: true +tolerations: +- effect: 齼/r3ȕ顉ÏveŌ脜ȹ鋕忼癲h%Ə嚼 + key: 5ik + operator: Ȳ穖ș汥ë¦ʋ/ + tolerationSeconds: -588635388335609407 + value: Nf +- effect: ɠ+ů.ʓr敡¾蔠Õ9琕Ș0ŀũ + key: Rx + operator: v氒>妉Ȇ鼏,ə$Ȑƈ + tolerationSeconds: -4656106895121584518 + value: dYSELiW +-- case-046 -- +auth: + sasl: + enabled: true + mechanism: Q1Z + secretRef: thcka + userName: fnI +connectors: + additionalConfiguration: m2GNF8s7jf + bootstrapServers: D + brokerTLS: + ca: + secretNameOverwrite: SYFFF + secretRef: cz + cert: + secretNameOverwrite: 3XIvjsWLN6 + secretRef: 6sd3d + enabled: true + key: + secretNameOverwrite: T + secretRef: 9JF + groupID: elUuL + producerBatchSize: -1573191506 + producerLingerMS: -770515576 + restPort: -1606573822 + schemaRegistryURL: 7RGVLKX7Aw + secretManager: + connectorsPrefix: gZ + consolePrefix: JVMm3xRzC6L + enabled: true + region: w3xB + storage: + remote: + read: + config: false + offset: true + status: false + write: + config: true + offset: false + status: true + replicationFactor: + config: -258960528 + offset: -2024950872 + status: 861394883 + topic: + config: atuSRuNrckHcf + offset: 1RcFXt + status: 8LlPa +container: + javaGCLogEnabled: lI + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + budget: + maxUnavailable: -149051994 + create: false + extraEnv: + - name: WU + value: peR0Ss + valueFrom: + configMapKeyRef: + key: xoj + name: LFu + optional: true + fieldRef: + apiVersion: fu + fieldPath: "" + resourceFieldRef: + containerName: a1O7Y + divisor: "0" + resource: "0" + secretKeyRef: + key: 93J1 + name: 9nuLdu6 + optional: false + - name: Mvin4FAU5 + value: 9a + valueFrom: + configMapKeyRef: + key: LweOD + name: fvKkyzS + optional: true + fieldRef: + apiVersion: epGY + fieldPath: q + resourceFieldRef: + containerName: 6c7Gx + divisor: "0" + resource: Owy + secretKeyRef: + key: E0Zk + name: KZlUt + optional: true + extraEnvFrom: + - configMapRef: + name: mLUxg + optional: true + prefix: g97qu + secretRef: + name: 4QxnP + optional: false + - configMapRef: + name: b0w + optional: true + prefix: J + secretRef: + name: sI801BdyQH + optional: false + - configMapRef: + name: NprLkY + optional: false + prefix: jezpH6a5kO + secretRef: + name: R7Ho + optional: false + livenessProbe: + exec: {} + failureThreshold: 105969409 + grpc: + port: -654227233 + service: BVatgTUI + httpGet: + host: SvQfS9AXrg + path: LfSm + port: -937311468 + scheme: Ųd;踇嗞ȅ¼3纊襶贼Ɔ郼ý渶ƁüȮ + initialDelaySeconds: -638210685 + periodSeconds: 825763830 + successThreshold: 285294064 + terminationGracePeriodSeconds: -6200311383477120435 + timeoutSeconds: 1016755696 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: "" + operator: Ƚ|]缴ŋĄƽQ晫喹蘉 + values: + - 1LZaJjl + weight: 2108667665 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: Nv1N + operator: D朵ƁRč + values: + - vmxJB + matchFields: + - key: VQWv + operator: 臋NʤŇ矤ɘęłê'ß²ÝIȸe + values: + - VRLGHJ + - b9wx + - OWO + - key: kwjnJ + operator: '`>ʮ:' + - key: I1 + operator: ß躺^î歾 + - matchExpressions: + - key: 3sC + operator: ɥ飽璫誾 + values: + - "" + - FTiwF + - TZcoXdUX + - key: nXHo + operator: Dĕ风哢 ȫ晎灬c^P堓r]Ñh> + values: + - DJA5PjIE + - key: B6a + operator: ÿF[ gǝ竈霙46蹤ȩt鐱防粽磱ɞ + matchFields: + - key: B0 + operator: 6撙早ƽ"籩O+ÿ±9V瀨谐 + - key: "1" + operator: ĊÔʗ掏芊p裏k癭.ɹ擶bɡ凥 + values: + - yD9RzH1 + - nfvbXbaS + - key: rp4R + operator: c弙ú + values: + - T30OE17 + - cNJe1Vb0y + - matchFields: + - key: 0bnhPvmYY + operator: ā + values: + - ogK1 + - "" + - aC8YOr + - key: ya + operator: 洯 + values: + - o + - NJh + - Dfx9Y + - key: UjdX + operator: mă漚洰綗eɞ噢A:dɱ + values: + - OGzFB1je + - 9v + - eA + nodeSelector: + VX: MKV5ljOmB + qPiO: "" + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: F + operator: 鰩礄ʗOtĎFdƣÍƅf濆炝史飘 + - key: "" + operator: R8話Ů¾ɻʝÞɻ0Ǝ蕗 + values: + - HA0N0 + - key: o + operator: Ƞʁ蝟峵陭ń搏莨嶐 + matchFields: + - key: 2DQC + operator: ǥ + values: + - oncBIr + - gG + - leEScS + - key: tueth + operator: Aɰ邸ƑeŰ + weight: -2084006794 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: B5t9 + operator: jWuŅ.鵀ĕd眶mw\塠kȒ觤Ȗɯ著 + values: + - YX + matchLabelKeys: + - As + namespaceSelector: + matchLabels: + 9YGQMUgrqH: 5rQRCucN + N2djrnHv: Kt4eVwh + kUhn3: 0hb + namespaces: + - ipRMD8PjRE + - TyGdLq51qHtCTp + topologyKey: Qb + weight: 1218556128 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - UEXU0jm + - 3DvGK + - q7ZgoFKzY + mismatchLabelKeys: + - 8rS + - Zhmgc + namespaceSelector: + matchExpressions: + - key: Ahp7S + operator: 垄^ȕɝi + matchLabels: + j: Z + zn: 5N1spN + namespaces: + - 5U55 + topologyKey: El4O + weight: -1441269991 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: JeAkeb + operator: 齁.瀵倖Q{鑵À{ôk凔wȅ穝蠴礰 + values: + - NLDkgX + matchLabels: + Nb6NP: U + matchLabelKeys: + - 0xUxIZ5yra + mismatchLabelKeys: + - PO + - 0lMaP + - wjTYW4v + namespaceSelector: + matchLabels: + dfk: 2CoJF65 + l: EO55 + rSCM: 7ax + namespaces: + - LA8zh + topologyKey: ME + weight: -1429618030 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: fSvZx + operator: 簬¥彖馜@鰭ʛSŘʪw罗羐 + values: + - WBKgoDO + - IHFoQPa6I + - 7EBoFbh7 + matchLabels: + bDJ: uVvI + mismatchLabelKeys: + - v4GMLNjOI + namespaceSelector: + matchLabels: + pIeQi8D: hs4uHTom + namespaces: + - ik + - Lt + topologyKey: QP + - labelSelector: + matchExpressions: + - key: 5s2dAmoyzPuH + operator: 鼣WŲ痹 + values: + - SjWekZOshkn + - K8vFvMOrtwkd + - vYvUI0 + matchLabels: + fr69Sg2H: VRYdncoQ + mismatchLabelKeys: + - S + - "6" + namespaceSelector: {} + namespaces: + - LUd218j + - w9 + - VqcJK3hxUk1 + topologyKey: ajmyRnnxd2R + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "2" + operator: 詗邼}遱方ƶVIǖ*$ȗ}弇 + - key: g + operator: ƐÑS吁ɹĹ{濍 + values: + - UrWNgdSYW + - SYsweJvP1r + matchLabels: + TzMQ8: F4coq + b3vIQZ: sUq + xcd5: MP6g + matchLabelKeys: + - t + - uMrJ + - F9jZ + namespaceSelector: + matchExpressions: + - key: b + operator: ǻǴ溤Ɂ璝4ƥ砬Ä.汃ÌQc% + namespaces: + - "6" + - Qipxt + topologyKey: WtKz + weight: -1783246152 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: sCMVaOSO + operator: Ǽ歏Ģ`蓱g:ļ熹笡珁Ú0嘳*ʖ鱣 + values: + - kCylM + - "" + - Kpn13h4g + - key: GchDvxjZ + operator: ¿狘 + matchLabels: + BaG8QJGx: "" + dW2Wn: kBm + kulZty4hr: zdkw + matchLabelKeys: + - 29OT95 + - qW7mvgum + mismatchLabelKeys: + - "" + - keMPa + namespaceSelector: + matchExpressions: + - key: 8wu + operator: 嫧諟Ô·$rœc啢栭 + - key: "8" + operator: M2瓥3鮺Ś;絔@f%奱ʚ坔澡7ƅ戻 + values: + - 6QGU + - GL + - key: qtzYmH3 + operator: 验ǔƃ岶綇ŦE鶁蜊芨 + values: + - TSIjp + - ojx57bK + matchLabels: + 7sUo: "" + DHkjnVf: DNPHWQ + n0Rp: 4dK + namespaces: + - eD2 + topologyKey: iW + weight: -1851545717 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: jd1N + operator: "" + values: + - 8QC + - vPFgOl + - F3qBo + - key: VS7EG1R + operator: ~衙ƛ媧 + values: + - Nx87ge + matchLabels: + tWq1XyYw: KerD + mismatchLabelKeys: + - WEbxlcBJK + - "" + - cFI + namespaceSelector: {} + topologyKey: i0Hj + - labelSelector: + matchExpressions: + - key: SZpuMyf + operator: 妮ě + values: + - x + matchLabels: + 0zhQ2: 4K9P + c: Job + lSKbx3: jzjsb + mismatchLabelKeys: + - g8jh + - 9Qbf7h8 + - PbmM + namespaceSelector: + matchExpressions: + - key: dSc1 + operator: ùǡ幘Ŋ墮臕聍sǵ=Ltɝ蘧d愗E掦 + values: + - 77h6NZ + matchLabels: + "4": cBXu0N + ed: Jd2ob9IYLON + mwzs: JYg + topologyKey: 5um1 + topologyKey: MApo + type: G3a + weight: -522398208 + priorityClassName: 8Ypa1TecZ + progressDeadlineSeconds: -197240712 + readinessProbe: + exec: + command: + - VeG + - ZpYkBZjWQp + failureThreshold: -946013108 + grpc: + port: 1733046252 + service: TE9gSM + httpGet: + host: r5F + path: cEjpG + port: UQUR + scheme: ĺFŪč<,龆ɶƹDƿ孄 + initialDelaySeconds: -1609629919 + periodSeconds: -158429668 + successThreshold: 414657348 + terminationGracePeriodSeconds: 2365381410449413752 + timeoutSeconds: 677541953 + restartPolicy: X\B4錻}ȅ浸(I惽襪葷^Ĥ%ȶ^揬 + revisionHistoryLimit: -640963372 + schedulerName: tcrF + securityContext: + fsGroup: 1542597599134889862 + fsGroupChangePolicy: d坹ɷŰ翖Ȯ笺創y8礗岉 + runAsGroup: 4178156742717272546 + runAsNonRoot: false + runAsUser: -2177916685244537831 + supplementalGroups: + - -5773129745234681762 + - 7956710079209489615 + - 8047946510130583628 + sysctls: + - name: q8BvtyH + value: 32PC + strategy: + type: Ht + terminationGracePeriodSeconds: 2099000264 + tolerations: + - effect: '{梪篤龄Ȃ溺ʓ蚙Hw塨朣手ʛMČ' + key: Q1aKV + operator: '@' + tolerationSeconds: -4086789290485374625 + value: jamSz + - effect: '3ǂ鈫嶈ȯď¥芠ĸÇȻĉ閜PɓFpē ' + key: HmRvIg + operator: '#NO%#:Wù嶴:äʚí}' + tolerationSeconds: 3271010049130049050 + value: vFFxX + topologySpreadConstraints: + - maxSkew: -1728964191 + topologyKey: uwdTzniKw + whenUnsatisfiable: V5KLT + - maxSkew: -1160977379 + topologyKey: Ey5 + whenUnsatisfiable: jJ0E + - maxSkew: -594009032 + topologyKey: Ia5x1fvG2 + whenUnsatisfiable: g47TB + updateStrategy: + type: Zn9 +fullnameOverride: tYC5CG +imagePullSecrets: +- name: KzX +- name: NR1aEs4c2 +logging: + level: TI1KLHr8o +monitoring: + annotations: + "N": "" + b: p + enabled: true + labels: + O: CY3sdu + UddrJ: zlyJcM + klftu: OSDi + namespaceSelector: {} + scrapeInterval: 2140586h7m44.853020521s +nameOverride: fa1XvkvO +service: + annotations: + H: "0" + name: UrU9Bs +serviceAccount: + create: true + name: cl +storage: + volume: + - name: b7Yo6m + - name: cHS + volumeMounts: + - mountPath: 18po2m + mountPropagation: Ś宵 + name: aWWUxCrc6 + readOnly: true + subPath: 84zs + subPathExpr: fXC +test: + create: true +tolerations: +- key: mQ0 + operator: :罀倸三Ș儁岥őď;ȃ仂ȏwɂ定t + tolerationSeconds: -3767873578200433942 + value: OgC1 +- effect: \Į镌M9ʤ馑NdĹ孳ũ¨ + key: gpqxy + operator: ǻƸ瀥 + tolerationSeconds: -5203216359238986826 + value: TyP9PwIp +-- case-047 -- +auth: + sasl: + enabled: true + mechanism: EL + secretRef: 8qA + userName: "" +commonLabels: + YQJWn90y: CaduGS6 + ytV2tl: icxW +connectors: + additionalConfiguration: s + bootstrapServers: "" + brokerTLS: + ca: + secretNameOverwrite: REGD0a + secretRef: ZFEDD + cert: + secretNameOverwrite: aG9QIiXqg + secretRef: zrc5V + enabled: true + key: + secretNameOverwrite: D + secretRef: dtIKjx4fd0k + groupID: "" + producerBatchSize: 221474765 + producerLingerMS: -999496889 + restPort: 660248664 + schemaRegistryURL: W9TUtY + secretManager: + connectorsPrefix: "0" + consolePrefix: VMaz + enabled: false + region: T9 + storage: + remote: + read: + config: true + offset: false + status: true + write: + config: false + offset: false + status: true + replicationFactor: + config: 181733785 + offset: -551216099 + status: 894783312 + topic: + config: zpj + offset: s0 + status: e3Caq +container: + javaGCLogEnabled: zIkzV8Ox + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + annotations: + 1taGex8O: RBXE4 + A: uiKIoNCT + NtMz: b7Zk1GQ7 + budget: + maxUnavailable: -1503513883 + create: true + extraEnvFrom: + - configMapRef: + name: dx + optional: true + prefix: OgoO8WCa + secretRef: + optional: true + - configMapRef: + name: Kk + optional: false + prefix: 6Rdx + secretRef: + name: nM5Hn4S + optional: false + - configMapRef: + name: nQ + optional: true + prefix: z70 + secretRef: + name: C + optional: true + livenessProbe: + exec: {} + failureThreshold: -2044419963 + grpc: + port: 1294112857 + service: T3du6tMf + httpGet: + host: y3 + path: GnHrZ + port: glSjqG9 + scheme: 0軫頟似. + initialDelaySeconds: 888211900 + periodSeconds: -42722218 + successThreshold: 337318108 + terminationGracePeriodSeconds: -1562611613414558057 + timeoutSeconds: 1870975781 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: ajGWX3E + operator: Ǫ囍 + values: + - HbIL2OUP + - q + matchFields: + - key: 453h + operator: DZƮìX莁Ǜ詍^屶K}豫ţoJ櫉 + values: + - h + - a4s + - key: Y1AE + operator: 4噸đƪǶS绲aģ序e$襫枠ÿ攒 + values: + - uVsu + weight: -280128439 + - preference: {} + weight: 46457932 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + nodeSelector: + SFPTn: eN2 + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: L7t6 + operator: ʆa[穳w迂v + - key: "" + operator: 频弰t剼< + - key: T7uv4GBBUzUbG6 + operator: S鯉¸ń + weight: -1468638122 + - preference: + matchExpressions: + - key: h5w7 + operator: 癸āÞ + matchFields: + - key: uv + operator: º癲癇ɇ許ɠ/ȗ捪Ƭ#ʘ堅Ŧ + values: + - Cw0B + - BqrHb6 + weight: 907696087 + - preference: + matchExpressions: + - key: hojak + operator: 1坥矸挍嘧^ʗȆ箂ƅɯƴpȵ + weight: 1364801782 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: pd8S + operator: uɝ?ɻZYƎ1Ǯʦ郬Dz + - key: DUO7i + operator: 谦`í + values: + - 6FwSwcs + - GN + matchLabels: + n6f8z: zXtgC + matchLabelKeys: + - Fnubc + - LA8QDbda + mismatchLabelKeys: + - qVxsEJ + - qE1yBoG + namespaceSelector: + matchExpressions: + - key: MrEWOI + operator: lZ7¹ɣkņl + values: + - U1nS9j70 + - yszBN8o + - neNbj2gZ + matchLabels: + 0hps: O + UgKJX: y1 + topologyKey: PMw0c + weight: -952955605 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: b5kCbI0z + operator: "" + values: + - tXLI + - key: KnIWiUw + operator: ǂ + values: + - kQ1Z + - 0QODSv + - MQSRMGsLu9 + matchLabelKeys: + - PA + - iYvDj + mismatchLabelKeys: + - o + - FrWVnE2CYwqd + - rT1 + namespaceSelector: {} + namespaces: + - rQgxNt + - pvhrsnC + topologyKey: GEeifY + weight: 1975729679 + - podAffinityTerm: + labelSelector: + matchLabels: + EVfT8M0: o + PxD: 79PJExTR + yA: TZecIw + matchLabelKeys: + - hdY1YQQRr + mismatchLabelKeys: + - cCPWUZy + namespaceSelector: + matchExpressions: + - key: "" + operator: 嬡媏9o茺SȥƗɯkQ蘓#邯ɑ叧ɵǁ + values: + - ou2ng + - AZY8 + - d6bB + - key: pgpk + operator: n:`ʂ + matchLabels: + ojwxs: 6GFt + namespaces: + - 88ER7b + - T + - SZ3 + topologyKey: MjN + weight: 540230312 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: Op + operator: Ň訹ʮXaG9酣敺ʞƪDŽ訯ɤ + - key: MHiaw0pSV + operator: ƋL(>Np賖ʙ + values: + - fj4sKVJws + - 4Iv + - key: O7pKHAO3pzP + operator: '%' + matchLabelKeys: + - eh93u + - gRYCx + mismatchLabelKeys: + - yy683S + namespaceSelector: + matchExpressions: + - key: 9h + operator: ıȖ飊蹯ƹ箰 + values: + - KNEG + - XdPWA + - mMvRH + - key: KTtr + operator: 觯hɪ + values: + - BcMH9NnOk + - h8ObHDc9P + matchLabels: + hT4lkum: En + sU73ic: NcW + namespaces: + - 4uQ4TMGRLt + topologyKey: 8vXEv + - labelSelector: + matchExpressions: + - key: "Y" + operator: ȅ鍼鿿$FƆnjǭ)ÿ + values: + - V2V + - key: Iz + operator: '>鱼狷趟`jCɨ*儚zkǀ柍ōÌ崉!ʥ' + matchLabels: + IM1GdEa: K3Ew + dCIEnPl73: bavvaL9ErI + s1b: ThqLOi4 + namespaceSelector: + matchExpressions: + - key: 8EKqCm + operator: ǝdz÷Ťʦ^創炲穡箃ťQ + values: + - ML + matchLabels: + PnWmWZ: odki1Yo + namespaces: + - k5I + - ncPcE + topologyKey: w4kt + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Yj3M8wFy + operator: $<ȉ<ý暍Ě鰎3^ + values: + - eUG + - "y" + - x7 + - key: w9T3ut1T + operator: 販鳓ŕ莴傢Á礗Įǔ騦, + values: + - p6PWo + - 9j + - D5RQxUdU7 + - key: nCy5c + operator: ^-Yǫ4伴陜nk鋻歱峓sɡɂ + values: + - gB68BjwnCV + - L + - qBx3B + matchLabels: + vPL: i8KO + matchLabelKeys: + - wMm + - usVVmD + mismatchLabelKeys: + - u3k5X + - VUT71fj + namespaceSelector: + matchExpressions: + - key: V0iWHNZi + operator: "" + values: + - nUqA + - OZu9Dz + - key: x + operator: 屩lʞ敹 + matchLabels: + Rd: P8QK1 + cgd: YlfL4 + topologyKey: TBXmu4 + weight: 710078611 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: ymyCCU + operator: Q葿暩葆ɿÇ\ė3ʔ + values: + - SLrkpqf + matchLabels: + A5Y7aa: 2hDLZ + klIJgF: LOi6 + lO4xDpk6kTs: nSmQZErq + matchLabelKeys: + - ulCY + - V + - GZw7g + mismatchLabelKeys: + - zAmZ + - ko + namespaceSelector: {} + topologyKey: "" + - labelSelector: + matchExpressions: + - key: Z5F + operator: +寺厸|珑/ĸ) + values: + - LpjJqgfBG5F + - 2Cb3Y3c + - t2UCr + matchLabels: + 6FO: "" + mismatchLabelKeys: + - TQA1xK + - t8pbUmQd + - 8wO778bgDXR + namespaceSelector: + matchExpressions: + - key: oVEoNom + operator: ʊ椴審(@Ă.綂Ȱʔ3ǯʅ + - key: K7 + operator: 暎棽阽ɥ + - key: HWJwxOp + operator: 髋}Ƿɐ耷ì鄶#ǟu|Ť貘+6莠墙荜$ÿē裬葤 + - key: 4qGD7ZW + operator: y餟ƵÁɑǡ + values: + - I + - 8ihw + - "0" + matchLabels: + "": W7oExjz5 + Gc6: we5g + kwnNTF6H: AavRqArX + mismatchLabelKeys: + - bOwb + - bK + - ghihlm2Lhp + namespaceSelector: + matchExpressions: + - key: 6BDJ + operator: "" + - key: U9EAdB + operator: 鶜}C-[j丱螜Ȳ旕dƽɿ鞨ĠK+飵 + topologyKey: 6eQggF + podAntiAffinity: + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + 7i: TbE + JXB5: J2fg + lLpX: 9AiEG4e + matchLabelKeys: + - Behe + - 1dGT2Z + - mZgjixI + mismatchLabelKeys: + - jIIXs + - Zl8X + namespaceSelector: + matchExpressions: + - key: Vlif1O + operator: ħ洱3;膲a + values: + - QalaoxQ06 + - 2lsIfdVFk + - WTKxi + - key: 6I + operator: RǨz + values: + - 7dOQ + - 9F00G + topologyKey: v0BKMpg + - labelSelector: + matchExpressions: + - key: Cxkv + operator: ɱƔ(I + values: + - JsYrlrlk + - "3" + - xCrG + - key: 0w + operator: xw + values: + - neE3 + - key: wdni + operator: )攁捙笶陯 + values: + - BTSUHf + - LRA + matchLabelKeys: + - 2Wmpf0XJ + namespaceSelector: + matchExpressions: + - key: cyu + operator: 潦c%f)v + values: + - ZmNo9Hc + - 4ec + - 8ptw + namespaces: + - M5GjE + - "" + topologyKey: V + topologyKey: "2" + type: JFBH9 + weight: 1888684498 + priorityClassName: Wg8Wu + progressDeadlineSeconds: -1524384619 + readinessProbe: + exec: + command: + - ogUapD + - JNor0OH + failureThreshold: -2099739674 + grpc: + port: 2056719693 + service: Nk8deyFml + httpGet: + host: qS + path: S6Cj2 + port: EeKCZ + scheme: ʅ鹒p + initialDelaySeconds: -359104350 + periodSeconds: 1897832932 + successThreshold: -962367820 + terminationGracePeriodSeconds: -5091110669039213167 + timeoutSeconds: -677019415 + restartPolicy: 爃ɥ90İĔ + revisionHistoryLimit: 1994939456 + schedulerName: i57b + securityContext: + fsGroup: 1520694499640274668 + fsGroupChangePolicy: 嫽Ǭ + runAsGroup: 3728458047896784619 + runAsNonRoot: false + runAsUser: -8957070032009944858 + sysctls: + - name: NBH + value: bXsgSc + - name: WTZnja + value: p4Du + strategy: + type: RDNEX8T + terminationGracePeriodSeconds: 1122010486 + topologySpreadConstraints: + - maxSkew: 2113683386 + topologyKey: H1AWsSn + whenUnsatisfiable: VEpgY + updateStrategy: + type: 6b7BSE +fullnameOverride: Bl0rL2 +imagePullSecrets: +- name: LGwi +logging: + level: b +monitoring: + annotations: + "": O + AFH4V: ga95qmjNhc + enabled: true + labels: + 9HWO7MGwhk: vGHnz6 + NNg3k: hbR + RXL: VxSIXgS + namespaceSelector: + any: true + matchNames: + - WZxK8iNK2gdU + scrapeInterval: -1823238h3m59.524888469s +nameOverride: wN +service: + annotations: + "": pZ + name: xW + ports: + - name: V + port: -1924603054 +serviceAccount: + annotations: + "": mNGwfCN + create: true + name: 3m +storage: + volume: + - name: Cm + - name: eHp5 + - name: r1T + volumeMounts: + - mountPath: 5aM + mountPropagation: Ěɲ'再ʖ|皑F9ĺOĆ|Oô + name: 2HGf2z + subPath: vuF7gt + subPathExpr: y6zTs2 + - mountPath: QU6 + mountPropagation: QǢx槱Sɼ湙Ȥ恑ñ鹒 + name: PbVBK + subPath: foAWHAo + subPathExpr: I8f + - mountPath: "" + mountPropagation: ƇNʆ¹¯檷AvdŜ踆ÿDȂ + name: cA + readOnly: true + subPath: y6Kasn + subPathExpr: DIUY0V +test: + create: true +tolerations: +- effect: 涏Ř + key: i6DqmjDv2K + operator: 钨{Õ\ʭQIɘʯIŸ + tolerationSeconds: -8713064626657727741 + value: fLHW9 +-- case-048 -- +auth: + sasl: + enabled: false + mechanism: Xr + secretRef: i5 + userName: aXR +commonLabels: + x3: e1lz +connectors: + additionalConfiguration: stdaxfP + bootstrapServers: fOZsu37vN + brokerTLS: + ca: + secretNameOverwrite: hln + secretRef: k5U1 + cert: + secretNameOverwrite: s47Hy + secretRef: ljqjD + enabled: true + key: + secretNameOverwrite: Wxw + secretRef: icjt + groupID: piupb6 + producerBatchSize: -1479166006 + producerLingerMS: -1816218257 + restPort: -2097692565 + schemaRegistryURL: xg4Cxakw + secretManager: + connectorsPrefix: KeHoy + consolePrefix: 1HcDE + enabled: false + region: snd + storage: + remote: + read: + config: false + offset: false + status: false + write: + config: true + offset: false + status: false + replicationFactor: + config: -103098671 + offset: 864522858 + status: -1797067435 + topic: + config: FBdy5 + offset: ytzBE0 + status: FHVut +container: + javaGCLogEnabled: Fu + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true +deployment: + budget: + maxUnavailable: 896500401 + create: true + extraEnvFrom: + - configMapRef: + name: w9vIEs + optional: true + prefix: oFWtF + secretRef: + name: Z1 + optional: true + - configMapRef: + name: 9wMxsz + optional: false + secretRef: + name: zLL2kR + optional: false + livenessProbe: + exec: {} + failureThreshold: 1532121771 + grpc: + port: 908100480 + service: P2AKgA6 + httpGet: + host: G1t + path: dTC5Sa + port: "" + scheme: 鷫w八ǤɩT÷3蔉ǰ*贝弔琎Î + initialDelaySeconds: -893256878 + periodSeconds: -674475842 + successThreshold: -1740698110 + terminationGracePeriodSeconds: 1865038295935824451 + timeoutSeconds: 326371790 + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: b + operator: 鷘泝, + values: + - 0N3rqLJ + - "4" + - 1L + matchFields: + - key: gnmK + operator: '@D煡摡o昪ɼ柤斕ɲı58,tț>' + values: + - i1 + - 5PqjZCTW + weight: -1104761106 + - preference: + matchExpressions: + - key: dT + operator: 犘ijň鉻ĴɳǁȨD + values: + - XdGct + - key: 2BYB + operator: '}閂譗輸礯Ʊx' + values: + - MU2j1Vu + - "17" + - key: ypgFjkuHHfzj + operator: '`4ʫfƗ8鲙華ė' + values: + - "y" + - LHvKvSZf2 + matchFields: + - key: GImX3 + operator: "" + values: + - xQPC + - R4R + - 3Y0mxG + weight: -521155604 + - preference: + matchExpressions: + - key: ft5L + operator: ȗ垁屹3瞬铵烱#祟渥 + matchFields: + - key: Fx + operator: ǷɂZ + values: + - WT + weight: 677594922 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: AwTQm2 + operator: 展ɏǀ襋k(ȴSǮ讶ʁ + values: + - 8i1 + - key: gQ1DB + operator: 汴F见Doĵw?Pc|昋階ʇ亸d灀麕ʞ + values: + - uqEzQKDpVw + - Q2 + - icCcpbp8 + - key: d9Z + operator: Ǽ船薲ɲĊbJĘƑƮOȄ鄹 + values: + - flK9jMt + - jt4 + - TSJ + - matchExpressions: + - key: Cf40pEWF + operator: ŌZ雯瘍 + values: + - "0" + - cSCIGvcwc + - Izvo0 + - key: mB4jp + operator: Í淙篝Hƨ_u误Ý + values: + - OTJJx + - KgWLC + - key: TxkO + operator: ȠȰsa'ʫƲ鑠 + values: + - 3gqlT + matchFields: + - key: l + operator: é糁v抯 + - key: QZFxqZ + operator: / + values: + - q0DJ + - M0 + - 6XMtos + - {} + nodeSelector: + DdMU: TvKI + cxzoe: "41" + i6KwA0A6qU1g: E6j + podAffinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 27Ay + operator: 効P禶Ƃ淑×_髉沎1g雺+ + values: + - rgEa + - d + - HhpA + - key: 1dPtPjTbh + operator: Ƿă麺 + values: + - b + matchLabelKeys: + - iEi952afuE + mismatchLabelKeys: + - O2Hto + namespaceSelector: + matchExpressions: + - key: kum0cz + operator: ɚ釣腅庆@\Ɂ檄6!G闎)īæʀŇ]璯 + values: + - "" + - 9FZmV7q + - vPK3 + - key: "" + operator: 堁əC峎&ŕDʣM'雐Ɉŗx + - key: G + operator: 'QjŌ:' + matchLabels: + BFPI4M: uzYC + MJLqR: z + namespaces: + - UX3IA3h5 + - 3Bds + - AKT9H + topologyKey: b3TODHaa + weight: -1228882596 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: mc + operator: -V:7pƧʖò跪x©砚砰`ƨ茩钪Z敓 + values: + - wSITrxHTS9HZC3 + - CuIo6L6CDmUgu + - key: "" + operator: 媉跈铄堕Ŀ/{jň + values: + - jF3HYWqWEr7TR + matchLabels: + 4F5Kv: G00k + ctjZYe4x1uNh: gtkkPK + nTjG: pwyKCyJEv + matchLabelKeys: + - "" + - "4" + - "N" + namespaceSelector: + matchExpressions: + - key: LUJp + operator: Ū咄unjʢPXǘ憱朤Ű尙űb[灘勈Yȱ + values: + - 5Z3rbs2EdAE + - ZuP + - key: yiWkttM + operator: '`樞髨đķ姞XƃHɏ材ȝ:yĎ窘' + values: + - F + - Twn69 + - ji + - key: 4hLx + operator: bȷ + values: + - Ki + - kjWG9 + - c847VrQVN + matchLabels: + GhZu: 9T1Ai5 + namespaces: + - trsp + - eYMhJsX + topologyKey: d7QkCGS + weight: 579883095 + - podAffinityTerm: + labelSelector: + matchLabels: + "": BkvZx + 5Cl51conQ: "" + JIK0XU5wF: QpRIa + matchLabelKeys: + - rB + mismatchLabelKeys: + - 8FzxAzJeIit + - ZOQj0d + namespaceSelector: + matchLabels: + nP2HZf2eH: aUzmR3uuKY + namespaces: + - mF3O + topologyKey: QCmkc + weight: -1703667772 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: krwcqI + operator: '#:' + values: + - ibt + - t + - i9469 + matchLabels: + HT64Ybn3: KGLr3jpQ + LpfpVnOJf: 0rLjo + erYb3: 9lRqTXj4m + matchLabelKeys: + - 9p4 + mismatchLabelKeys: + - hzEmU + namespaceSelector: + matchExpressions: + - key: VL0 + operator: JX0ɅE拮Lsʚ茲]ʢ + values: + - Uymjw + - YCn + - ethVoHhJL + matchLabels: + "": t + topologyKey: ZFbEWa + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + FkdFP8S: l47McZdSiw + matchLabelKeys: + - LVSg8I + - ZIbzqVPIrjF + - YWwSaAw87 + namespaceSelector: + matchExpressions: + - key: tlsDj + operator: 6Ȇ`3Ze伢qDȖ槑ȟł + - key: p + operator: 鈃'豕VĐ斆ȱ!ȃ?wqɇƬ + values: + - F + - key: RfCxe + operator: 轫Ê98叀疓}漢[D偆幕繋<Ò=峕ɀ + values: + - HDyJ9 + - 03Uzj4m + namespaces: + - Y6Ay + - 5rDS + topologyKey: sU + weight: -1397412749 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: qQcAm + operator: ç脣Èðɇ鄅ɯrʐǷœo4刋冉菣ʠ鰼 + values: + - LdQOKui + - key: oSZdMcc + operator: "0" + values: + - TX + - UZ5iQ + - JBYSo2 + matchLabels: + WArJvOMSNO: rgBzJ + iaBvi1H: B8up7I + x: i4F + matchLabelKeys: + - k7ML + - VR + - qtQ0dTf + mismatchLabelKeys: + - s7 + namespaceSelector: + matchExpressions: + - key: c7 + operator: ʋ\ɸ|ǖ炡utɜŦ"Kxh + - key: cpqDs + operator: ɽ鈶Ʈ¡ƽǨļɤ儧Ÿn}Ǝʞƛ史 + values: + - rCrj5wg + - SXZzoY + - key: ZNVtqG + operator: Ơ瑊ȼ+櫓'ɻýʯX´cƈkĺk6 + values: + - Gsw + namespaces: + - quffgHoEKxxO + topologyKey: iHNr + weight: -284270585 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 4C + operator: 7zF脥Q:2僝jǑ + values: + - Uk + - key: 721gY + operator: C悺鹼岶狫ń±敛P煺\nŨ泞ǵ,ȣC菹 + values: + - r1k + - "1" + matchLabelKeys: + - g + - vDoU0BjC + mismatchLabelKeys: + - IrO + namespaceSelector: + matchLabels: + ONSj: 3Xh3NX + ONgggfk8t: DQxXyxu + wba4o3ae: Nl85N5 + topologyKey: mjD + weight: 960522068 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 1su + operator: Ƕ + values: + - jxhj8g4 + matchLabels: + KTyQMh: sByLd + mismatchLabelKeys: + - "" + - 4jOv0EhQW + namespaceSelector: + matchExpressions: + - key: Wm + operator: BC螝Ħ耡±湡/宥趋ɑ瘖乶:汁彌 + values: + - n56fpGxrnr + - m + - 24OqIm + - key: wfDuGoF + operator: 瑺冐¥凖摶蝾b蚽嵷銱 + values: + - ooNGd + - 6G0GF + namespaces: + - ElrXceeDN + - EAtS23 + topologyKey: NLu0gTOn8p + - labelSelector: + matchExpressions: + - key: Eq8n + operator: "" + values: + - ZdBbrGxG + - ozepn + - p + matchLabels: + a: 5Nrk3 + matchLabelKeys: + - Z + - "4" + - 4W + mismatchLabelKeys: + - hBR76gl + - ZI8T + namespaceSelector: + matchExpressions: + - key: YfWOe + operator: "" + - key: F + operator: ;起ǣlʄ川Ɖýß歙懥瘵 + matchLabels: + kbHRw: "n" + topologyKey: Qk8l + topologyKey: rXnckz + type: d04GWjGpDQOK4K + weight: 2110708875 + priorityClassName: IKSxf + progressDeadlineSeconds: -1933689162 + readinessProbe: + exec: + command: + - 0XHj27GU + failureThreshold: -2100702858 + grpc: + port: -426293371 + service: JTK0kP + httpGet: + host: QPoQbZ9 + path: PxIHuC3 + port: dY + scheme: ʏÞ荻a鎘ʇ塜H唽×ʃ刉 + initialDelaySeconds: 1930411693 + periodSeconds: 1985310483 + successThreshold: 769125679 + terminationGracePeriodSeconds: -4123472799765155241 + timeoutSeconds: -1364329005 + restartPolicy: À潌貛ă貈懍Eŵɀȩ + revisionHistoryLimit: -1768466640 + schedulerName: RMki + securityContext: + fsGroup: -3162007349665636938 + fsGroupChangePolicy: F@AǶvĭȟū琐噌黣坩Ǚɮŀ + runAsGroup: 164107928150233301 + runAsNonRoot: false + runAsUser: -6374867922909642928 + strategy: + type: OMXfGqbFsWh + terminationGracePeriodSeconds: 1025063088 + tolerations: + - effect: ƸL諟Hv餣A嶌ɣYƵ轝脡sT酉 + key: rvPW78A + tolerationSeconds: 2277475321707653696 + value: zmQU7sY + - effect: 瘅1Ʉ夆 + key: 0p + operator: 冂÷s廥肚Zj陎1aÚkĤɀǟR + tolerationSeconds: 1191004605682561615 + value: sZcoDHahsR79 + topologySpreadConstraints: + - maxSkew: -1723926017 + topologyKey: KnB17 + whenUnsatisfiable: WpP6r0 + updateStrategy: + type: 56m +fullnameOverride: xPmln +imagePullSecrets: +- name: P0 +- name: AoBx4D0STGS8Z +logging: + level: QSl3 +monitoring: + annotations: + Ph: jqBcTVUZf6Q + bphXvWC: RZuPl1 + wrQkm: whQu3 + enabled: false + labels: + WGbtca: qquyS56V2v5 + dBJC: qNJ + hO: Mv5VfzUC + namespaceSelector: {} + scrapeInterval: 856582h27m40.130242944s +nameOverride: r7G +service: + name: w4DG +serviceAccount: + annotations: + 6tv5saOxoc: 6xq4 + EMXt4yV: 6g0eIa7vAQ3 + Nv: 2r + create: false + name: YIo +storage: + volume: + - name: I0 + volumeMounts: + - mountPath: FgUy2D + mountPropagation: ül幯wȅƑʀ,姅 + name: kUw2 + subPath: D0Qb + subPathExpr: EemIo6uDnv0 + - mountPath: r + mountPropagation: 剐ƥ<¶抿菋ɯ粦梘ȡ( + name: 15LL4 + readOnly: true + subPath: tcGS + subPathExpr: pwB + - mountPath: aC8MZYmVC + mountPropagation: ʢǮZ薽R擽ē1Xȭ硡衕卣A礖XÚY2 + name: "9" + subPath: qg + subPathExpr: cPz1rA +test: + create: false +tolerations: +- effect: S爨5p皳衷ƖE + key: htSQi8X + operator: 枦悬Ɵ洌?峎 + tolerationSeconds: -3814415431062878896 + value: Rbg +-- case-049 -- +auth: + sasl: + enabled: true + mechanism: lZOXaE + secretRef: YOdINi + userName: BXFWsRQboaO4 +commonLabels: + AxgO: ie + a: xGJKP + wy9DijfF9: pY +connectors: + additionalConfiguration: q9c + bootstrapServers: IgVAbq38dU + brokerTLS: + ca: + secretNameOverwrite: kYnXvq + secretRef: IvgqIPUbzG + cert: + secretNameOverwrite: 7JbcQ + secretRef: buOno + enabled: true + key: + secretNameOverwrite: 20O + secretRef: 6hz5McyLWN + groupID: Wk7p7aNJ + producerBatchSize: 2121357080 + producerLingerMS: 2074731749 + restPort: -447671166 + schemaRegistryURL: 6N0Bmg4 + secretManager: + connectorsPrefix: x7I5NRn + consolePrefix: eDG + enabled: false + region: SkMqmYBpLtPJj + storage: + remote: + read: + config: false + offset: false + status: true + write: + config: true + offset: true + status: true + replicationFactor: + config: 1354970349 + offset: -471311251 + status: 1502440377 + topic: + config: D1lY + offset: O1OSNfw8U87 + status: GPw +container: + javaGCLogEnabled: s4ggDHmuiTC + resources: + javaMaxHeapSize: "0" + limits: + cpu: "0" + memory: "0" + request: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false +deployment: + budget: + maxUnavailable: -372928360 + create: false + extraEnv: + - name: FW + value: 5RU04xp + valueFrom: + configMapKeyRef: + key: 7nxdup + name: tnQpS3Y01 + optional: false + fieldRef: + apiVersion: eNiNGSSDL + fieldPath: 5119g + resourceFieldRef: + containerName: 4D + divisor: "0" + resource: 7O + secretKeyRef: + key: RERK + name: jtlhC8sfN + optional: true + - name: K3Z5 + value: v + valueFrom: + configMapKeyRef: + key: 5yl + name: J9LMEohiq + optional: false + fieldRef: + apiVersion: wbFQyoK4 + fieldPath: GL6kNJ + resourceFieldRef: + containerName: Xy2OPZ2 + divisor: "0" + resource: w + secretKeyRef: + key: 70As + name: PIR8cXF + optional: false + - name: TvqBj3M9 + value: n5DeWNx + valueFrom: + configMapKeyRef: + key: A3J + name: HC + optional: false + fieldRef: + apiVersion: 7vcn + fieldPath: NVb + resourceFieldRef: + containerName: Kw5PS + divisor: "0" + resource: M + secretKeyRef: + key: exITv + name: 6BCCh + optional: false + extraEnvFrom: + - configMapRef: + name: mKhZU + optional: false + prefix: 7r + secretRef: + name: 4dK + optional: false + - configMapRef: + name: N7 + optional: true + prefix: v8lf + secretRef: + name: Rmh + optional: true + livenessProbe: + exec: + command: + - Cx + - J87G2o + failureThreshold: 781863739 + grpc: + port: -1245485251 + service: Rea6qLZtf + httpGet: + host: m + path: 81qOdO8W + port: 2000006026 + scheme: 0觇瓄ȗ-狐´Ǝ酤ƆjĴȘ梟 + initialDelaySeconds: -845959215 + periodSeconds: 968971981 + successThreshold: -1102843833 + terminationGracePeriodSeconds: -9135098607736928416 + timeoutSeconds: -1624177358 + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: M2 + operator: ?ʪv椾ɛŵR{昂 + values: + - VijxsIC + - Z + - ccgUy6X4 + - key: Hyr7Bi + operator: 糪鄖藸*ɭ + values: + - qX9fMe + - key: SGTnNAR9 + operator: tđ鑨aɰ@Gȧ匈瑴駳ʨ譄ř顲IJ蓡"餛 + values: + - XGZRPQ + - HvYW + - SJm + matchFields: + - key: OeW + operator: z顡àP賤曑^ȴQ@蝂ź斁棈玔ʯ% + values: + - ml + - 4O7U + - wQ4YJ36 + - matchExpressions: + - key: Lya + operator: 潲pƏ黇稖4 + values: + - jC9 + - F + matchFields: + - key: Ynazf + operator: 6u閄甚 + values: + - 4qKPH + - key: hqS6 + operator: ¤W瑨ǀ螛觴囻 + values: + - ZFA3 + - O5sJmCwV + - key: Qf8jOwRnP + operator: ~I鳥撢禽殪yȿ嗍-芠ǒY`唞 + values: + - Jx4jV5qM + - PDQTY + nodeSelector: + dduQyGRf: 7nwg + podAffinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: A + operator: qnjü熂¤}ðÅŧ@蕑 + values: + - 6vy + - rl4UI + - FFXR + matchFields: + - key: YHp0vUR + operator: Ggɱ棁 + - key: UgkXI + operator: mn<#ɠ铑k趴ǟ韝 + values: + - 5JJK + - key: oTJ8B + operator: ȡ拳řɒW阾u掠鄗懓j9[唊ȱ + values: + - yb3 + - 2YZE2W0 + - L + weight: -1083324198 + - preference: + matchExpressions: + - key: OTNrwf + operator: ö议昇ŁüC + values: + - WLOo + - vs0cZ0R + - Khhase + weight: -711215427 + - preference: {} + weight: -1613072214 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: gVZf + operator: _逋 + values: + - JzYY + - ywDxP1 + matchLabels: + Xegma69PO3houPR: Rmbc + d: MlcH4i7 + matchLabelKeys: + - K + - f + - rhU2t + mismatchLabelKeys: + - van87 + - 0ZYdEF5 + namespaceSelector: {} + namespaces: + - P8O + topologyKey: 1NGe + weight: 569962286 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: BeFIzF + operator: Ĝɿē + - key: Rvo6WB + operator: ʊ候ɥÂ漦靿Nj搘溦恱徒,ɴɜĿ怀Õ8貐 + values: + - PBaiU + - key: knGp2I + operator: Ǩ鄧^&膽s硢üf厵¸Ŧ錨譖梑*屟 + values: + - Nbn6I + matchLabels: + 0fc: HuJvN + 9tYU: 88OR4d2 + WR5Fy: lfBGVZo + matchLabelKeys: + - WukVD + mismatchLabelKeys: + - Vx + - BtHH + - dajjlO + namespaceSelector: + matchExpressions: + - key: t + operator: ']XFȁ窔示ʛ' + matchLabels: + 4Qh1x8JGl: Ex + 4hLpox: VP1 + gV0AjuaYC: aUwAN + namespaces: + - p + topologyKey: CM + weight: -1434839877 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: {} + matchLabelKeys: + - 3Ss + mismatchLabelKeys: + - fobV + namespaceSelector: + matchExpressions: + - key: X0rcjmbG + operator: 聹璴ɒ轢ąG箽Ɗş + values: + - 8ghV9wL + matchLabels: + 03NYmC8: "N" + H0mvdY: iy8ac + namespaces: + - C6sd7 + - F6FE + - 9W4PbMcZ + topologyKey: G4eB + - labelSelector: + matchExpressions: + - key: sNU + operator: dYC + values: + - YQaiV + - key: Pua + operator: ɸnŔ摔岖nǏȚȂ昗 + values: + - YpXB37PnW + - f2 + - MM + - key: DxVCz6I2x + operator: 埸爻 + values: + - Hm2CX + matchLabels: + sD0FFW: DLDqfI + matchLabelKeys: + - 1ZijjM + - bMD + - wKDup + namespaceSelector: + matchExpressions: + - key: h + operator: 蠺¾l拏|GȎ俴|~嶻屶À 9攑mʏC + values: + - lt1f + - Rx6 + - z + namespaces: + - vXafQDN + topologyKey: "" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + R: xf6sJsIR2 + XRGK: HU40WMP2tH + matchLabelKeys: + - kZ9w2o + - C9lRMoB80Kf + mismatchLabelKeys: + - 5Q + namespaceSelector: + matchLabels: + lBX7: deB6Qg + namespaces: + - EZQJcE + - agIqApffRAjm + - hNChs7M + topologyKey: y6 + weight: 310831703 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: LG + operator: 寭Z踸賟ð蔄lǦÏ徫*柝RŒĕă都 + values: + - Ia3H + - pGJa9 + - key: PLHavnryhJ + operator: čʬȰ呰vʤ涜Â擁隨鄡u評ƚ鼷Ō"ǩ¦ + values: + - VurUeIEAI + matchLabelKeys: + - "" + - fKBu + mismatchLabelKeys: + - L1 + - eG155Q + namespaceSelector: + matchLabels: + RYjDmg9L: S08IW6cHa + topologyKey: bIA8oKUvNZ + weight: -980786377 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Vdtt + operator: ƃ摰Ǹc茜颭ƅ{ɘ侼ȅ.ġ + values: + - GY + - IL + - e82zQBv8 + matchLabels: + LCyGc: 7onELXh4E + r3: 3jFJ + s: 2JH8 + matchLabelKeys: + - ett + - e + - CBNjUaCu + mismatchLabelKeys: + - gOfT + - H8q + namespaceSelector: + matchLabels: + "": wpC + oKw8pdan7Q0: dLiDRyH + namespaces: + - qw + - Rm1a1x + - kjfaf + topologyKey: guuynpKQ9lV8 + weight: -1608829726 + podAntiAffinity: + custom: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: s + operator: ɠ襱Ȣʅ鶌脸ĕŎ鋃澣'Ɵɡ舩V÷ë4 + values: + - "" + - RdE4 + - IwoP349d + - key: K8OuT + operator: Wʼn + namespaceSelector: + matchExpressions: + - key: F + operator: ɆƂr嗫nÈÚ7{ƴ视ƺ覵ʋŬƛ + values: + - CKicU4 + - QtnR1mf + namespaces: + - JZ + - 9j60y + - VdjQ + topologyKey: V79Fc + weight: 1058838095 + - podAffinityTerm: + labelSelector: + matchLabels: + IhQLO3: k0ZI08 + phsC: hrahrRruQ + matchLabelKeys: + - rCSflQW + namespaceSelector: + matchExpressions: + - key: kcxL + operator: Į + values: + - NCGT + matchLabels: + 3tPhW: yFH6u + 4PB1z: cjQ28Es3I + topologyKey: s50 + weight: 2003899640 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: t + operator: 菠_Ɩ-ĉ垝ʮ + values: + - 2yD6SK7sQNyQ + - key: s1 + operator: 衙鵇ȔºɢG枬涕L$k賽Ö + values: + - xR + - ItozQOJu + matchLabels: + 8rP96Bm: gRg8miP + Gop: LnoRl + matchLabelKeys: + - asNzX03 + - UQz + namespaceSelector: + matchExpressions: + - key: tlFJgp + operator: 翺$ȵ硽dzXȷ鿁aȐG + values: + - yCG5CU + - key: ezfpbDKj36Qk + operator: ?盉剴痐èěȆ倒f^ + namespaces: + - C + - BWSk + topologyKey: NRyT + weight: -1887589 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: VqAEfS9 + operator: 'š勐§2äƇ镧 ' + values: + - zAiR + - MAdfP + - u + namespaceSelector: + matchExpressions: + - key: bss + operator: 龌ɒRuĖXʃĹę琴 + values: + - fYA3 + - 3nOKAD + - CIt5uEowlBLQ1 + matchLabels: + 8ZPfixhDT2u: NhaXnN + 9m0: A1gs2 + GXhMHUyy: KmKI + namespaces: + - W + - BrU0P3 + - "" + topologyKey: PxOw + topologyKey: B + type: 0ZYR + weight: -1306525291 + priorityClassName: m3Ex + progressDeadlineSeconds: -1434788483 + readinessProbe: + exec: + command: + - MNs0Ba + failureThreshold: 584818346 + grpc: + port: 321294336 + service: "" + httpGet: + host: 7VJXwz + path: 1ygxm + port: Dcl8Z8 + scheme: 慲ė鼔ƀ + initialDelaySeconds: 1026532597 + periodSeconds: 1489595355 + successThreshold: 1696560908 + terminationGracePeriodSeconds: -4249833353592859621 + timeoutSeconds: -147660350 + restartPolicy: Y2dɪ赥ȡěȫ + revisionHistoryLimit: 529570324 + schedulerName: mzo86Jb + securityContext: + fsGroup: -2777096360811827600 + fsGroupChangePolicy: ǑȽ劐2$t剭赖' + runAsGroup: -8516502997065582904 + runAsNonRoot: true + runAsUser: 4444001915347831322 + supplementalGroups: + - -713783482271938969 + - -1237716613088890768 + - -3929371009074647393 + sysctls: + - name: xlxKwO + value: mVa0Vk + - name: Pe + value: ggm6uD4s5 + strategy: + type: 1Y + terminationGracePeriodSeconds: -1036531185 + tolerations: + - effect: ƨU;È性ǯ9ƝZ軷ĖĀ<猀Ħ瑍ş + key: hrn + operator: 駾G + tolerationSeconds: -5689841415932882459 + value: 7wGF139wPxrS + topologySpreadConstraints: + - maxSkew: 2056579760 + topologyKey: 3Vxn0PFD + whenUnsatisfiable: Zd + - maxSkew: -1862577769 + topologyKey: 0ifTRZ + whenUnsatisfiable: ovqoS + updateStrategy: + type: nlatLA +fullnameOverride: fubwSl +logging: + level: 4GjwwD +monitoring: + annotations: + dn7: Ed1FfDz + uj8: fVksEAUZ + enabled: false + labels: + OuMMzK: U + u67Epbv: bs83 + namespaceSelector: + matchNames: + - YfURCd + - pjn + scrapeInterval: -1243725h11m11.812387569s +nameOverride: pyCdF +service: + annotations: + uH: o + name: 37ihe +serviceAccount: + annotations: + "": 0h6QKRWo + ayiUDPgwgG9: Wh + create: true + name: zr1OY +storage: + volume: + - name: VzP + - name: B2c9ZE + volumeMounts: + - mountPath: H + mountPropagation: 繹Ó!矃oǷ;ŞV佬bĨ`惽鬾 + name: Pv + readOnly: true + subPath: ayluKt + subPathExpr: WSAQj + - mountPath: aJ + mountPropagation: '*灡毑Ŭĩ凭xʂ閪' + name: WOCY + readOnly: true + subPath: U3AsYVGQTA + subPathExpr: oS2EoO7q5 +test: + create: true +tolerations: +- effect: 灊ƌň + key: m4LJ7 + operator: ȁ溥洡Âƴ蘐ǎĽ懋冝幼埍Ré + tolerationSeconds: -5062975468014163162 + value: zvAp +- effect: 渊M璄劮椆 + key: AhabI + operator: ʀǏ3亚O + tolerationSeconds: -4592469483950966275 + value: "07" +- effect: 嶝¹総| + key: CAi + operator: s咴 + tolerationSeconds: -3369184239394783815 + value: n5 diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases.golden.txtar b/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases.golden.txtar new file mode 100644 index 0000000000..d483171c80 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases.golden.txtar @@ -0,0 +1,10301 @@ +-- testdata/case-000.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: pO5m + helm.sh/chart: connectors-0.1.12 + name: rpVz +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/name: pO5m + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: pO5m + helm.sh/chart: connectors-0.1.12 + name: rpVz +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/name: pO5m + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/name: pO5m + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/name: pO5m + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: 0rksB2 + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: "Y" + - name: oCy + - name: M + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/name: pO5m + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: {} + creationTimestamp: null + labels: + 5Fm2d5: 8GfL + HhgyOa: "1" + L9qHqt6R: LhlwQrUay + name: rpVz +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: pO5m + app.kubernetes.io/instance: console + app.kubernetes.io/name: pO5m +-- testdata/case-001.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: nZ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nZ + helm.sh/chart: connectors-0.1.12 + name: 5wkC +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: nZ + app.kubernetes.io/instance: console + app.kubernetes.io/name: nZ + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: nZ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nZ + helm.sh/chart: connectors-0.1.12 + name: WtC +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: nZ + app.kubernetes.io/instance: console + app.kubernetes.io/name: nZ + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: nZ + app.kubernetes.io/instance: console + app.kubernetes.io/name: nZ + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: nZ + app.kubernetes.io/instance: console + app.kubernetes.io/name: nZ + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: t1lDqf0PT8Xy + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: nZ + app.kubernetes.io/instance: console + app.kubernetes.io/name: nZ + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-002.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + gM: gxAdfFrD + creationTimestamp: null + labels: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ZZ5 + helm.sh/chart: connectors-0.1.12 + name: AN + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ZZ5 + helm.sh/chart: connectors-0.1.12 + name: xp6vcIlb +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZZ5 + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ZZ5 + helm.sh/chart: connectors-0.1.12 + name: xp6vcIlb +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZZ5 + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZZ5 + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZZ5 + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: YUlcy4 + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: hVlmCfXmla + mountPropagation: ÇƭȊ餧鵣鋚蕛ʖ诂瑧)ɍĿ8šȪ轭ʌ倈 + name: 482T + readOnly: true + subPath: Un28M + subPathExpr: weDK9jo + - mountPath: YWN6OS + name: 5ijm8 + subPath: safiSmZ + - mountPath: MBW5 + name: ibiELmf2 + readOnly: true + subPath: E + subPathExpr: piX + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: Tm0bmByz + - name: gSGPB + - name: 58yP + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: AN + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ZZ5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZZ5 + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: AhJ +-- testdata/case-003.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: Wvpgs + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Wvpgs + helm.sh/chart: connectors-0.1.12 + name: kNrkCdEuw9V +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: Wvpgs + app.kubernetes.io/instance: console + app.kubernetes.io/name: Wvpgs + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: Wvpgs + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Wvpgs + helm.sh/chart: connectors-0.1.12 + name: kNrkCdEuw9V +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: Wvpgs + app.kubernetes.io/instance: console + app.kubernetes.io/name: Wvpgs + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: Wvpgs + app.kubernetes.io/instance: console + app.kubernetes.io/name: Wvpgs + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: Wvpgs + app.kubernetes.io/instance: console + app.kubernetes.io/name: Wvpgs + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: AGZOKrMs + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: s2fGu + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: QIa + - name: 9QE3ez + - name: np1QDs89l + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: Wvpgs + app.kubernetes.io/instance: console + app.kubernetes.io/name: Wvpgs + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-004.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: xhLPt0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xhLPt0 + helm.sh/chart: connectors-0.1.12 + name: 74qyne +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: xhLPt0 + app.kubernetes.io/instance: console + app.kubernetes.io/name: xhLPt0 + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: xhLPt0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xhLPt0 + helm.sh/chart: connectors-0.1.12 + name: 74qyne +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: xhLPt0 + app.kubernetes.io/instance: console + app.kubernetes.io/name: xhLPt0 + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: xhLPt0 + app.kubernetes.io/instance: console + app.kubernetes.io/name: xhLPt0 + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: xhLPt0 + app.kubernetes.io/instance: console + app.kubernetes.io/name: xhLPt0 + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: lnn + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: xhLPt0 + app.kubernetes.io/instance: console + app.kubernetes.io/name: xhLPt0 + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-005.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: W + helm.sh/chart: connectors-0.1.12 + name: J +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/name: W + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: W + helm.sh/chart: connectors-0.1.12 + name: J +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: -544556764 + selector: + matchLabels: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/name: W + strategy: + type: AT9FgtX + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/name: W + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/name: W + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: u12AMM + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: -321470157 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 1821796808 + periodSeconds: -469069323 + successThreshold: -1171276641 + timeoutSeconds: 1191785929 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: 9hR6GGwna + name: f9h8iHd + subPath: u6UaQTj + subPathExpr: A13AGT + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: + ppXWIa: yWFoE + restartPolicy: Always + schedulerName: Lwp + securityContext: + fsGroup: 101 + fsGroupChangePolicy: eĻȊ4愻' + runAsGroup: 7076055353387776000 + runAsUser: 1448978345039473400 + supplementalGroups: + - 6910305894952865000 + serviceAccountName: VLlCi + terminationGracePeriodSeconds: 1820238753 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/name: W + maxSkew: 0 + topologyKey: OAvMKg + whenUnsatisfiable: pasNu + - labelSelector: + matchLabels: + app.kubernetes.io/component: W + app.kubernetes.io/instance: console + app.kubernetes.io/name: W + maxSkew: 0 + topologyKey: izYRz + whenUnsatisfiable: V2RO2 + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-006.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + 2oUsUW: r + lx: u6Li342dNU + creationTimestamp: null + labels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vlci + helm.sh/chart: connectors-0.1.12 + m2DRq: cS + name: "7" + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vlci + helm.sh/chart: connectors-0.1.12 + m2DRq: cS + name: gkX +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/name: Vlci + m2DRq: cS + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vlci + helm.sh/chart: connectors-0.1.12 + m2DRq: cS + name: R93VG +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/name: Vlci + m2DRq: cS + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/name: Vlci + m2DRq: cS + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/name: Vlci + m2DRq: cS + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: 0aZ + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: "7" + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + LvtMtyy: tvfxqD2lry + YC2zBn: OLSkBqQE + app.kubernetes.io/component: Vlci + app.kubernetes.io/instance: console + app.kubernetes.io/name: Vlci + m2DRq: cS + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-007.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: Gb7J7k + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Gb7J7k + helm.sh/chart: connectors-0.1.12 + name: 9PY0 +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: Gb7J7k + app.kubernetes.io/instance: console + app.kubernetes.io/name: Gb7J7k + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: Gb7J7k + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Gb7J7k + helm.sh/chart: connectors-0.1.12 + name: NUTO +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: Gb7J7k + app.kubernetes.io/instance: console + app.kubernetes.io/name: Gb7J7k + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: Gb7J7k + app.kubernetes.io/instance: console + app.kubernetes.io/name: Gb7J7k + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: Gb7J7k + app.kubernetes.io/instance: console + app.kubernetes.io/name: Gb7J7k + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=y2 + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: ZQu + - name: CONNECT_BOOTSTRAP_SERVERS + value: ue + - name: SCHEMA_REGISTRY_URL + value: kS0A8GucOgn + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: n3s7 + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: Gb7J7k + app.kubernetes.io/instance: console + app.kubernetes.io/name: Gb7J7k + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-008.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: tPhRiQRK + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tPhRiQRK + helm.sh/chart: connectors-0.1.12 + name: PNw8 +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: tPhRiQRK + app.kubernetes.io/instance: console + app.kubernetes.io/name: tPhRiQRK + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: tPhRiQRK + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tPhRiQRK + helm.sh/chart: connectors-0.1.12 + name: PNw8 +spec: + progressDeadlineSeconds: 467220788 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: tPhRiQRK + app.kubernetes.io/instance: console + app.kubernetes.io/name: tPhRiQRK + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: tPhRiQRK + app.kubernetes.io/instance: console + app.kubernetes.io/name: tPhRiQRK + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: pq3jgGoeY + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: + - prefix: W + - prefix: 6Cgj + - prefix: YV + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -1790317528 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -853917423 + periodSeconds: 1730314559 + successThreshold: -1047272333 + timeoutSeconds: 478977165 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: EzI + - {} + - name: rjR6q + nodeSelector: {} + restartPolicy: Always + schedulerName: iVovlD + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 1520290623 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: tPhRiQRK + app.kubernetes.io/instance: console + app.kubernetes.io/name: tPhRiQRK + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-009.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + LWQ09i: tiLdCrApld + v2D6hTB: NGlgEEm + creationTimestamp: null + labels: + app.kubernetes.io/component: wCD97n + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wCD97n + helm.sh/chart: connectors-0.1.12 + name: eyeD + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: wCD97n + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wCD97n + helm.sh/chart: connectors-0.1.12 + name: H +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: wCD97n + app.kubernetes.io/instance: console + app.kubernetes.io/name: wCD97n + sessionAffinity: None + type: ClusterIP +-- testdata/case-010.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL + helm.sh/chart: connectors-0.1.12 + name: LsGZn +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL + helm.sh/chart: connectors-0.1.12 + name: LsGZn +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: bZ1w2 + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: {} + creationTimestamp: null + labels: + wsUYAN3C: BzMz48 + name: LsGZn +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: 9fz + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9fz + cUt: YvDFEsYlU + g3hOh91HKI: CHwTjLYe2XS + h4yNA: fJL +-- testdata/case-011.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: xiBXju + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xiBXju + bX: vmmkhH2NHvdt + helm.sh/chart: connectors-0.1.12 + mO: pT + name: etuP +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: xiBXju + app.kubernetes.io/instance: console + app.kubernetes.io/name: xiBXju + bX: vmmkhH2NHvdt + mO: pT + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: xiBXju + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xiBXju + bX: vmmkhH2NHvdt + helm.sh/chart: connectors-0.1.12 + mO: pT + name: etuP +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: -1010709730 + selector: + matchLabels: + app.kubernetes.io/component: xiBXju + app.kubernetes.io/instance: console + app.kubernetes.io/name: xiBXju + bX: vmmkhH2NHvdt + mO: pT + strategy: + type: XhI1Zz + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: xiBXju + app.kubernetes.io/instance: console + app.kubernetes.io/name: xiBXju + bX: vmmkhH2NHvdt + mO: pT + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: qi12DQkzc + operator: 駣>蕐k泌蚮奘5d墥7Ȋ + values: + - Sp + weight: 1587628539 + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=X + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1644100599 + producer.batch.size=606208011 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.secretsManager.class=com.github.jcustenborder.kafka.config.aws.SecretsManagerConfigProvider + config.providers.secretsManager.param.secret.prefix=TFKpuTTGy6JO572 + config.providers.secretsManager.param.aws.region=Zga57aiC + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: vucld + - name: SCHEMA_REGISTRY_URL + value: mGj8 + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: 20R9 + - name: CONNECT_SASL_USERNAME + value: 8MR9Bee + - name: CONNECT_SASL_MECHANISM + value: eTh + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TLS_AUTH_KEY + value: key/VT + - name: ogAtm + value: mJfm + - name: 2dTzgfH + value: sNiAP + valueFrom: + configMapKeyRef: + key: gSl56 + name: c + optional: true + resourceFieldRef: + containerName: AXKLF + divisor: "0" + resource: "" + - name: N1yV1 + value: nLSeqDK + envFrom: + - prefix: 9HB6W4t + secretRef: + name: NYC3bKPQWLc + optional: false + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -757710692 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -949475509 + periodSeconds: 1423942066 + successThreshold: 1080931760 + timeoutSeconds: -1902342435 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: NIVHRdAc + name: BHPad + readOnly: true + subPath: z + subPathExpr: iwiB7uVoG + - mountPath: S6g7 + mountPropagation: $+g"訜駄 + name: 1iwfb + readOnly: true + subPath: 5XRI + subPathExpr: zNyXts + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: g + securityContext: + fsGroup: 101 + fsGroupChangePolicy: b + runAsUser: 101 + serviceAccountName: dr5NDVhU0W3x + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: xiBXju + app.kubernetes.io/instance: console + app.kubernetes.io/name: xiBXju + bX: vmmkhH2NHvdt + mO: pT + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: key + secret: + defaultMode: 292 + secretName: lz9QFe + - name: rc-credentials + secret: + defaultMode: 292 + secretName: H5TroU8 + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-012.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: MexiU + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: MexiU + helm.sh/chart: connectors-0.1.12 + name: Ac +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: MexiU + app.kubernetes.io/instance: console + app.kubernetes.io/name: MexiU + sessionAffinity: None + type: ClusterIP +-- testdata/case-013.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: w8tCi3K + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: w8tCi3K + helm.sh/chart: connectors-0.1.12 + name: InI +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: w8tCi3K + app.kubernetes.io/instance: console + app.kubernetes.io/name: w8tCi3K + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: {} + creationTimestamp: null + labels: {} + name: bAtOao +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: w8tCi3K + app.kubernetes.io/instance: console + app.kubernetes.io/name: w8tCi3K +-- testdata/case-014.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dA1zsc + helm.sh/chart: connectors-0.1.12 + name: u7DU +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/name: dA1zsc + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dA1zsc + helm.sh/chart: connectors-0.1.12 + name: u7DU +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/name: dA1zsc + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/name: dA1zsc + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/name: dA1zsc + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=6AsORVCaYJ + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=-831136974 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: E + - name: CONNECT_BOOTSTRAP_SERVERS + value: cywT8MNAo + - name: SCHEMA_REGISTRY_URL + value: cSf + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: HAAJtAWrjJ + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/name: dA1zsc + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: {} + creationTimestamp: null + labels: + aVoQ7: vECqlu0Pe + name: u7DU +spec: + namespaceSelector: + any: true + matchNames: + - alQT6bxHho + - jKf + - p + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: dA1zsc + app.kubernetes.io/instance: console + app.kubernetes.io/name: dA1zsc +-- testdata/case-015.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 96Kx: 1DW5QoLP + LY: nDw + app.kubernetes.io/component: bpgtWxol + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bpgtWxol + etW: "9" + helm.sh/chart: connectors-0.1.12 + name: x +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + 96Kx: 1DW5QoLP + LY: nDw + app.kubernetes.io/component: bpgtWxol + app.kubernetes.io/instance: console + app.kubernetes.io/name: bpgtWxol + etW: "9" + sessionAffinity: None + type: ClusterIP +-- testdata/case-016.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + IUeOwNT: T3w1nV + Si: dNUY + app.kubernetes.io/component: Cex3v + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cex3v + helm.sh/chart: connectors-0.1.12 + name: B5Y +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: HzTtdut + port: 741893604 + protocol: TCP + targetPort: 741893604 + - name: yT6vYOdszF + port: -1916404761 + protocol: TCP + targetPort: -1916404761 + selector: + app.kubernetes.io/component: Cex3v + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cex3v + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: Cex3v + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cex3v + helm.sh/chart: connectors-0.1.12 + name: bGMfavR +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: Cex3v + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cex3v + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: Cex3v + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cex3v + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: Cex3v + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cex3v + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: NSE + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: oj4P + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 741893604 + name: HzTtdut + protocol: TCP + - containerPort: -1916404761 + name: yT6vYOdszF + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "0" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: cxOBE + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: Cex3v + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cex3v + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: X7ZZu + - name: KkkMA7 + - name: Btxy +-- testdata/case-017.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: DAE + helm.sh/chart: connectors-0.1.12 + wR: GAm + name: u1Dk +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/name: DAE + wR: GAm + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: DAE + fet: YGwnq + helm.sh/chart: connectors-0.1.12 + wR: GAm + name: u1Dk +spec: + progressDeadlineSeconds: 444536561 + replicas: null + revisionHistoryLimit: 1418020237 + selector: + matchLabels: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/name: DAE + wR: GAm + strategy: + type: WVP1Q8 + template: + metadata: + annotations: + fet: YGwnq + creationTimestamp: null + labels: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/name: DAE + wR: GAm + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "2" + operator: 箓Ęȁ銵鷝Ā喳Ăɀ} + - key: j + operator: ɓ + matchFields: + - key: "" + operator: vǃ鞳邪§Ț皾6 + - key: Yi7SzM + operator: Ǎ浹籥岷Ħ + values: + - Czu9d1V + - key: r6y + operator: 牁p认ð_蠡hHiÖq肓ǭʤe)ĉB扝 + - {} + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=hPUA1m7 + offset.storage.topic=n + config.storage.topic=Uf + status.storage.topic=kNLwla + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=-221329759 + producer.batch.size=1121174748 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.secretsManager.class=com.github.jcustenborder.kafka.config.aws.SecretsManagerConfigProvider + config.providers.secretsManager.param.secret.prefix=X1zPZ5Cv + config.providers.secretsManager.param.aws.region=LrK6I + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: ro5XOd9Tf + - name: CONNECT_BOOTSTRAP_SERVERS + value: RKH + - name: SCHEMA_REGISTRY_URL + value: dt2Vd1bTg + - name: CONNECT_GC_LOG_ENABLED + value: x3dH + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "true" + - name: CONNECT_TLS_AUTH_CERT + value: cert/khTfK + - name: CONNECT_TLS_AUTH_KEY + value: key/u0 + envFrom: + - prefix: Ci6EGf + secretRef: + name: cDwbNN + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 1181508047 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -215289091 + periodSeconds: 918675027 + successThreshold: -1707139863 + timeoutSeconds: 1673866844 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: -1832996555 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 877141221 + periodSeconds: 2102410645 + successThreshold: 1537121792 + timeoutSeconds: -2026548303 + resources: + limits: + cpu: "0" + memory: 2350Mi + requests: + cpu: "0" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: FQjdKmjClI5B + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: zF + terminationGracePeriodSeconds: 1127207064 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/name: DAE + wR: GAm + maxSkew: -1487816419 + topologyKey: Mw7m + whenUnsatisfiable: "" + - labelSelector: + matchLabels: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/name: DAE + wR: GAm + maxSkew: -1469244889 + topologyKey: HuZRY + whenUnsatisfiable: NX + - labelSelector: + matchLabels: + app.kubernetes.io/component: DAE + app.kubernetes.io/instance: console + app.kubernetes.io/name: DAE + wR: GAm + maxSkew: -346884429 + topologyKey: xVWCd + whenUnsatisfiable: p + volumes: + - name: cert + secret: + defaultMode: 292 + secretName: qXwTCH + - name: key + secret: + defaultMode: 292 + secretName: OCzzkl + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-018.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: C + helm.sh/chart: connectors-0.1.12 + name: CVJfMb +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 1476502274 + protocol: TCP + targetPort: 1476502274 + - name: DT + port: 0 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/component: C + app.kubernetes.io/instance: console + app.kubernetes.io/name: C + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: C + helm.sh/chart: connectors-0.1.12 + name: hX1VdtP7gp7c +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: C + app.kubernetes.io/instance: console + app.kubernetes.io/name: C + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: C + app.kubernetes.io/instance: console + app.kubernetes.io/name: C + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: C + app.kubernetes.io/instance: console + app.kubernetes.io/name: C + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=1476502274 + rest.port=1476502274 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=m + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=-313398730 + producer.batch.size=1913291774 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: l3aLVX5 + - name: CONNECT_BOOTSTRAP_SERVERS + value: hj4Aab + - name: SCHEMA_REGISTRY_URL + value: nL5qOV + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_SASL_USERNAME + value: 1Iwn7 + - name: CONNECT_SASL_MECHANISM + value: VtLC5 + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TLS_AUTH_KEY + value: key/z4oRSGo + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 1476502274 + name: rest-api + protocol: TCP + - containerPort: 0 + name: DT + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: 5koRVhJz + mountPropagation: 穠耱誕Ȝ躰灬灺Ķ輔硯dzȦ1e蘄ò.o + name: 5lp + subPath: bEZmgVKO + subPathExpr: 5UCo6 + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: W1 + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: 3xqtRwRI + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: C + app.kubernetes.io/instance: console + app.kubernetes.io/name: C + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: key + secret: + defaultMode: 292 + secretName: Ee + - name: rc-credentials + secret: + defaultMode: 292 + secretName: ng2m + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-019.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 1sF: 45XnA + a1rMZK: Jzq + app.kubernetes.io/component: qQY + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qQY + helm.sh/chart: connectors-0.1.12 + name: iPsih4 +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 2065008586 + protocol: TCP + targetPort: 2065008586 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + 1sF: 45XnA + a1rMZK: Jzq + app.kubernetes.io/component: qQY + app.kubernetes.io/instance: console + app.kubernetes.io/name: qQY + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + 1sF: 45XnA + a1rMZK: Jzq + app.kubernetes.io/component: qQY + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qQY + helm.sh/chart: connectors-0.1.12 + name: S9NS5c +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: -656791059 + selector: + matchLabels: + 1sF: 45XnA + a1rMZK: Jzq + app.kubernetes.io/component: qQY + app.kubernetes.io/instance: console + app.kubernetes.io/name: qQY + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + 1sF: 45XnA + a1rMZK: Jzq + app.kubernetes.io/component: qQY + app.kubernetes.io/instance: console + app.kubernetes.io/name: qQY + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=2065008586 + rest.port=2065008586 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=CL5YFuVD + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=-936976440 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.secretsManager.class=com.github.jcustenborder.kafka.config.aws.SecretsManagerConfigProvider + config.providers.secretsManager.param.secret.prefix=79Q + config.providers.secretsManager.param.aws.region=3EfPcaJPeL + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: ezzGY + - name: SCHEMA_REGISTRY_URL + value: XTAQJ + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + - name: s + value: q7x401sB3R + - name: p + value: Odn + valueFrom: + fieldRef: + apiVersion: Tmp29KLiQ5 + fieldPath: "2" + secretKeyRef: + key: RRlr0C + name: jx + - name: M + value: dHu2S + valueFrom: + configMapKeyRef: + key: YT + name: x84MM29Kc5u + optional: true + fieldRef: + apiVersion: AKdDlUG8v + fieldPath: wHCWO + envFrom: + - configMapRef: + name: MF8pnsf + optional: false + prefix: lT + secretRef: + name: W + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 832341066 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -493754907 + periodSeconds: -888317874 + successThreshold: -1792385861 + timeoutSeconds: -359586002 + name: connectors-cluster + ports: + - containerPort: 2065008586 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: -2059548026 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 438569678 + periodSeconds: 2034323562 + successThreshold: -1007748590 + timeoutSeconds: -1489292970 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: Wrjb3H + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: Ƿ闄 + key: O + operator: 鵉鼌q穋R譼驪妼擕`ƛ駴ň + tolerationSeconds: -8397972967079996000 + value: 1KZwe4 + topologySpreadConstraints: + - labelSelector: + matchLabels: + 1sF: 45XnA + a1rMZK: Jzq + app.kubernetes.io/component: qQY + app.kubernetes.io/instance: console + app.kubernetes.io/name: qQY + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-020.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: kUuRn + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kUuRn + helm.sh/chart: connectors-0.1.12 + name: IAukfjAiE +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: kUuRn + app.kubernetes.io/instance: console + app.kubernetes.io/name: kUuRn + sessionAffinity: None + type: ClusterIP +-- testdata/case-021.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + QvndcW2wD: JmD + creationTimestamp: null + labels: + 5D3dcbYcmq: bkcA + app.kubernetes.io/component: Cg + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cg + helm.sh/chart: connectors-0.1.12 + "y": TxHhxVY2tRx1i + name: ABdKo + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 5D3dcbYcmq: bkcA + app.kubernetes.io/component: Cg + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cg + g: Haj2trb + helm.sh/chart: connectors-0.1.12 + nQCD85u: 7ENE + "y": TxHhxVY2tRx1i + name: kt3xi +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: ZD6QnCdlL + port: 0 + protocol: TCP + targetPort: 0 + - name: kUQU + port: 0 + protocol: TCP + targetPort: 0 + selector: + 5D3dcbYcmq: bkcA + app.kubernetes.io/component: Cg + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cg + "y": TxHhxVY2tRx1i + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + 5D3dcbYcmq: bkcA + "8": 6L8d + app.kubernetes.io/component: Cg + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cg + helm.sh/chart: connectors-0.1.12 + "y": TxHhxVY2tRx1i + name: console-Cg +spec: + progressDeadlineSeconds: 741558819 + replicas: null + revisionHistoryLimit: 1560482462 + selector: + matchLabels: + 5D3dcbYcmq: bkcA + app.kubernetes.io/component: Cg + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cg + "y": TxHhxVY2tRx1i + strategy: + type: "9" + template: + metadata: + annotations: + "8": 6L8d + creationTimestamp: null + labels: + 5D3dcbYcmq: bkcA + app.kubernetes.io/component: Cg + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cg + "y": TxHhxVY2tRx1i + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: j3g + operator: ŷǘȵiì渭ʫ抁Ğŋ + values: + - DJoN22 + - 4Kszk + - key: KYKZgrf + operator: 櫮ƣ+Ź藦vď蔸聺3vMʪ + matchFields: + - key: di6 + operator: ɫ0l5璠û介ɗ蟦ǘ厁ɂh磊 + values: + - ct + - 3e + - YICL + weight: 1941396141 + - preference: + matchExpressions: + - key: PRs0G0 + operator: ©MʥȩɅ2ď鏓 + - key: L83 + operator: °¥¶ĕ焲粮剚e喏鑝梋ƃ5~Ìnidž + matchFields: + - key: 78fF + operator: =ŞŽ熧曪ń + weight: 1964511070 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: AHvs + operator: ɵȝʩm幃 + - key: 0ac + operator: MWæ諒鸠 + - {} + - matchExpressions: + - key: wRdw + operator: VP萺鵷 + - key: "" + operator: x + values: + - Fx + - I1rNR + - key: JZ + operator: 訖 + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=eOkhi4 + offset.storage.topic=IK4 + config.storage.topic=EI + status.storage.topic=WIZGj + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=true + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=true + offset.storage.replication.factor=-1901393869 + config.storage.replication.factor=-1860412640 + status.storage.replication.factor=-4761328 + producer.linger.ms=-1955065214 + producer.batch.size=-500780400 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: jzE + - name: CONNECT_BOOTSTRAP_SERVERS + value: as60 + - name: SCHEMA_REGISTRY_URL + value: Jrt + - name: CONNECT_GC_LOG_ENABLED + value: HG + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: rb + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/fifa + - name: CONNECT_TLS_AUTH_CERT + value: cert/MY5Ss + - name: mbyKA5WPoY + value: bhMRx + envFrom: + - configMapRef: + name: e7KgN9ff + optional: false + prefix: ug4D + secretRef: + name: CzuiueSY + optional: false + - configMapRef: + name: TlIbaiI + optional: true + prefix: I + - configMapRef: + name: IuBuoY8u5xD1D7 + optional: false + prefix: 2xqoZ + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 0 + name: ZD6QnCdlL + protocol: TCP + - containerPort: 0 + name: kUQU + protocol: TCP + readinessProbe: + failureThreshold: 137175425 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 385463317 + periodSeconds: 1814148060 + successThreshold: -2130595018 + timeoutSeconds: -1983859400 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "1" + memory: "0" + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: kq1gha8w + - {} + nodeSelector: + 88m: ofL96viVG + lM: uR4 + restartPolicy: 奡ʄ臔ȁ + schedulerName: v + securityContext: + fsGroup: 2775178225296577500 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: -873168801110302200 + runAsNonRoot: true + runAsUser: -8949664932683741000 + sysctls: + - name: u + value: 0mDq + - name: UDLOQRVGXH + value: "" + - name: eakEWdkHQ + value: UWw + serviceAccountName: ABdKo + terminationGracePeriodSeconds: 1135949557 + tolerations: + - effect: ɖ + key: lzvKb + operator: V毣«mpAp餂ĵ$İƊ俊ĺ + tolerationSeconds: 1365476841054063900 + value: HqnJ8gfT + - effect: T鏚裦黂 + key: vgU + operator: 訹gǷ×婚ǀ + tolerationSeconds: -8509532606436755000 + value: KI + - effect: ?遗x + key: 6fxivUhl + operator: KŸȘ绒Nj赤 + value: mK2Hz + topologySpreadConstraints: + - labelSelector: + matchLabels: + 5D3dcbYcmq: bkcA + app.kubernetes.io/component: Cg + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cg + "y": TxHhxVY2tRx1i + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: BmRMpc + - name: cert + secret: + defaultMode: 292 + secretName: gy7g + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-022.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 6MJPA + helm.sh/chart: connectors-0.1.12 + name: x4Vu7vj +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: G4 + port: -201865350 + protocol: TCP + targetPort: -201865350 + selector: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6MJPA + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 6MJPA + helm.sh/chart: connectors-0.1.12 + name: cZ4G4 +spec: + progressDeadlineSeconds: 457348204 + replicas: null + revisionHistoryLimit: -700610054 + selector: + matchLabels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6MJPA + strategy: + type: IbrqLLHodX + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6MJPA + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: Ro3T + operator: aĒĴŪ*3ɀ 币6鳴Ã偯d?A`åȏ + - key: 7XExK + operator: 濻舒^T莄1Â]葉 + values: + - A61yP5MBIRlE + - PvGUE + - 3dEaVo + - key: cLddzEo + operator: 櫜毉FÊi嶙# + matchFields: + - key: 5d + operator: 葜.¼v詝擽Ĉ + - key: WSMmbygG + operator: "" + weight: 1129540323 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kwkzOO8tl + operator: ']勋Į掬+' + matchFields: + - key: CQBwi20 + operator: 餞ǚe%Af埧Q哝窓煰 + - key: 9dTBxx + operator: Ĉ|^ + - matchFields: + - key: "" + operator: Á捛ɬĿ脦ǒĈ闲F秿翕卫Ŷ~?ʞŷȎ + values: + - Lg + - key: "42" + operator: 瞍 + values: + - QQMQ + - matchExpressions: + - key: en + operator: HË熙軯-ȓ簩羗č ʏ栽竬熄s)Ó鸰 + - key: Gc9Ntp + operator: "" + matchFields: + - key: 2ZLK4z1 + operator: 捚n匸竟-6ȐÒƑ|ʁĄEʕȘ + values: + - 0GiQ + - FI + - iXXs3k + - key: uujaIM5Y0Eo + operator: Āũ7 + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=3SgngS9vl + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=889009746 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: faRWi + - name: CONNECT_BOOTSTRAP_SERVERS + value: XngcT + - name: SCHEMA_REGISTRY_URL + value: b4VVbJxS + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "true" + - name: CONNECT_TRUSTED_CERTS + value: ca/MDvyt3bw + - name: CONNECT_TLS_AUTH_CERT + value: cert/LP7Pcx1xGT + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: -201865350 + name: G4 + protocol: TCP + readinessProbe: + failureThreshold: 511258221 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 948711230 + periodSeconds: 19027716 + successThreshold: -1810396970 + timeoutSeconds: 1797719976 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: 6Fuyr + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 1222617058 + tolerations: + - key: 9v + operator: ƱSjc(ϼ霌ʒ酁2Ɣ8kRâ + tolerationSeconds: 699537150416724600 + value: w8QXL + - effect: 旼`BȞ*ąɦ纇åʝ + key: vj3BwiVyW1t + operator: 鼦詡dƅ + tolerationSeconds: -9093487529989850000 + value: i8Agp + topologySpreadConstraints: + - labelSelector: + matchLabels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6MJPA + maxSkew: 0 + topologyKey: AFVo + whenUnsatisfiable: M4 + - labelSelector: + matchLabels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6MJPA + maxSkew: -1157554939 + topologyKey: oF + whenUnsatisfiable: juzJPaV2L03 + - labelSelector: + matchLabels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6MJPA + maxSkew: 0 + topologyKey: P6ooy + whenUnsatisfiable: svPI + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: b809b + - name: cert + secret: + defaultMode: 292 + secretName: Gg + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: {} + creationTimestamp: null + labels: + Eedv: 65ZfBI + name: cZ4G4 +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + 3T: w2SpAA6br + I758z7Cf: 6V + JvnbWUk: pPMb + app.kubernetes.io/component: 6MJPA + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6MJPA +-- testdata/case-023.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: ZI341xw + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ZI341xw + helm.sh/chart: connectors-0.1.12 + name: 9tds +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: ZI341xw + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZI341xw + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: ZI341xw + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ZI341xw + helm.sh/chart: connectors-0.1.12 + name: 9tds +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: ZI341xw + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZI341xw + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: ZI341xw + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZI341xw + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ZI341xw + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZI341xw + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: t7nvcU + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: bP + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: YeET3weL4N8g + mountPropagation: d/嬈Ñ內q謯ƶ8ɳƓ肵 + name: ssEfPGv8 + readOnly: true + subPath: "7" + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: t + - name: 9jeO + - name: h + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: TIG + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: ZI341xw + app.kubernetes.io/instance: console + app.kubernetes.io/name: ZI341xw + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: naPNMJ +-- testdata/case-024.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: Y47 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Y47 + helm.sh/chart: connectors-0.1.12 + name: e4W +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1930935263 + protocol: TCP + targetPort: -1930935263 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: Y47 + app.kubernetes.io/instance: console + app.kubernetes.io/name: Y47 + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + FU4J: "" + HJZjva: jC8uET + app.kubernetes.io/component: Y47 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Y47 + helm.sh/chart: connectors-0.1.12 + name: e4W +spec: + progressDeadlineSeconds: 5438195 + replicas: null + revisionHistoryLimit: -2103181148 + selector: + matchLabels: + app.kubernetes.io/component: Y47 + app.kubernetes.io/instance: console + app.kubernetes.io/name: Y47 + strategy: + type: 7Ma6SKn + template: + metadata: + annotations: + FU4J: "" + HJZjva: jC8uET + creationTimestamp: null + labels: + app.kubernetes.io/component: Y47 + app.kubernetes.io/instance: console + app.kubernetes.io/name: Y47 + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=-1930935263 + rest.port=-1930935263 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=d + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=714735160 + producer.batch.size=1166879364 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: LWHk + - name: CONNECT_BOOTSTRAP_SERVERS + value: jn + - name: SCHEMA_REGISTRY_URL + value: sz + - name: CONNECT_GC_LOG_ENABLED + value: XS5 + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: i1QoQHfki73v + - name: CONNECT_TLS_ENABLED + value: "true" + - name: CONNECT_TRUSTED_CERTS + value: ca/qv + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -1400952913 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 1536143416 + periodSeconds: -971919376 + successThreshold: 1841265139 + timeoutSeconds: 1519706329 + name: connectors-cluster + ports: + - containerPort: -1930935263 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2057031608 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 1457702974 + periodSeconds: -1732886 + successThreshold: -723791053 + timeoutSeconds: -547087401 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: + ZBtz30: MaN + wEyS43Wq6sS: A + restartPolicy: Always + schedulerName: tXdQ7X + securityContext: + fsGroup: -1024384248472849700 + fsGroupChangePolicy: OnRootMismatch + runAsNonRoot: false + runAsUser: -2673836885766821000 + sysctls: + - name: z + value: 1Xx7BcpTtc + - name: ik + value: mn7hZ2O + - name: 0tRcSAR + value: s3Fmk + serviceAccountName: AepmYU + terminationGracePeriodSeconds: 1680781404 + tolerations: + - effect: '[Ȝ%1@拌魋?>Q[' + key: CM6To + operator: ȫƤP箴ɉ戮嗯嬑lwĶƼ§ʜ + tolerationSeconds: -4298573611145221600 + value: ERnxlMnsbt + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: Y47 + app.kubernetes.io/instance: console + app.kubernetes.io/name: Y47 + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: LRHozVF + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-025.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + VGEccN: 1S6Om + app.kubernetes.io/component: z3C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: z3C + helm.sh/chart: connectors-0.1.12 + name: UFYrvO +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1355681307 + protocol: TCP + targetPort: -1355681307 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + VGEccN: 1S6Om + app.kubernetes.io/component: z3C + app.kubernetes.io/instance: console + app.kubernetes.io/name: z3C + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + VGEccN: 1S6Om + app.kubernetes.io/component: z3C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: z3C + helm.sh/chart: connectors-0.1.12 + p7R: EjfLOeG + th6: enWXwqe + name: uv4tHoO +spec: + progressDeadlineSeconds: 202187696 + replicas: null + revisionHistoryLimit: 1394995435 + selector: + matchLabels: + VGEccN: 1S6Om + app.kubernetes.io/component: z3C + app.kubernetes.io/instance: console + app.kubernetes.io/name: z3C + strategy: + type: RollingUpdate + template: + metadata: + annotations: + p7R: EjfLOeG + th6: enWXwqe + creationTimestamp: null + labels: + VGEccN: 1S6Om + app.kubernetes.io/component: z3C + app.kubernetes.io/instance: console + app.kubernetes.io/name: z3C + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: 6nwZP6 + operator: 乆`Eɪ妶窓o黥屢! + values: + - cJtx + weight: -559166881 + - preference: + matchExpressions: + - key: eyw69 + operator: 獶ʎ^ȁ耦ǚy蝸殽虄X敉${ + values: + - cLTjur + - Ab + - key: iMnx + operator: ßljƨb委揋ǖyǭɮHɋȱ钵瑴= + values: + - oTbQw + matchFields: + - key: peZc + operator: 韨醤H3擅ĭýǚɃ氤徣»嬞籍* + - key: BwW + operator: "" + values: + - lj0f + - key: RTfBwhMV7h + operator: 愐哣碍clȲ + weight: 1712242968 + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=-1355681307 + rest.port=-1355681307 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=2Fy + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "n" + - name: CONNECT_BOOTSTRAP_SERVERS + value: JhxRF4 + - name: SCHEMA_REGISTRY_URL + value: 9uSqcQk + - name: CONNECT_GC_LOG_ENABLED + value: TmzFHzZvwn + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + - name: 5j0yE + value: O9bMi + valueFrom: + configMapKeyRef: + key: byf25 + name: RIZv + optional: false + fieldRef: + apiVersion: NrtU + fieldPath: 3LC + resourceFieldRef: + containerName: AjmWfg6HqMgn + divisor: "0" + resource: OV + - name: 6hTC + value: r + valueFrom: + configMapKeyRef: + key: 0u + name: 7xxySBjT + optional: true + resourceFieldRef: + containerName: qAO + divisor: "0" + resource: XP + envFrom: + - configMapRef: + name: uLvK + optional: false + prefix: 2Ij + secretRef: + name: leDGyXv + optional: true + - configMapRef: + name: GK + prefix: dCB + secretRef: + name: u + optional: false + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -94764338 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 407315123 + periodSeconds: 165966784 + successThreshold: 970096625 + timeoutSeconds: 2091942472 + name: connectors-cluster + ports: + - containerPort: -1355681307 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 1857603986 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: -1402792412 + periodSeconds: 879643685 + successThreshold: 1435235361 + timeoutSeconds: 1464897550 + resources: + limits: + cpu: "1" + memory: "0" + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: wd + - name: O + nodeSelector: {} + restartPolicy: '{悛Qª槟ĈW得蹏淂專驁sēɹƐ軋剭' + schedulerName: aA + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: cȩ飙 + key: 4Y9saWpr + operator: 輋ƾ跴Ȫ徐1Aǡ{gm櫩茻 + value: yI4k + topologySpreadConstraints: + - labelSelector: + matchLabels: + VGEccN: 1S6Om + app.kubernetes.io/component: z3C + app.kubernetes.io/instance: console + app.kubernetes.io/name: z3C + maxSkew: 425976069 + topologyKey: aThb + whenUnsatisfiable: G + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + hvh: "" + mDK0: OWEQ0y + zpG: XWCs + creationTimestamp: null + labels: + Ie5J5: fYnrHO + YkM4u7v: iTjIow + iP2Di: ptlD2Xuar + name: uv4tHoO +spec: + namespaceSelector: + any: true + matchNames: + - 9LShi + - klNT12U + - 9e + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + VGEccN: 1S6Om + app.kubernetes.io/component: z3C + app.kubernetes.io/instance: console + app.kubernetes.io/name: z3C +-- testdata/case-026.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: ATJ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ATJ + helm.sh/chart: connectors-0.1.12 + op: VnL9o7 + name: jmzfCmHq + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: ATJ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ATJ + helm.sh/chart: connectors-0.1.12 + op: VnL9o7 + name: XfK7 +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: ATJ + app.kubernetes.io/instance: console + app.kubernetes.io/name: ATJ + op: VnL9o7 + sessionAffinity: None + type: ClusterIP +-- testdata/case-027.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + N7gZ: ExrpJkw + PD23ZYO: jlj + creationTimestamp: null + labels: + LuCiH: SWR3zOt + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ffe2 + helm.sh/chart: connectors-0.1.12 + name: maeWLc + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + JXMpPkd: YoI + LuCiH: SWR3zOt + Z: DVS9WjadC + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ffe2 + helm.sh/chart: connectors-0.1.12 + name: uSz +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + LuCiH: SWR3zOt + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ffe2 + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + LuCiH: SWR3zOt + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ffe2 + helm.sh/chart: connectors-0.1.12 + name: OL1 +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + LuCiH: SWR3zOt + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ffe2 + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + LuCiH: SWR3zOt + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ffe2 + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + LuCiH: SWR3zOt + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ffe2 + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: Rk2lueKjUZ + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "0" + memory: 2350Mi + requests: + cpu: "1" + memory: "0" + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: RDO + mountPropagation: 縖ʯLj觻ĶR腉赙CèS咍Xz + name: NFJO + readOnly: true + subPath: i4tgwgPir + subPathExpr: 8C3d4ln + - mountPath: I + mountPropagation: "" + name: okJHlIlhWWGN + subPath: UQu + subPathExpr: 1D7d + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: maeWLc + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + LuCiH: SWR3zOt + app.kubernetes.io/component: ffe2 + app.kubernetes.io/instance: console + app.kubernetes.io/name: ffe2 + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-028.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 3yehn: hb1JTt4bE6 + 8kZ: syTRQDJ + QFMui15S766: gMn5Cet2XRLMo + app.kubernetes.io/component: "3" + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "3" + helm.sh/chart: connectors-0.1.12 + name: 9VQ +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: "3" + app.kubernetes.io/instance: console + app.kubernetes.io/name: "3" + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: "3" + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "3" + helm.sh/chart: connectors-0.1.12 + name: ZvvoA +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 1716132030 + selector: + matchLabels: + app.kubernetes.io/component: "3" + app.kubernetes.io/instance: console + app.kubernetes.io/name: "3" + strategy: + type: GG3n + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: "3" + app.kubernetes.io/instance: console + app.kubernetes.io/name: "3" + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: 3ahn64ZT + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: k1wsL2of + - name: CONNECT_TLS_ENABLED + value: "false" + - name: DvkYw9Pk + value: USGTgIYZwyPh + valueFrom: + configMapKeyRef: + key: xomkxxc + name: 7a + optional: false + fieldRef: + apiVersion: tnGFZ3 + fieldPath: H + resourceFieldRef: + containerName: UD5gAM615 + divisor: "0" + resource: EplPSqP + - name: "" + valueFrom: + configMapKeyRef: + key: 2n + name: vw5ZWohT + optional: true + fieldRef: + apiVersion: THSyklTdw + fieldPath: KDDja + resourceFieldRef: + containerName: ha2tB3cM0 + divisor: "0" + resource: 467hL5 + secretKeyRef: + key: I + name: vv9hXsUY + optional: false + envFrom: + - configMapRef: + name: "y" + optional: true + prefix: 8yKCF + secretRef: + name: 7B5wyZ16F + optional: true + - configMapRef: + name: zqz + prefix: iYiSC0Au26P + - prefix: w + secretRef: + name: p4 + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: H + - name: HOE + nodeSelector: {} + restartPolicy: my + schedulerName: KL8nKi + securityContext: + fsGroup: 6950905231485894000 + fsGroupChangePolicy: 4駝ɧɍ匑ĿŃjH(ƨ鏝搲³欍荭 + runAsNonRoot: false + runAsUser: -3842777327443310000 + sysctls: + - name: ADfyWTN + value: "" + - name: A2KbAFX + value: vfiwuHLZA3z + serviceAccountName: Ms3WxpzY6U + terminationGracePeriodSeconds: -1876643927 + tolerations: + - effect: 幉cè禟ɴ + operator: ġ襜莪_ð迾uɈkʫ~鲕Lɻ戦ʡ2ȠǷ + tolerationSeconds: -3325398021525833700 + value: QDDTEv + - effect: hǝ + key: JwoXCcww + operator: ªA[wƸ + value: NvIa14 + - effect: ŐȜŻ-簀Ȟo/.濈s呁ī + key: v + operator: 7幔ÍX靹蟳 + tolerationSeconds: -8856646878602496000 + value: zOvR + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: "3" + app.kubernetes.io/instance: console + app.kubernetes.io/name: "3" + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: {} + creationTimestamp: null + labels: {} + name: ZvvoA +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: "3" + app.kubernetes.io/instance: console + app.kubernetes.io/name: "3" +-- testdata/case-029.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + PGxtxZYXR: X5 + app.kubernetes.io/component: tl2YFI + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tl2YFI + helm.sh/chart: connectors-0.1.12 + name: IyM +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 1337396066 + protocol: TCP + targetPort: 1337396066 + - name: 9xn + port: -684513812 + protocol: TCP + targetPort: -684513812 + - name: u4xF + port: -391479350 + protocol: TCP + targetPort: -391479350 + - name: rDTiR56X + port: 382665278 + protocol: TCP + targetPort: 382665278 + selector: + app.kubernetes.io/component: tl2YFI + app.kubernetes.io/instance: console + app.kubernetes.io/name: tl2YFI + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: tl2YFI + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tl2YFI + helm.sh/chart: connectors-0.1.12 + name: IyM +spec: + progressDeadlineSeconds: 533336746 + replicas: null + revisionHistoryLimit: -121719569 + selector: + matchLabels: + app.kubernetes.io/component: tl2YFI + app.kubernetes.io/instance: console + app.kubernetes.io/name: tl2YFI + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: tl2YFI + app.kubernetes.io/instance: console + app.kubernetes.io/name: tl2YFI + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: Th8xQ0 + operator: '};ƾ:Ơȏ旊苆$ź榘ę[Ş悈ȥ' + values: + - gOPH1k + - KOsql + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: tl2YFI + app.kubernetes.io/instance: console + app.kubernetes.io/name: tl2YFI + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=1337396066 + rest.port=1337396066 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=F3e + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=true + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=true + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=true + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=-410672871 + producer.batch.size=-1760140219 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.secretsManager.class=com.github.jcustenborder.kafka.config.aws.SecretsManagerConfigProvider + config.providers.secretsManager.param.secret.prefix=pC3emUV + config.providers.secretsManager.param.aws.region=l6uFeZtI + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: Mq9r58Wn2 + - name: CONNECT_BOOTSTRAP_SERVERS + value: GhGh + - name: SCHEMA_REGISTRY_URL + value: eVOEb + - name: CONNECT_GC_LOG_ENABLED + value: "" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: MM8vHtxMK + - name: CONNECT_SASL_USERNAME + value: "206" + - name: CONNECT_SASL_MECHANISM + value: pVvPbLq8PH + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/ca.crt + - name: CONNECT_TLS_AUTH_KEY + value: key/kn1yG + - name: "" + value: a + valueFrom: + configMapKeyRef: + key: S + optional: false + fieldRef: + apiVersion: cAFu3Wwm4O + fieldPath: "" + resourceFieldRef: + containerName: K + divisor: "0" + resource: pYz + secretKeyRef: + key: rrusH7t + name: 6hR1vtMek + optional: true + - name: 62b + value: b4k + valueFrom: + resourceFieldRef: + containerName: 9Zuqk + divisor: "0" + resource: wDbwci + secretKeyRef: + key: q + name: a3Go0SITja + optional: false + - name: CAn + value: r + valueFrom: + configMapKeyRef: + key: oBsj + name: f + optional: true + fieldRef: + apiVersion: K + fieldPath: e60DM + resourceFieldRef: + containerName: 9xyY28RraQXtmbHZs9v + divisor: "0" + resource: ddr6SE + secretKeyRef: + key: HIl + name: 6i + envFrom: + - prefix: J + secretRef: + name: 4niuc27 + optional: false + - configMapRef: + name: dVR + optional: false + prefix: WUotCc + secretRef: + optional: true + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 1337396066 + name: rest-api + protocol: TCP + - containerPort: -684513812 + name: 9xn + protocol: TCP + - containerPort: -391479350 + name: u4xF + protocol: TCP + - containerPort: 382665278 + name: rDTiR56X + protocol: TCP + readinessProbe: + failureThreshold: 2079208961 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 1156905473 + periodSeconds: -1924622812 + successThreshold: -1575566868 + timeoutSeconds: -450997563 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "0" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: 1tlBA + nodeSelector: {} + restartPolicy: Always + schedulerName: Z7Ne6 + securityContext: + fsGroup: -790114255836881900 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 4623887472960955000 + runAsNonRoot: true + runAsUser: 7622666161830128000 + supplementalGroups: + - -3228001931932573000 + - -7141992959148916000 + - -17407268992027108 + sysctls: + - name: 8qCsQ + value: RwRLG + - name: f2Rn + value: afHwsU + - name: 3jYk9 + value: V + serviceAccountName: default + terminationGracePeriodSeconds: -1948657833 + tolerations: + - effect: 冮味Pf鵸q\)霰¢玲&糦Ŀ怋ɌÁ燹 + key: uTzXciQ + operator: 3IJuʙNj + value: FB0Hu + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: tl2YFI + app.kubernetes.io/instance: console + app.kubernetes.io/name: tl2YFI + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: u + - name: key + secret: + defaultMode: 292 + secretName: CE + - name: rc-credentials + secret: + defaultMode: 292 + secretName: a8g3R + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/case-030.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + GCdbeC: cQ4P1cHbv + app.kubernetes.io/component: P7 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: P7 + helm.sh/chart: connectors-0.1.12 + name: UQ27oL + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + GCdbeC: cQ4P1cHbv + app.kubernetes.io/component: P7 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: P7 + helm.sh/chart: connectors-0.1.12 + name: IVe +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1808248501 + protocol: TCP + targetPort: -1808248501 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + GCdbeC: cQ4P1cHbv + app.kubernetes.io/component: P7 + app.kubernetes.io/instance: console + app.kubernetes.io/name: P7 + sessionAffinity: None + type: ClusterIP +-- testdata/case-031.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + RER: AU + app.kubernetes.io/component: pLehdV + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: pLehdV + helm.sh/chart: connectors-0.1.12 + name: MnW8I02 +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1300816856 + protocol: TCP + targetPort: -1300816856 + - name: 5bgCNjS + port: 0 + protocol: TCP + targetPort: 0 + - name: gh + port: 792720017 + protocol: TCP + targetPort: 792720017 + selector: + app.kubernetes.io/component: pLehdV + app.kubernetes.io/instance: console + app.kubernetes.io/name: pLehdV + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: pLehdV + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: pLehdV + helm.sh/chart: connectors-0.1.12 + name: pPZgwOOt +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: pLehdV + app.kubernetes.io/instance: console + app.kubernetes.io/name: pLehdV + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: pLehdV + app.kubernetes.io/instance: console + app.kubernetes.io/name: pLehdV + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: pLehdV + app.kubernetes.io/instance: console + app.kubernetes.io/name: pLehdV + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=-1300816856 + rest.port=-1300816856 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=chzc6 + offset.storage.topic=NoMzWmd + config.storage.topic=vOa + status.storage.topic=UX + offset.storage.redpanda.remote.read=true + offset.storage.redpanda.remote.write=true + config.storage.redpanda.remote.read=true + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=true + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=-1169688418 + producer.batch.size=164004875 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: rJQp + - name: CONNECT_BOOTSTRAP_SERVERS + value: 0y2l8XHWK + - name: SCHEMA_REGISTRY_URL + value: qb + - name: CONNECT_GC_LOG_ENABLED + value: FZNoDU + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: mw + - name: CONNECT_SASL_USERNAME + value: s + - name: CONNECT_SASL_MECHANISM + value: OKrEkY + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/ca.crt + - name: CONNECT_TLS_AUTH_CERT + value: cert/copKWn2 + - name: CONNECT_TLS_AUTH_KEY + value: key/IlMv6 + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: -1300816856 + name: rest-api + protocol: TCP + - containerPort: 0 + name: 5bgCNjS + protocol: TCP + - containerPort: 792720017 + name: gh + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: "" + mountPropagation: Ǜ绕:O+ + name: 4JTdCoLQd + readOnly: true + subPath: RUx + subPathExpr: 0E + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: "5" + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: pLehdV + app.kubernetes.io/instance: console + app.kubernetes.io/name: pLehdV + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: J + - name: cert + secret: + defaultMode: 292 + secretName: DNF6s + - name: key + secret: + defaultMode: 292 + secretName: NI3VUhJks3aM + - name: rc-credentials + secret: + defaultMode: 292 + secretName: 8nzj + - name: T6INhQ + - name: p0 + - name: EO +-- testdata/case-032.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: 8geRNocLQ +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 108700971 + protocol: TCP + targetPort: 108700971 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + sessionAffinity: None + type: ClusterIP +-- testdata/case-033.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + gkbEy: M2fwFG + iP1: vVwLn + creationTimestamp: null + labels: + KZj1Dby: 4SqUXw + app.kubernetes.io/component: bz0yr + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bz0yr + helm.sh/chart: connectors-0.1.12 + name: LVtVe0en + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + "": kPbb + Ch7xjM: i0HEOruP + KZj1Dby: 4SqUXw + app.kubernetes.io/component: bz0yr + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bz0yr + helm.sh/chart: connectors-0.1.12 + kt: "" + name: crWrH +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1714220122 + protocol: TCP + targetPort: -1714220122 + - name: f5JB9Etw + port: 1398564584 + protocol: TCP + targetPort: 1398564584 + - name: hkCnR + port: 1899193486 + protocol: TCP + targetPort: 1899193486 + - name: DUOEQmC + port: 0 + protocol: TCP + targetPort: 0 + selector: + KZj1Dby: 4SqUXw + app.kubernetes.io/component: bz0yr + app.kubernetes.io/instance: console + app.kubernetes.io/name: bz0yr + sessionAffinity: None + type: ClusterIP +-- testdata/case-034.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + M2Ya3Qp: efwJA + app.kubernetes.io/component: Pt + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Pt + c: fgV + eHykHSeD: M0vI4 + helm.sh/chart: connectors-0.1.12 + ik: hu + trc: W + name: 1hV +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -754597379 + protocol: TCP + targetPort: -754597379 + - name: 6W9P3J + port: 1027996572 + protocol: TCP + targetPort: 1027996572 + - name: UQcXQO4H6 + port: 0 + protocol: TCP + targetPort: 0 + selector: + M2Ya3Qp: efwJA + app.kubernetes.io/component: Pt + app.kubernetes.io/instance: console + app.kubernetes.io/name: Pt + trc: W + sessionAffinity: None + type: ClusterIP +-- testdata/case-035.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + YaiOBiXa: rQx + app.kubernetes.io/component: PeueQ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: PeueQ + co: MffSo + fdioW3StBvzyh: z + helm.sh/chart: connectors-0.1.12 + ofToM: "n" + wle: mprjb + name: mC3vFeP +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -559590357 + protocol: TCP + targetPort: -559590357 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: PeueQ + app.kubernetes.io/instance: console + app.kubernetes.io/name: PeueQ + co: MffSo + fdioW3StBvzyh: z + wle: mprjb + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + "4": kTkxkO + creationTimestamp: null + labels: {} + name: 6fr +spec: + namespaceSelector: + any: true + matchNames: + - FKCzSYm7gaXuLQ + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: PeueQ + app.kubernetes.io/instance: console + app.kubernetes.io/name: PeueQ + co: MffSo + fdioW3StBvzyh: z + wle: mprjb +-- testdata/case-036.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 1qqW32x: "" + app.kubernetes.io/component: taotfWzUIl + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: taotfWzUIl + helm.sh/chart: connectors-0.1.12 + lp92O: 1QnD84Dhxl + name: GxFDpR9IkU +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1153123375 + protocol: TCP + targetPort: -1153123375 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + 1qqW32x: "" + app.kubernetes.io/component: taotfWzUIl + app.kubernetes.io/instance: console + app.kubernetes.io/name: taotfWzUIl + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + 1qqW32x: "" + app.kubernetes.io/component: taotfWzUIl + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: taotfWzUIl + helm.sh/chart: connectors-0.1.12 + name: VW0lF +spec: + progressDeadlineSeconds: -1260879447 + replicas: null + revisionHistoryLimit: -1294473838 + selector: + matchLabels: + 1qqW32x: "" + app.kubernetes.io/component: taotfWzUIl + app.kubernetes.io/instance: console + app.kubernetes.io/name: taotfWzUIl + strategy: + type: 5cn + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + 1qqW32x: "" + app.kubernetes.io/component: taotfWzUIl + app.kubernetes.io/instance: console + app.kubernetes.io/name: taotfWzUIl + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: 3bTiSjGL + operator: Pʡdz饿n抈Ʊt嬩癘Ƈ + values: + - AGfqyUGQXxyY + - FVcNDfkQ + - v3hp7MN8nVKE + - key: L3S + operator: -殊 + values: + - 97iUcu + - dXmY + - KUxQvBTJu + - key: YNi + operator: ijS泉ľ;ŒvS阸多嵠{ + values: + - xf0B + weight: -207219009 + - preference: + matchExpressions: + - key: EAkVkI70 + operator: 钚寽蛺izȭ7_掅桘 + values: + - aAWkk + - ze + - 3wGu + - key: 3RyfQc6N + operator: 5ɔ螗śLƆ扒\ƃ"氧ɉ + values: + - Vv + - key: 1vVqYpX + operator: Yto%Iƈ?暊I)琣?Ć痕猖ȕ + values: + - 9yyhe2i + weight: 2145655584 + - preference: + matchExpressions: + - key: vYGC + operator: 缈饜代u灧Ȼ + matchFields: + - key: Xbz + operator: ż苡訖ɑʟĨı齻@IJ騮削ƽ蹄濁榷鰠 + values: + - qFq5zh0O + - yG0 + - nT + - key: P3 + operator: ǧ唾潣PNJ掉ơ\庱吳.,OLX + - key: 3ATe + operator: ʦ恀^ + values: + - LUm4b + weight: 351084922 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: XLalOY + operator: 挝R凗ŵ莁5E7?Ȓʍm篫l{Č蒄 + values: + - YrzbvR + - 5awUoV + - a + - key: bhAd + operator: 鴵鈌ąt烿æy伸?^đĔʎ{Ç柧 + values: + - GqRb + - key: 8WgrpCvg + operator: bAMƺ惸鹖ŏ垇ɔǁI庫û*ɔ嶢ɚ菑 + values: + - BRd8A5 + - "9" + - K9hDIBU + matchFields: + - key: FntInb + operator: '{@əɃðŗ8''4' + - key: cPqf3 + operator: Ƌ娔殺慑 + - key: o + operator: ɧlǬ量GJ恉əŏ滸IōĈwǝ栢Jȡ + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=-1153123375 + rest.port=-1153123375 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=XuGw0bAvU4mCl29 + offset.storage.topic=AqMgsp + config.storage.topic=BKIQd85 + status.storage.topic=cB + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=true + config.storage.redpanda.remote.read=true + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=1816899175 + config.storage.replication.factor=935026050 + status.storage.replication.factor=1556885434 + producer.linger.ms=1479365932 + producer.batch.size=1402635005 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: LhQU + - name: CONNECT_BOOTSTRAP_SERVERS + value: PJXgS + - name: SCHEMA_REGISTRY_URL + value: owIrcBoHKcGy + - name: CONNECT_GC_LOG_ENABLED + value: 92CKlhkT1dY + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: PAOVCu + - name: CONNECT_SASL_USERNAME + value: ZTak1O6cR + - name: CONNECT_SASL_MECHANISM + value: 4pr3gf + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/pMccWpS50Tt + - name: CONNECT_TLS_AUTH_CERT + value: cert/c4sa0FA + - name: CONNECT_TLS_AUTH_KEY + value: key/EOAKr + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -1589865511 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -621095822 + periodSeconds: 280342995 + successThreshold: -167276282 + timeoutSeconds: -1535167124 + name: connectors-cluster + ports: + - containerPort: -1153123375 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 1985429634 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 520999520 + periodSeconds: 1834416895 + successThreshold: -2144235192 + timeoutSeconds: -1654928979 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: MMqGiv5CN + mountPropagation: 鳮耐uíȪr + name: jHofb9BQ3 + readOnly: true + subPath: aDzkmP + subPathExpr: 4sgTWM4H + - mountPath: KhsFs + mountPropagation: Ǎ繟ƣʜ + name: V02ibh + readOnly: true + subPath: LF + subPathExpr: mi + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: zaKvtKNIW0 + - name: "9" + - name: fG + nodeSelector: + gQqg: rQO1 + restartPolicy: '>Ȏ縂ɴ垍ū*' + schedulerName: mlm5OhgsGh + securityContext: + fsGroup: -24635125662907280 + fsGroupChangePolicy: Ŏ痿1>a茫ȡ跦 þ + runAsGroup: -3967780041970195000 + runAsNonRoot: true + runAsUser: 8970781034706956000 + supplementalGroups: + - -8270543106812796000 + sysctls: + - name: KljKqWpUKsb3 + value: 9Zv + - name: z8scvHARn + value: sk + serviceAccountName: srWYjAnpR + terminationGracePeriodSeconds: 446877207 + tolerations: + - effect: ɟ + key: J906H + operator: Ȇ:龳虹$鿲Ȥ.t齹Ń5 + tolerationSeconds: 6789201977316389000 + value: vV1 + - effect: ©Ǯ膗Ǖ盉浝Ŝɟ + key: ju6amcMPM8UK + operator: 衭蛩ņý + tolerationSeconds: -8177010640192863000 + value: S + - effect: cÑ + operator: L晚G& + tolerationSeconds: 8159638238997451000 + value: OyDyWZoaY + topologySpreadConstraints: + - labelSelector: + matchLabels: + 1qqW32x: "" + app.kubernetes.io/component: taotfWzUIl + app.kubernetes.io/instance: console + app.kubernetes.io/name: taotfWzUIl + maxSkew: 1646710512 + topologyKey: MbS + whenUnsatisfiable: Ia0hRF8y + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: MyH + - name: cert + secret: + defaultMode: 292 + secretName: Iv + - name: key + secret: + defaultMode: 292 + secretName: no0Ke + - name: rc-credentials + secret: + defaultMode: 292 + secretName: Na4b + - name: qx + - name: XeUJ +-- testdata/case-037.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 5bK2xe: ZRy + HSu1: FRG692y + QExXAto3Ub2T: etTOY4y8iSmyDOe + app.kubernetes.io/component: 03U7 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 03U7 + helm.sh/chart: connectors-0.1.12 + name: "87" +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 1885084612 + protocol: TCP + targetPort: 1885084612 + - name: yMA8tJxHo + port: -582141187 + protocol: TCP + targetPort: -582141187 + - name: "9" + port: 830415771 + protocol: TCP + targetPort: 830415771 + selector: + HSu1: FRG692y + QExXAto3Ub2T: etTOY4y8iSmyDOe + app.kubernetes.io/component: 03U7 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 03U7 + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + HSu1: FRG692y + PsITu: LgrI + QExXAto3Ub2T: etTOY4y8iSmyDOe + app.kubernetes.io/component: 03U7 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 03U7 + helm.sh/chart: connectors-0.1.12 + name: vRXgQsUzl3 +spec: + progressDeadlineSeconds: -1761307563 + replicas: null + revisionHistoryLimit: -1377004535 + selector: + matchLabels: + HSu1: FRG692y + QExXAto3Ub2T: etTOY4y8iSmyDOe + app.kubernetes.io/component: 03U7 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 03U7 + strategy: + type: qVm + template: + metadata: + annotations: + PsITu: LgrI + creationTimestamp: null + labels: + HSu1: FRG692y + QExXAto3Ub2T: etTOY4y8iSmyDOe + app.kubernetes.io/component: 03U7 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 03U7 + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: tmEGf + operator: "" + values: + - yCcLCb + - O1NTsHk78miTJ + - key: KuvLpSp4X + operator: 獴ĝB违写õʕĠEɊ繎ª + values: + - oqAB + - "y" + - cLExkHCRfD + - key: tMxc + operator: 1Ņ鸩瀚羨鱬c)0ƶ音êA{ǷZŁȃ + values: + - W2 + - rXnf + matchFields: + - key: dvXtkKrlxr + operator: m駠祸¯獒ɌƗ'Ñnj嗰蒩,幔Ǣ + values: + - vDUy + - vzx4 + - key: UU6d + operator: 惂PqbKɕ`ǃȒCʉ鞊Ĩ% + - key: qm03jaCk + operator: a靔Pƴy%(AĔð勶乀ĥČI#ɃǙ蘨 + weight: -1872535291 + - preference: + matchExpressions: + - key: GjG + operator: űŌ + - key: UQ + operator: d欻Ɲ + values: + - zpBqznM + matchFields: + - key: gKn2 + operator: ÁŠ9玫Ʌ + values: + - Iij79g + weight: 1456486091 + - preference: + matchExpressions: + - key: 1Ef + operator: G飔8`ɒ蕸祹&匪璳拖嶴6s['%邗 + values: + - iBr + - "" + - key: RXMgUipZ + operator: Qāȃ鋘ǖ0iNɭȂuŦ褌7Èȝ鹊淋廽 + values: + - NB + - key: nb6 + operator: 杘ɯ#`慐 + weight: -1381009180 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=1885084612 + rest.port=1885084612 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=q + offset.storage.topic=WDtxRL37SvNV + config.storage.topic=fiLg3L + status.storage.topic=Guofk9 + offset.storage.redpanda.remote.read=true + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=true + config.storage.redpanda.remote.write=true + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1765361377 + config.storage.replication.factor=575483838 + status.storage.replication.factor=-1294780557 + producer.linger.ms=982363719 + producer.batch.size=-1100237413 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: FTlQkC + - name: CONNECT_BOOTSTRAP_SERVERS + value: LeVg + - name: SCHEMA_REGISTRY_URL + value: N8 + - name: CONNECT_GC_LOG_ENABLED + value: mn + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: Y0gfv + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/49XwYgsyn + - name: CONNECT_TLS_AUTH_CERT + value: cert/Wf + - name: CONNECT_TLS_AUTH_KEY + value: key/7rwbl + - name: 7PtPut9 + value: 4Uo + valueFrom: + configMapKeyRef: + key: H6 + name: JEPQ + optional: true + fieldRef: + apiVersion: yCSfB + fieldPath: HD + resourceFieldRef: + containerName: v0wW + divisor: "0" + resource: BliOlDq + secretKeyRef: + key: AOod + name: Ljqm + optional: false + - name: FItx + value: cZIyVQPdqZ + valueFrom: + configMapKeyRef: + key: O3 + name: KlO + optional: true + fieldRef: + apiVersion: BnfYTBc + fieldPath: xw + resourceFieldRef: + containerName: qzV549 + divisor: "0" + resource: sctpzNUt + secretKeyRef: + key: Ff4vJm + name: hoEa + optional: false + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 1572051601 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -455418157 + periodSeconds: 31037144 + successThreshold: 1836675270 + timeoutSeconds: -722680942 + name: connectors-cluster + ports: + - containerPort: 1885084612 + name: rest-api + protocol: TCP + - containerPort: -582141187 + name: yMA8tJxHo + protocol: TCP + - containerPort: 830415771 + name: "9" + protocol: TCP + readinessProbe: + failureThreshold: 1393918041 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: -1529972341 + periodSeconds: 1791885136 + successThreshold: -1003238871 + timeoutSeconds: 516179111 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: FMieal + mountPropagation: q睢1Êb2y"ğJĢ + name: GRAaf7 + readOnly: true + subPath: Wvz + subPathExpr: K4St + - mountPath: E6 + mountPropagation: 2`| + name: yu + subPath: 1Qyv + subPathExpr: lq + - mountPath: "9" + mountPropagation: J仅<Ⱦù觏牨¼Ǐ蒜,J偛l挨 + name: CkWy + subPath: 1YtfYCwcHU3 + subPathExpr: xUIPjXS + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: d18 + nodeSelector: {} + restartPolicy: tAȍ_祴珗ƨŐ飔矜ƧŸȺ8Ù凿吱 + schedulerName: k + securityContext: + fsGroup: -8943063634632833000 + fsGroupChangePolicy: 樜3g罡Sɺ:礁j + runAsGroup: -8183677367766310000 + runAsNonRoot: false + runAsUser: 6257019186377026000 + supplementalGroups: + - 6349796974429449000 + - -6495960424240768000 + sysctls: + - name: tNzNhbs + value: Li + - name: xw + value: wQYd + - name: rijilGaE1rE + value: O1VB + serviceAccountName: 1J + terminationGracePeriodSeconds: -340872360 + tolerations: + - effect: 旽ǷȬƱĬɔH辂W'ʩ菽懝 + key: NRzfhGYG1Y + operator: 皏棵FɁÈ棿X + tolerationSeconds: 4658882017834993000 + value: Lu + - effect: "~" + key: k + operator: 垫 + tolerationSeconds: -950306177981439200 + value: j2wtF4uhca + topologySpreadConstraints: + - labelSelector: + matchLabels: + HSu1: FRG692y + QExXAto3Ub2T: etTOY4y8iSmyDOe + app.kubernetes.io/component: 03U7 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 03U7 + maxSkew: -1481065440 + topologyKey: SER + whenUnsatisfiable: 5L7rrGecd + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: 28O + - name: cert + secret: + defaultMode: 292 + secretName: EDOE + - name: key + secret: + defaultMode: 292 + secretName: TaD + - name: QbE11Wi + - name: 5p +-- testdata/case-038.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: BX8JrNja9K1E + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: BX8JrNja9K1E + eYdK: Cku + helm.sh/chart: connectors-0.1.12 + ztF1: wwq1 + name: mCI +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 436787525 + protocol: TCP + targetPort: 436787525 + - name: mQD4tg + port: -951318322 + protocol: TCP + targetPort: -951318322 + selector: + app.kubernetes.io/component: BX8JrNja9K1E + app.kubernetes.io/instance: console + app.kubernetes.io/name: BX8JrNja9K1E + sessionAffinity: None + type: ClusterIP +-- testdata/case-039.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + UCvD: zlN0tsbA + creationTimestamp: null + labels: + MnrW: 2y + V4b1: iOkt + app.kubernetes.io/component: mn + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mn + helm.sh/chart: connectors-0.1.12 + name: ZkHM + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + MnrW: 2y + V4b1: iOkt + app.kubernetes.io/component: mn + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mn + helm.sh/chart: connectors-0.1.12 + name: El70 +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 1444795321 + protocol: TCP + targetPort: 1444795321 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + MnrW: 2y + V4b1: iOkt + app.kubernetes.io/component: mn + app.kubernetes.io/instance: console + app.kubernetes.io/name: mn + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + MnrW: 2y + V4b1: iOkt + app.kubernetes.io/component: mn + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: mn + helm.sh/chart: connectors-0.1.12 + name: jio8f +spec: + progressDeadlineSeconds: -1221802348 + replicas: null + revisionHistoryLimit: 1248617462 + selector: + matchLabels: + MnrW: 2y + V4b1: iOkt + app.kubernetes.io/component: mn + app.kubernetes.io/instance: console + app.kubernetes.io/name: mn + strategy: + type: qsB + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + MnrW: 2y + V4b1: iOkt + app.kubernetes.io/component: mn + app.kubernetes.io/instance: console + app.kubernetes.io/name: mn + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: fcm8Ew + operator: 副瘫 + - key: "07" + operator: 阫ƣʊPŠ!7椃ûĺɉ呙鼲坣呐ȡ + values: + - IEopzACw + - UJT7 + - key: MUXZ + operator: äĢ + values: + - ltoOhu + - SYLAu90Sic + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=1444795321 + rest.port=1444795321 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=BOkRc + offset.storage.topic=6kl + config.storage.topic=E + status.storage.topic=mk + offset.storage.redpanda.remote.read=true + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=true + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=577990303 + config.storage.replication.factor=1941218076 + status.storage.replication.factor=-1541756269 + producer.linger.ms=1359438163 + producer.batch.size=-2127171944 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: 8NGjNgy + - name: CONNECT_BOOTSTRAP_SERVERS + value: xU + - name: SCHEMA_REGISTRY_URL + value: j7V227t + - name: CONNECT_GC_LOG_ENABLED + value: mnLDVzboOU + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: A9j + - name: CONNECT_SASL_USERNAME + value: AsbjUhR + - name: CONNECT_SASL_MECHANISM + value: 3FmU9Mj + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/ca.crt + - name: CONNECT_TLS_AUTH_CERT + value: cert/HQ + - name: CONNECT_TLS_AUTH_KEY + value: key/tls.key + - name: MMy5 + value: H + valueFrom: + configMapKeyRef: + key: nJ2K0MV + name: zp + optional: false + fieldRef: + apiVersion: wVLbzHBVPimhM + fieldPath: AejPbHX81DSFH8Q + resourceFieldRef: + containerName: Q6jlN + divisor: "0" + resource: FVErZI + secretKeyRef: + key: fAj9qbwJX41v + name: Hlf + optional: false + - name: Sz + value: ohDj + valueFrom: + configMapKeyRef: + key: MC10 + name: Q + optional: true + fieldRef: + apiVersion: tkvB + fieldPath: Wvk + resourceFieldRef: + containerName: iX + divisor: "0" + resource: VBz4peZ + secretKeyRef: + key: zQnXIdnN + name: 4L5 + optional: false + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -1801401906 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -1928987976 + periodSeconds: 366101264 + successThreshold: 1101494705 + timeoutSeconds: 1657384826 + name: connectors-cluster + ports: + - containerPort: 1444795321 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 316564184 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: -678114858 + periodSeconds: -1932943963 + successThreshold: -1295008485 + timeoutSeconds: 1251310237 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: + Q4e0pQre8Ui: ybd + W0tuX2DKY: t + hK1gicteS: oRdivh + restartPolicy: 刊ǵ椉Ž5荭¶@Ǻ + schedulerName: NtMcVkr + securityContext: + fsGroup: -7790002735836359000 + fsGroupChangePolicy: '猰tą3圇épțU串ɭ惟璼ʜ ' + runAsGroup: 7078321909676639000 + runAsNonRoot: true + runAsUser: -3795473018051875300 + sysctls: + - name: 4bbbOThlM9 + value: OeQ + - name: KzYDmoPm + value: RQkJ4 + - name: gSEB + value: fCw + serviceAccountName: ZkHM + terminationGracePeriodSeconds: 1536232091 + tolerations: + - key: Kme1g + operator: 鸋傚脨ʌȰę,缶 + tolerationSeconds: 9185074187324502000 + value: HP1mcWeehE + topologySpreadConstraints: + - labelSelector: + matchLabels: + MnrW: 2y + V4b1: iOkt + app.kubernetes.io/component: mn + app.kubernetes.io/instance: console + app.kubernetes.io/name: mn + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: z0ac + - name: cert + secret: + defaultMode: 292 + secretName: Yvl1 + - name: key + secret: + defaultMode: 292 + secretName: Gq + - name: rc-credentials + secret: + defaultMode: 292 + secretName: GUdAwXVY + - name: PQgVp5UAKMh + - name: m + - name: "" +-- testdata/case-040.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + "": s + 6aAoyzS: BVK + SV0dnqH: Rk + creationTimestamp: null + labels: + 4bQpba: iVh + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 4iNcef5 + helm.sh/chart: connectors-0.1.12 + "n": "" + name: FKhGHe3aO + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 4bQpba: iVh + LG: ZJQw2J8u + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 4iNcef5 + g: 0z9gQt4Yj + helm.sh/chart: connectors-0.1.12 + "n": "" + name: KxK +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1022927047 + protocol: TCP + targetPort: -1022927047 + - name: 61dR + port: 9129423 + protocol: TCP + targetPort: 9129423 + - name: p0D + port: 1391241101 + protocol: TCP + targetPort: 1391241101 + - name: 0MZ6s8 + port: 708219631 + protocol: TCP + targetPort: 708219631 + selector: + 4bQpba: iVh + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 4iNcef5 + "n": "" + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + 4bQpba: iVh + 6WNO: UvMxPC + ItkfXr: HoRGq + OqfY9eu: U + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 4iNcef5 + helm.sh/chart: connectors-0.1.12 + "n": "" + name: NCw6T6UcQY +spec: + progressDeadlineSeconds: 570610379 + replicas: null + revisionHistoryLimit: 1380150017 + selector: + matchLabels: + 4bQpba: iVh + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 4iNcef5 + "n": "" + strategy: + type: 7Mz64 + template: + metadata: + annotations: + 6WNO: UvMxPC + ItkfXr: HoRGq + OqfY9eu: U + creationTimestamp: null + labels: + 4bQpba: iVh + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 4iNcef5 + "n": "" + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 19IV1NC + operator: ȃ}CĚ蟡ɨvǢȺ + values: + - "" + matchFields: + - key: xl + operator: VĦɓ洽Ă滕煂 + values: + - jreFryn + weight: 1586123299 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=-1022927047 + rest.port=-1022927047 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=br + offset.storage.topic=H + config.storage.topic=9Qtxti + status.storage.topic=BP + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=true + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=true + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1418511808 + config.storage.replication.factor=-1386973481 + status.storage.replication.factor=-748221252 + producer.linger.ms=-1500250091 + producer.batch.size=-2033745427 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: qvMttAMx + - name: CONNECT_BOOTSTRAP_SERVERS + value: LRTyIJY + - name: SCHEMA_REGISTRY_URL + value: cL1M + - name: CONNECT_GC_LOG_ENABLED + value: QXA6zua + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: Tb + - name: CONNECT_SASL_USERNAME + value: KF7Nnx + - name: CONNECT_SASL_MECHANISM + value: eXWm9 + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/rRP + - name: CONNECT_TLS_AUTH_CERT + value: cert/peG + - name: CONNECT_TLS_AUTH_KEY + value: key/Tbz + - name: pwJ0I3ZEUK7 + value: aaFCEfM + valueFrom: + configMapKeyRef: + key: DXmjvM9 + name: JYBPb + optional: false + fieldRef: + apiVersion: 9fI + fieldPath: 90keHRVll + resourceFieldRef: + containerName: rBYEwmI + divisor: "0" + resource: Sn9Gkn + secretKeyRef: + key: T3YsImGDrshtv + name: w + optional: false + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 285554662 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 620513520 + periodSeconds: -983699293 + successThreshold: 537883135 + timeoutSeconds: 843588973 + name: connectors-cluster + ports: + - containerPort: -1022927047 + name: rest-api + protocol: TCP + - containerPort: 9129423 + name: 61dR + protocol: TCP + - containerPort: 1391241101 + name: p0D + protocol: TCP + - containerPort: 708219631 + name: 0MZ6s8 + protocol: TCP + readinessProbe: + failureThreshold: -473671565 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: -2130499066 + periodSeconds: -39801992 + successThreshold: -1693089511 + timeoutSeconds: -1707372527 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: u + - name: 13J + - name: q9t1lU0k + nodeSelector: + ne: QT3mjpm7B + restartPolicy: °č + schedulerName: O26H + securityContext: + fsGroup: 7015643872446876 + fsGroupChangePolicy: 烳=~沽侣X + runAsGroup: -3630702614293936600 + runAsNonRoot: true + runAsUser: 4388805261963142700 + supplementalGroups: + - -7755253763247303000 + - -3310400039802532000 + - 2051254341870838000 + sysctls: + - name: 7UwNr + value: tkn + - name: nGm + value: V + - name: KhS + value: jbpUUVGjT + serviceAccountName: FKhGHe3aO + terminationGracePeriodSeconds: -1194184480 + tolerations: + - effect: 曶ámɶ役ōœE顾坳4Ńɟ蒷Ǚó + key: 3u + operator: 卭ƺ?o + tolerationSeconds: 701640152884990200 + value: N1ekj + - effect: '[ȝ伨]鸲Z;ʞ9阏' + key: 6jmY + operator: n骯Ǩ + tolerationSeconds: 6874204552685768000 + value: saUOHQxkY9 + topologySpreadConstraints: + - labelSelector: + matchLabels: + 4bQpba: iVh + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 4iNcef5 + "n": "" + maxSkew: 1898212660 + topologyKey: Ovevl + whenUnsatisfiable: PFGhR + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: E + - name: cert + secret: + defaultMode: 292 + secretName: P5mPIj + - name: key + secret: + defaultMode: 292 + secretName: mBxPtYNUs + - name: rc-credentials + secret: + defaultMode: 292 + secretName: M4pqhD32D + - name: kXFFnM +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + eZHJsIIV4Rky: Pk + creationTimestamp: null + labels: + n5El: sDg0twGSFjIgP + name: NCw6T6UcQY +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + 4bQpba: iVh + app.kubernetes.io/component: 4iNcef5 + app.kubernetes.io/instance: console + app.kubernetes.io/name: 4iNcef5 + "n": "" +-- testdata/case-041.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + AwT: yIHdj1wxg + Lr: zYUtd + Z2dqRWb: FmF + app.kubernetes.io/component: Ur + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Ur + eP0gw: ZlmzgOXE + helm.sh/chart: connectors-0.1.12 + name: bjGFkzr +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1621274024 + protocol: TCP + targetPort: -1621274024 + - name: PoEHOjF + port: -510390395 + protocol: TCP + targetPort: -510390395 + - name: DH7c + port: 369451694 + protocol: TCP + targetPort: 369451694 + selector: + AwT: yIHdj1wxg + Lr: zYUtd + app.kubernetes.io/component: Ur + app.kubernetes.io/instance: console + app.kubernetes.io/name: Ur + eP0gw: ZlmzgOXE + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + AwT: yIHdj1wxg + Lr: zYUtd + app.kubernetes.io/component: Ur + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Ur + eP0gw: ZlmzgOXE + helm.sh/chart: connectors-0.1.12 + name: AqjekuF +spec: + progressDeadlineSeconds: 1079618075 + replicas: null + revisionHistoryLimit: 485115195 + selector: + matchLabels: + AwT: yIHdj1wxg + Lr: zYUtd + app.kubernetes.io/component: Ur + app.kubernetes.io/instance: console + app.kubernetes.io/name: Ur + eP0gw: ZlmzgOXE + strategy: + type: z1MRV5BXaS20 + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + AwT: yIHdj1wxg + Lr: zYUtd + app.kubernetes.io/component: Ur + app.kubernetes.io/instance: console + app.kubernetes.io/name: Ur + eP0gw: ZlmzgOXE + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: poCuXUDdP + operator: 3m脄Lj伭ĸ_ȢV!fĩ聿粵昫Ȼ_Ȁ + values: + - bGZy + - key: mxZi7 + operator: 噴姷ʃƸUl>" 噸Lj#ǖHǑv + values: + - vBoyb + - 2VHyI + - key: T + operator: 汜!NJ + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=-1621274024 + rest.port=-1621274024 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=KfcZtgISe + offset.storage.topic=V + config.storage.topic=n4 + status.storage.topic=fLR + offset.storage.redpanda.remote.read=true + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=true + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=true + offset.storage.replication.factor=-1861439076 + config.storage.replication.factor=1120929712 + status.storage.replication.factor=-1718786575 + producer.linger.ms=540861319 + producer.batch.size=1953552561 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "9" + - name: CONNECT_BOOTSTRAP_SERVERS + value: jts02PD + - name: SCHEMA_REGISTRY_URL + value: Esqu + - name: CONNECT_GC_LOG_ENABLED + value: cjZh + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: fhSGoGeOVO + - name: CONNECT_SASL_USERNAME + value: BxNfJ + - name: CONNECT_SASL_MECHANISM + value: I9OZ + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "false" + - name: CONNECT_TRUSTED_CERTS + value: ca/i + - name: CONNECT_TLS_AUTH_CERT + value: cert/TU4R4tW0Nd + - name: CONNECT_TLS_AUTH_KEY + value: key/hDX + - name: WRSeLSQyxsq + value: 0xespo + valueFrom: + configMapKeyRef: + key: gsjkH + name: hjYCF8i3u + optional: false + fieldRef: + apiVersion: ilis2lH + fieldPath: slhYb + resourceFieldRef: + containerName: ufey2VJTCmS + divisor: "0" + resource: "" + secretKeyRef: + key: nR + name: GKz3 + optional: false + - name: ic + value: N8MdK + valueFrom: + configMapKeyRef: + key: 1QJrX + name: LxK + optional: false + fieldRef: + apiVersion: 0z + fieldPath: UgaSLG1n + resourceFieldRef: + containerName: i + divisor: "0" + resource: "4" + secretKeyRef: + key: "2" + name: ZCqRHp + optional: true + - name: 2TZr + value: P1UUXZH9 + valueFrom: + configMapKeyRef: + key: wgHcFon6xI + name: 6aZcc + optional: false + fieldRef: + apiVersion: dt8 + fieldPath: THGVGMQc + resourceFieldRef: + containerName: Ml + divisor: "0" + resource: tSc + secretKeyRef: + key: L2StNK + name: Qhiy + optional: false + envFrom: + - configMapRef: + name: "8" + optional: false + prefix: Z3pv + secretRef: + name: c + optional: false + - configMapRef: + name: O3v + optional: false + prefix: eXtX5G3zTnAr + secretRef: + name: FU1b + optional: true + - configMapRef: + name: cLEurajaTv1 + optional: false + prefix: YX + secretRef: + optional: false + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 724202040 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 1171548340 + periodSeconds: 1136904972 + successThreshold: 1663228806 + timeoutSeconds: 1255816268 + name: connectors-cluster + ports: + - containerPort: -1621274024 + name: rest-api + protocol: TCP + - containerPort: -510390395 + name: PoEHOjF + protocol: TCP + - containerPort: 369451694 + name: DH7c + protocol: TCP + readinessProbe: + failureThreshold: -1131780392 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 1799248585 + periodSeconds: 373984687 + successThreshold: -1503317917 + timeoutSeconds: 266568456 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: JeYmHo + nodeSelector: {} + restartPolicy: Õ験蘺Sg怰S²蜵-Ǿ笭ī庩X圂蓦5< + schedulerName: MF3RwzBCk + securityContext: + fsGroup: -3871220937207142400 + fsGroupChangePolicy: Y蹐\¢倅J趚i転 + runAsGroup: -8140185145867863000 + runAsNonRoot: true + runAsUser: 1443110212215096300 + supplementalGroups: + - 4202411183995630000 + - 9074875661218953000 + - 3682145535007526000 + sysctls: + - name: a9wm1 + value: V48LpVsGVpu + serviceAccountName: 1LIGRd6z + terminationGracePeriodSeconds: 1526850382 + tolerations: + - effect: k積Lj + key: YsgfsWrB + operator: Žʚ8鋤縅÷ʪ镲 + tolerationSeconds: 8712200771279582000 + value: 0BC0Sc1 + - effect: a + key: pWUIfI + operator: ā5NƑ鬜牣^,儕髬ǖ藍 ŠɯǦ + tolerationSeconds: 7946113276490164000 + value: lsKkYhoC + - effect: 燀芜/ƶ@犩ɫƭ紱刃飚dēW帠 + key: VQfdy + operator: 腼ʮǬĴǠɬ + tolerationSeconds: -8924157374760988000 + value: UlBiper + topologySpreadConstraints: + - labelSelector: + matchLabels: + AwT: yIHdj1wxg + Lr: zYUtd + app.kubernetes.io/component: Ur + app.kubernetes.io/instance: console + app.kubernetes.io/name: Ur + eP0gw: ZlmzgOXE + maxSkew: -623096425 + topologyKey: fFI6B + whenUnsatisfiable: PdDm + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: zmW + - name: cert + secret: + defaultMode: 292 + secretName: G485 + - name: key + secret: + defaultMode: 292 + secretName: dQ5 + - name: rc-credentials + secret: + defaultMode: 292 + secretName: 2h + - name: JoBYh + - name: 4s31 +-- testdata/case-042.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + 0F3sU: SaJRcWm + GUF2flpqQUL: KKAcWWY5 + NIiGBL37: eCFaXQGs + app.kubernetes.io/component: s9WyH2Y + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: s9WyH2Y + helm.sh/chart: connectors-0.1.12 + name: w + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 0F3sU: SaJRcWm + GUF2flpqQUL: KKAcWWY5 + NIiGBL37: eCFaXQGs + app.kubernetes.io/component: s9WyH2Y + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: s9WyH2Y + fzz: CLoaDJm9w + helm.sh/chart: connectors-0.1.12 + rryVp: TZ + name: 8Tb8k +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1489153770 + protocol: TCP + targetPort: -1489153770 + - name: GYfGwLr + port: -1114107001 + protocol: TCP + targetPort: -1114107001 + selector: + 0F3sU: SaJRcWm + GUF2flpqQUL: KKAcWWY5 + NIiGBL37: eCFaXQGs + app.kubernetes.io/component: s9WyH2Y + app.kubernetes.io/instance: console + app.kubernetes.io/name: s9WyH2Y + sessionAffinity: None + type: ClusterIP +-- testdata/case-043.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + 25swrT: LyMk + AgV: 2ZT + LR7E9YY7J: rc + Mv: hvvf9ur + aWpK: fy05 + app.kubernetes.io/component: WdYlcGB + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: WdYlcGB + helm.sh/chart: connectors-0.1.12 + xYCcuP: zC + name: L +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 2118887935 + protocol: TCP + targetPort: 2118887935 + - name: "0" + port: 1958832246 + protocol: TCP + targetPort: 1958832246 + selector: + Mv: hvvf9ur + aWpK: fy05 + app.kubernetes.io/component: WdYlcGB + app.kubernetes.io/instance: console + app.kubernetes.io/name: WdYlcGB + xYCcuP: zC + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + k8EzKZ: oXYkaOnH + creationTimestamp: null + labels: + 07sPUbsx7a: "4" + name: DPRe +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + Mv: hvvf9ur + aWpK: fy05 + app.kubernetes.io/component: WdYlcGB + app.kubernetes.io/instance: console + app.kubernetes.io/name: WdYlcGB + xYCcuP: zC +-- testdata/case-044.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: R64C + helm.sh/chart: connectors-0.1.12 + name: c + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: R64C + helm.sh/chart: connectors-0.1.12 + t7u5eHUdpR: nq6injR + name: L +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 871084350 + protocol: TCP + targetPort: 871084350 + - name: 2Pm + port: -597719959 + protocol: TCP + targetPort: -597719959 + - name: z + port: -1354836854 + protocol: TCP + targetPort: -1354836854 + selector: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/name: R64C + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: R64C + e1: EPUL4 + helm.sh/chart: connectors-0.1.12 + name: ZNfeDYT +spec: + progressDeadlineSeconds: -1210754760 + replicas: null + revisionHistoryLimit: 400792738 + selector: + matchLabels: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/name: R64C + strategy: + type: AQc + template: + metadata: + annotations: + e1: EPUL4 + creationTimestamp: null + labels: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/name: R64C + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: ggOgs + operator: ʆ=Ǭ + values: + - 6xOHO + weight: 1438312308 + - preference: + matchExpressions: + - key: sVT + operator: Nj溚K$P" + - key: 3i + operator: 状w¿鄏荤džöǹĄ + values: + - hl9dZyPnxN + - C87 + - key: Pt + operator: ʬƴXw/8綷 + values: + - S9I6Qrsfz + matchFields: + - key: Gvnxn3 + operator: â氠喬 + values: + - d + weight: -886172272 + - preference: + matchExpressions: + - key: oy973i + operator: 圅¢璸'ɆʥʚvǴMĴ + values: + - OBP + - "1" + - YNoey99 + - key: Zy0iQotc + operator: +g + values: + - FO1apzD9 + - epCNQ66B + matchFields: + - key: 8nakITBFg + operator: '|ȍ' + values: + - 9z + - RX + - key: "" + operator: Mȃ"ô薱黭夃< + values: + - "" + - C + - YE3 + - key: iZFE5e + operator: nǮ + values: + - LHp7ijJ + weight: 567068826 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: we + operator: ɜP苞崉汊S + values: + - 1zCAp + - DVu + - key: piI + operator: Ǔɽ觩-鸭諣0ʙɮ鈿莳CyJ2 + values: + - 8oy + - HijL4M2 + - key: Xjq + operator: d遢豾9藌NJəBǔ,ɿǸ5Ƶº'芎婑( + values: + - kGBJo + - MpcP0e2Tga + matchFields: + - key: JhC5vQ1U8 + operator: "" + values: + - t + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=871084350 + rest.port=871084350 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=S7uyvF + offset.storage.topic=1EER + config.storage.topic=MSUfKAm + status.storage.topic=d6yOc + offset.storage.redpanda.remote.read=true + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=true + config.storage.redpanda.remote.write=true + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1272331222 + config.storage.replication.factor=1110431616 + status.storage.replication.factor=342664574 + producer.linger.ms=-1432617314 + producer.batch.size=577860685 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.secretsManager.class=com.github.jcustenborder.kafka.config.aws.SecretsManagerConfigProvider + config.providers.secretsManager.param.secret.prefix=5dJMIv88J + config.providers.secretsManager.param.aws.region=ToqBft85 + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: xypAC + - name: CONNECT_BOOTSTRAP_SERVERS + value: AJo + - name: SCHEMA_REGISTRY_URL + value: BMfK + - name: CONNECT_GC_LOG_ENABLED + value: "2" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: p + - name: CONNECT_SASL_USERNAME + value: "n" + - name: CONNECT_SASL_MECHANISM + value: LO + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "true" + - name: CONNECT_TRUSTED_CERTS + value: ca/LZ8 + - name: CONNECT_TLS_AUTH_CERT + value: cert/N + - name: CONNECT_TLS_AUTH_KEY + value: key/NGmzeL6Y + - name: Hn + value: RLmuTFKt + valueFrom: + configMapKeyRef: + key: u8iVw + name: l8S7wk + optional: true + fieldRef: + apiVersion: 5q4Wkck9Yhn + fieldPath: e56i1D + resourceFieldRef: + containerName: MP6 + divisor: "0" + resource: W + secretKeyRef: + key: Sow4h93xH + name: tK6mZbO + optional: true + envFrom: + - configMapRef: + name: 6a + optional: true + prefix: wqO + secretRef: + name: eZxNk + optional: false + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -179099947 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -741511239 + periodSeconds: -301254020 + successThreshold: -1795354231 + timeoutSeconds: 17970381 + name: connectors-cluster + ports: + - containerPort: 871084350 + name: rest-api + protocol: TCP + - containerPort: -597719959 + name: 2Pm + protocol: TCP + - containerPort: -1354836854 + name: z + protocol: TCP + readinessProbe: + failureThreshold: 1162556666 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: -1796420049 + periodSeconds: 940741811 + successThreshold: 1628971624 + timeoutSeconds: -1878581735 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: HaLjyQ02L + - name: yjimP + - name: 5KCFV6 + nodeSelector: + m8ypcZn: yD + restartPolicy: OL恟´跒ɴ珛姌Ŋ + schedulerName: FfnrLnAtn3 + securityContext: + fsGroup: 5186362895627063000 + fsGroupChangePolicy: E甗dbƾ潸 + runAsGroup: 4738220116750422000 + runAsNonRoot: true + runAsUser: 4123601200118601700 + supplementalGroups: + - 5067618254965114000 + - 2922991898118782500 + sysctls: + - name: 1idwf + value: RtGFIRLv + - name: toxsb + value: "" + - name: bC + value: IcMTnt + serviceAccountName: c + terminationGracePeriodSeconds: 1834992377 + tolerations: + - effect: r"ǘ + key: 7FvMPWDDP + operator: 杍Ɍ + tolerationSeconds: -4685795240412632000 + value: G9czii + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/name: R64C + maxSkew: -1990808403 + topologyKey: y1s + whenUnsatisfiable: bxCWoMA + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: Qd + - name: cert + secret: + defaultMode: 292 + secretName: 4Hwd2 + - name: key + secret: + defaultMode: 292 + secretName: ak + - name: rc-credentials + secret: + defaultMode: 292 + secretName: mhOAME + - name: RXJ + - name: JJ +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + SF8: t7jzDFP + creationTimestamp: null + labels: + "3": P + GGM8HrAa: AroHM7WrsoM + name: ZNfeDYT +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: R64C + app.kubernetes.io/instance: console + app.kubernetes.io/name: R64C +-- testdata/case-045.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + MbBpaa: UzKZX + app.kubernetes.io/component: 8UJFy + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8UJFy + h52qwPFCCL1xE: q + helm.sh/chart: connectors-0.1.12 + name: Vk + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + H8XRE: XmuXsN + MbBpaa: UzKZX + app.kubernetes.io/component: 8UJFy + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8UJFy + h52qwPFCCL1xE: q + helm.sh/chart: connectors-0.1.12 + name: 58KMN +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 1110004877 + protocol: TCP + targetPort: 1110004877 + - name: 7oEiI3 + port: -1730203461 + protocol: TCP + targetPort: -1730203461 + - name: pxPCPLymcj + port: 1857328046 + protocol: TCP + targetPort: 1857328046 + selector: + MbBpaa: UzKZX + app.kubernetes.io/component: 8UJFy + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8UJFy + h52qwPFCCL1xE: q + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + ADPu3ozSd: q + IirIQ: nU4N + z1: CMu8InAI + creationTimestamp: null + labels: {} + name: uLr8eH +spec: + namespaceSelector: + any: true + matchNames: + - UCZpu + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + MbBpaa: UzKZX + app.kubernetes.io/component: 8UJFy + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8UJFy + h52qwPFCCL1xE: q +-- testdata/case-046.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: fa1XvkvO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: fa1XvkvO + helm.sh/chart: connectors-0.1.12 + name: cl + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + H: "0" + app.kubernetes.io/component: fa1XvkvO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: fa1XvkvO + helm.sh/chart: connectors-0.1.12 + name: UrU9Bs +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -1606573822 + protocol: TCP + targetPort: -1606573822 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: fa1XvkvO + app.kubernetes.io/instance: console + app.kubernetes.io/name: fa1XvkvO + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + "N": "" + b: p + creationTimestamp: null + labels: + O: CY3sdu + UddrJ: zlyJcM + klftu: OSDi + name: tYC5CG +spec: + namespaceSelector: + any: true + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + app.kubernetes.io/component: fa1XvkvO + app.kubernetes.io/instance: console + app.kubernetes.io/name: fa1XvkvO +-- testdata/case-047.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + "": mNGwfCN + creationTimestamp: null + labels: + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wN + helm.sh/chart: connectors-0.1.12 + ytV2tl: icxW + name: 3m + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + "": pZ + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wN + helm.sh/chart: connectors-0.1.12 + ytV2tl: icxW + name: xW +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 660248664 + protocol: TCP + targetPort: 660248664 + - name: V + port: -1924603054 + protocol: TCP + targetPort: -1924603054 + selector: + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/name: wN + ytV2tl: icxW + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + 1taGex8O: RBXE4 + A: uiKIoNCT + NtMz: b7Zk1GQ7 + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wN + helm.sh/chart: connectors-0.1.12 + ytV2tl: icxW + name: Bl0rL2 +spec: + progressDeadlineSeconds: -1524384619 + replicas: null + revisionHistoryLimit: 1994939456 + selector: + matchLabels: + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/name: wN + ytV2tl: icxW + strategy: + type: RDNEX8T + template: + metadata: + annotations: + 1taGex8O: RBXE4 + A: uiKIoNCT + NtMz: b7Zk1GQ7 + creationTimestamp: null + labels: + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/name: wN + ytV2tl: icxW + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: ajGWX3E + operator: Ǫ囍 + values: + - HbIL2OUP + - q + matchFields: + - key: 453h + operator: DZƮìX莁Ǜ詍^屶K}豫ţoJ櫉 + values: + - h + - a4s + - key: Y1AE + operator: 4噸đƪǶS绲aģ序e$襫枠ÿ攒 + values: + - uVsu + weight: -280128439 + - preference: {} + weight: 46457932 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=660248664 + rest.port=660248664 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id= + offset.storage.topic=s0 + config.storage.topic=zpj + status.storage.topic=e3Caq + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=true + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=true + status.storage.redpanda.remote.write=true + offset.storage.replication.factor=-551216099 + config.storage.replication.factor=181733785 + status.storage.replication.factor=894783312 + producer.linger.ms=-999496889 + producer.batch.size=221474765 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: s + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: SCHEMA_REGISTRY_URL + value: W9TUtY + - name: CONNECT_GC_LOG_ENABLED + value: zIkzV8Ox + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: b + - name: CONNECT_TLS_ENABLED + value: "true" + - name: CONNECT_TRUSTED_CERTS + value: ca/REGD0a + - name: CONNECT_TLS_AUTH_CERT + value: cert/aG9QIiXqg + - name: CONNECT_TLS_AUTH_KEY + value: key/D + envFrom: + - configMapRef: + name: dx + optional: true + prefix: OgoO8WCa + secretRef: + optional: true + - configMapRef: + name: Kk + optional: false + prefix: 6Rdx + secretRef: + name: nM5Hn4S + optional: false + - configMapRef: + name: nQ + optional: true + prefix: z70 + secretRef: + name: C + optional: true + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -2044419963 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 888211900 + periodSeconds: -42722218 + successThreshold: 337318108 + timeoutSeconds: 1870975781 + name: connectors-cluster + ports: + - containerPort: 660248664 + name: rest-api + protocol: TCP + - containerPort: -1924603054 + name: V + protocol: TCP + readinessProbe: + failureThreshold: -2099739674 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: -359104350 + periodSeconds: 1897832932 + successThreshold: -962367820 + timeoutSeconds: -677019415 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: 5aM + mountPropagation: Ěɲ'再ʖ|皑F9ĺOĆ|Oô + name: 2HGf2z + subPath: vuF7gt + subPathExpr: y6zTs2 + - mountPath: QU6 + mountPropagation: QǢx槱Sɼ湙Ȥ恑ñ鹒 + name: PbVBK + subPath: foAWHAo + subPathExpr: I8f + - mountPath: "" + mountPropagation: ƇNʆ¹¯檷AvdŜ踆ÿDȂ + name: cA + readOnly: true + subPath: y6Kasn + subPathExpr: DIUY0V + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: LGwi + nodeSelector: + SFPTn: eN2 + restartPolicy: 爃ɥ90İĔ + schedulerName: i57b + securityContext: + fsGroup: 1520694499640274700 + fsGroupChangePolicy: 嫽Ǭ + runAsGroup: 3728458047896784400 + runAsNonRoot: false + runAsUser: -8957070032009945000 + sysctls: + - name: NBH + value: bXsgSc + - name: WTZnja + value: p4Du + serviceAccountName: 3m + terminationGracePeriodSeconds: 1122010486 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/name: wN + ytV2tl: icxW + maxSkew: 2113683386 + topologyKey: H1AWsSn + whenUnsatisfiable: VEpgY + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: ZFEDD + - name: cert + secret: + defaultMode: 292 + secretName: zrc5V + - name: key + secret: + defaultMode: 292 + secretName: dtIKjx4fd0k + - name: Cm + - name: eHp5 + - name: r1T +--- +# Source: connectors/templates/pod-monitor.yaml +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + annotations: + "": O + AFH4V: ga95qmjNhc + creationTimestamp: null + labels: + 9HWO7MGwhk: vGHnz6 + NNg3k: hbR + RXL: VxSIXgS + name: Bl0rL2 +spec: + namespaceSelector: + any: true + matchNames: + - WZxK8iNK2gdU + podMetricsEndpoints: + - bearerTokenSecret: + key: "" + path: / + port: prometheus + selector: + matchLabels: + YQJWn90y: CaduGS6 + app.kubernetes.io/component: wN + app.kubernetes.io/instance: console + app.kubernetes.io/name: wN + ytV2tl: icxW +-- testdata/case-048.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: r7G + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: r7G + helm.sh/chart: connectors-0.1.12 + x3: e1lz + name: w4DG +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -2097692565 + protocol: TCP + targetPort: -2097692565 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: r7G + app.kubernetes.io/instance: console + app.kubernetes.io/name: r7G + x3: e1lz + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: r7G + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: r7G + helm.sh/chart: connectors-0.1.12 + x3: e1lz + name: xPmln +spec: + progressDeadlineSeconds: -1933689162 + replicas: null + revisionHistoryLimit: -1768466640 + selector: + matchLabels: + app.kubernetes.io/component: r7G + app.kubernetes.io/instance: console + app.kubernetes.io/name: r7G + x3: e1lz + strategy: + type: OMXfGqbFsWh + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: r7G + app.kubernetes.io/instance: console + app.kubernetes.io/name: r7G + x3: e1lz + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: b + operator: 鷘泝, + values: + - 0N3rqLJ + - "4" + - 1L + matchFields: + - key: gnmK + operator: '@D煡摡o昪ɼ柤斕ɲı58,tț>' + values: + - i1 + - 5PqjZCTW + weight: -1104761106 + - preference: + matchExpressions: + - key: dT + operator: 犘ijň鉻ĴɳǁȨD + values: + - XdGct + - key: 2BYB + operator: '}閂譗輸礯Ʊx' + values: + - MU2j1Vu + - "17" + - key: ypgFjkuHHfzj + operator: '`4ʫfƗ8鲙華ė' + values: + - "y" + - LHvKvSZf2 + matchFields: + - key: GImX3 + operator: "" + values: + - xQPC + - R4R + - 3Y0mxG + weight: -521155604 + - preference: + matchExpressions: + - key: ft5L + operator: ȗ垁屹3瞬铵烱#祟渥 + matchFields: + - key: Fx + operator: ǷɂZ + values: + - WT + weight: 677594922 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: AwTQm2 + operator: 展ɏǀ襋k(ȴSǮ讶ʁ + values: + - 8i1 + - key: gQ1DB + operator: 汴F见Doĵw?Pc|昋階ʇ亸d灀麕ʞ + values: + - uqEzQKDpVw + - Q2 + - icCcpbp8 + - key: d9Z + operator: Ǽ船薲ɲĊbJĘƑƮOȄ鄹 + values: + - flK9jMt + - jt4 + - TSJ + - matchExpressions: + - key: Cf40pEWF + operator: ŌZ雯瘍 + values: + - "0" + - cSCIGvcwc + - Izvo0 + - key: mB4jp + operator: Í淙篝Hƨ_u误Ý + values: + - OTJJx + - KgWLC + - key: TxkO + operator: ȠȰsa'ʫƲ鑠 + values: + - 3gqlT + matchFields: + - key: l + operator: é糁v抯 + - key: QZFxqZ + operator: / + values: + - q0DJ + - M0 + - 6XMtos + - {} + podAffinity: {} + podAntiAffinity: null + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=-2097692565 + rest.port=-2097692565 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=piupb6 + offset.storage.topic=ytzBE0 + config.storage.topic=FBdy5 + status.storage.topic=FHVut + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=true + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=864522858 + config.storage.replication.factor=-103098671 + status.storage.replication.factor=-1797067435 + producer.linger.ms=-1816218257 + producer.batch.size=-1479166006 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: stdaxfP + - name: CONNECT_BOOTSTRAP_SERVERS + value: fOZsu37vN + - name: SCHEMA_REGISTRY_URL + value: xg4Cxakw + - name: CONNECT_GC_LOG_ENABLED + value: Fu + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx0 + - name: CONNECT_LOG_LEVEL + value: QSl3 + - name: CONNECT_SASL_USERNAME + value: aXR + - name: CONNECT_SASL_MECHANISM + value: Xr + - name: CONNECT_SASL_PASSWORD_FILE + value: rc-credentials/password + - name: CONNECT_TLS_ENABLED + value: "true" + - name: CONNECT_TRUSTED_CERTS + value: ca/hln + - name: CONNECT_TLS_AUTH_CERT + value: cert/s47Hy + - name: CONNECT_TLS_AUTH_KEY + value: key/Wxw + envFrom: + - configMapRef: + name: w9vIEs + optional: true + prefix: oFWtF + secretRef: + name: Z1 + optional: true + - configMapRef: + name: 9wMxsz + optional: false + secretRef: + name: zLL2kR + optional: false + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 1532121771 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: -893256878 + periodSeconds: -674475842 + successThreshold: -1740698110 + timeoutSeconds: 326371790 + name: connectors-cluster + ports: + - containerPort: -2097692565 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: -2100702858 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 1930411693 + periodSeconds: 1985310483 + successThreshold: 769125679 + timeoutSeconds: -1364329005 + resources: + limits: + cpu: "0" + memory: "0" + requests: + cpu: "0" + memory: "0" + securityContext: + allowPrivilegeEscalation: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/kafka/connect-password/rc-credentials + name: rc-credentials + - mountPath: /opt/kafka/connect-certs/ca + name: truststore + - mountPath: /opt/kafka/connect-certs/cert + name: cert + - mountPath: /opt/kafka/connect-certs/key + name: key + - mountPath: FgUy2D + mountPropagation: ül幯wȅƑʀ,姅 + name: kUw2 + subPath: D0Qb + subPathExpr: EemIo6uDnv0 + - mountPath: r + mountPropagation: 剐ƥ<¶抿菋ɯ粦梘ȡ( + name: 15LL4 + readOnly: true + subPath: tcGS + subPathExpr: pwB + - mountPath: aC8MZYmVC + mountPropagation: ʢǮZ薽R擽ē1Xȭ硡衕卣A礖XÚY2 + name: "9" + subPath: qg + subPathExpr: cPz1rA + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: P0 + - name: AoBx4D0STGS8Z + nodeSelector: + DdMU: TvKI + cxzoe: "41" + i6KwA0A6qU1g: E6j + restartPolicy: À潌貛ă貈懍Eŵɀȩ + schedulerName: RMki + securityContext: + fsGroup: -3162007349665637000 + fsGroupChangePolicy: F@AǶvĭȟū琐噌黣坩Ǚɮŀ + runAsGroup: 164107928150233300 + runAsNonRoot: false + runAsUser: -6374867922909643000 + serviceAccountName: YIo + terminationGracePeriodSeconds: 1025063088 + tolerations: + - effect: ƸL諟Hv餣A嶌ɣYƵ轝脡sT酉 + key: rvPW78A + tolerationSeconds: 2277475321707653600 + value: zmQU7sY + - effect: 瘅1Ʉ夆 + key: 0p + operator: 冂÷s廥肚Zj陎1aÚkĤɀǟR + tolerationSeconds: 1191004605682561500 + value: sZcoDHahsR79 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: r7G + app.kubernetes.io/instance: console + app.kubernetes.io/name: r7G + x3: e1lz + maxSkew: -1723926017 + topologyKey: KnB17 + whenUnsatisfiable: WpP6r0 + volumes: + - name: truststore + secret: + defaultMode: 292 + secretName: k5U1 + - name: cert + secret: + defaultMode: 292 + secretName: ljqjD + - name: key + secret: + defaultMode: 292 + secretName: icjt + - name: rc-credentials + secret: + defaultMode: 292 + secretName: i5 + - name: I0 +-- testdata/case-049.yaml.golden -- +--- +# Source: connectors/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + "": 0h6QKRWo + ayiUDPgwgG9: Wh + creationTimestamp: null + labels: + AxgO: ie + a: xGJKP + app.kubernetes.io/component: pyCdF + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: pyCdF + helm.sh/chart: connectors-0.1.12 + wy9DijfF9: pY + name: zr1OY + namespace: default +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + AxgO: ie + a: xGJKP + app.kubernetes.io/component: pyCdF + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: pyCdF + helm.sh/chart: connectors-0.1.12 + uH: o + wy9DijfF9: pY + name: 37ihe +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: -447671166 + protocol: TCP + targetPort: -447671166 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + AxgO: ie + a: xGJKP + app.kubernetes.io/component: pyCdF + app.kubernetes.io/instance: console + app.kubernetes.io/name: pyCdF + wy9DijfF9: pY + sessionAffinity: None + type: ClusterIP +-- testdata/custom-anti-affinity.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + foo: bar + topologyKey: "" + weight: 40 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + foo: bar + topologyKey: "" + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/defaults.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/hard-anti-affinity.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + namespaces: + - default + topologyKey: kubernetes.io/hostname + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp +-- testdata/soft-anti-affinity.yaml.golden -- +--- +# Source: connectors/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: rest-api + port: 8083 + protocol: TCP + targetPort: 8083 + - name: prometheus + port: 9404 + protocol: TCP + targetPort: 9404 + selector: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + sessionAffinity: None + type: ClusterIP +--- +# Source: connectors/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: connectors + helm.sh/chart: connectors-0.1.12 + name: console-connectors +spec: + progressDeadlineSeconds: 600 + replicas: null + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + strategy: + type: RollingUpdate + template: + metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + namespaces: + - default + topologyKey: kubernetes.io/hostname + weight: 100 + containers: + - command: null + env: + - name: CONNECT_CONFIGURATION + value: |- + rest.advertised.port=8083 + rest.port=8083 + key.converter=org.apache.kafka.connect.converters.ByteArrayConverter + value.converter=org.apache.kafka.connect.converters.ByteArrayConverter + group.id=connectors-cluster + offset.storage.topic=_internal_connectors_offsets + config.storage.topic=_internal_connectors_configs + status.storage.topic=_internal_connectors_status + offset.storage.redpanda.remote.read=false + offset.storage.redpanda.remote.write=false + config.storage.redpanda.remote.read=false + config.storage.redpanda.remote.write=false + status.storage.redpanda.remote.read=false + status.storage.redpanda.remote.write=false + offset.storage.replication.factor=-1 + config.storage.replication.factor=-1 + status.storage.replication.factor=-1 + producer.linger.ms=1 + producer.batch.size=131072 + config.providers=file,secretsManager,env + config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider + config.providers.env.class=org.apache.kafka.common.config.provider.EnvVarConfigProvider + - name: CONNECT_ADDITIONAL_CONFIGURATION + value: "" + - name: CONNECT_BOOTSTRAP_SERVERS + value: "" + - name: CONNECT_GC_LOG_ENABLED + value: "false" + - name: CONNECT_HEAP_OPTS + value: -Xms256M -Xmx2G + - name: CONNECT_LOG_LEVEL + value: warn + - name: CONNECT_TLS_ENABLED + value: "false" + envFrom: [] + image: docker.redpanda.com/redpandadata/connectors:v1.0.29 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: rest-api + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: connectors-cluster + ports: + - containerPort: 8083 + name: rest-api + protocol: TCP + - containerPort: 9404 + name: prometheus + protocol: TCP + readinessProbe: + failureThreshold: 2 + httpGet: + path: /connectors + port: rest-api + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 2350Mi + requests: + cpu: "1" + memory: 2350Mi + securityContext: + allowPrivilegeEscalation: false + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + dnsPolicy: ClusterFirst + imagePullSecrets: [] + nodeSelector: {} + restartPolicy: Always + schedulerName: "" + securityContext: + fsGroup: 101 + fsGroupChangePolicy: OnRootMismatch + runAsUser: 101 + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: connectors + app.kubernetes.io/instance: console + app.kubernetes.io/name: connectors + maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + volumes: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases.txtar b/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases.txtar new file mode 100644 index 0000000000..f7c4acf38a --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/testdata/template-cases.txtar @@ -0,0 +1,31 @@ +-- defaults -- +# Intentionally left blank (Default values) +-- hard-anti-affinity -- +deployment: + podAntiAffinity: + topologyKey: kubernetes.io/hostname + type: hard + weight: 100 + +-- soft-anti-affinity -- +deployment: + podAntiAffinity: + topologyKey: kubernetes.io/hostname + type: soft + weight: 100 + +-- custom-anti-affinity -- +deployment: + podAntiAffinity: + type: custom + custom: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + foo: bar + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 40 + podAffinityTerm: + labelSelector: + matchLabels: + foo: bar diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/values.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/values.go new file mode 100644 index 0000000000..e5f58544b2 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/values.go @@ -0,0 +1,212 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_values.go.tpl +package connectors + +import ( + _ "embed" + + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +//go:embed values.yaml +var DefaultValuesYAML []byte + +type Values struct { + NameOverride string `json:"nameOverride"` + FullnameOverride string `json:"fullnameOverride"` + CommonLabels map[string]string `json:"commonLabels"` + Tolerations []corev1.Toleration `json:"tolerations"` + Image Image `json:"image"` + ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets"` + Test Creatable `json:"test"` + Connectors Connectors `json:"connectors"` + Auth Auth `json:"auth"` + Logging Logging `json:"logging"` + Monitoring MonitoringConfig `json:"monitoring"` + Container Container `json:"container"` + Deployment DeploymentConfig `json:"deployment"` + Storage Storage `json:"storage"` + ServiceAccount ServiceAccountConfig `json:"serviceAccount"` + Service ServiceConfig `json:"service"` +} + +type Image struct { + Repository string `json:"repository"` + PullPolicy corev1.PullPolicy `json:"pullPolicy"` + Tag string `json:"tag"` +} + +type Connectors struct { + RestPort int32 `json:"restPort"` + BootstrapServers string `json:"bootstrapServers"` + SchemaRegistryURL string `json:"schemaRegistryURL"` + AdditionalConfiguration string `json:"additionalConfiguration"` + SecretManager SecretManager `json:"secretManager"` + ProducerBatchSize int32 `json:"producerBatchSize"` + ProducerLingerMS int32 `json:"producerLingerMS"` + Storage ConnectorsStorage `json:"storage"` + GroupID string `json:"groupID"` + BrokerTLS TLS `json:"brokerTLS"` +} + +type SecretManager struct { + Enabled bool `json:"enabled"` + Region string `json:"region"` + ConsolePrefix string `json:"consolePrefix"` + ConnectorsPrefix string `json:"connectorsPrefix"` +} + +type ConnectorsStorage struct { + ReplicationFactor struct { + Offset int32 `json:"offset"` + Config int32 `json:"config"` + Status int32 `json:"status"` + } `json:"replicationFactor"` + Remote struct { + Read struct { + Offset bool `json:"offset"` + Config bool `json:"config"` + Status bool `json:"status"` + } `json:"read"` + Write struct { + Offset bool `json:"offset"` + Config bool `json:"config"` + Status bool `json:"status"` + } `json:"write"` + } `json:"remote"` + Topic struct { + Offset string `json:"offset"` + Config string `json:"config"` + Status string `json:"status"` + } `json:"topic"` +} + +type TLS struct { + Enabled bool `json:"enabled"` + CA struct { + SecretRef string `json:"secretRef"` + SecretNameOverwrite string `json:"secretNameOverwrite"` + } `json:"ca"` + Cert struct { + SecretRef string `json:"secretRef"` + SecretNameOverwrite string `json:"secretNameOverwrite"` + } `json:"cert"` + Key struct { + SecretRef string `json:"secretRef"` + SecretNameOverwrite string `json:"secretNameOverwrite"` + } `json:"key"` +} + +type Auth struct { + SASL struct { + Enabled bool `json:"enabled"` + Mechanism string `json:"mechanism"` + SecretRef string `json:"secretRef"` + UserName string `json:"userName"` + } `json:"sasl"` +} + +func (c *Auth) SASLEnabled() bool { + saslEnabled := !helmette.Empty(c.SASL.UserName) + saslEnabled = saslEnabled && !helmette.Empty(c.SASL.Mechanism) + saslEnabled = saslEnabled && !helmette.Empty(c.SASL.SecretRef) + return saslEnabled +} + +type Logging struct { + Level string `json:"level"` +} + +type MonitoringConfig struct { + Enabled bool `json:"enabled"` + ScrapeInterval metav1.Duration `json:"scrapeInterval"` + Labels map[string]string `json:"labels"` + Annotations map[string]string `json:"annotations"` + NamespaceSelector monitoringv1.NamespaceSelector `json:"namespaceSelector"` +} + +type Container struct { + SecurityContext corev1.SecurityContext `json:"securityContext"` + Resources struct { + Request corev1.ResourceList `json:"request"` + Limits corev1.ResourceList `json:"limits"` + JavaMaxHeapSize *resource.Quantity `json:"javaMaxHeapSize"` + } `json:"resources"` + JavaGCLogEnabled string `json:"javaGCLogEnabled"` // XXX ugh - it ends up as an env var +} + +type DeploymentConfig struct { + Replicas *int32 `json:"replicas,omitempty"` + Create bool `json:"create"` + Command []string `json:"command,omitempty"` + Strategy appsv1.DeploymentStrategy `json:"strategy,omitempty"` + SchedulerName string `json:"schedulerName"` + Budget struct { + MaxUnavailable int32 `json:"maxUnavailable"` + } `json:"budget"` + Annotations map[string]string `json:"annotations"` + LivenessProbe *corev1.Probe `json:"livenessProbe,omitempty"` + ReadinessProbe *corev1.Probe `json:"readinessProbe,omitempty"` + ExtraEnv []corev1.EnvVar `json:"extraEnv"` + ExtraEnvFrom []corev1.EnvFromSource `json:"extraEnvFrom"` + ProgressDeadlineSeconds int32 `json:"progressDeadlineSeconds"` + RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty"` + PodAffinity *corev1.PodAffinity `json:"podAffinity,omitempty"` + NodeAffinity *corev1.NodeAffinity `json:"nodeAffinity,omitempty"` + PodAntiAffinity *struct { + TopologyKey string `json:"topologyKey"` + Type string `json:"type"` + Weight *int32 `json:"weight,omitempty"` + Custom *corev1.PodAntiAffinity `json:"custom,omitempty"` + } `json:"podAntiAffinity,omitempty"` + NodeSelector map[string]string `json:"nodeSelector"` + PriorityClassName *string `json:"priorityClassName,omitempty"` // XXX uused in original template + Tolerations []corev1.Toleration `json:"tolerations"` + TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"` + TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` + RestartPolicy corev1.RestartPolicy `json:"restartPolicy"` +} + +type Storage struct { + Volume []corev1.Volume `json:"volume"` + VolumeMounts []corev1.VolumeMount `json:"volumeMounts"` +} + +type ServiceAccountConfig struct { + Create bool `json:"create"` + Annotations map[string]string `json:"annotations"` + Name string `json:"name"` +} + +type ServiceConfig struct { + Annotations map[string]string `json:"annotations"` + Name string `json:"name"` + Ports []struct { + Name string `json:"name"` + Port int32 `json:"port"` + } `json:"ports"` +} + +type Creatable struct { + Create bool `json:"create"` +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/values.yaml b/charts/redpanda/redpanda/5.9.4/charts/connectors/values.yaml new file mode 100644 index 0000000000..f230a84d37 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/values.yaml @@ -0,0 +1,311 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This file contains values for variables referenced from yaml files in the templates directory. +# +# For further information on Helm templating see the documentation at: +# https://helm.sh/docs/chart_template_guide/values_files/ + +# +# >>> This chart requires Helm version 3.6.0 or greater <<< +# + +# Common settings +# +# -- Override `connectors.name` template. +nameOverride: "" +# -- Override `connectors.fullname` template. +fullnameOverride: "" +# -- Additional labels to add to all Kubernetes objects. +# For example, `my.k8s.service: redpanda`. +commonLabels: {} +# -- Taints to be tolerated by Pods. +# For details, +# see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). +tolerations: [] + +# -- Redpanda Docker image settings. +image: + # -- Docker repository from which to pull the Redpanda Docker image. + repository: docker.redpanda.com/redpandadata/connectors + # -- The Redpanda version. + # See DockerHub for: + # [All stable versions](https://hub.docker.com/r/redpandadata/redpanda/tags) + # and [all unstable versions](https://hub.docker.com/r/redpandadata/redpanda-unstable/tags). + # @default -- `Chart.appVersion`. + tag: "" + # -- The imagePullPolicy. + # If `image.tag` is 'latest', the default is `Always`. + pullPolicy: IfNotPresent + +# -- Pull secrets may be used to provide credentials to image repositories +# See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +imagePullSecrets: [] + +test: + create: true + +connectors: + # -- The port on which the Kafka Connect REST API listens. The API is used for administrative tasks. + restPort: 8083 + # -- A comma-separated list of Redpanda broker addresses in the format of IP:Port or DNS:Port. Kafka Connect uses this to connect to the Redpanda/Kafka cluster. + bootstrapServers: "" + # A comma-separated list of Schema Registry addresses in the format IP:Port or DNS:Port. The Schema Registry is a service that manages the schemas used by producers and consumers. + schemaRegistryURL: "" + # -- A placeholder for any Java configuration settings for Kafka Connect that are not explicitly defined in this Helm chart. Java configuration settings are passed to the Kafka Connect startup script. + additionalConfiguration: "" + secretManager: + enabled: false + region: "" + consolePrefix: "" + connectorsPrefix: "" + # -- The number of bytes of records a producer will attempt to batch together before sending to Redpanda. Batching improves throughput. + producerBatchSize: 131072 + # -- The time, in milliseconds, that a producer will wait before sending a batch of records. Waiting allows the producer to gather more records in the same batch and improve throughput. + producerLingerMS: 1 + storage: + # -- The number of replicas for each of the internal topics that Kafka Connect uses. + replicationFactor: + # -- Replication factor for the offset topic. + offset: -1 + # -- Replication factor for the configuration topic. + config: -1 + # -- Replication factor for the status topic. + status: -1 + # -- Indicates if read and write operations for the respective topics are allowed remotely. + remote: + read: + offset: false + config: false + status: false + write: + offset: false + config: false + status: false + topic: + # -- The name of the internal topic that Kafka Connect uses to store source connector offsets. + offset: _internal_connectors_offsets + # -- The name of the internal topic that Kafka Connect uses to store connector and task configurations. + config: _internal_connectors_configs + # -- The name of the internal topic that Kafka Connect uses to store connector and task status updates. + status: _internal_connectors_status + # -- A unique string that identifies the Kafka Connect cluster. It's used in the formation of the internal topic names, ensuring that multiple Kafka Connect clusters can connect to the same Redpanda cluster without interfering with each other. + groupID: connectors-cluster + brokerTLS: + enabled: false + ca: + # -- The name of the Secret where the ca.crt file content is located. + secretRef: "" + # -- If `secretRef` points to a Secret where the certificate authority (CA) is not under the + # `ca.crt` key, use `secretNameOverwrite` to overwrite it e.g. `corp-ca.crt`. + secretNameOverwrite: "" + cert: + # -- The name of the secret where client signed certificate is located + secretRef: "" + # -- If secretRef points to secret where client signed certificate is not under + # tls.crt key then please use secretNameOverwrite to overwrite it e.g. corp-tls.crt + secretNameOverwrite: "" + key: + # -- The name of the secret where client private key is located + secretRef: "" + # -- If secretRef points to secret where client private key is not under + # tls.key key then please use secretNameOverwrite to overwrite it e.g. corp-tls.key + secretNameOverwrite: "" + +# -- Authentication settings. +# For details, +# see the [SASL documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/). +# The first line of the secret file is used. So the first superuser is used to authenticate to the Redpanda cluster. +auth: + sasl: + enabled: false + # -- The authentication mechanism to use for the superuser. Options are `scram-sha-256` and `scram-sha-512`. + mechanism: scram-sha-512 + # -- A Secret that contains your SASL user password. + secretRef: "" + userName: "" + +# -- Log-level settings. +logging: + # -- Log level + # Valid values (from least to most verbose) are: `error`, `warn`, `info` and `debug`. + level: warn + +# -- Monitoring. +# When set to `true`, the Helm chart creates a PodMonitor that can be used by Prometheus-Operator or VictoriaMetrics-Operator to scrape the metrics. +monitoring: + enabled: false + scrapeInterval: 30s + labels: {} + annotations: {} + namespaceSelector: + any: true + +container: + # + # -- Security context for the Redpanda Connectors container. + # See also `deployment.securityContext` for Pod-level settings. + securityContext: + allowPrivilegeEscalation: false + # -- Pod resource management. + resources: + request: + # Numeric values here are also acceptable. + cpu: "1" + memory: 2350Mi + limits: + cpu: "1" + memory: 2350Mi + # -- Java maximum heap size must not be greater than `container.resources.limits.memory`. + javaMaxHeapSize: 2G + javaGCLogEnabled: "false" + +deployment: + # Replicas can be used to scale Deployment + # replicas + + create: true + # Customize the command to use as the entrypoint of the Deployment. + # command: [] + strategy: + type: RollingUpdate + schedulerName: "" + budget: + maxUnavailable: 1 + # -- Additional annotations to apply to the Pods of this Deployment. + annotations: {} + # -- Adjust the period for your probes to meet your needs. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). + livenessProbe: + initialDelaySeconds: 10 + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + readinessProbe: + initialDelaySeconds: 60 + failureThreshold: 2 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + + # -- Additional environment variables for the Pods. + extraEnv: [] + # - name: RACK_ID + # value: "1" + + # -- Configure extra environment variables from Secrets and ConfigMaps. + extraEnvFrom: [] + # - secretRef: + # name: my-secret + # - configMapRef: + # name: my-configmap + + # -- The maximum time in seconds for a deployment to make progress before it is + # considered to be failed. The deployment controller will continue to process + # failed deployments and a condition with a ProgressDeadlineExceeded reason + # will be surfaced in the deployment status. Note that progress will not be + # estimated during the time a deployment is paused. + progressDeadlineSeconds: 600 + + # -- The number of old ReplicaSets to retain to allow rollback. This is a pointer + # to distinguish between explicit zero and not specified. + revisionHistoryLimit: 10 + + # -- Inter-Pod Affinity rules for scheduling Pods of this Deployment. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). + podAffinity: {} + # -- Node Affinity rules for scheduling Pods of this Deployment. + # The suggestion would be to spread Pods according to topology zone. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity). + nodeAffinity: {} + # -- Anti-affinity rules for scheduling Pods of this Deployment. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). + # You may either edit the default settings for anti-affinity rules, + # or specify new anti-affinity rules to use instead of the defaults. + podAntiAffinity: + # -- The `topologyKey` to be used. + # Can be used to spread across different nodes, AZs, regions etc. + topologyKey: kubernetes.io/hostname + # -- Valid anti-affinity types are `soft`, `hard`, or `custom`. + # Use `custom` if you want to supply your own anti-affinity rules in the `podAntiAffinity.custom` object. + type: hard + # -- Weight for `soft` anti-affinity rules. + # Does not apply for other anti-affinity types. + weight: 100 + # -- Change `podAntiAffinity.type` to `custom` and provide your own podAntiAffinity rules here. + custom: {} + # -- Node selection constraints for scheduling Pods of this Deployment. + # These constraints override the global `nodeSelector` value. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector). + nodeSelector: {} + # -- PriorityClassName given to Pods of this Deployment. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). + priorityClassName: "" + # -- Taints to be tolerated by Pods of this Deployment. + # These tolerations override the global tolerations value. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). + tolerations: [] + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/). + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + securityContext: + fsGroup: 101 + runAsUser: 101 + fsGroupChangePolicy: OnRootMismatch + terminationGracePeriodSeconds: 30 + restartPolicy: Always + +storage: + volume: + - emptyDir: + medium: Memory + sizeLimit: 5Mi + name: rp-connect-tmp + volumeMounts: + - mountPath: /tmp + name: rp-connect-tmp + +# -- ServiceAccount management. +serviceAccount: + # -- Specifies whether a ServiceAccount should be created. + create: false + # -- Annotations to add to the ServiceAccount. + annotations: {} + # -- The name of the ServiceAccount to use. + # If not set and `serviceAccount.create` is `true`, + # a name is generated using the `connectors.fullname` template. + name: "" + +# -- Service management. +service: + # -- Annotations to add to the Service. + annotations: {} + # -- The name of the service to use. + # If not set, a name is generated using the `connectors.fullname` template. + name: "" + ports: + - name: prometheus + port: 9404 diff --git a/charts/redpanda/redpanda/5.9.4/charts/connectors/values_partial.gen.go b/charts/redpanda/redpanda/5.9.4/charts/connectors/values_partial.gen.go new file mode 100644 index 0000000000..e13a1b2173 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/connectors/values_partial.gen.go @@ -0,0 +1,188 @@ +//go:build !generate + +// +gotohelm:ignore=true +// +// Code generated by genpartial DO NOT EDIT. +package connectors + +import ( + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type PartialValues struct { + NameOverride *string "json:\"nameOverride,omitempty\"" + FullnameOverride *string "json:\"fullnameOverride,omitempty\"" + CommonLabels map[string]string "json:\"commonLabels,omitempty\"" + Tolerations []corev1.Toleration "json:\"tolerations,omitempty\"" + Image *PartialImage "json:\"image,omitempty\"" + ImagePullSecrets []corev1.LocalObjectReference "json:\"imagePullSecrets,omitempty\"" + Test *PartialCreatable "json:\"test,omitempty\"" + Connectors *PartialConnectors "json:\"connectors,omitempty\"" + Auth *PartialAuth "json:\"auth,omitempty\"" + Logging *PartialLogging "json:\"logging,omitempty\"" + Monitoring *PartialMonitoringConfig "json:\"monitoring,omitempty\"" + Container *PartialContainer "json:\"container,omitempty\"" + Deployment *PartialDeploymentConfig "json:\"deployment,omitempty\"" + Storage *PartialStorage "json:\"storage,omitempty\"" + ServiceAccount *PartialServiceAccountConfig "json:\"serviceAccount,omitempty\"" + Service *PartialServiceConfig "json:\"service,omitempty\"" +} + +type PartialImage struct { + Repository *string "json:\"repository,omitempty\"" + PullPolicy *corev1.PullPolicy "json:\"pullPolicy,omitempty\"" + Tag *string "json:\"tag,omitempty\"" +} + +type PartialCreatable struct { + Create *bool "json:\"create,omitempty\"" +} + +type PartialConnectors struct { + RestPort *int32 "json:\"restPort,omitempty\"" + BootstrapServers *string "json:\"bootstrapServers,omitempty\"" + SchemaRegistryURL *string "json:\"schemaRegistryURL,omitempty\"" + AdditionalConfiguration *string "json:\"additionalConfiguration,omitempty\"" + SecretManager *PartialSecretManager "json:\"secretManager,omitempty\"" + ProducerBatchSize *int32 "json:\"producerBatchSize,omitempty\"" + ProducerLingerMS *int32 "json:\"producerLingerMS,omitempty\"" + Storage *PartialConnectorsStorage "json:\"storage,omitempty\"" + GroupID *string "json:\"groupID,omitempty\"" + BrokerTLS *PartialTLS "json:\"brokerTLS,omitempty\"" +} + +type PartialAuth struct { + SASL *struct { + Enabled *bool "json:\"enabled,omitempty\"" + Mechanism *string "json:\"mechanism,omitempty\"" + SecretRef *string "json:\"secretRef,omitempty\"" + UserName *string "json:\"userName,omitempty\"" + } "json:\"sasl,omitempty\"" +} + +type PartialLogging struct { + Level *string "json:\"level,omitempty\"" +} + +type PartialMonitoringConfig struct { + Enabled *bool "json:\"enabled,omitempty\"" + ScrapeInterval *metav1.Duration "json:\"scrapeInterval,omitempty\"" + Labels map[string]string "json:\"labels,omitempty\"" + Annotations map[string]string "json:\"annotations,omitempty\"" + NamespaceSelector *monitoringv1.NamespaceSelector "json:\"namespaceSelector,omitempty\"" +} + +type PartialContainer struct { + SecurityContext *corev1.SecurityContext "json:\"securityContext,omitempty\"" + Resources *struct { + Request corev1.ResourceList "json:\"request,omitempty\"" + Limits corev1.ResourceList "json:\"limits,omitempty\"" + JavaMaxHeapSize *resource.Quantity "json:\"javaMaxHeapSize,omitempty\"" + } "json:\"resources,omitempty\"" + JavaGCLogEnabled *string "json:\"javaGCLogEnabled,omitempty\"" +} + +type PartialDeploymentConfig struct { + Replicas *int32 "json:\"replicas,omitempty\"" + Create *bool "json:\"create,omitempty\"" + Command []string "json:\"command,omitempty\"" + Strategy *appsv1.DeploymentStrategy "json:\"strategy,omitempty\"" + SchedulerName *string "json:\"schedulerName,omitempty\"" + Budget *struct { + MaxUnavailable *int32 "json:\"maxUnavailable,omitempty\"" + } "json:\"budget,omitempty\"" + Annotations map[string]string "json:\"annotations,omitempty\"" + LivenessProbe *corev1.Probe "json:\"livenessProbe,omitempty\"" + ReadinessProbe *corev1.Probe "json:\"readinessProbe,omitempty\"" + ExtraEnv []corev1.EnvVar "json:\"extraEnv,omitempty\"" + ExtraEnvFrom []corev1.EnvFromSource "json:\"extraEnvFrom,omitempty\"" + ProgressDeadlineSeconds *int32 "json:\"progressDeadlineSeconds,omitempty\"" + RevisionHistoryLimit *int32 "json:\"revisionHistoryLimit,omitempty\"" + PodAffinity *corev1.PodAffinity "json:\"podAffinity,omitempty\"" + NodeAffinity *corev1.NodeAffinity "json:\"nodeAffinity,omitempty\"" + PodAntiAffinity *struct { + TopologyKey *string "json:\"topologyKey,omitempty\"" + Type *string "json:\"type,omitempty\"" + Weight *int32 "json:\"weight,omitempty\"" + Custom *corev1.PodAntiAffinity "json:\"custom,omitempty\"" + } "json:\"podAntiAffinity,omitempty\"" + NodeSelector map[string]string "json:\"nodeSelector,omitempty\"" + PriorityClassName *string "json:\"priorityClassName,omitempty\"" + Tolerations []corev1.Toleration "json:\"tolerations,omitempty\"" + TopologySpreadConstraints []corev1.TopologySpreadConstraint "json:\"topologySpreadConstraints,omitempty\"" + SecurityContext *corev1.PodSecurityContext "json:\"securityContext,omitempty\"" + TerminationGracePeriodSeconds *int64 "json:\"terminationGracePeriodSeconds,omitempty\"" + RestartPolicy *corev1.RestartPolicy "json:\"restartPolicy,omitempty\"" +} + +type PartialStorage struct { + Volume []corev1.Volume "json:\"volume,omitempty\"" + VolumeMounts []corev1.VolumeMount "json:\"volumeMounts,omitempty\"" +} + +type PartialServiceAccountConfig struct { + Create *bool "json:\"create,omitempty\"" + Annotations map[string]string "json:\"annotations,omitempty\"" + Name *string "json:\"name,omitempty\"" +} + +type PartialServiceConfig struct { + Annotations map[string]string "json:\"annotations,omitempty\"" + Name *string "json:\"name,omitempty\"" + Ports []struct { + Name *string "json:\"name,omitempty\"" + Port *int32 "json:\"port,omitempty\"" + } "json:\"ports,omitempty\"" +} + +type PartialSecretManager struct { + Enabled *bool "json:\"enabled,omitempty\"" + Region *string "json:\"region,omitempty\"" + ConsolePrefix *string "json:\"consolePrefix,omitempty\"" + ConnectorsPrefix *string "json:\"connectorsPrefix,omitempty\"" +} + +type PartialConnectorsStorage struct { + ReplicationFactor *struct { + Offset *int32 "json:\"offset,omitempty\"" + Config *int32 "json:\"config,omitempty\"" + Status *int32 "json:\"status,omitempty\"" + } "json:\"replicationFactor,omitempty\"" + Remote *struct { + Read *struct { + Offset *bool "json:\"offset,omitempty\"" + Config *bool "json:\"config,omitempty\"" + Status *bool "json:\"status,omitempty\"" + } "json:\"read,omitempty\"" + Write *struct { + Offset *bool "json:\"offset,omitempty\"" + Config *bool "json:\"config,omitempty\"" + Status *bool "json:\"status,omitempty\"" + } "json:\"write,omitempty\"" + } "json:\"remote,omitempty\"" + Topic *struct { + Offset *string "json:\"offset,omitempty\"" + Config *string "json:\"config,omitempty\"" + Status *string "json:\"status,omitempty\"" + } "json:\"topic,omitempty\"" +} + +type PartialTLS struct { + Enabled *bool "json:\"enabled,omitempty\"" + CA *struct { + SecretRef *string "json:\"secretRef,omitempty\"" + SecretNameOverwrite *string "json:\"secretNameOverwrite,omitempty\"" + } "json:\"ca,omitempty\"" + Cert *struct { + SecretRef *string "json:\"secretRef,omitempty\"" + SecretNameOverwrite *string "json:\"secretNameOverwrite,omitempty\"" + } "json:\"cert,omitempty\"" + Key *struct { + SecretRef *string "json:\"secretRef,omitempty\"" + SecretNameOverwrite *string "json:\"secretNameOverwrite,omitempty\"" + } "json:\"key,omitempty\"" +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/.helmignore b/charts/redpanda/redpanda/5.9.4/charts/console/.helmignore new file mode 100644 index 0000000000..04ecd888b5 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +README.md.gotmpl +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/Chart.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/Chart.yaml new file mode 100644 index 0000000000..dd51b48d8a --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/Chart.yaml @@ -0,0 +1,23 @@ +annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/console:v2.7.0 + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ +apiVersion: v2 +appVersion: v2.7.0 +description: Helm chart to deploy Redpanda Console. +icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg +kubeVersion: '>= 1.21.0-0' +maintainers: +- name: redpanda-data + url: https://github.com/orgs/redpanda-data/people +name: console +sources: +- https://github.com/redpanda-data/helm-charts +type: application +version: 0.7.29 diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/README.md b/charts/redpanda/redpanda/5.9.4/charts/console/README.md new file mode 100644 index 0000000000..9bd93425f8 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/README.md @@ -0,0 +1,353 @@ +# Redpanda Console Helm Chart Specification +--- +description: Find the default values and descriptions of settings in the Redpanda Console Helm chart. +--- + +![Version: 0.7.29](https://img.shields.io/badge/Version-0.7.29-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.7.0](https://img.shields.io/badge/AppVersion-v2.7.0-informational?style=flat-square) + +This page describes the official Redpanda Console Helm Chart. In particular, this page describes the contents of the chart’s [`values.yaml` file](https://github.com/redpanda-data/helm-charts/blob/main/charts/console/values.yaml). +Each of the settings is listed and described on this page, along with any default values. + +The Redpanda Console Helm chart is included as a subchart in the Redpanda Helm chart so that you can deploy and configure Redpanda and Redpanda Console together. +For instructions on how to install and use the chart, refer to the [deployment documentation](https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-deploy/). +For instructions on how to override and customize the chart’s values, see [Configure Redpanda Console](https://docs.redpanda.com/docs/manage/kubernetes/configure-helm-chart/#configure-redpanda-console). + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1) + +## Source Code + +* + +## Requirements + +Kubernetes: `>= 1.21.0-0` + +## Settings + +### [affinity](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=affinity) + +**Default:** `{}` + +### [annotations](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=annotations) + +Annotations to add to the deployment. + +**Default:** `{}` + +### [automountServiceAccountToken](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=automountServiceAccountToken) + +Automount API credentials for the Service Account into the pod. + +**Default:** `true` + +### [autoscaling.enabled](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.enabled) + +**Default:** `false` + +### [autoscaling.maxReplicas](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.maxReplicas) + +**Default:** `100` + +### [autoscaling.minReplicas](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.minReplicas) + +**Default:** `1` + +### [autoscaling.targetCPUUtilizationPercentage](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=autoscaling.targetCPUUtilizationPercentage) + +**Default:** `80` + +### [commonLabels](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=commonLabels) + +**Default:** `{}` + +### [configmap.create](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=configmap.create) + +**Default:** `true` + +### [console.config](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=console.config) + +Settings for the `Config.yaml` (required). For a reference of configuration settings, see the [Redpanda Console documentation](https://docs.redpanda.com/docs/reference/console/config/). + +**Default:** `{}` + +### [deployment.create](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=deployment.create) + +**Default:** `true` + +### [enterprise](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=enterprise) + +Settings for license key, as an alternative to secret.enterprise when a license secret is available + +**Default:** + +``` +{"licenseSecretRef":{"key":"","name":""}} +``` + +### [extraContainers](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraContainers) + +Add additional containers, such as for oauth2-proxy. + +**Default:** `[]` + +### [extraEnv](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraEnv) + +Additional environment variables for the Redpanda Console Deployment. + +**Default:** `[]` + +### [extraEnvFrom](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraEnvFrom) + +Additional environment variables for Redpanda Console mapped from Secret or ConfigMap. + +**Default:** `[]` + +### [extraVolumeMounts](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraVolumeMounts) + +Add additional volume mounts, such as for TLS keys. + +**Default:** `[]` + +### [extraVolumes](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=extraVolumes) + +Add additional volumes, such as for TLS keys. + +**Default:** `[]` + +### [fullnameOverride](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=fullnameOverride) + +Override `console.fullname` template. + +**Default:** `""` + +### [image](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image) + +Redpanda Console Docker image settings. + +**Default:** + +``` +{"pullPolicy":"IfNotPresent","registry":"docker.redpanda.com","repository":"redpandadata/console","tag":""} +``` + +### [image.pullPolicy](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image.pullPolicy) + +The imagePullPolicy. + +**Default:** `"IfNotPresent"` + +### [image.repository](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image.repository) + +Docker repository from which to pull the Redpanda Docker image. + +**Default:** `"redpandadata/console"` + +### [image.tag](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=image.tag) + +The Redpanda Console version. See DockerHub for: [All stable versions](https://hub.docker.com/r/redpandadata/console/tags) and [all unstable versions](https://hub.docker.com/r/redpandadata/console-unstable/tags). + +**Default:** `Chart.appVersion` + +### [imagePullSecrets](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=imagePullSecrets) + +Pull secrets may be used to provide credentials to image repositories See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + +**Default:** `[]` + +### [ingress.annotations](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.annotations) + +**Default:** `{}` + +### [ingress.className](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.className) + +**Default:** `nil` + +### [ingress.enabled](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.enabled) + +**Default:** `false` + +### [ingress.hosts[0].host](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.hosts[0].host) + +**Default:** `"chart-example.local"` + +### [ingress.hosts[0].paths[0].path](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.hosts[0].paths[0].path) + +**Default:** `"/"` + +### [ingress.hosts[0].paths[0].pathType](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.hosts[0].paths[0].pathType) + +**Default:** `"ImplementationSpecific"` + +### [ingress.tls](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=ingress.tls) + +**Default:** `[]` + +### [initContainers](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=initContainers) + +Any initContainers defined should be written here + +**Default:** `{"extraInitContainers":""}` + +### [initContainers.extraInitContainers](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=initContainers.extraInitContainers) + +Additional set of init containers + +**Default:** `""` + +### [livenessProbe](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=livenessProbe) + +Settings for liveness and readiness probes. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes). + +**Default:** + +``` +{"failureThreshold":3,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1} +``` + +### [nameOverride](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=nameOverride) + +Override `console.name` template. + +**Default:** `""` + +### [nodeSelector](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=nodeSelector) + +**Default:** `{}` + +### [podAnnotations](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podAnnotations) + +**Default:** `{}` + +### [podLabels](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podLabels) + +**Default:** `{}` + +### [podSecurityContext.fsGroup](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podSecurityContext.fsGroup) + +**Default:** `99` + +### [podSecurityContext.runAsUser](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=podSecurityContext.runAsUser) + +**Default:** `99` + +### [priorityClassName](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=priorityClassName) + +PriorityClassName given to Pods. For details, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). + +**Default:** `""` + +### [readinessProbe.failureThreshold](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.failureThreshold) + +**Default:** `3` + +### [readinessProbe.initialDelaySeconds](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.initialDelaySeconds) + +Grant time to test connectivity to upstream services such as Kafka and Schema Registry. + +**Default:** `10` + +### [readinessProbe.periodSeconds](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.periodSeconds) + +**Default:** `10` + +### [readinessProbe.successThreshold](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.successThreshold) + +**Default:** `1` + +### [readinessProbe.timeoutSeconds](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=readinessProbe.timeoutSeconds) + +**Default:** `1` + +### [replicaCount](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=replicaCount) + +**Default:** `1` + +### [resources](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=resources) + +**Default:** `{}` + +### [secret](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=secret) + +Create a new Kubernetes Secret for all sensitive configuration inputs. Each provided Secret is mounted automatically and made available to the Pod. If you want to use one or more existing Secrets, you can use the `extraEnvFrom` list to mount environment variables from string and secretMounts to mount files such as Certificates from Secrets. + +**Default:** + +``` +{"create":true,"enterprise":{},"kafka":{},"login":{"github":{},"google":{},"jwtSecret":"","oidc":{},"okta":{}},"redpanda":{"adminApi":{}}} +``` + +### [secret.kafka](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=secret.kafka) + +Kafka Secrets. + +**Default:** `{}` + +### [secretMounts](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=secretMounts) + +SecretMounts is an abstraction to make a Secret available in the container's filesystem. Under the hood it creates a volume and a volume mount for the Redpanda Console container. + +**Default:** `[]` + +### [securityContext.runAsNonRoot](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=securityContext.runAsNonRoot) + +**Default:** `true` + +### [service.annotations](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=service.annotations) + +**Default:** `{}` + +### [service.port](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=service.port) + +**Default:** `8080` + +### [service.targetPort](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=service.targetPort) + +Override the value in `console.config.server.listenPort` if not `nil` + +**Default:** `nil` + +### [service.type](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=service.type) + +**Default:** `"ClusterIP"` + +### [serviceAccount.annotations](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.annotations) + +Annotations to add to the service account. + +**Default:** `{}` + +### [serviceAccount.automountServiceAccountToken](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.automountServiceAccountToken) + +Specifies whether a service account should automount API-Credentials + +**Default:** `true` + +### [serviceAccount.create](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.create) + +Specifies whether a service account should be created. + +**Default:** `true` + +### [serviceAccount.name](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=serviceAccount.name) + +The name of the service account to use. If not set and `serviceAccount.create` is `true`, a name is generated using the `console.fullname` template + +**Default:** `""` + +### [strategy](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=strategy) + +**Default:** `{}` + +### [tests.enabled](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=tests.enabled) + +**Default:** `true` + +### [tolerations](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=tolerations) + +**Default:** `[]` + +### [topologySpreadConstraints](https://artifacthub.io/packages/helm/redpanda-data/console?modal=values&path=topologySpreadConstraints) + +**Default:** `[]` + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/chart_test.go b/charts/redpanda/redpanda/5.9.4/charts/console/chart_test.go new file mode 100644 index 0000000000..0e652c13e1 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/chart_test.go @@ -0,0 +1,158 @@ +package console + +import ( + "encoding/json" + "fmt" + "os" + "regexp" + "slices" + "testing" + + fuzz "github.com/google/gofuzz" + "github.com/redpanda-data/helm-charts/pkg/helm" + "github.com/redpanda-data/helm-charts/pkg/testutil" + "github.com/santhosh-tekuri/jsonschema/v5" + "github.com/stretchr/testify/require" + "golang.org/x/tools/txtar" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/yaml" +) + +// TestValues asserts that the chart's values.yaml file can be losslessly +// loaded into our type [Values] struct. +// NB: values.yaml should round trip through [Values], not [PartialValues], as +// [Values]'s omitempty tags are models after values.yaml. +func TestValues(t *testing.T) { + var typedValues Values + var unstructuredValues map[string]any + + require.NoError(t, yaml.Unmarshal(DefaultValuesYAML, &typedValues)) + require.NoError(t, yaml.Unmarshal(DefaultValuesYAML, &unstructuredValues)) + + typedValuesJSON, err := json.Marshal(typedValues) + require.NoError(t, err) + + unstructuredValuesJSON, err := json.Marshal(unstructuredValues) + require.NoError(t, err) + + require.JSONEq(t, string(unstructuredValuesJSON), string(typedValuesJSON)) +} + +func TestTemplate(t *testing.T) { + ctx := testutil.Context(t) + client, err := helm.New(helm.Options{ConfigHome: testutil.TempDir(t)}) + require.NoError(t, err) + + casesArchive, err := txtar.ParseFile("testdata/template-cases.txtar") + require.NoError(t, err) + + generatedCasesArchive, err := txtar.ParseFile("testdata/template-cases-generated.txtar") + require.NoError(t, err) + + goldens := testutil.NewTxTar(t, "testdata/template-cases.golden.txtar") + + for _, tc := range append(casesArchive.Files, generatedCasesArchive.Files...) { + tc := tc + t.Run(tc.Name, func(t *testing.T) { + var values PartialValues + require.NoError(t, yaml.Unmarshal(tc.Data, &values)) + + out, err := client.Template(ctx, ".", helm.TemplateOptions{ + Name: "console", + Values: values, + Set: []string{ + // jwtSecret defaults to a random string. Can't have that + // in snapshot testing so set it to a static value. + "secret.login.jwtSecret=SECRETKEY", + }, + }) + require.NoError(t, err) + goldens.AssertGolden(t, testutil.YAML, fmt.Sprintf("testdata/%s.yaml.golden", tc.Name), out) + }) + } +} + +// TestGenerateCases is not a test case (sorry) but a test case generator for +// the console chart. +func TestGenerateCases(t *testing.T) { + // Nasty hack to avoid making a main function somewhere. Sorry not sorry. + if !slices.Contains(os.Args, fmt.Sprintf("-test.run=%s", t.Name())) { + t.Skipf("%s will only run if explicitly specified (-run %q)", t.Name(), t.Name()) + } + + // Makes strings easier to read. + asciiStrs := func(s *string, c fuzz.Continue) { + const alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + var x []byte + for i := 0; i < c.Intn(25); i++ { + x = append(x, alphabet[c.Intn(len(alphabet))]) + } + *s = string(x) + } + smallInts := func(s *int, c fuzz.Continue) { + *s = c.Intn(501) + } + + fuzzer := fuzz.New().NumElements(0, 3).SkipFieldsWithPattern( + regexp.MustCompile("^(SELinuxOptions|WindowsOptions|SeccompProfile|TCPSocket|HTTPHeaders|VolumeSource)$"), + ).Funcs( + asciiStrs, + smallInts, + func(t *corev1.ServiceType, c fuzz.Continue) { + types := []corev1.ServiceType{ + corev1.ServiceTypeClusterIP, + corev1.ServiceTypeExternalName, + corev1.ServiceTypeNodePort, + corev1.ServiceTypeLoadBalancer, + } + *t = types[c.Intn(len(types))] + }, + func(s *corev1.ResourceName, c fuzz.Continue) { asciiStrs((*string)(s), c) }, + func(_ *any, c fuzz.Continue) {}, + func(_ *[]corev1.ResourceClaim, c fuzz.Continue) {}, + func(_ *[]metav1.ManagedFieldsEntry, c fuzz.Continue) {}, + ) + + schema, err := jsonschema.CompileString("", string(ValuesSchemaJSON)) + require.NoError(t, err) + + nilChance := float64(0.8) + + files := make([]txtar.File, 0, 50) + for i := 0; i < 50; i++ { + // Every 5 iterations, decrease nil chance to ensure that we're biased + // towards exploring most cases. + if i%5 == 0 && nilChance > .1 { + nilChance -= .1 + } + + var values PartialValues + fuzzer.NilChance(nilChance).Fuzz(&values) + + out, err := yaml.Marshal(values) + require.NoError(t, err) + + merged, err := helm.MergeYAMLValues(t.TempDir(), DefaultValuesYAML, out) + require.NoError(t, err) + + // Ensure that our generated values comply with the schema set by the chart. + if err := schema.Validate(merged); err != nil { + t.Logf("Generated invalid values; trying again...\n%v", err) + i-- + continue + } + + files = append(files, txtar.File{ + Name: fmt.Sprintf("case-%03d", i), + Data: out, + }) + } + + archive := txtar.Format(&txtar.Archive{ + Comment: []byte(fmt.Sprintf(`Generated by %s`, t.Name())), + Files: files, + }) + + require.NoError(t, os.WriteFile("testdata/template-cases-generated.txtar", archive, 0o644)) +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/configmap.go b/charts/redpanda/redpanda/5.9.4/charts/console/configmap.go new file mode 100644 index 0000000000..c4fa382915 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/configmap.go @@ -0,0 +1,61 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_configmap.go.tpl +package console + +import ( + "fmt" + + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func ConfigMap(dot *helmette.Dot) *corev1.ConfigMap { + values := helmette.Unwrap[Values](dot.Values) + + if !values.ConfigMap.Create { + return nil + } + + data := map[string]string{ + "config.yaml": fmt.Sprintf("# from .Values.console.config\n%s\n", helmette.Tpl(helmette.ToYaml(values.Console.Config), dot)), + } + + if len(values.Console.Roles) > 0 { + data["roles.yaml"] = helmette.Tpl(helmette.ToYaml(map[string]any{ + "roles": values.Console.Roles, + }), dot) + } + + if len(values.Console.RoleBindings) > 0 { + data["role-bindings.yaml"] = helmette.Tpl(helmette.ToYaml(map[string]any{ + "roleBindings": values.Console.RoleBindings, + }), dot) + } + + return &corev1.ConfigMap{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "ConfigMap", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Labels: Labels(dot), + }, + Data: data, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/deployment.go b/charts/redpanda/redpanda/5.9.4/charts/console/deployment.go new file mode 100644 index 0000000000..47537d40d2 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/deployment.go @@ -0,0 +1,535 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_deployment.go.tpl +package console + +import ( + "fmt" + + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" + "k8s.io/utils/ptr" +) + +// Console's HTTP server Port. +// The port is defined from the provided config but can be overridden +// by setting service.targetPort and if that is missing defaults to 8080. +func ContainerPort(dot *helmette.Dot) int32 { + values := helmette.Unwrap[Values](dot.Values) + + listenPort := int32(8080) + if values.Service.TargetPort != nil { + listenPort = *values.Service.TargetPort + } + + configListenPort := helmette.Dig(values.Console.Config, nil, "server", "listenPort") + if asInt, ok := helmette.AsIntegral[int](configListenPort); ok { + return int32(asInt) + } + + return listenPort +} + +func Deployment(dot *helmette.Dot) *appsv1.Deployment { + values := helmette.Unwrap[Values](dot.Values) + + if !values.Deployment.Create { + return nil + } + + var replicas *int32 + if !values.Autoscaling.Enabled { + replicas = ptr.To(values.ReplicaCount) + } + + var initContainers []corev1.Container + if values.InitContainers.ExtraInitContainers != nil { + initContainers = helmette.UnmarshalYamlArray[corev1.Container](helmette.Tpl(*values.InitContainers.ExtraInitContainers, dot)) + } + + volumeMounts := []corev1.VolumeMount{ + { + Name: "configs", + MountPath: "/etc/console/configs", + ReadOnly: true, + }, + } + + if values.Secret.Create { + volumeMounts = append(volumeMounts, corev1.VolumeMount{ + Name: "secrets", + MountPath: "/etc/console/secrets", + ReadOnly: true, + }) + } + + for _, mount := range values.SecretMounts { + volumeMounts = append(volumeMounts, corev1.VolumeMount{ + Name: mount.Name, + MountPath: mount.Path, + SubPath: ptr.Deref(mount.SubPath, ""), + }) + } + + volumeMounts = append(volumeMounts, values.ExtraVolumeMounts...) + + return &appsv1.Deployment{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "apps/v1", + Kind: "Deployment", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Labels: Labels(dot), + Namespace: dot.Release.Namespace, + Annotations: values.Annotations, + }, + Spec: appsv1.DeploymentSpec{ + Replicas: replicas, + Selector: &metav1.LabelSelector{ + MatchLabels: SelectorLabels(dot), + }, + Strategy: values.Strategy, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: helmette.Merge(map[string]string{ + "checksum/config": helmette.Sha256Sum(helmette.ToYaml(ConfigMap(dot))), + }, values.PodAnnotations), + Labels: helmette.Merge(SelectorLabels(dot), values.PodLabels), + }, + Spec: corev1.PodSpec{ + ImagePullSecrets: values.ImagePullSecrets, + ServiceAccountName: ServiceAccountName(dot), + AutomountServiceAccountToken: &values.AutomountServiceAccountToken, + SecurityContext: &values.PodSecurityContext, + NodeSelector: values.NodeSelector, + Affinity: &values.Affinity, + TopologySpreadConstraints: values.TopologySpreadConstraints, + PriorityClassName: values.PriorityClassName, + Tolerations: values.Tolerations, + Volumes: consolePodVolumes(dot), + InitContainers: initContainers, + Containers: append([]corev1.Container{ + { + Name: dot.Chart.Name, + Command: values.Deployment.Command, + Args: append([]string{ + "--config.filepath=/etc/console/configs/config.yaml", + }, values.Deployment.ExtraArgs...), + SecurityContext: &values.SecurityContext, + Image: containerImage(dot), + ImagePullPolicy: values.Image.PullPolicy, + Ports: []corev1.ContainerPort{ + { + Name: "http", + ContainerPort: ContainerPort(dot), + Protocol: corev1.ProtocolTCP, + }, + }, + VolumeMounts: volumeMounts, + LivenessProbe: &corev1.Probe{ + InitialDelaySeconds: values.LivenessProbe.InitialDelaySeconds, // TODO what to do with this?? + PeriodSeconds: values.LivenessProbe.PeriodSeconds, + TimeoutSeconds: values.LivenessProbe.TimeoutSeconds, + SuccessThreshold: values.LivenessProbe.SuccessThreshold, + FailureThreshold: values.LivenessProbe.FailureThreshold, + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/admin/health", + Port: intstr.FromString("http"), + }, + }, + }, + ReadinessProbe: &corev1.Probe{ + InitialDelaySeconds: values.ReadinessProbe.InitialDelaySeconds, + PeriodSeconds: values.ReadinessProbe.PeriodSeconds, + TimeoutSeconds: values.ReadinessProbe.TimeoutSeconds, + SuccessThreshold: values.ReadinessProbe.SuccessThreshold, + FailureThreshold: values.ReadinessProbe.FailureThreshold, + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/admin/health", + Port: intstr.FromString("http"), + }, + }, + }, + Resources: values.Resources, + Env: consoleContainerEnv(dot), + EnvFrom: values.ExtraEnvFrom, + }, + }, values.ExtraContainers...), + }, + }, + }, + } +} + +// ConsoleImage +func containerImage(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + + tag := dot.Chart.AppVersion + if !helmette.Empty(values.Image.Tag) { + tag = *values.Image.Tag + } + + image := fmt.Sprintf("%s:%s", values.Image.Repository, tag) + + if !helmette.Empty(values.Image.Registry) { + return fmt.Sprintf("%s/%s", values.Image.Registry, image) + } + + return image +} + +type PossibleEnvVar struct { + Value any + EnvVar corev1.EnvVar +} + +func consoleContainerEnv(dot *helmette.Dot) []corev1.EnvVar { + values := helmette.Unwrap[Values](dot.Values) + + if !values.Secret.Create { + vars := values.ExtraEnv + + if !helmette.Empty(values.Enterprise.LicenseSecretRef.Name) { + vars = append(values.ExtraEnv, corev1.EnvVar{ + Name: "LICENSE", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: values.Enterprise.LicenseSecretRef.Name, + }, + Key: helmette.Default("enterprise-license", values.Enterprise.LicenseSecretRef.Key), + }, + }, + }) + } + + return vars + } + + possibleVars := []PossibleEnvVar{ + { + Value: values.Secret.Kafka.SASLPassword, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_SASL_PASSWORD", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "kafka-sasl-password", + }, + }, + }, + }, + { + Value: values.Secret.Kafka.ProtobufGitBasicAuthPassword, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_PROTOBUF_GIT_BASICAUTH_PASSWORD", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "kafka-protobuf-git-basicauth-password", + }, + }, + }, + }, + { + Value: values.Secret.Kafka.AWSMSKIAMSecretKey, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_SASL_AWSMSKIAM_SECRETKEY", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "kafka-sasl-aws-msk-iam-secret-key", + }, + }, + }, + }, + { + Value: values.Secret.Kafka.TLSCA, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_TLS_CAFILEPATH", + Value: "/etc/console/secrets/kafka-tls-ca", + }, + }, + { + Value: values.Secret.Kafka.TLSCert, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_TLS_CERTFILEPATH", + Value: "/etc/console/secrets/kafka-tls-cert", + }, + }, + { + Value: values.Secret.Kafka.TLSKey, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_TLS_KEYFILEPATH", + Value: "/etc/console/secrets/kafka-tls-key", + }, + }, + { + Value: values.Secret.Kafka.SchemaRegistryTLSCA, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH", + Value: "/etc/console/secrets/kafka-schemaregistry-tls-ca", + }, + }, + { + Value: values.Secret.Kafka.SchemaRegistryTLSCert, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_SCHEMAREGISTRY_TLS_CERTFILEPATH", + Value: "/etc/console/secrets/kafka-schemaregistry-tls-cert", + }, + }, + { + Value: values.Secret.Kafka.SchemaRegistryTLSKey, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_SCHEMAREGISTRY_TLS_KEYFILEPATH", + Value: "/etc/console/secrets/kafka-schemaregistry-tls-key", + }, + }, + { + Value: values.Secret.Kafka.SchemaRegistryPassword, + EnvVar: corev1.EnvVar{ + Name: "KAFKA_SCHEMAREGISTRY_PASSWORD", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "kafka-schema-registry-password", + }, + }, + }, + }, + { + Value: true, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_JWTSECRET", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "login-jwt-secret", + }, + }, + }, + }, + { + Value: values.Secret.Login.Google.ClientSecret, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_GOOGLE_CLIENTSECRET", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "login-google-oauth-client-secret", + }, + }, + }, + }, + + { + Value: values.Secret.Login.Google.GroupsServiceAccount, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_GOOGLE_DIRECTORY_SERVICEACCOUNTFILEPATH", + Value: "/etc/console/secrets/login-google-groups-service-account.json", + }, + }, + { + Value: values.Secret.Login.Github.ClientSecret, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_GITHUB_CLIENTSECRET", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "login-github-oauth-client-secret", + }, + }, + }, + }, + { + Value: values.Secret.Login.Github.PersonalAccessToken, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_GITHUB_DIRECTORY_PERSONALACCESSTOKEN", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "login-github-personal-access-token", + }, + }, + }, + }, + { + Value: values.Secret.Login.Okta.ClientSecret, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_OKTA_CLIENTSECRET", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "login-okta-client-secret", + }, + }, + }, + }, + { + Value: values.Secret.Login.Okta.DirectoryAPIToken, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_OKTA_DIRECTORY_APITOKEN", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "login-okta-directory-api-token", + }, + }, + }, + }, + { + Value: values.Secret.Login.OIDC.ClientSecret, + EnvVar: corev1.EnvVar{ + Name: "LOGIN_OIDC_CLIENTSECRET", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "login-oidc-client-secret", + }, + }, + }, + }, + { + Value: values.Secret.Enterprise.License, + EnvVar: corev1.EnvVar{ + Name: "LICENSE", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "enterprise-license", + }, + }, + }, + }, + { + Value: values.Secret.Redpanda.AdminAPI.Password, + EnvVar: corev1.EnvVar{ + Name: "REDPANDA_ADMINAPI_PASSWORD", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + Key: "redpanda-admin-api-password", + }, + }, + }, + }, + { + Value: values.Secret.Redpanda.AdminAPI.TLSCA, + EnvVar: corev1.EnvVar{ + Name: "REDPANDA_ADMINAPI_TLS_CAFILEPATH", + Value: "/etc/console/secrets/redpanda-admin-api-tls-ca", + }, + }, + { + Value: values.Secret.Redpanda.AdminAPI.TLSKey, + EnvVar: corev1.EnvVar{ + Name: "REDPANDA_ADMINAPI_TLS_KEYFILEPATH", + Value: "/etc/console/secrets/redpanda-admin-api-tls-key", + }, + }, + { + Value: values.Secret.Redpanda.AdminAPI.TLSCert, + EnvVar: corev1.EnvVar{ + Name: "REDPANDA_ADMINAPI_TLS_CERTFILEPATH", + Value: "/etc/console/secrets/redpanda-admin-api-tls-cert", + }, + }, + } + + vars := values.ExtraEnv + for _, possible := range possibleVars { + if !helmette.Empty(possible.Value) { + vars = append(vars, possible.EnvVar) + } + } + + return vars +} + +func consolePodVolumes(dot *helmette.Dot) []corev1.Volume { + values := helmette.Unwrap[Values](dot.Values) + + volumes := []corev1.Volume{ + { + Name: "configs", + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: Fullname(dot), + }, + }, + }, + }, + } + + if values.Secret.Create { + volumes = append(volumes, corev1.Volume{ + Name: "secrets", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: Fullname(dot), + }, + }, + }) + } + + for _, mount := range values.SecretMounts { + volumes = append(volumes, corev1.Volume{ + Name: mount.Name, + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: mount.SecretName, + DefaultMode: mount.DefaultMode, + }, + }, + }) + } + + return append(volumes, values.ExtraVolumes...) +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/examples/console-enterprise.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/examples/console-enterprise.yaml new file mode 100644 index 0000000000..dc3f29197d --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/examples/console-enterprise.yaml @@ -0,0 +1,94 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +image: + tag: master-8fcce39 + +resources: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 100m + memory: 512Mi + +console: + config: + kafka: + brokers: + - bootstrap.mybrokers.com:9092 + clientId: redpanda-console + sasl: + enabled: true + mechanism: SCRAM-SHA-256 + username: console + # password: set via Helm secret / Env variable + tls: + enabled: false + login: + google: + enabled: true + clientId: redacted.apps.googleusercontent.com + # clientSecret: set via Helm secret / Env variable + directory: + # serviceAccountFilepath: set via Helm secret / Env variable + targetPrincipal: admin@mycompany.com + enterprise: + rbac: + enabled: true + roleBindingsFilepath: /etc/console/configs/role-bindings.yaml + roleBindings: + - roleName: viewer + metadata: + # Metadata properties will be shown in the UI. You can omit it if you want to + name: Developers + subjects: + # You can specify all groups or users from different providers here which shall be bound to the same role + - kind: group + provider: Google + name: engineering@mycompany.com + - kind: user + provider: Google + name: singleuser@mycompany.com + - roleName: admin + metadata: + name: Admin + subjects: + - kind: user + provider: Google + name: adminperson@mycompany.com + +secret: + create: true + kafka: + saslPassword: "redacted" + enterprise: + license: "redacted" + login: + google: + clientSecret: "redacted" + groupsServiceAccount: | + { + "type": "service_account", + "project_id": "redacted", + "private_key_id": "redacted", + "private_key": "-----BEGIN PRIVATE KEY-----\nREDACTED\n-----END PRIVATE KEY-----\n", + "client_email": "redacted@projectid.iam.gserviceaccount.com", + "client_id": "redacted", + "auth_uri": "https://accounts.google.com/o/oauth2/auth", + "token_uri": "https://oauth2.googleapis.com/token", + "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", + "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/redacted.iam.gserviceaccount.com" + } diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/helpers.go b/charts/redpanda/redpanda/5.9.4/charts/console/helpers.go new file mode 100644 index 0000000000..eed4aa7119 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/helpers.go @@ -0,0 +1,84 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_helpers.go.tpl +package console + +import ( + "fmt" + "strings" + + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" +) + +// Expand the name of the chart. +func Name(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + + name := helmette.Default(dot.Chart.Name, values.NameOverride) + return cleanForK8s(name) +} + +// Create a default fully qualified app name. +// We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +// If release name contains chart name it will be used as a full name. +func Fullname(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + + if values.FullnameOverride != "" { + return cleanForK8s(values.FullnameOverride) + } + + name := helmette.Default(dot.Chart.Name, values.NameOverride) + + if helmette.Contains(name, dot.Release.Name) { + return cleanForK8s(dot.Release.Name) + } + + return cleanForK8s(fmt.Sprintf("%s-%s", dot.Release.Name, name)) +} + +// Create chart name and version as used by the chart label. +func Chart(dot *helmette.Dot) string { + chart := fmt.Sprintf("%s-%s", dot.Chart.Name, dot.Chart.Version) + return cleanForK8s(strings.ReplaceAll(chart, "+", "_")) +} + +// Common labels +func Labels(dot *helmette.Dot) map[string]string { + values := helmette.Unwrap[Values](dot.Values) + + labels := map[string]string{ + "helm.sh/chart": Chart(dot), + "app.kubernetes.io/managed-by": dot.Release.Service, + } + + if dot.Chart.AppVersion != "" { + labels["app.kubernetes.io/version"] = dot.Chart.AppVersion + } + + return helmette.Merge(labels, SelectorLabels(dot), values.CommonLabels) +} + +func SelectorLabels(dot *helmette.Dot) map[string]string { + return map[string]string{ + "app.kubernetes.io/name": Name(dot), + "app.kubernetes.io/instance": dot.Release.Name, + } +} + +func cleanForK8s(s string) string { + return helmette.TrimSuffix("-", helmette.Trunc(63, s)) +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/hpa.go b/charts/redpanda/redpanda/5.9.4/charts/console/hpa.go new file mode 100644 index 0000000000..3b0458cffe --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/hpa.go @@ -0,0 +1,82 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_hpa.go.tpl +package console + +import ( + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + autoscalingv2 "k8s.io/api/autoscaling/v2" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/utils/ptr" +) + +func HorizontalPodAutoscaler(dot *helmette.Dot) *autoscalingv2.HorizontalPodAutoscaler { + values := helmette.Unwrap[Values](dot.Values) + + if !values.Autoscaling.Enabled { + return nil + } + + metrics := []autoscalingv2.MetricSpec{} + + if values.Autoscaling.TargetCPUUtilizationPercentage != nil { + metrics = append(metrics, autoscalingv2.MetricSpec{ + Type: "Resource", + Resource: &autoscalingv2.ResourceMetricSource{ + Name: corev1.ResourceCPU, + Target: autoscalingv2.MetricTarget{ + Type: autoscalingv2.UtilizationMetricType, + AverageUtilization: values.Autoscaling.TargetCPUUtilizationPercentage, + }, + }, + }) + } + + if values.Autoscaling.TargetMemoryUtilizationPercentage != nil { + metrics = append(metrics, autoscalingv2.MetricSpec{ + Type: "Resource", + Resource: &autoscalingv2.ResourceMetricSource{ + Name: corev1.ResourceMemory, + Target: autoscalingv2.MetricTarget{ + Type: autoscalingv2.UtilizationMetricType, + AverageUtilization: values.Autoscaling.TargetMemoryUtilizationPercentage, + }, + }, + }) + } + + return &autoscalingv2.HorizontalPodAutoscaler{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "autoscaling/v2", + Kind: "HorizontalPodAutoscaler", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Labels: Labels(dot), + }, + Spec: autoscalingv2.HorizontalPodAutoscalerSpec{ + ScaleTargetRef: autoscalingv2.CrossVersionObjectReference{ + APIVersion: "apps/v1", + Kind: "Deployment", + Name: Fullname(dot), + }, + MinReplicas: ptr.To(values.Autoscaling.MinReplicas), + MaxReplicas: values.Autoscaling.MaxReplicas, + Metrics: metrics, + }, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/ingress.go b/charts/redpanda/redpanda/5.9.4/charts/console/ingress.go new file mode 100644 index 0000000000..926c286f18 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/ingress.go @@ -0,0 +1,88 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_ingress.go.tpl +package console + +import ( + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + networkingv1 "k8s.io/api/networking/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func Ingress(dot *helmette.Dot) *networkingv1.Ingress { + values := helmette.Unwrap[Values](dot.Values) + + if !values.Ingress.Enabled { + return nil + } + + var tls []networkingv1.IngressTLS + for _, t := range values.Ingress.TLS { + var hosts []string + for _, host := range t.Hosts { + hosts = append(hosts, helmette.Tpl(host, dot)) + } + tls = append(tls, networkingv1.IngressTLS{ + SecretName: t.SecretName, + Hosts: hosts, + }) + } + + var rules []networkingv1.IngressRule + for _, host := range values.Ingress.Hosts { + var paths []networkingv1.HTTPIngressPath + for _, path := range host.Paths { + paths = append(paths, networkingv1.HTTPIngressPath{ + Path: path.Path, + PathType: path.PathType, + Backend: networkingv1.IngressBackend{ + Service: &networkingv1.IngressServiceBackend{ + Name: Fullname(dot), + Port: networkingv1.ServiceBackendPort{ + Number: values.Service.Port, + }, + }, + }, + }) + } + + rules = append(rules, networkingv1.IngressRule{ + Host: helmette.Tpl(host.Host, dot), + IngressRuleValue: networkingv1.IngressRuleValue{ + HTTP: &networkingv1.HTTPIngressRuleValue{ + Paths: paths, + }, + }, + }) + } + + return &networkingv1.Ingress{ + TypeMeta: metav1.TypeMeta{ + Kind: "Ingress", + APIVersion: "networking.k8s.io/v1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Labels: Labels(dot), + Annotations: values.Ingress.Annotations, + }, + Spec: networkingv1.IngressSpec{ + IngressClassName: values.Ingress.ClassName, + TLS: tls, + Rules: rules, + }, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/notes.go b/charts/redpanda/redpanda/5.9.4/charts/console/notes.go new file mode 100644 index 0000000000..1f652dbaf8 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/notes.go @@ -0,0 +1,67 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_notes.go.tpl +package console + +import ( + "fmt" + + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" +) + +func Notes(dot *helmette.Dot) []string { + values := helmette.Unwrap[Values](dot.Values) + + commands := []string{ + `1. Get the application URL by running these commands:`, + } + if values.Ingress.Enabled { + scheme := "http" + if len(values.Ingress.TLS) > 0 { + scheme = "https" + } + for _, host := range values.Ingress.Hosts { + for _, path := range host.Paths { + commands = append(commands, fmt.Sprintf("%s://%s%s", scheme, host.Host, path.Path)) + } + } + } else if helmette.Contains("NodePort", string(values.Service.Type)) { + commands = append( + commands, + fmt.Sprintf(` export NODE_PORT=$(kubectl get --namespace %s -o jsonpath="{.spec.ports[0].nodePort}" services %s)`, dot.Release.Namespace, Fullname(dot)), + fmt.Sprintf(` export NODE_IP=$(kubectl get nodes --namespace %s -o jsonpath="{.items[0].status.addresses[0].address}")`, dot.Release.Namespace), + " echo http://$NODE_IP:$NODE_PORT", + ) + } else if helmette.Contains("NodePort", string(values.Service.Type)) { + commands = append( + commands, + ` NOTE: It may take a few minutes for the LoadBalancer IP to be available.`, + fmt.Sprintf(` You can watch the status of by running 'kubectl get --namespace %s svc -w %s'`, dot.Release.Namespace, Fullname(dot)), + fmt.Sprintf(` export SERVICE_IP=$(kubectl get svc --namespace %s %s --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")`, dot.Release.Namespace, Fullname(dot)), + fmt.Sprintf(` echo http://$SERVICE_IP:%d`, values.Service.Port), + ) + } else if helmette.Contains("ClusterIP", string(values.Service.Type)) { + commands = append( + commands, + fmt.Sprintf(` export POD_NAME=$(kubectl get pods --namespace %s -l "app.kubernetes.io/name=%s,app.kubernetes.io/instance=%s" -o jsonpath="{.items[0].metadata.name}")`, dot.Release.Namespace, Name(dot), dot.Release.Name), + fmt.Sprintf(` export CONTAINER_PORT=$(kubectl get pod --namespace %s $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")`, dot.Release.Namespace), + ` echo "Visit http://127.0.0.1:8080 to use your application"`, + fmt.Sprintf(` kubectl --namespace %s port-forward $POD_NAME 8080:$CONTAINER_PORT`, dot.Release.Namespace), + ) + } + + return commands +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/secret.go b/charts/redpanda/redpanda/5.9.4/charts/console/secret.go new file mode 100644 index 0000000000..d23951cbd2 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/secret.go @@ -0,0 +1,84 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_secret.go.tpl +package console + +import ( + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/utils/ptr" +) + +func Secret(dot *helmette.Dot) *corev1.Secret { + values := helmette.Unwrap[Values](dot.Values) + + if !values.Secret.Create { + return nil + } + + jwtSecret := values.Secret.Login.JWTSecret + if jwtSecret == "" { + jwtSecret = helmette.RandAlphaNum(32) + } + + return &corev1.Secret{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Secret", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Labels: Labels(dot), + }, + Type: corev1.SecretTypeOpaque, + StringData: map[string]string{ + // Set empty defaults, so that we can always mount them as env variable even if they are not used. + // For this reason we can't use `with` to change the scope. + + // Kafka + "kafka-sasl-password": ptr.Deref(values.Secret.Kafka.SASLPassword, ""), + "kafka-protobuf-git-basicauth-password": ptr.Deref(values.Secret.Kafka.ProtobufGitBasicAuthPassword, ""), + "kafka-sasl-aws-msk-iam-secret-key": ptr.Deref(values.Secret.Kafka.AWSMSKIAMSecretKey, ""), + "kafka-tls-ca": ptr.Deref(values.Secret.Kafka.TLSCA, ""), + "kafka-tls-cert": ptr.Deref(values.Secret.Kafka.TLSCert, ""), + "kafka-tls-key": ptr.Deref(values.Secret.Kafka.TLSKey, ""), + "kafka-schema-registry-password": ptr.Deref(values.Secret.Kafka.SchemaRegistryPassword, ""), + "kafka-schemaregistry-tls-ca": ptr.Deref(values.Secret.Kafka.SchemaRegistryTLSCA, ""), + "kafka-schemaregistry-tls-cert": ptr.Deref(values.Secret.Kafka.SchemaRegistryTLSCert, ""), + "kafka-schemaregistry-tls-key": ptr.Deref(values.Secret.Kafka.SchemaRegistryTLSKey, ""), + + // Login + "login-jwt-secret": jwtSecret, + "login-google-oauth-client-secret": ptr.Deref(values.Secret.Login.Google.ClientSecret, ""), + "login-google-groups-service-account.json": ptr.Deref(values.Secret.Login.Google.GroupsServiceAccount, ""), + "login-github-oauth-client-secret": ptr.Deref(values.Secret.Login.Github.ClientSecret, ""), + "login-github-personal-access-token": ptr.Deref(values.Secret.Login.Github.PersonalAccessToken, ""), + "login-okta-client-secret": ptr.Deref(values.Secret.Login.Okta.ClientSecret, ""), + "login-okta-directory-api-token": ptr.Deref(values.Secret.Login.Okta.DirectoryAPIToken, ""), + "login-oidc-client-secret": ptr.Deref(values.Secret.Login.OIDC.ClientSecret, ""), + + // Enterprise + "enterprise-license": ptr.Deref(values.Secret.Enterprise.License, ""), + + // Redpanda + "redpanda-admin-api-password": ptr.Deref(values.Secret.Redpanda.AdminAPI.Password, ""), + "redpanda-admin-api-tls-ca": ptr.Deref(values.Secret.Redpanda.AdminAPI.TLSCA, ""), + "redpanda-admin-api-tls-cert": ptr.Deref(values.Secret.Redpanda.AdminAPI.TLSCert, ""), + "redpanda-admin-api-tls-key": ptr.Deref(values.Secret.Redpanda.AdminAPI.TLSKey, ""), + }, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/service.go b/charts/redpanda/redpanda/5.9.4/charts/console/service.go new file mode 100644 index 0000000000..65214bf3ed --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/service.go @@ -0,0 +1,60 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_service.go.tpl +package console + +import ( + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" +) + +func Service(dot *helmette.Dot) *corev1.Service { + values := helmette.Unwrap[Values](dot.Values) + + port := corev1.ServicePort{ + Name: "http", + Port: int32(values.Service.Port), + Protocol: corev1.ProtocolTCP, + } + + if values.Service.TargetPort != nil { + port.TargetPort = intstr.FromInt32(*values.Service.TargetPort) + } + + if helmette.Contains("NodePort", string(values.Service.Type)) && values.Service.NodePort != nil { + port.NodePort = *values.Service.NodePort + } + + return &corev1.Service{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Service", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: Fullname(dot), + Namespace: dot.Release.Namespace, + Labels: Labels(dot), + Annotations: values.Service.Annotations, + }, + Spec: corev1.ServiceSpec{ + Type: values.Service.Type, + Selector: SelectorLabels(dot), + Ports: []corev1.ServicePort{port}, + }, + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/serviceaccount.go b/charts/redpanda/redpanda/5.9.4/charts/console/serviceaccount.go new file mode 100644 index 0000000000..c23e5c92c6 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/serviceaccount.go @@ -0,0 +1,60 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +gotohelm:filename=_serviceaccount.go.tpl +package console + +import ( + "github.com/redpanda-data/helm-charts/pkg/gotohelm/helmette" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/utils/ptr" +) + +// Create the name of the service account to use +func ServiceAccountName(dot *helmette.Dot) string { + values := helmette.Unwrap[Values](dot.Values) + + if values.ServiceAccount.Create { + if values.ServiceAccount.Name != "" { + return values.ServiceAccount.Name + } + return Fullname(dot) + } + + return helmette.Default("default", values.ServiceAccount.Name) +} + +func ServiceAccount(dot *helmette.Dot) *corev1.ServiceAccount { + values := helmette.Unwrap[Values](dot.Values) + + if !values.ServiceAccount.Create { + return nil + } + + return &corev1.ServiceAccount{ + TypeMeta: metav1.TypeMeta{ + Kind: "ServiceAccount", + APIVersion: "v1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: ServiceAccountName(dot), + Labels: Labels(dot), + Namespace: dot.Release.Namespace, + Annotations: values.ServiceAccount.Annotations, + }, + AutomountServiceAccountToken: ptr.To(values.ServiceAccount.AutomountServiceAccountToken), + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/NOTES.txt b/charts/redpanda/redpanda/5.9.4/charts/console/templates/NOTES.txt new file mode 100644 index 0000000000..7541881fc9 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/NOTES.txt @@ -0,0 +1,20 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- $notes := (get ((include "console.Notes" (dict "a" (list .))) | fromJson) "r") -}} +{{- range $_, $note := $notes }} +{{ $note }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_configmap.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_configmap.go.tpl new file mode 100644 index 0000000000..14673b0249 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_configmap.go.tpl @@ -0,0 +1,25 @@ +{{- /* Generated from "configmap.go" */ -}} + +{{- define "console.ConfigMap" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.configmap.create) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $data := (dict "config.yaml" (printf "# from .Values.console.config\n%s\n" (tpl (toYaml $values.console.config) $dot)) ) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.console.roles) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $data "roles.yaml" (tpl (toYaml (dict "roles" $values.console.roles )) $dot)) -}} +{{- end -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.console.roleBindings) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $data "role-bindings.yaml" (tpl (toYaml (dict "roleBindings" $values.console.roleBindings )) $dot)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "ConfigMap" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "console.Labels" (dict "a" (list $dot) ))) "r") )) "data" $data ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_deployment.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_deployment.go.tpl new file mode 100644 index 0000000000..71696bb257 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_deployment.go.tpl @@ -0,0 +1,133 @@ +{{- /* Generated from "deployment.go" */ -}} + +{{- define "console.ContainerPort" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $listenPort := ((8080 | int) | int) -}} +{{- if (ne $values.service.targetPort (coalesce nil)) -}} +{{- $listenPort = $values.service.targetPort -}} +{{- end -}} +{{- $configListenPort := (dig "server" "listenPort" (coalesce nil) $values.console.config) -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.asintegral" (dict "a" (list $configListenPort) ))) "r")) ))) "r") -}} +{{- $ok_2 := $tmp_tuple_1.T2 -}} +{{- $asInt_1 := ($tmp_tuple_1.T1 | int) -}} +{{- if $ok_2 -}} +{{- $_is_returning = true -}} +{{- (dict "r" ($asInt_1 | int)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $listenPort) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.Deployment" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.deployment.create) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $replicas := (coalesce nil) -}} +{{- if (not $values.autoscaling.enabled) -}} +{{- $replicas = ($values.replicaCount | int) -}} +{{- end -}} +{{- $initContainers := (coalesce nil) -}} +{{- if (ne $values.initContainers.extraInitContainers (coalesce nil)) -}} +{{- $initContainers = (fromYamlArray (tpl $values.initContainers.extraInitContainers $dot)) -}} +{{- end -}} +{{- $volumeMounts := (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "configs" "mountPath" "/etc/console/configs" "readOnly" true ))) -}} +{{- if $values.secret.create -}} +{{- $volumeMounts = (concat (default (list ) $volumeMounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "secrets" "mountPath" "/etc/console/secrets" "readOnly" true )))) -}} +{{- end -}} +{{- range $_, $mount := $values.secretMounts -}} +{{- $volumeMounts = (concat (default (list ) $volumeMounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" $mount.name "mountPath" $mount.path "subPath" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $mount.subPath "") ))) "r") )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $volumeMounts = (concat (default (list ) $volumeMounts) (default (list ) $values.extraVolumeMounts)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "selector" (coalesce nil) "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) "strategy" (dict ) ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "apps/v1" "kind" "Deployment" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "console.Labels" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "annotations" $values.annotations )) "spec" (mustMergeOverwrite (dict "selector" (coalesce nil) "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) "strategy" (dict ) ) (dict "replicas" $replicas "selector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "console.SelectorLabels" (dict "a" (list $dot) ))) "r") )) "strategy" $values.strategy "template" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "annotations" (merge (dict ) (dict "checksum/config" (sha256sum (toYaml (get (fromJson (include "console.ConfigMap" (dict "a" (list $dot) ))) "r"))) ) $values.podAnnotations) "labels" (merge (dict ) (get (fromJson (include "console.SelectorLabels" (dict "a" (list $dot) ))) "r") $values.podLabels) )) "spec" (mustMergeOverwrite (dict "containers" (coalesce nil) ) (dict "imagePullSecrets" $values.imagePullSecrets "serviceAccountName" (get (fromJson (include "console.ServiceAccountName" (dict "a" (list $dot) ))) "r") "automountServiceAccountToken" $values.automountServiceAccountToken "securityContext" $values.podSecurityContext "nodeSelector" $values.nodeSelector "affinity" $values.affinity "topologySpreadConstraints" $values.topologySpreadConstraints "priorityClassName" $values.priorityClassName "tolerations" $values.tolerations "volumes" (get (fromJson (include "console.consolePodVolumes" (dict "a" (list $dot) ))) "r") "initContainers" $initContainers "containers" (concat (default (list ) (list (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" $dot.Chart.Name "command" $values.deployment.command "args" (concat (default (list ) (list "--config.filepath=/etc/console/configs/config.yaml")) (default (list ) $values.deployment.extraArgs)) "securityContext" $values.securityContext "image" (get (fromJson (include "console.containerImage" (dict "a" (list $dot) ))) "r") "imagePullPolicy" $values.image.pullPolicy "ports" (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" "http" "containerPort" ((get (fromJson (include "console.ContainerPort" (dict "a" (list $dot) ))) "r") | int) "protocol" "TCP" ))) "volumeMounts" $volumeMounts "livenessProbe" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "httpGet" (mustMergeOverwrite (dict "port" 0 ) (dict "path" "/admin/health" "port" "http" )) )) (dict "initialDelaySeconds" ($values.livenessProbe.initialDelaySeconds | int) "periodSeconds" ($values.livenessProbe.periodSeconds | int) "timeoutSeconds" ($values.livenessProbe.timeoutSeconds | int) "successThreshold" ($values.livenessProbe.successThreshold | int) "failureThreshold" ($values.livenessProbe.failureThreshold | int) )) "readinessProbe" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "httpGet" (mustMergeOverwrite (dict "port" 0 ) (dict "path" "/admin/health" "port" "http" )) )) (dict "initialDelaySeconds" ($values.readinessProbe.initialDelaySeconds | int) "periodSeconds" ($values.readinessProbe.periodSeconds | int) "timeoutSeconds" ($values.readinessProbe.timeoutSeconds | int) "successThreshold" ($values.readinessProbe.successThreshold | int) "failureThreshold" ($values.readinessProbe.failureThreshold | int) )) "resources" $values.resources "env" (get (fromJson (include "console.consoleContainerEnv" (dict "a" (list $dot) ))) "r") "envFrom" $values.extraEnvFrom )))) (default (list ) $values.extraContainers)) )) )) )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.containerImage" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $tag := $dot.Chart.AppVersion -}} +{{- if (not (empty $values.image.tag)) -}} +{{- $tag = $values.image.tag -}} +{{- end -}} +{{- $image := (printf "%s:%s" $values.image.repository $tag) -}} +{{- if (not (empty $values.image.registry)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s/%s" $values.image.registry $image)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $image) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.consoleContainerEnv" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.secret.create) -}} +{{- $vars := $values.extraEnv -}} +{{- if (not (empty $values.enterprise.licenseSecretRef.name)) -}} +{{- $vars = (concat (default (list ) $values.extraEnv) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "LICENSE" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" $values.enterprise.licenseSecretRef.name )) (dict "key" (default "enterprise-license" $values.enterprise.licenseSecretRef.key) )) )) )))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $vars) | toJson -}} +{{- break -}} +{{- end -}} +{{- $possibleVars := (list (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.saslPassword "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_SASL_PASSWORD" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "kafka-sasl-password" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.protobufGitBasicAuthPassword "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_PROTOBUF_GIT_BASICAUTH_PASSWORD" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "kafka-protobuf-git-basicauth-password" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.awsMskIamSecretKey "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_SASL_AWSMSKIAM_SECRETKEY" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "kafka-sasl-aws-msk-iam-secret-key" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.tlsCa "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_TLS_CAFILEPATH" "value" "/etc/console/secrets/kafka-tls-ca" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.tlsCert "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_TLS_CERTFILEPATH" "value" "/etc/console/secrets/kafka-tls-cert" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.tlsKey "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_TLS_KEYFILEPATH" "value" "/etc/console/secrets/kafka-tls-key" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.schemaRegistryTlsCa "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH" "value" "/etc/console/secrets/kafka-schemaregistry-tls-ca" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.schemaRegistryTlsCert "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_SCHEMAREGISTRY_TLS_CERTFILEPATH" "value" "/etc/console/secrets/kafka-schemaregistry-tls-cert" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.schemaRegistryTlsKey "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_SCHEMAREGISTRY_TLS_KEYFILEPATH" "value" "/etc/console/secrets/kafka-schemaregistry-tls-key" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.kafka.schemaRegistryPassword "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "KAFKA_SCHEMAREGISTRY_PASSWORD" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "kafka-schema-registry-password" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" true "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_JWTSECRET" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "login-jwt-secret" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.login.google.clientSecret "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_GOOGLE_CLIENTSECRET" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "login-google-oauth-client-secret" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.login.google.groupsServiceAccount "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_GOOGLE_DIRECTORY_SERVICEACCOUNTFILEPATH" "value" "/etc/console/secrets/login-google-groups-service-account.json" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.login.github.clientSecret "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_GITHUB_CLIENTSECRET" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "login-github-oauth-client-secret" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.login.github.personalAccessToken "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_GITHUB_DIRECTORY_PERSONALACCESSTOKEN" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "login-github-personal-access-token" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.login.okta.clientSecret "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_OKTA_CLIENTSECRET" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "login-okta-client-secret" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.login.okta.directoryApiToken "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_OKTA_DIRECTORY_APITOKEN" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "login-okta-directory-api-token" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.login.oidc.clientSecret "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LOGIN_OIDC_CLIENTSECRET" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "login-oidc-client-secret" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.enterprise.License "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "LICENSE" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "enterprise-license" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.redpanda.adminApi.password "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "REDPANDA_ADMINAPI_PASSWORD" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict "key" "redpanda-admin-api-password" )) )) )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.redpanda.adminApi.tlsCa "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "REDPANDA_ADMINAPI_TLS_CAFILEPATH" "value" "/etc/console/secrets/redpanda-admin-api-tls-ca" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.redpanda.adminApi.tlsKey "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "REDPANDA_ADMINAPI_TLS_KEYFILEPATH" "value" "/etc/console/secrets/redpanda-admin-api-tls-key" )) )) (mustMergeOverwrite (dict "Value" (coalesce nil) "EnvVar" (dict "name" "" ) ) (dict "Value" $values.secret.redpanda.adminApi.tlsCert "EnvVar" (mustMergeOverwrite (dict "name" "" ) (dict "name" "REDPANDA_ADMINAPI_TLS_CERTFILEPATH" "value" "/etc/console/secrets/redpanda-admin-api-tls-cert" )) ))) -}} +{{- $vars := $values.extraEnv -}} +{{- range $_, $possible := $possibleVars -}} +{{- if (not (empty $possible.Value)) -}} +{{- $vars = (concat (default (list ) $vars) (list $possible.EnvVar)) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $vars) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.consolePodVolumes" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $volumes := (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "configMap" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) (dict )) )) (dict "name" "configs" ))) -}} +{{- if $values.secret.create -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) )) (dict "name" "secrets" )))) -}} +{{- end -}} +{{- range $_, $mount := $values.secretMounts -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" $mount.secretName "defaultMode" $mount.defaultMode )) )) (dict "name" $mount.name )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $volumes) (default (list ) $values.extraVolumes))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_helpers.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_helpers.go.tpl new file mode 100644 index 0000000000..88b00025d7 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_helpers.go.tpl @@ -0,0 +1,82 @@ +{{- /* Generated from "helpers.go" */ -}} + +{{- define "console.Name" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $name := (default $dot.Chart.Name $values.nameOverride) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "console.cleanForK8s" (dict "a" (list $name) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.Fullname" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (ne $values.fullnameOverride "") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "console.cleanForK8s" (dict "a" (list $values.fullnameOverride) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $name := (default $dot.Chart.Name $values.nameOverride) -}} +{{- if (contains $name $dot.Release.Name) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "console.cleanForK8s" (dict "a" (list $dot.Release.Name) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "console.cleanForK8s" (dict "a" (list (printf "%s-%s" $dot.Release.Name $name)) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.Chart" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $chart := (printf "%s-%s" $dot.Chart.Name $dot.Chart.Version) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "console.cleanForK8s" (dict "a" (list (replace "+" "_" $chart)) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.Labels" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $labels := (dict "helm.sh/chart" (get (fromJson (include "console.Chart" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/managed-by" $dot.Release.Service ) -}} +{{- if (ne $dot.Chart.AppVersion "") -}} +{{- $_ := (set $labels "app.kubernetes.io/version" $dot.Chart.AppVersion) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $labels (get (fromJson (include "console.SelectorLabels" (dict "a" (list $dot) ))) "r") $values.commonLabels)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.SelectorLabels" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict "app.kubernetes.io/name" (get (fromJson (include "console.Name" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/instance" $dot.Release.Name )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.cleanForK8s" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (trimSuffix "-" (trunc (63 | int) $s))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_helpers.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_helpers.tpl new file mode 100644 index 0000000000..ee2ab5d9b8 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{/* +Expand the name of the chart. +Used by tests/test-connection.yaml +*/}} +{{- define "console.name" -}} +{{- get ((include "console.Name" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +Used by tests/test-connection.yaml +*/}} +{{- define "console.fullname" -}} +{{- get ((include "console.Fullname" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Common labels +Used by tests/test-connection.yaml +*/}} +{{- define "console.labels" -}} +{{- (get ((include "console.Labels" (dict "a" (list .))) | fromJson) "r") | toYaml -}} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_hpa.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_hpa.go.tpl new file mode 100644 index 0000000000..5957633d22 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_hpa.go.tpl @@ -0,0 +1,25 @@ +{{- /* Generated from "hpa.go" */ -}} + +{{- define "console.HorizontalPodAutoscaler" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.autoscaling.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $metrics := (list ) -}} +{{- if (ne $values.autoscaling.targetCPUUtilizationPercentage (coalesce nil)) -}} +{{- $metrics = (concat (default (list ) $metrics) (list (mustMergeOverwrite (dict "type" "" ) (dict "type" "Resource" "resource" (mustMergeOverwrite (dict "name" "" "target" (dict "type" "" ) ) (dict "name" "cpu" "target" (mustMergeOverwrite (dict "type" "" ) (dict "type" "Utilization" "averageUtilization" $values.autoscaling.targetCPUUtilizationPercentage )) )) )))) -}} +{{- end -}} +{{- if (ne $values.autoscaling.targetMemoryUtilizationPercentage (coalesce nil)) -}} +{{- $metrics = (concat (default (list ) $metrics) (list (mustMergeOverwrite (dict "type" "" ) (dict "type" "Resource" "resource" (mustMergeOverwrite (dict "name" "" "target" (dict "type" "" ) ) (dict "name" "memory" "target" (mustMergeOverwrite (dict "type" "" ) (dict "type" "Utilization" "averageUtilization" $values.autoscaling.targetMemoryUtilizationPercentage )) )) )))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "scaleTargetRef" (dict "kind" "" "name" "" ) "maxReplicas" 0 ) "status" (dict "desiredReplicas" 0 "currentMetrics" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "autoscaling/v2" "kind" "HorizontalPodAutoscaler" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "console.Labels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict "scaleTargetRef" (dict "kind" "" "name" "" ) "maxReplicas" 0 ) (dict "scaleTargetRef" (mustMergeOverwrite (dict "kind" "" "name" "" ) (dict "apiVersion" "apps/v1" "kind" "Deployment" "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") )) "minReplicas" ($values.autoscaling.minReplicas | int) "maxReplicas" ($values.autoscaling.maxReplicas | int) "metrics" $metrics )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_ingress.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_ingress.go.tpl new file mode 100644 index 0000000000..0df05e870b --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_ingress.go.tpl @@ -0,0 +1,46 @@ +{{- /* Generated from "ingress.go" */ -}} + +{{- define "console.Ingress" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.ingress.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $tls := (coalesce nil) -}} +{{- range $_, $t := $values.ingress.tls -}} +{{- $hosts := (coalesce nil) -}} +{{- range $_, $host := $t.hosts -}} +{{- $hosts = (concat (default (list ) $hosts) (list (tpl $host $dot))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $tls = (concat (default (list ) $tls) (list (mustMergeOverwrite (dict ) (dict "secretName" $t.secretName "hosts" $hosts )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $rules := (coalesce nil) -}} +{{- range $_, $host := $values.ingress.hosts -}} +{{- $paths := (coalesce nil) -}} +{{- range $_, $path := $host.paths -}} +{{- $paths = (concat (default (list ) $paths) (list (mustMergeOverwrite (dict "pathType" (coalesce nil) "backend" (dict ) ) (dict "path" $path.path "pathType" $path.pathType "backend" (mustMergeOverwrite (dict ) (dict "service" (mustMergeOverwrite (dict "name" "" "port" (dict ) ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") "port" (mustMergeOverwrite (dict ) (dict "number" ($values.service.port | int) )) )) )) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $rules = (concat (default (list ) $rules) (list (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "http" (mustMergeOverwrite (dict "paths" (coalesce nil) ) (dict "paths" $paths )) )) (dict "host" (tpl $host.host $dot) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "kind" "Ingress" "apiVersion" "networking.k8s.io/v1" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "console.Labels" (dict "a" (list $dot) ))) "r") "annotations" $values.ingress.annotations )) "spec" (mustMergeOverwrite (dict ) (dict "ingressClassName" $values.ingress.className "tls" $tls "rules" $rules )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_notes.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_notes.go.tpl new file mode 100644 index 0000000000..6b58b21ef4 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_notes.go.tpl @@ -0,0 +1,40 @@ +{{- /* Generated from "notes.go" */ -}} + +{{- define "console.Notes" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $commands := (list `1. Get the application URL by running these commands:`) -}} +{{- if $values.ingress.enabled -}} +{{- $scheme := "http" -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.ingress.tls) ))) "r") | int) (0 | int)) -}} +{{- $scheme = "https" -}} +{{- end -}} +{{- range $_, $host := $values.ingress.hosts -}} +{{- range $_, $path := $host.paths -}} +{{- $commands = (concat (default (list ) $commands) (list (printf "%s://%s%s" $scheme $host.host $path.path))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- else -}}{{- if (contains "NodePort" (toString $values.service.type)) -}} +{{- $commands = (concat (default (list ) $commands) (list (printf ` export NODE_PORT=$(kubectl get --namespace %s -o jsonpath="{.spec.ports[0].nodePort}" services %s)` $dot.Release.Namespace (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r")) (printf ` export NODE_IP=$(kubectl get nodes --namespace %s -o jsonpath="{.items[0].status.addresses[0].address}")` $dot.Release.Namespace) " echo http://$NODE_IP:$NODE_PORT")) -}} +{{- else -}}{{- if (contains "NodePort" (toString $values.service.type)) -}} +{{- $commands = (concat (default (list ) $commands) (list ` NOTE: It may take a few minutes for the LoadBalancer IP to be available.` (printf ` You can watch the status of by running 'kubectl get --namespace %s svc -w %s'` $dot.Release.Namespace (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r")) (printf ` export SERVICE_IP=$(kubectl get svc --namespace %s %s --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")` $dot.Release.Namespace (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r")) (printf ` echo http://$SERVICE_IP:%d` ($values.service.port | int)))) -}} +{{- else -}}{{- if (contains "ClusterIP" (toString $values.service.type)) -}} +{{- $commands = (concat (default (list ) $commands) (list (printf ` export POD_NAME=$(kubectl get pods --namespace %s -l "app.kubernetes.io/name=%s,app.kubernetes.io/instance=%s" -o jsonpath="{.items[0].metadata.name}")` $dot.Release.Namespace (get (fromJson (include "console.Name" (dict "a" (list $dot) ))) "r") $dot.Release.Name) (printf ` export CONTAINER_PORT=$(kubectl get pod --namespace %s $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")` $dot.Release.Namespace) ` echo "Visit http://127.0.0.1:8080 to use your application"` (printf ` kubectl --namespace %s port-forward $POD_NAME 8080:$CONTAINER_PORT` $dot.Release.Namespace))) -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $commands) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_secret.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_secret.go.tpl new file mode 100644 index 0000000000..49e6289930 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_secret.go.tpl @@ -0,0 +1,22 @@ +{{- /* Generated from "secret.go" */ -}} + +{{- define "console.Secret" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.secret.create) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $jwtSecret := $values.secret.login.jwtSecret -}} +{{- if (eq $jwtSecret "") -}} +{{- $jwtSecret = (randAlphaNum (32 | int)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Secret" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "console.Labels" (dict "a" (list $dot) ))) "r") )) "type" "Opaque" "stringData" (dict "kafka-sasl-password" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.saslPassword "") ))) "r") "kafka-protobuf-git-basicauth-password" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.protobufGitBasicAuthPassword "") ))) "r") "kafka-sasl-aws-msk-iam-secret-key" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.awsMskIamSecretKey "") ))) "r") "kafka-tls-ca" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.tlsCa "") ))) "r") "kafka-tls-cert" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.tlsCert "") ))) "r") "kafka-tls-key" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.tlsKey "") ))) "r") "kafka-schema-registry-password" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.schemaRegistryPassword "") ))) "r") "kafka-schemaregistry-tls-ca" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.schemaRegistryTlsCa "") ))) "r") "kafka-schemaregistry-tls-cert" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.schemaRegistryTlsCert "") ))) "r") "kafka-schemaregistry-tls-key" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.kafka.schemaRegistryTlsKey "") ))) "r") "login-jwt-secret" $jwtSecret "login-google-oauth-client-secret" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.login.google.clientSecret "") ))) "r") "login-google-groups-service-account.json" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.login.google.groupsServiceAccount "") ))) "r") "login-github-oauth-client-secret" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.login.github.clientSecret "") ))) "r") "login-github-personal-access-token" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.login.github.personalAccessToken "") ))) "r") "login-okta-client-secret" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.login.okta.clientSecret "") ))) "r") "login-okta-directory-api-token" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.login.okta.directoryApiToken "") ))) "r") "login-oidc-client-secret" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.login.oidc.clientSecret "") ))) "r") "enterprise-license" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.enterprise.License "") ))) "r") "redpanda-admin-api-password" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.redpanda.adminApi.password "") ))) "r") "redpanda-admin-api-tls-ca" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.redpanda.adminApi.tlsCa "") ))) "r") "redpanda-admin-api-tls-cert" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.redpanda.adminApi.tlsCert "") ))) "r") "redpanda-admin-api-tls-key" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.secret.redpanda.adminApi.tlsKey "") ))) "r") ) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_service.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_service.go.tpl new file mode 100644 index 0000000000..64cef3f8dd --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_service.go.tpl @@ -0,0 +1,20 @@ +{{- /* Generated from "service.go" */ -}} + +{{- define "console.Service" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $port := (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" "http" "port" (($values.service.port | int) | int) "protocol" "TCP" )) -}} +{{- if (ne $values.service.targetPort (coalesce nil)) -}} +{{- $_ := (set $port "targetPort" $values.service.targetPort) -}} +{{- end -}} +{{- if (and (contains "NodePort" (toString $values.service.type)) (ne $values.service.nodePort (coalesce nil))) -}} +{{- $_ := (set $port "nodePort" $values.service.nodePort) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Service" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "console.Labels" (dict "a" (list $dot) ))) "r") "annotations" $values.service.annotations )) "spec" (mustMergeOverwrite (dict ) (dict "type" $values.service.type "selector" (get (fromJson (include "console.SelectorLabels" (dict "a" (list $dot) ))) "r") "ports" (list $port) )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_serviceaccount.go.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_serviceaccount.go.tpl new file mode 100644 index 0000000000..5a49ba3fdb --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_serviceaccount.go.tpl @@ -0,0 +1,39 @@ +{{- /* Generated from "serviceaccount.go" */ -}} + +{{- define "console.ServiceAccountName" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if $values.serviceAccount.create -}} +{{- if (ne $values.serviceAccount.name "") -}} +{{- $_is_returning = true -}} +{{- (dict "r" $values.serviceAccount.name) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "console.Fullname" (dict "a" (list $dot) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (default "default" $values.serviceAccount.name)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "console.ServiceAccount" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.serviceAccount.create) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "kind" "ServiceAccount" "apiVersion" "v1" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "console.ServiceAccountName" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "console.Labels" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "annotations" $values.serviceAccount.annotations )) "automountServiceAccountToken" $values.serviceAccount.automountServiceAccountToken ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/_shims.tpl b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_shims.tpl new file mode 100644 index 0000000000..e3bb40e415 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/_shims.tpl @@ -0,0 +1,289 @@ +{{- /* Generated from "bootstrap.go" */ -}} + +{{- define "_shims.typetest" -}} +{{- $typ := (index .a 0) -}} +{{- $value := (index .a 1) -}} +{{- $zero := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs $typ $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $zero false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.typeassertion" -}} +{{- $typ := (index .a 0) -}} +{{- $value := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (not (typeIs $typ $value)) -}} +{{- $_ := (fail (printf "expected type of %q got: %T" $typ $value)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $value) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.dicttest" -}} +{{- $m := (index .a 0) -}} +{{- $key := (index .a 1) -}} +{{- $zero := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (hasKey $m $key) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (index $m $key) true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $zero false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.compact" -}} +{{- $args := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $out := (dict ) -}} +{{- range $i, $e := $args -}} +{{- $_ := (set $out (printf "T%d" ((add (1 | int) $i) | int)) $e) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $out) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.deref" -}} +{{- $ptr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $ptr (coalesce nil)) -}} +{{- $_ := (fail "nil dereference") -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $ptr) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.len" -}} +{{- $m := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $m (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (0 | int)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (len $m)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.ptr_Deref" -}} +{{- $ptr := (index .a 0) -}} +{{- $def := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $ptr (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $ptr) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $def) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.ptr_Equal" -}} +{{- $a := (index .a 0) -}} +{{- $b := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (and (eq $a (coalesce nil)) (eq $b (coalesce nil))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (eq $a $b)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.lookup" -}} +{{- $apiVersion := (index .a 0) -}} +{{- $kind := (index .a 1) -}} +{{- $namespace := (index .a 2) -}} +{{- $name := (index .a 3) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (lookup $apiVersion $kind $namespace $name) -}} +{{- if (empty $result) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (coalesce nil) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $result true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.asnumeric" -}} +{{- $value := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs "float64" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (typeIs "int64" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (typeIs "int" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (0 | int) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.asintegral" -}} +{{- $value := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (or (typeIs "int64" $value) (typeIs "int" $value)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (and (typeIs "float64" $value) (eq (floor $value) $value)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (0 | int) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.parseResource" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs "float64" $repr) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (float64 $repr) 1.0)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (not (typeIs "string" $repr)) -}} +{{- $_ := (fail (printf "invalid Quantity expected string or float64 got: %T (%v)" $repr $repr)) -}} +{{- end -}} +{{- if (not (regexMatch `^[0-9]+(\.[0-9]{0,6})?(k|m|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$` $repr)) -}} +{{- $_ := (fail (printf "invalid Quantity: %q" $repr)) -}} +{{- end -}} +{{- $reprStr := (toString $repr) -}} +{{- $unit := (regexFind "(k|m|M|G|T|P|Ki|Mi|Gi|Ti|Pi)$" $repr) -}} +{{- $numeric := (float64 (substr (0 | int) ((sub ((get (fromJson (include "_shims.len" (dict "a" (list $reprStr) ))) "r") | int) ((get (fromJson (include "_shims.len" (dict "a" (list $unit) ))) "r") | int)) | int) $reprStr)) -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list (dict "" 1.0 "m" 0.001 "k" (1000 | int) "M" (1000000 | int) "G" (1000000000 | int) "T" (1000000000000 | int) "P" (1000000000000000 | int) "Ki" (1024 | int) "Mi" (1048576 | int) "Gi" (1073741824 | int) "Ti" (1099511627776 | int) "Pi" (1125899906842624 | int) ) $unit (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_1.T2 -}} +{{- $scale := ($tmp_tuple_1.T1 | float64) -}} +{{- if (not $ok) -}} +{{- $_ := (fail (printf "unknown unit: %q" $unit)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $numeric $scale)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_MustParse" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_2.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_2.T1 | float64) -}} +{{- $strs := (list "" "m" "k" "M" "G" "T" "P" "Ki" "Mi" "Gi" "Ti" "Pi") -}} +{{- $scales := (list 1.0 0.001 (1000 | int) (1000000 | int) (1000000000 | int) (1000000000000 | int) (1000000000000000 | int) (1024 | int) (1048576 | int) (1073741824 | int) (1099511627776 | int) (1125899906842624 | int)) -}} +{{- $idx := -1 -}} +{{- range $i, $s := $scales -}} +{{- if (eq ($s | float64) ($scale | float64)) -}} +{{- $idx = $i -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- if (eq $idx -1) -}} +{{- $_ := (fail (printf "unknown scale: %v" $scale)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s%s" (toString $numeric) (index $strs $idx))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_Value" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_3.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_3.T1 | float64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (int64 (ceil ((mulf $numeric $scale) | float64)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_MilliValue" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_4.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_4.T1 | float64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (int64 (ceil ((mulf ((mulf $numeric 1000.0) | float64) $scale) | float64)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.render-manifest" -}} +{{- $tpl := (index . 0) -}} +{{- $dot := (index . 1) -}} +{{- $manifests := (get ((include $tpl (dict "a" (list $dot))) | fromJson) "r") -}} +{{- if not (typeIs "[]interface {}" $manifests) -}} +{{- $manifests = (list $manifests) -}} +{{- end -}} +{{- range $_, $manifest := $manifests -}} +{{- if ne $manifest nil }} +--- +{{toYaml (unset (unset $manifest "status") "creationTimestamp")}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/configmap.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/configmap.yaml new file mode 100644 index 0000000000..cffd69938f --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/configmap.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "console.ConfigMap" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/deployment.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/deployment.yaml new file mode 100644 index 0000000000..48a149041b --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/deployment.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "console.Deployment" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/hpa.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/hpa.yaml new file mode 100644 index 0000000000..9cfc4a132e --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/hpa.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "console.HorizontalPodAutoscaler" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/ingress.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/ingress.yaml new file mode 100644 index 0000000000..ef3867869c --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/ingress.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "console.Ingress" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/secret.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/secret.yaml new file mode 100644 index 0000000000..aeeeba25e1 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/secret.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "console.Secret" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/service.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/service.yaml new file mode 100644 index 0000000000..0f1621fafc --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/service.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "console.Service" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/serviceaccount.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/serviceaccount.yaml new file mode 100644 index 0000000000..9215af70ed --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/serviceaccount.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "console.ServiceAccount" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/templates/tests/test-connection.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/templates/tests/test-connection.yaml new file mode 100644 index 0000000000..de17fb2b1d --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/templates/tests/test-connection.yaml @@ -0,0 +1,22 @@ +{{- if .Values.tests.enabled }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "console.fullname" . }}-test-connection" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "console.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: +{{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} +{{- end }} + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "console.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never + priorityClassName: {{ .Values.priorityClassName }} +{{- end }} \ No newline at end of file diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases-generated.txtar b/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases-generated.txtar new file mode 100644 index 0000000000..7fd56f9de3 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases-generated.txtar @@ -0,0 +1,22208 @@ +Generated by TestGenerateCases +-- case-000 -- +affinity: {} +annotations: + Q9AVJD4: G9TEnp +autoscaling: + maxReplicas: 206 + minReplicas: 312 + targetCPUUtilizationPercentage: 41 + targetMemoryUtilizationPercentage: 72 +commonLabels: + "": 31q1Pbz +extraEnv: +- name: Z2BpO + value: 0ggF3ha7D +extraVolumes: +- name: 7iCCax +- name: meEH +- name: xYVSV +fullnameOverride: hvGoJL +livenessProbe: + failureThreshold: 1028486626 + httpGet: + host: AOZs + path: YKi + port: Q8C3tKEBBI + scheme: ćpʔS欻鯡 + initialDelaySeconds: 1713123405 + periodSeconds: -1411200119 + successThreshold: -1362510905 + timeoutSeconds: 1375594715 +nameOverride: "n" +podAnnotations: + lyW: mn + pjq6fDr: YA2w301 + uXvFB: VQ5gP9 +priorityClassName: vQhDS +replicaCount: 387 +resources: + limits: + x0StjCjt: "0" +securityContext: {} +serviceAccount: + automountServiceAccountToken: false + create: true + name: HRoLg +strategy: + type: Ò泆A +-- case-001 -- +automountServiceAccountToken: true +extraContainers: +- image: LlCU3if + imagePullPolicy: RɷVȄ×ʤǫĠ侻Ɏźx跻Å榜 + lifecycle: {} + name: l0 + resources: {} + securityContext: + allowPrivilegeEscalation: true + privileged: true + startupProbe: + exec: {} + failureThreshold: -1510490758 + initialDelaySeconds: 112782468 + periodSeconds: -738545847 + successThreshold: -1801864225 + timeoutSeconds: 1026753125 + terminationMessagePath: gCG + terminationMessagePolicy: hmƂÚÕʏ疅耪鯉瓉Ɏ煐8qĺ + tty: true + workingDir: ixD7Jq +extraEnv: +- name: 3Nf + value: vATdo0CH + valueFrom: + configMapKeyRef: + key: IRw5 + name: fa + fieldRef: + apiVersion: 93Fjhay + fieldPath: LRa2I +- name: T0 + value: trXO4 +- name: P9hPooVH + value: yii5lolb + valueFrom: + configMapKeyRef: + key: spAKa + name: U0EYAAe0 +fullnameOverride: T50cZi +initContainers: + extraInitContainers: qur +nameOverride: Sh +priorityClassName: NyOpfr +replicaCount: 414 +resources: {} +tolerations: +- effect: Mǣ鍙x奬Ø裗Ʈ唿踣ʘ)ɒâÄ + key: AWx + operator: yīÄLJʑʢ避 + value: cO +- effect: ï楡ɜƐf鱖À夹ǙȤK + key: Gk23T + operator: è6槈$_ȋ6}rvĕ曉¸顋ŀÓ + value: DCkzy +- effect: 蠯u牰ŇɔnÜȎĤ原H + key: qSC + operator: "n" + tolerationSeconds: -7696192156323826068 + value: z +-- case-002 -- +deployment: {} +enterprise: {} +extraEnvFrom: +- prefix: cfVf + secretRef: + name: ha +- prefix: i2E2Jvnc +extraVolumeMounts: +- mountPath: Y40 + mountPropagation: $寕洦敬苖ēRõøȀ + name: vn5hd + readOnly: true + subPath: oXCY9 + subPathExpr: p +fullnameOverride: xZty +imagePullSecrets: +- {} +- name: YPVBzxvx +nameOverride: vN4yH7I +podAnnotations: + 8vRMfVroYC2: QXbUbLea + VV4w: s4sL + upwTMuIqflmD: 9J0H45zXX +priorityClassName: TeCy +replicaCount: 417 +resources: + limits: + 27ywV: "0" + nMnjjF4kM: "0" + xar2JX: "0" +service: + nodePort: 292 + port: 413 + targetPort: 267 + type: ILpSX2Cy +serviceAccount: + automountServiceAccountToken: true + name: R1Yar8 +tolerations: +- effect: ǩ趥螏|F8ǻĬ嵍Ğ错ʂĺƠǷ俆峻噸 + key: b + operator: wąȹV{İ刡嚮ȜJ + value: ZuTw +- effect: D稕栥[Ǟ$焫昲 + key: NnhmxYy + operator: Xʀ + value: v65W +- effect: 岂bĤ晏#DĢº + key: MOgT + operator: 礩懜蹻ǍBȟvɸ堊 + value: 3iXh +-- case-003 -- +annotations: + 6HCwaF8XIH: uIbMN + MRwga: Fq5s + mgpV: 4f +autoscaling: + maxReplicas: 411 + minReplicas: 432 + targetCPUUtilizationPercentage: 169 + targetMemoryUtilizationPercentage: 155 +configmap: + create: false +deployment: + create: false +extraVolumes: +- name: 1CIX +fullnameOverride: 8nE +ingress: + className: EqUYi + enabled: true + hosts: + - host: bKQCmfZ + - host: djItx5GtejC6 + - host: 2wLaQU8 + tls: + - hosts: + - V8BpuMCig + - 7LqG4w92 + - el3u4v + secretName: nUlu5bMwB8 + - hosts: + - 4HLzq + - 2i4g + secretName: lSgQIKwj5 +nameOverride: w6 +podSecurityContext: + fsGroup: 1512968668502336058 + runAsUser: -2578305880243425477 +priorityClassName: HNqN9h2 +replicaCount: 17 +resources: {} +secret: + create: true + kafka: + awsMskIamSecretKey: SrYY84t + protobufGitBasicAuthPassword: Fb + saslPassword: xCc3TeVY + schemaRegistryPassword: ovCqxwz9Bf + schemaRegistryTlsCa: JL + schemaRegistryTlsCert: cS + schemaRegistryTlsKey: UMwYx4F + tlsCa: HFpsnPdw + tlsCert: hseIt + tlsPassphrase: Wc0 +-- case-004 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: -1713447377 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: null + podAntiAffinity: {} +commonLabels: + "": PtQ7JxIAdPjt +fullnameOverride: "" +nameOverride: YMl +podAnnotations: + 1iK8Ic: Qo3FCg9qi + 63SsVxDT: v + A1Q4J4: U9jygY2t1F +priorityClassName: JT0MK +replicaCount: 261 +secretMounts: +- defaultMode: 197 + name: QmzFlXE + path: Oj + secretName: 7gi +service: + nodePort: 366 + port: 112 + targetPort: 173 + type: dO7eovC +strategy: + type: ɡv?ĨJ姯ɚƟć匪cb +-- case-005 -- +autoscaling: + enabled: false + maxReplicas: 26 + minReplicas: 380 + targetCPUUtilizationPercentage: 395 + targetMemoryUtilizationPercentage: 140 +configmap: + create: false +deployment: {} +extraVolumeMounts: +- mountPath: JU4z + name: QEJyD + subPath: ZBEy2m0m + subPathExpr: S1Kk +- mountPath: RjUw5sX7NP + name: ett1n + subPath: NmZKwz + subPathExpr: QOMT +fullnameOverride: pN +image: + registry: 7iw15D + repository: RnJFs0 + tag: OQDirE +imagePullSecrets: +- name: ATcT6Hd +- name: l15Hhw +initContainers: + extraInitContainers: Me +livenessProbe: + exec: + command: + - AJd + - HZf + - YHivxIsAJ738b5Q + failureThreshold: -1921365096 + initialDelaySeconds: -1548958176 + periodSeconds: -1952555242 + successThreshold: -1289242499 + timeoutSeconds: -265051013 +nameOverride: MW +priorityClassName: KnLhcy2cw +replicaCount: 396 +secret: + create: true + login: + github: + clientSecret: R4Zj + personalAccessToken: N85av + jwtSecret: g + oidc: + clientSecret: enei1WIcV +tests: {} +-- case-006 -- +affinity: + podAffinity: {} + podAntiAffinity: {} +configmap: + create: true +console: {} +enterprise: {} +extraVolumeMounts: +- mountPath: 5uhd1qMX + mountPropagation: ȵS鈛ZQì暗 + name: "N" + readOnly: true + subPath: lbeciOZZ + subPathExpr: Pd88cwE +- mountPath: yVo + mountPropagation: ÑƇ[嫨ĸŁ幵鿯它(ȡ~嘶ƌO情=į臺 + name: Z + readOnly: true + subPath: Nrqx + subPathExpr: Q4ChfT +fullnameOverride: rzd +image: + registry: zT38Q + repository: V + tag: iSGm6MT1 +ingress: + className: XOZv8 + enabled: false + hosts: + - host: WGn + paths: + - path: NVV + pathType: 0DK + - host: "" +initContainers: + extraInitContainers: SCgmJTj +nameOverride: gCH15URsJZr +podAnnotations: + s2D: DMU7 +podLabels: + CoBI: 20aOZaZvs + e0xqmoOD: Nb5V + ylGQE: p +priorityClassName: 1x11c0q +replicaCount: 176 +resources: + requests: + PY: "0" +secret: + enterprise: + licenseSecretRef: + key: eF + name: fQ02KR + kafka: + awsMskIamSecretKey: 1tq + protobufGitBasicAuthPassword: G + saslPassword: K8kPgIp6 + schemaRegistryPassword: "" + schemaRegistryTlsCa: Zr + schemaRegistryTlsCert: KN + schemaRegistryTlsKey: t + tlsCa: CQ + tlsCert: 6xZ8 + tlsPassphrase: JpScAmVx6 +serviceAccount: + automountServiceAccountToken: false + create: true + name: nd7TSb2mNTS +tests: + enabled: false +-- case-007 -- +commonLabels: + cV05TKdtF: 55lItpeJD + h: 1Y7dqm4wZL +configmap: {} +console: + roleBindings: + - "": null + 5w1YcAu: null +extraEnv: +- name: qY0f + value: Wu +- name: 9zVp + value: g +extraEnvFrom: +- configMapRef: + name: OUS + optional: true + prefix: YWvtgT +- configMapRef: + name: 4xZZ + prefix: Djbp99U +extraVolumes: +- name: dCz +fullnameOverride: "y" +initContainers: + extraInitContainers: RiAu +livenessProbe: + exec: + command: + - 3Ujf + - EOmDk + failureThreshold: 1105213631 + grpc: + port: -199686432 + service: H + initialDelaySeconds: -1727299217 + periodSeconds: -579129147 + successThreshold: -1278687101 + terminationGracePeriodSeconds: 7570283898099180047 + timeoutSeconds: -603846855 +nameOverride: HWL +nodeSelector: + CAy: 19kW + R2z: OpcDywz9x +podSecurityContext: + fsGroupChangePolicy: 驸Ǩiµ慷泱世 + runAsGroup: 6873387834465682841 + runAsUser: 7937848737866681002 + sysctls: + - name: mp + value: SkIvFN + - name: E + value: RknyuPB + - name: kcY + value: us1 +priorityClassName: rs +readinessProbe: + failureThreshold: 114758306 + grpc: + port: 774513900 + service: GICRd2O + initialDelaySeconds: 457836757 + periodSeconds: -1914503008 + successThreshold: 1926018786 + timeoutSeconds: 458769630 +replicaCount: 103 +resources: + requests: + 4P1f3: "0" + DmuY: "0" +secret: + login: + google: + clientSecret: Ln0 + groupsServiceAccount: gp + jwtSecret: 2j6NF + okta: + clientSecret: 3A593BjCuu + directoryApiToken: mSSz8MZ + redpanda: + adminApi: + password: t + tlsCa: QD1x71f + tlsCert: 744Ysvi + tlsKey: 56VaHh +service: + nodePort: 238 + port: 286 + targetPort: 404 + type: Vvrvx +serviceAccount: + automountServiceAccountToken: false + name: RFjc7 +-- case-008 -- +annotations: + hfXF: v4uLEC6f8m +automountServiceAccountToken: false +console: {} +deployment: {} +fullnameOverride: GbgHqD +ingress: + className: XfqwM +livenessProbe: + failureThreshold: 1421249778 + initialDelaySeconds: 1194618095 + periodSeconds: 1245060237 + successThreshold: -641096828 + timeoutSeconds: -617099936 +nameOverride: RW +podAnnotations: + BTlN: z8t + a: Pqjhw +podSecurityContext: + fsGroupChangePolicy: ǶȚ/廻 + runAsGroup: 3241750191956122115 + runAsNonRoot: false + runAsUser: 2693812519144067821 + supplementalGroups: + - -7558357415363805139 + - -9152494874115651655 + - -906805565867492888 + sysctls: + - name: CBe8XsS + value: bh + - name: pUYyG9c + value: xPm1 +priorityClassName: 0fXQqWA96 +readinessProbe: + failureThreshold: -10750427 + httpGet: + host: yftc + path: 7MDOtCNf + port: -1919050774 + scheme: ȧ楢谚 + initialDelaySeconds: 208988771 + periodSeconds: -2096658971 + successThreshold: -233405863 + timeoutSeconds: 2042765580 +replicaCount: 475 +secret: + create: false + enterprise: + licenseSecretRef: + key: "" + name: vGB +securityContext: + procMount: ȃ蘗ʮǺ踰蒐佛桸gɋ + readOnlyRootFilesystem: false + runAsGroup: 5367218369967093267 +serviceAccount: + create: true + name: YcV5zP8 +strategy: + rollingUpdate: {} + type: 堯飉J侚桤 合w犌ŝ|#è:(蹝Ƀy輐 +topologySpreadConstraints: +- maxSkew: -722842418 + nodeTaintsPolicy: uã链掎ŏȅ噘籥邟澶N3-昃嗽(七|犘 + topologyKey: vq + whenUnsatisfiable: Ȭť'Ùt苷ŲĤ蘝 +- labelSelector: {} + maxSkew: 1436245353 + nodeAffinityPolicy: 0ʠƃ氁ʆZ + topologyKey: t + whenUnsatisfiable: x叾džʜƽ耨 +- labelSelector: {} + matchLabelKeys: + - 6T2 + - FqrwFd + maxSkew: -172720268 + nodeAffinityPolicy: 觏败TʙȎ喧5婬ȑªgȢ'!ÅWp襎 + nodeTaintsPolicy: ÛB¹]ʐ梳Ě + topologyKey: VyU9 + whenUnsatisfiable: 烹wɹȐN坿¨叻ʊ鴥/Ŭ屎釽C欼 +-- case-009 -- +affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: {} +automountServiceAccountToken: true +configmap: + create: false +deployment: {} +fullnameOverride: l1Bnpx +imagePullSecrets: +- name: x42RbB4KLm +livenessProbe: + failureThreshold: -1420734522 + httpGet: + host: fFkzqM8 + path: aVVHbe + port: TkNE + scheme: ǂɷ烷Į~鼹ǵǃ楅ǰ + initialDelaySeconds: 753838163 + periodSeconds: -444344576 + successThreshold: -1003403229 + timeoutSeconds: -172453343 +nameOverride: BKV +nodeSelector: + OBRBvRK: hMXDLGN5 + ky: sv +podSecurityContext: + fsGroupChangePolicy: 灆Zeɪ霅ǭɒ<ǖ韆 + runAsGroup: -2394155475284911371 + runAsNonRoot: true + supplementalGroups: + - 802667379359895872 + - 8316082600801371691 +priorityClassName: p0ShP6Yru +readinessProbe: + failureThreshold: -286281002 + initialDelaySeconds: 138566964 + periodSeconds: -361700659 + successThreshold: 422528479 + terminationGracePeriodSeconds: 495828610939530481 + timeoutSeconds: 352721839 +replicaCount: 315 +secret: {} +secretMounts: +- defaultMode: 414 + name: yWBr98zs1 + path: xShE + secretName: YMpib3J +- defaultMode: 402 + name: qUQ5 + path: Wnbf + secretName: Pw8 +- defaultMode: 410 + name: hpqapQJQ + path: fgV + secretName: 1JLIOjZI8 +service: + annotations: + efgehQaV5UI0y: GymqDudh + nodePort: 75 + port: 229 + targetPort: 85 + type: yZy +topologySpreadConstraints: +- maxSkew: -73453467 + minDomains: 326628755 + nodeAffinityPolicy: "" + topologyKey: zWgGRC + whenUnsatisfiable: 黚堳ʈ¡ +-- case-010 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: hu5a9Q0m + operator: Ʊ飁Ɲŗʫf + values: + - fDVpOP + - fUBu2Zhz + matchFields: + - key: zOA + operator: 豔|Ĺ霱鑕yȮM錕陰蔆 + - key: uqlr1 + operator: ʏ + weight: -157546286 + - preference: + matchExpressions: + - key: yI2tB1c6Om + operator: 槼湝@)萢=\Ɇ剋Ś>(.aC俥?蔔 + values: + - 5QB3 + - C + - key: IhL2k3 + operator: "" + matchFields: + - key: Kn1 + operator: q'ʏC効L¶ƋMʐģƥƝnĤe + weight: -1818860211 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - {} + podAffinity: {} +configmap: + create: false +console: + roles: + - null +deployment: + create: true +enterprise: + licenseSecretRef: + key: 6Y + name: juyv +extraContainers: +- env: + - name: nE8 + value: hFfGzdv + valueFrom: + configMapKeyRef: + key: 9Sc + name: kviW + fieldRef: + fieldPath: bzL + resourceFieldRef: + containerName: ky9X6 + divisor: "0" + resource: RgwF + image: mEMnGhDi + imagePullPolicy: <Ǐ(嬘箓閁1_Y.脯鮉娇腾1 + name: ZyDivTyKOX + readinessProbe: + failureThreshold: 368214623 + initialDelaySeconds: 1711545214 + periodSeconds: -1669571514 + successThreshold: 830602444 + timeoutSeconds: -1406663042 + resources: + requests: + Ta: "0" + restartPolicy: M#L粓Ojw+ĸɊcƗ镃聆琮ǘ滂W + stdin: true + terminationMessagePath: 7hyobl + terminationMessagePolicy: gŜĶ蔓林驲%嶄ʚ轿竷 + volumeDevices: + - devicePath: zlgauG + name: Uy7Ds5N + - devicePath: pturCrgNMxS + name: "1" + volumeMounts: + - mountPath: 2ftw3U97pI + mountPropagation: ǮmW + name: NeLq9zvIQ + subPath: 5XYnpNAb + subPathExpr: rAeHuQk + - mountPath: aOj5TCBKn + name: DWFR + subPath: G + - mountPath: ovoJMYcQZ7 + mountPropagation: ɷ&娈瘱 + name: o6QaPD8 + subPath: rIo + subPathExpr: j0F1wa + workingDir: tj +- env: + - name: KO7zek + value: AE8r + valueFrom: {} + envFrom: + - prefix: T4nvtH0yCoJCx + - prefix: KaMGNcK + image: m + imagePullPolicy: 牀 + lifecycle: + preStop: + exec: {} + sleep: + seconds: -1229802121654850448 + livenessProbe: + failureThreshold: 1036399450 + grpc: + port: 1383801223 + service: nm0jd39Ta + httpGet: + host: VhafGy + path: CP9 + port: BnhNd + scheme: hxu崚奵Y + initialDelaySeconds: 141265356 + periodSeconds: 251484282 + successThreshold: 257415096 + terminationGracePeriodSeconds: 3476093234934519616 + timeoutSeconds: -1657896181 + name: UCZJ + ports: + - containerPort: 574867450 + hostPort: 156179933 + name: 0re + protocol: 頶韜»釟ţKFƂƄp錴畗~[禬B琡9 + - containerPort: -374880824 + hostPort: 1342282100 + name: OeyfSkg3EJIuD + protocol: 佃ŦŬ穷唂&2ŌĜ,gF躊貀j寝ô + readinessProbe: + failureThreshold: 978947885 + httpGet: + host: A + path: Ngfyt + port: "" + scheme: Í蠕窩獙 + initialDelaySeconds: 60101484 + periodSeconds: 1102760384 + successThreshold: 1260060937 + terminationGracePeriodSeconds: 1157546254675437089 + timeoutSeconds: -465800822 + resizePolicy: + - resourceName: P6b56 + restartPolicy: 冿÷Ý萦{[P貍ȕ,Sɕ錼 + - resourceName: azLsfqbuYlr + restartPolicy: 蒃Ký阹ǒ1T獽蛍峸伦ƨ(Ƭ-央á + - resourceName: skOpL + restartPolicy: 鸿dŶ徥w^ȏ嘳Ƙ唓Ęɸ-ɫ鷠C + resources: {} + terminationMessagePath: vmp + terminationMessagePolicy: Ƒh庛ʘ$8L藑奾ń4說 + workingDir: rgrA +extraVolumeMounts: +- mountPath: C3nMA + name: 0sxSVsP + readOnly: true + subPath: V + subPathExpr: 1E5cYdMw +fullnameOverride: ivK +image: + pullPolicy: "" + registry: 4A + repository: 0YeLdES + tag: 1a4iH +nameOverride: JFcK +priorityClassName: x0ISc2 +readinessProbe: + exec: {} + failureThreshold: 1992527736 + initialDelaySeconds: 1233698472 + periodSeconds: 1177961840 + successThreshold: -1634725396 + terminationGracePeriodSeconds: 236063688080704715 + timeoutSeconds: -1493252430 +replicaCount: 250 +secret: + create: false + enterprise: {} + kafka: + awsMskIamSecretKey: K + protobufGitBasicAuthPassword: HMiCm9 + saslPassword: dlWblwkM + schemaRegistryPassword: DQXNeX + schemaRegistryTlsCa: Xe1cT2AuIi + schemaRegistryTlsCert: gaHcYjD + schemaRegistryTlsKey: 96V + tlsCa: "" + tlsCert: WEDNhiC + tlsPassphrase: lP2w1T + login: + github: + clientSecret: vpO + personalAccessToken: pn05iLc53z + google: + clientSecret: OX + groupsServiceAccount: LB64mTpyF + jwtSecret: GQ0Yw + redpanda: {} +serviceAccount: + annotations: + TTsn5: s3xEhO + tZiUN: CtjX + create: true + name: kIzbDF +-- case-011 -- +affinity: + podAffinity: {} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - E9nCu6aLM + topologyKey: PfPCGvStt + weight: -1379963896 + - podAffinityTerm: + namespaceSelector: {} + topologyKey: CgA4 + weight: -726546395 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: ijh1hJb + operator: ƏŧD續筚朊 + values: + - BOfF5xB + - 3iu4 + - key: "93" + operator: Dij%{欬ɽ + - key: NEd + operator: ÿD + values: + - r + - B7E1BoYQ4Njb + - BTV + matchLabelKeys: + - FuyLvc + - Lh60qi + namespaceSelector: + matchExpressions: + - key: w + operator: 嘑 + - key: eQ6nY99xw + operator: H辄萟蘎Ÿ塪²;暃 + - key: 8JrCFA + operator: "" + values: + - wVO + topologyKey: ByO + - namespaceSelector: {} + topologyKey: b21 + - namespaces: + - Ifv + topologyKey: F9j5 +annotations: + pJ: f0brcnhV +automountServiceAccountToken: true +autoscaling: + enabled: false + maxReplicas: 239 + minReplicas: 83 + targetCPUUtilizationPercentage: 68 + targetMemoryUtilizationPercentage: 468 +commonLabels: + JwK5MKTa: WW + v7E: 1g6JB +console: {} +deployment: {} +extraEnv: +- name: XW + value: PCPsJt + valueFrom: + configMapKeyRef: + key: Zk0vTu6kC + name: d9zm3 + optional: false + secretKeyRef: + key: mRF + name: CW + optional: false +- name: loir2K + value: Ti0q +- name: lAxIKF7cbLlc + value: 1ksS + valueFrom: + fieldRef: + apiVersion: 8i2Z + fieldPath: vD7H + resourceFieldRef: + containerName: yqY + divisor: "0" + resource: ebRDAl + secretKeyRef: + key: E9514U + name: g3Rbzs + optional: false +extraEnvFrom: +- configMapRef: + name: d + prefix: Fl1 + secretRef: + name: X8xDu + optional: true +- prefix: M + secretRef: + name: 10or1C2m + optional: false +- configMapRef: + name: BBj + optional: false + prefix: Xy + secretRef: + name: ZA3 +extraVolumeMounts: +- mountPath: O + mountPropagation: ŜQLhlkU穒´宕Ïůŝƪ + name: JeSPIB + readOnly: true + subPath: RTiJ + subPathExpr: wad +- mountPath: QV6Kf + name: Pj7R + subPath: qBOd + subPathExpr: kN3Uujt +fullnameOverride: hbe +image: + registry: gjR + repository: U + tag: Tl0EP +initContainers: + extraInitContainers: OgPf +livenessProbe: + failureThreshold: 653767212 + grpc: + port: -53435273 + service: fv5J + initialDelaySeconds: 832425522 + periodSeconds: -1810991482 + successThreshold: 1954581711 + terminationGracePeriodSeconds: 1550995604326825538 + timeoutSeconds: -574178850 +nameOverride: Cy9eHCiP +nodeSelector: + HC7: EI8 +podLabels: + "2": RgUAFm + D2V: V80aQ +podSecurityContext: + fsGroup: 4103142176308445041 + fsGroupChangePolicy: Ő6­撱悤ÅC`碸 + runAsUser: 9170579519391070953 + sysctls: + - name: 4OKA + value: P7ouRq + - name: iD9Oz + value: gL6ARE +priorityClassName: sJXoA3V +readinessProbe: + exec: {} + failureThreshold: 1745353710 + grpc: + port: -2051399147 + service: G + initialDelaySeconds: 1504484890 + periodSeconds: -846859037 + successThreshold: -1564014824 + terminationGracePeriodSeconds: 7625838354502176909 + timeoutSeconds: 888372342 +replicaCount: 65 +resources: + requests: + "Y": "0" +secretMounts: +- defaultMode: 12 + name: n4BPeF + path: 2Qy8k + secretName: auIr +service: + annotations: + "": NbuyvXjW + 2CTz: vRGLHMO53rD + yLzpKqz: uBjXvD + nodePort: 83 + port: 478 + targetPort: 90 + type: sl +-- case-012 -- +affinity: {} +annotations: + v: D +configmap: {} +console: {} +enterprise: + licenseSecretRef: + key: oG0N9s8 + name: fmqBE +extraContainers: +- command: + - "" + - 7yJE + envFrom: + - prefix: kRXk + secretRef: + name: TJsCapqoxl + - prefix: ucUEP + secretRef: + name: 1zCfpPiVt9o + optional: true + image: hwJ + imagePullPolicy: dh + name: Ody4zqt + readinessProbe: + exec: {} + failureThreshold: 1607990521 + grpc: + port: 2033135747 + service: "" + initialDelaySeconds: -889776869 + periodSeconds: -35190825 + successThreshold: -958310065 + terminationGracePeriodSeconds: 3166888730011246345 + timeoutSeconds: 806015074 + resources: + requests: + mg2KyOVo97: "0" + restartPolicy: 档媘řĖ焘傐Yʮ,+Ƽ梽讫ƭ焇 + securityContext: + readOnlyRootFilesystem: true + runAsGroup: -2035296945120192462 + stdinOnce: true + terminationMessagePolicy: '*.Q' + workingDir: 0g9 +- command: + - ktel2 + - 2gO + image: Kq1K2HexLL + imagePullPolicy: 蟫黳jª0狫ĝ| + lifecycle: + postStart: + exec: + command: + - I + name: XmcrosJ9Art + resizePolicy: + - resourceName: 8dOXgKMh + restartPolicy: T@罞 + resources: + limits: + Qf424: "0" + UkBWyCgR: "0" + yS9FH: "0" + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - Ǐ蟯ƛU賊稁uv/u讎胗< + - 1湹 + privileged: false + readOnlyRootFilesystem: false + runAsGroup: -281571585037868414 + runAsUser: 8469885005475493831 + stdin: true + stdinOnce: true + terminationMessagePath: 6ii28 + terminationMessagePolicy: ȊGī3慺Ŏ + volumeDevices: + - devicePath: "" + name: lqvpF + - devicePath: 3vTez + name: pD6EOo + workingDir: QEqnPlY6YE +- args: + - eiyTiCxBp + envFrom: + - configMapRef: + name: uxUzs + prefix: 0Oq + secretRef: + name: ahghhjB + - configMapRef: + name: yjx + prefix: cOCr6ajjpSTT + - configMapRef: + name: "4" + prefix: 0XtWv + secretRef: + name: oKDQ + image: PV + imagePullPolicy: d?遼gŜT纬ɷšǧ餝Ƨ + livenessProbe: + exec: {} + failureThreshold: 746140291 + grpc: + port: 1197495917 + service: "" + httpGet: + host: x78yAB + path: P5mSLs + port: Cb2 + scheme: 儰试9ȷǴ燀ǃ¦籇射,ǠöcƲ伙 + initialDelaySeconds: 1418617842 + periodSeconds: 187037501 + successThreshold: -1821323321 + timeoutSeconds: -894994792 + name: ToH + resizePolicy: + - resourceName: 7Ut8kM + restartPolicy: gěǏ* + - resourceName: gvoJz7 + restartPolicy: ł0Iɷ»u诎żȋ貏C炭 + - resourceName: VpTvtNnJOw + restartPolicy: 阠eR'k.Ơ糦啮ŋ睷N譺 + resources: + limits: + cYhO6a: "0" + startupProbe: + exec: {} + failureThreshold: -1040244189 + grpc: + port: 1921669257 + service: Me + httpGet: + host: 5fL4Z + path: BwLac + port: SKrb2z + scheme: ľ<Ƽ浳s剪ɍ + initialDelaySeconds: -1064995957 + periodSeconds: 230643461 + successThreshold: -1865926881 + timeoutSeconds: 1102271416 + terminationMessagePath: ZbnnI + terminationMessagePolicy: 阳壀ɀS强pŇȆDž鹩 + tty: true + volumeDevices: + - devicePath: pP2eHwth + name: S9Sy + workingDir: Z +extraEnvFrom: +- prefix: RyT9JuZ +fullnameOverride: tmn2Kt +initContainers: + extraInitContainers: SIhGa +livenessProbe: + failureThreshold: 666524470 + grpc: + port: 1398516128 + service: "" + httpGet: + host: bR1aDlNV + path: yDJgyD4 + port: PU8gXWTBf + scheme: 8BƔ7, + initialDelaySeconds: 1841184951 + periodSeconds: 465079780 + successThreshold: -1928046688 + terminationGracePeriodSeconds: -4709298711736612221 + timeoutSeconds: 1377323766 +nameOverride: Qr03ts +podLabels: + "": S7BNyT + r1F: Fsc + yeY4LjT: MRlwtd +priorityClassName: vMcB +replicaCount: 407 +resources: {} +securityContext: + allowPrivilegeEscalation: false + privileged: true + readOnlyRootFilesystem: false + runAsGroup: -6536894786619939509 + runAsNonRoot: false +strategy: + rollingUpdate: {} + type: 9Cɠ+餌µ骽O惠LƬɇɦ鉍挶 +tests: {} +-- case-013 -- +automountServiceAccountToken: true +enterprise: {} +extraContainers: +- env: + - name: bNyX + value: DpJ + valueFrom: + secretKeyRef: + key: r3ZL + name: GM2zRN8 + optional: false + - name: dS + value: u2CpI14PZ + - name: JVoNndPj + value: eCfRy + image: 9nkfM + imagePullPolicy: v洓p褾NJ翛Y/笸i洞偀fX綤鰐 + livenessProbe: + exec: + command: + - TzQ + - 5tBBhynsjV + failureThreshold: -1613952147 + httpGet: + host: gYV + path: 9qC2GovT + port: Gh + initialDelaySeconds: 1651935443 + periodSeconds: -1307313312 + successThreshold: 1553368137 + terminationGracePeriodSeconds: -4575724788805099082 + timeoutSeconds: -499895377 + name: aOBSLF + readinessProbe: + failureThreshold: 687754614 + initialDelaySeconds: -1880005074 + periodSeconds: 794268536 + successThreshold: -1510519942 + terminationGracePeriodSeconds: 3334702514671978014 + timeoutSeconds: -178867660 + resources: + requests: + hiWTQ: "0" + m7CDU: "0" + stdin: true + terminationMessagePath: Yj9V + terminationMessagePolicy: js$昦夁糎fț + tty: true + volumeMounts: + - mountPath: Xaoy + name: XuLXzMm + readOnly: true + subPath: NI8v + subPathExpr: nPRuyC + - mountPath: S + mountPropagation: ĜX鴮璫ȓĢ + name: c2o + readOnly: true + subPath: DEcziG + subPathExpr: 7UjF6H + workingDir: yPE +extraVolumeMounts: +- mountPath: DVlVa1jiDIh5G + name: zaV + subPath: lXnque8 + subPathExpr: aFzzfyzr +- mountPath: 7VmD + name: bNuYmK + readOnly: true + subPath: zsTvmtU0 + subPathExpr: uNyQSZ +- mountPath: p + name: q3 + readOnly: true + subPathExpr: k4yfc0H +fullnameOverride: RttlJN +initContainers: + extraInitContainers: Gnt +nameOverride: dDkIKgMwXv +priorityClassName: BDUfm1wSRDI +readinessProbe: + exec: {} + failureThreshold: -225696508 + initialDelaySeconds: 1573121125 + periodSeconds: -1561542711 + successThreshold: 1804677264 + terminationGracePeriodSeconds: 5224127779959308812 + timeoutSeconds: -1540252725 +replicaCount: 412 +resources: + limits: + f7Jr: "0" + fl: "0" + requests: + Q4O7nA: "0" +secret: + enterprise: {} + redpanda: {} +securityContext: + privileged: true + readOnlyRootFilesystem: false + runAsUser: -8804799239371185443 +tolerations: +- effect: ƞ嬂 + key: wnH + operator: Ā蔥ąʏƅȑǚ缗'r~熐{Ǎ楯&鑫咂] + value: LYZYjeFUmK29wdL +- effect: 硞撤幅娰tȬ婒ĎɕÏǜ蚭馸諄W)偒½ + key: e2 + operator: bƤrZ + value: 8ssobF8u +-- case-014 -- +autoscaling: + maxReplicas: 297 + minReplicas: 375 + targetCPUUtilizationPercentage: 161 + targetMemoryUtilizationPercentage: 154 +console: + roleBindings: + - null +deployment: + create: false +extraContainers: +- args: + - Z62Is + - Hbh02LW4 + env: + - name: YW1G + value: 0GWAuZSLomGzW + valueFrom: + configMapKeyRef: + key: G23Iugy + name: TkEMhJ + secretKeyRef: + key: BTU + name: g1 + optional: false + - name: uL + value: FFIE5os + valueFrom: + configMapKeyRef: + key: "Y" + name: auRMap + resourceFieldRef: + containerName: q0II1T + divisor: "0" + resource: HT + secretKeyRef: + key: dzuljE + name: G7WQLg + envFrom: + - prefix: gP + secretRef: + name: OVJe + optional: false + image: rJIHfr2OEa135 + imagePullPolicy: YÙ姯?斕_9xŠɏɉɬ脸埫窿 + name: AH0Q + ports: + - containerPort: 228562644 + hostIP: IoQ1 + hostPort: -1878543188 + name: Rfal + - containerPort: -894592742 + hostIP: WL1wuF + hostPort: -1156574467 + name: kaBC3xQ4W + protocol: ǀw黽Ɂ態y歳饏S鰚醭 + readinessProbe: + exec: + command: + - SSKDo + failureThreshold: 2133132404 + grpc: + port: 1749726411 + service: mXvc + httpGet: + host: pc5My + path: Xb4w6 + port: 478437545 + scheme: X甡蓸^qĠ屘g槛雍d伨ɾ + initialDelaySeconds: -966001365 + periodSeconds: 714178271 + successThreshold: -1714884162 + timeoutSeconds: 152300629 + resources: + limits: + QD: "0" + eQShuVrO: "0" + requests: + xWdhFr9: "0" + restartPolicy: 吥蓔ȫ唿瀘V輇f蓵犆Ȑ]œʢ鶍MƧ樤_ + startupProbe: + exec: {} + failureThreshold: 623319858 + grpc: + port: -1442127150 + service: C6 + initialDelaySeconds: 128345274 + periodSeconds: -1861677604 + successThreshold: 1112169900 + timeoutSeconds: 120934069 + stdin: true + stdinOnce: true + terminationMessagePath: CVFCc8 + terminationMessagePolicy: 欥ɻ斩隫0撊GƲ{ + tty: true + workingDir: IZB +- image: DOt5K + imagePullPolicy: Q燢Ƈʃǻĝ + lifecycle: + postStart: + sleep: + seconds: -2443463859616450892 + preStop: + exec: + command: + - 74I + - RU + sleep: + seconds: -3090258659267849140 + livenessProbe: + failureThreshold: -1269681865 + grpc: + port: -1568193429 + service: X1LyDnjv64JEDb + initialDelaySeconds: -1309179527 + periodSeconds: -1814451145 + successThreshold: -2073223886 + terminationGracePeriodSeconds: -7380892635099163371 + timeoutSeconds: 2123408205 + name: QbUkrjO + readinessProbe: + failureThreshold: -1858848657 + grpc: + port: 349774039 + service: jxJ + httpGet: + path: aAkRuN + port: AGGDH + scheme: Aʝ詷Cţm憻菁裰ś + initialDelaySeconds: -1986091889 + periodSeconds: -775693671 + successThreshold: 930243436 + terminationGracePeriodSeconds: -4158765076015214976 + timeoutSeconds: -1930165730 + resources: + limits: + QL: "0" + startupProbe: + failureThreshold: 79584809 + httpGet: + host: IYI + path: jpfp + port: h + scheme: ÎŲ媱5\æ}QQǤoƲ^8%嵕_踽 + initialDelaySeconds: 1384447753 + periodSeconds: 364207137 + successThreshold: 1778504178 + timeoutSeconds: 1437969450 + stdinOnce: true + terminationMessagePath: z + terminationMessagePolicy: ūJ + tty: true + workingDir: RQkvQON +fullnameOverride: htymHJ +image: + pullPolicy: 袪Ȓ緶Ð菝ȋ擮@Ŧ + registry: ulLeWQWUJdjnk + repository: J + tag: KQ +initContainers: + extraInitContainers: JvUWbM +nameOverride: Vi2vH +podAnnotations: + Tt: CHbO7BF +podSecurityContext: + fsGroupChangePolicy: A%Âȁµ郞星懐,t语Ā詘IJÊ铮Q + runAsUser: -4832235381641550418 +priorityClassName: rcxHoi +replicaCount: 424 +resources: + limits: + AS: "0" +service: + nodePort: 66 + port: 41 + targetPort: 168 + type: Oiwzbmtjpb +serviceAccount: + create: true + name: h6eHrUr +tests: {} +tolerations: +- effect: 鞼CÞŲɮȧɖņ魉**護Å岴hFʎ篅2 + key: ffSN + operator: 葓C巰qĩŹ脠~蒵 + value: fkh +- effect: ȯ绸 + key: meTpNZ + operator: ĥ恃精hw"蘄谇H潔ʎȴ豅©嫗笨 + value: uyTD +-- case-015 -- +affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 7eVqbmnw4 + operator: 屈ǧȔŗS#~¸Dd馔uÈ飏ƌĔ魼ȓ + values: + - eZapFDhb + - dBr2cD + - key: Z13Kq48NE0 + operator: ª + values: + - 03LE6GE + - key: s + operator: 箱+ʑ圼;0丢顃M媆熋熼妄瞬 + values: + - E + - jC2mNBN + matchLabels: + 4tdQRoO: Tgv + 7Apxz: EPl5 + bPvG5Bf: sCS + namespaceSelector: {} + namespaces: + - bkN0U + topologyKey: haPJ + weight: -1043017794 + - podAffinityTerm: + labelSelector: + matchLabels: + PP8DxAPJwUzY: z9RL6 + U1a: J + due4: eRc0tKn + namespaceSelector: + matchExpressions: + - key: "y" + operator: 霮ʡ`罵瀖Kʓa嚃*Q`UV邠想ɷġ + namespaces: + - M2GNeyD + - eDNVdz1ne46 + topologyKey: kQ + weight: -1134437930 + - podAffinityTerm: + namespaceSelector: + matchExpressions: + - key: SnD + operator: 6愔ȶ獧:öȰ浻珼»ǰs睑,s頀旓eX + - key: yt197hBb + operator: ȒǦ^(á咟獐赠5ĺĜ嶜庌愖V揺ɞ\Ș + values: + - pu5 + - Ywv1TEhK + - pAo + matchLabels: + "": rZ + topologyKey: WSD + weight: 613733383 + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: 4b6nMCalUl1 +annotations: + 2V: 50l + jFB7K: 5ZqGXdsD94 +autoscaling: + maxReplicas: 483 + minReplicas: 178 + targetCPUUtilizationPercentage: 362 + targetMemoryUtilizationPercentage: 33 +commonLabels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO +enterprise: + licenseSecretRef: + key: 5MWDqlE + name: UoZ4 +extraEnv: +- name: iQE + value: Aj6RWPJE +- name: QwMCc + value: N9g6bDNI +- name: U5Qg5Qc0NWE + valueFrom: + configMapKeyRef: + key: R + name: n8 + optional: false + fieldRef: + apiVersion: zg0 + fieldPath: fNjpqJ + secretKeyRef: + key: MlF + name: h +extraVolumeMounts: +- mountPath: y5BZm9v9L5 + name: mE9WF + readOnly: true + subPathExpr: 3vKqLj2 +fullnameOverride: 9RweMGWqBs +image: + pullPolicy: '&Ŕ<駄AG' + registry: FezgEM + repository: b4CZb + tag: OoX +ingress: + annotations: + "": ZKQ6I + ES: uo + className: x7Um + enabled: true + tls: + - secretName: Ye6 + - hosts: + - nNQW2NL + - g + - "N" + secretName: YQl +initContainers: + extraInitContainers: FZnnB +nameOverride: KD8DmV +nodeSelector: + vy4h: rk +podLabels: + FlwBgvWNMrbg5: YKgnz8q + TGDbR: 4egH + Xr8XMOk: 1DAii +podSecurityContext: + fsGroupChangePolicy: ¶鮬眴帘ʥb豚DIĂ + runAsGroup: 4190388773600423895 + supplementalGroups: + - 6652209348598506050 + - 5521245057591625878 + - 6754698685787706527 + sysctls: + - name: "7" + value: vp +priorityClassName: "68" +readinessProbe: + exec: {} + failureThreshold: 398655641 + httpGet: + host: NaspK + path: Bgdl + port: 1587383135 + scheme: ǰ|鬩E橴s + initialDelaySeconds: 1516319657 + periodSeconds: -635156272 + successThreshold: 1338596793 + terminationGracePeriodSeconds: 6302545905526400855 + timeoutSeconds: -905426079 +replicaCount: 128 +resources: + requests: + I: "0" + b7jbi: "0" + r1cN: "0" +securityContext: + privileged: false + procMount: d聉l蝲ɓH>狱(Ȁ胄hʍy龝Ȼ埓Y + readOnlyRootFilesystem: false + runAsGroup: 2951274493718237098 + runAsUser: -1772317555576666168 +serviceAccount: + annotations: + IH: 3W + K5hNNf: "" + r: 9cmm + automountServiceAccountToken: true + name: zmr +tests: {} +tolerations: +- effect: '#U媷ɑɥ±箑妌RɱfÈB矅蒟(' + key: g + operator: Řg~歟1ƹ,纙蝝垺 + tolerationSeconds: -9038490283678033542 + value: x6T1NM +- effect: ė{ɼ 5;^ʤàOKv泣0ƫ¢ + key: wdW6LI1a5 + operator: ú4ʫ-哖ýȻȣŦiĩġ膳". + tolerationSeconds: -5247520709138794849 + value: NXt +topologySpreadConstraints: +- labelSelector: + matchExpressions: + - key: dme + operator: )\鹮İ又Ȥ鏥Ĝ + matchLabels: + Cdk: atEBel + PhEVPxOjN: QTW4 + fC0YTiwm: fdAQN8t + maxSkew: 472867304 + minDomains: 1802867157 + nodeAffinityPolicy: ʈǔ聿ŶŹ&y鰜# + nodeTaintsPolicy: '"篍Ɛɰl鄱' + topologyKey: fqmSu + whenUnsatisfiable: äƟĻ鍣ųø啼ǫǷ" +- labelSelector: + matchExpressions: + - key: BEj + operator: Ɠ墳 + values: + - qBJ + - KZbk + - key: 9wxm2wFXlY + operator: ì蠁{\媽;ě8ɠ + values: + - yiuVv9DzzRse + - "N" + - z + - key: SWu + operator: Ī½曖1șWb3 + maxSkew: 774109577 + minDomains: -110979462 + nodeAffinityPolicy: 醿卨¬婾豜ʦKd` + topologyKey: 4iskW3Hbv + whenUnsatisfiable: ǮXƞ棤Ǘ +-- case-016 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 2Ldss9 + operator: ?霏ƦxǰA7ȇ(堃R + values: + - Ce7pGgB5o + - B8EWZ + - key: pJKw3VVY5 + operator: 2wq6JK?Ȏ惙徵r儊ǒ嵀匫W + matchFields: + - key: EQvFQjoLm1 + operator: «/o咑澇ƉɑȨŞƙ|5時 + weight: -508343495 + - preference: + matchExpressions: + - key: VRoHsoMNa + operator: cƄábŊɕg追ĦǙȿ男)hŬ + values: + - tcCIpd9m + - FsoFrK + - key: ReH4ocoZ + operator: "" + values: + - bnUyPckbz + - AE + - njW + - key: fZBGR + operator: 租ǜ藇錼 + weight: -1003115262 + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + namespaceSelector: + matchLabels: + qGlBCw: zUBwqj2xV + zlHLG: TDTkLQOC + namespaces: + - QWFH + - TEzgQKPSQ + topologyKey: "" + weight: 682123393 + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - 1MiHrQ + namespaceSelector: + matchExpressions: + - key: JUYumiiJFrY + operator: .ƽCDZo& + values: + - t3wDXa + - 70HCTbI6g + - C + - key: ik + operator: Œ8v + values: + - Wp + - Zf + - c2q7e + topologyKey: Sc1Q + weight: 869908297 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: ore + operator: ?ɴ$瀜蝪ĪźȀŐƌS莣幮屒n×U锇Ľ + values: + - mJM + - oc + - aU + - key: SQmv + operator: ȥī+ūĬ诧犂¹ + - key: Hh1r9 + operator: h蓟x蹵D¨谧罬 + matchLabelKeys: + - mDk + - Hki8 + topologyKey: x2q0Rx1f1N + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + namespaceSelector: + matchExpressions: + - key: H1Ni + operator: Ȧ厜OŊ + values: + - UWzAFu2 + - key: M + operator: 罐hĹ;'ǫ貉yĊ啉刉DzQį + - key: zZ + operator: 颉śĴJ|@W補A篐S献;ɾ[_鶙ȱ + values: + - 4BL + namespaces: + - Thgfgf7Z + topologyKey: XBju19e + weight: 1392601493 +automountServiceAccountToken: false +console: + roleBindings: + - Q0kslM: null + - null +deployment: {} +extraContainers: +- command: + - opIk + - v9eJ + - 4V + env: + - name: 5Q + value: o + envFrom: + - prefix: eBWmLK + secretRef: + name: FedJi + optional: false + - configMapRef: + name: M + optional: false + prefix: vUvV7W8k0 + secretRef: + name: IA + image: T4SYV + imagePullPolicy: Ƈ祃ǗǤɈ遖竀壙/ + livenessProbe: + failureThreshold: 20929095 + grpc: + port: -1775507003 + service: UZ6BT7NDI + httpGet: + host: QFkZxI6kA + path: tzQ + port: "" + scheme: Ƞ揞á惗É莏6XȪ/ʡ忨償 + initialDelaySeconds: 1046895310 + periodSeconds: -1971173139 + successThreshold: -476756841 + terminationGracePeriodSeconds: 144861231583008737 + timeoutSeconds: 814968592 + name: gEB + ports: + - containerPort: 2060914354 + hostIP: 9IXWKx38q5 + hostPort: -1191426039 + name: 5Mw7k + protocol: 悛ķ鳉ɍ恽j頔Œ6Eʮnx + resources: {} + restartPolicy: 樦ýȃ梪ĵ + stdin: true + stdinOnce: true + terminationMessagePath: c0e +fullnameOverride: 6maz +image: + registry: PYDGV + repository: HV3 + tag: cI8TzaYkws +ingress: + className: JpoCC + hosts: + - host: mE + paths: + - path: znvL + pathType: u4c1 +livenessProbe: + exec: + command: + - 1aqSw0 + - A277oB + failureThreshold: 713465020 + grpc: + port: 1803086428 + service: h1wwv + initialDelaySeconds: 1849009003 + periodSeconds: 2079209425 + successThreshold: 1679782943 + terminationGracePeriodSeconds: 4331994492414219168 + timeoutSeconds: 2000039211 +nameOverride: SC +podAnnotations: + JYLUc483y: gTnWiG +podSecurityContext: + fsGroup: -1425599568169885252 + fsGroupChangePolicy: ƶ Ÿ恢 + runAsGroup: -8737472966684836915 + supplementalGroups: + - 809809813702093180 + - 6124706841582844730 + - 6159358527003037747 +priorityClassName: XtKq +replicaCount: 331 +securityContext: + allowPrivilegeEscalation: false + procMount: 垮Ř2 + readOnlyRootFilesystem: true + runAsGroup: 5797501600954334245 + runAsUser: -8444673787636983397 +serviceAccount: + automountServiceAccountToken: true + name: DdF7ALq +strategy: + rollingUpdate: {} + type: ŀ剭º(;ƍ4兖ȇ +tests: {} +topologySpreadConstraints: +- labelSelector: {} + maxSkew: 972537130 + minDomains: -499606767 + topologyKey: q5 + whenUnsatisfiable: 鳯°ôŕƨʪuɘ"h貇榧0?cɉjA蜝 +- labelSelector: + matchExpressions: + - key: lAV + operator: 嵖xߟ擱ʄ衯"xɂ + - key: U6 + operator: =换J+Ř:嫚ʥ畠餐ǒŃ + values: + - Vj + - snF6cyZ + - 0sW9y4T5 + matchLabelKeys: + - 2wCjBs + maxSkew: -324080521 + minDomains: 695322418 + nodeAffinityPolicy: ʖ[兘Ũ鬎盦İƲ + topologyKey: z5y4Q8jyHH + whenUnsatisfiable: =Y~É.J樢ȃŤƫ甶Ȍ* +- labelSelector: {} + maxSkew: -1720129802 + minDomains: 1017048856 + nodeTaintsPolicy: 龨9猶e僦ɻ髧Ȍc + topologyKey: qKf6Ef3o + whenUnsatisfiable: ʂ?$鳴寘ŧ6脹餗ſ媷,峇埽 +-- case-017 -- +annotations: + J5Z: aLYd149 + LCqYvOjK: Qsk + bU: "" +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 164 + minReplicas: 101 + targetCPUUtilizationPercentage: 355 + targetMemoryUtilizationPercentage: 310 +console: + roles: + - JlwOk: null + QUzHpm: null + ch3WnNF: null + - {} + - null +extraContainers: +- args: + - Bd + command: + - QwtEp + - lLi7 + - kxB1 + image: RpMWaJ + imagePullPolicy: ~崆Ǭe侊k + livenessProbe: + exec: {} + failureThreshold: -2101638962 + grpc: + port: -208999597 + service: jICxjA + initialDelaySeconds: 925230214 + periodSeconds: -996383814 + successThreshold: 152844544 + terminationGracePeriodSeconds: -7802949917649733275 + timeoutSeconds: -188255799 + name: qwOkQZ + ports: + - containerPort: -255758148 + hostIP: R + hostPort: 316791912 + name: 09i3b5oQR + protocol: 腴醗9-鐶 + - containerPort: 247145105 + hostIP: L4 + hostPort: 1727912240 + name: bz7Y1N7 + protocol: 暄璎 + readinessProbe: + exec: + command: + - 2fQQ + failureThreshold: -873648342 + grpc: + port: 889903834 + service: C3 + httpGet: + host: IPHal + path: 5Nb6iW9 + port: tkqo + scheme: m说Ď盐2Ƹ,约h鰥Ȕť3 + initialDelaySeconds: 1391319902 + periodSeconds: -1638942635 + successThreshold: 644454270 + timeoutSeconds: -553602240 + resources: + requests: + 0XxId: "0" + VsY2R9: "0" + ZLtS2: "0" + restartPolicy: ų蓶Lj,g珯i'Sû竒 + terminationMessagePath: Mx7V + terminationMessagePolicy: =Jƈ乚貃庪ș¯ÑVȯ6筌巨华ɀ(v + tty: true + workingDir: nKFDPLJvOh +- args: + - AV3kjV + - Gwq78lY2 + - wq + command: + - D + - EI + - fY5J + env: + - name: eCtpNU + value: jLkcq8S + - name: rynLbx + value: CdqgJabHhM + valueFrom: + configMapKeyRef: + key: uBUH5 + name: Uxei4G1 + optional: false + fieldRef: + apiVersion: Ul9al + fieldPath: vtGid + resourceFieldRef: + containerName: Oc + divisor: "0" + resource: "" + - name: GmDNpa0 + value: 7VJM2XsPm8N + valueFrom: + configMapKeyRef: + key: x3J0PMWE + resourceFieldRef: + containerName: x9Q + divisor: "0" + resource: EKFgoq + secretKeyRef: + key: lOZRvK9 + name: V + image: 1xn6 + imagePullPolicy: ɀ稤¼Mɻ«鐾6Ú{ŬtŮ鄖SSɌ戲 + lifecycle: + postStart: + exec: {} + httpGet: + host: sT2dWyT + path: vvbIxNVANZ + port: aCK8 + scheme: 昿孊卿昤軒JYƜÁ嶠şe灶 + sleep: + seconds: -3542823673709563150 + preStop: + exec: + command: + - "N" + - qkHmJ + - HupYy + httpGet: + host: 137dx + path: y3u7HE + port: -1357399425 + scheme: '@济ɉ鳛讧跕(#7NJɓũǸ]ɨ梊sj' + sleep: + seconds: -2408406850575106311 + name: J6VFtJd3giFt + resources: + requests: + 3dqK0M: "0" + restartPolicy: 70ʆ氶応爱怙鉉塼tƗhY嚇 + securityContext: + allowPrivilegeEscalation: false + capabilities: {} + privileged: false + procMount: ȚƼ提瀴t8oƥc + startupProbe: + exec: {} + failureThreshold: 1782005431 + grpc: + port: 676289916 + service: 3xqeCsf + httpGet: + host: YDL1TP + path: "8" + port: lLWR + scheme: BKō筹 + initialDelaySeconds: 134613881 + periodSeconds: 1547524591 + successThreshold: 1778605907 + terminationGracePeriodSeconds: -7593859121613942317 + timeoutSeconds: 2026260743 + terminationMessagePath: E + terminationMessagePolicy: 碓 + workingDir: kl +- command: + - "" + env: + - name: TG1HQA + value: 5X + valueFrom: + fieldRef: + apiVersion: Vhn + fieldPath: jluMkQnv9 + resourceFieldRef: + containerName: rLfbH + divisor: "0" + resource: "" + - name: "" + value: TOTyqqGn + valueFrom: + fieldRef: + apiVersion: 0CAdSa + fieldPath: LWMRC + resourceFieldRef: + divisor: "0" + resource: G5eZP4R + secretKeyRef: + key: xYOgJL + name: vMTywG + image: 2Z + imagePullPolicy: z.鎸ƦʖFNj棪Ƃ鯌b抵#Dzr + lifecycle: + postStart: + exec: {} + httpGet: + host: k8z + path: TxNa2e + port: -573570086 + scheme: oɌdǹ[M灙螮伪芛探塢庖Njȕ仸 + sleep: + seconds: 4118046687980193779 + preStop: + exec: + command: + - 6iZbF + - OeZTW + httpGet: + host: rbqq + path: sno + port: -429531729 + scheme: s璙Ȼȗ榛ǵ0ƿ.忋闳溨 + name: Cms + ports: + - containerPort: -211101225 + hostIP: 8v + hostPort: 1994344080 + name: kyMvksZa + protocol: fȞ蚊悘ū錩Ȩ龒ċŴ + - containerPort: -806313867 + hostIP: Ky2F2 + hostPort: 1605736520 + name: oe0nMMl + protocol: 慿)"Ǒ3浹襈}(VE-B³閪叒k1绝 + readinessProbe: + exec: {} + failureThreshold: 1398486074 + grpc: + port: 1157090744 + service: oFrTS0 + httpGet: + host: 5pfrE + port: TJb4 + scheme: 畢î + initialDelaySeconds: -1830121652 + periodSeconds: -1398007905 + successThreshold: 1183454316 + timeoutSeconds: 1797763090 + resizePolicy: + - resourceName: hzxTj + restartPolicy: 渣箢樳掯ȉÏǼ店喘©g + resources: + limits: + zGvF9poISMtK: "0" + requests: + lUp3T: "0" + restartPolicy: '}賩6''V霟足''È''*F÷ƙǕ' + stdin: true + terminationMessagePath: 4tn + terminationMessagePolicy: ɢ荵鯴庡ǁ婛埽猜犝笖á7譃ǁ¦GɖC + volumeDevices: + - devicePath: eGfD9B + name: G3Bd + - devicePath: x + name: TB + workingDir: iKksE1 +extraEnv: +- name: Z + value: 1PasJFATvz + valueFrom: + configMapKeyRef: + key: Out + name: Z +- name: pUN + value: QTGN + valueFrom: + configMapKeyRef: + key: BLzs5FKV + name: xsgY3vBvZ + optional: true + fieldRef: + apiVersion: 5Ng + fieldPath: Psowh + resourceFieldRef: + containerName: pMz + divisor: "0" + resource: "" + secretKeyRef: + key: IY9s0 + optional: false +extraEnvFrom: +- prefix: oK16T1 +- configMapRef: + name: GxM9 + optional: false + prefix: Hj8 + secretRef: + name: o5P67 +fullnameOverride: 9XG3SZW +image: + pullPolicy: k痿蹒 + registry: 3s + repository: kPWhaC + tag: BcBi +ingress: + className: N91gS + hosts: + - host: ucSBH + - host: "" + - host: tmOhOR +nameOverride: tPiY +podLabels: + LBQpbD: AHB4hNVL + ey1GpAHh: fA +priorityClassName: qcIlT +readinessProbe: + exec: {} + failureThreshold: 738983906 + grpc: + port: 832752600 + service: 3tLbx + initialDelaySeconds: -1729478206 + periodSeconds: 902558671 + successThreshold: 989047880 + timeoutSeconds: -402268186 +replicaCount: 173 +resources: + limits: + 0fvc8: "0" + W19cC: "0" + loZ4: "0" +secret: + create: true + enterprise: + licenseSecretRef: + key: cjqTR + name: e + login: + github: + clientSecret: jw6tY22 + personalAccessToken: JvG1jx + jwtSecret: DwgaGI + oidc: + clientSecret: MalR2 + okta: + clientSecret: mDILgPMjOS9 + directoryApiToken: M2ywAiP +secretMounts: +- defaultMode: 442 + name: 3SwG7HrS + path: TLaWLIiD + secretName: VR +- defaultMode: 383 + name: Bfv9SGjlbgN + path: dXXPfK + secretName: T +- defaultMode: 13 + name: wz4K9oIYM + path: YEOA49 + secretName: WzM +securityContext: + capabilities: + add: + - "" + - 鸼ǀɛ_Y + - 利ƯǢ謼Ŀʇ佔4銣 + privileged: false + procMount: 頿ū詁ǎTɁ¯PlFd只鶗ƝǛƤ臃 + readOnlyRootFilesystem: true + runAsNonRoot: true +tests: + enabled: false +tolerations: +- effect: 懻 + key: JifsKW + operator: 檧űÊǮȡ廄儱RəȏĮ顪ÅÞ + tolerationSeconds: 4501363800484543116 + value: KkCBzwToBMjJ +- effect: B囧ƉOß + key: Q3cj + operator: ɲ朁ß栢 + tolerationSeconds: 4944598504260379086 + value: Z5 +- effect: 敘愰ɰuƪ晐 + key: K8wM + operator: ș + tolerationSeconds: 8375376960471889043 + value: TnWS +-- case-018 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: -37659402 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + matchLabelKeys: + - ajbCE + - Y0MRgpE8 + namespaceSelector: + matchExpressions: + - key: Auai + operator: ùfƽÜQķɨ逑ʒÅģ + values: + - Q + - key: 1S2Nfq + operator: 臺瑷tƎ鍤p}滳`竦ÙǾ晖ǃʏȵ + namespaces: + - 4GTSAZF + topologyKey: NS733 + weight: -968286112 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: eyt3TPSYPBWDt + operator: e偁&蔄癳.ŚƘ + matchLabelKeys: + - eE7PA8D + - cKalkvb + mismatchLabelKeys: + - Lan + topologyKey: v + weight: -2133598054 + - podAffinityTerm: + mismatchLabelKeys: + - "5" + namespaceSelector: + matchExpressions: + - key: UrrD + operator: ƞ + - key: rkfCsnUcx + operator: ȇ睾¦棌鉝-m糤LPjX.;Ğ× + - key: kla + operator: '"竮壣祠ł9抵墙' + namespaces: + - gyF + topologyKey: ZG + weight: -428742233 + requiredDuringSchedulingIgnoredDuringExecution: + - matchLabelKeys: + - tZZj + namespaces: + - VuG + - I5XU + topologyKey: V2CZqa + - labelSelector: {} + mismatchLabelKeys: + - "" + - q9L4 + - C4YJ57 + namespaces: + - 8xRk06ngy + - WeZO2 + - 7tbTFK + topologyKey: rnpto +annotations: + "": 3E5rtKA +automountServiceAccountToken: false +autoscaling: + maxReplicas: 140 + minReplicas: 91 + targetCPUUtilizationPercentage: 499 + targetMemoryUtilizationPercentage: 324 +configmap: + create: false +console: + roleBindings: + - "": null + DlOD: null + - null + - cDJiV: null + eO: null + qlokva4: null + roles: + - 0E2l1K3: null + pIu5qwn: null +enterprise: + licenseSecretRef: + key: oqyc + name: HL +extraContainers: +- envFrom: + - prefix: EVZ + secretRef: + name: MxD + optional: true + - configMapRef: + name: A + optional: false + prefix: HuqxI + secretRef: + name: A + optional: true + image: SU + imagePullPolicy: 禵7璙p + lifecycle: + postStart: + httpGet: + host: YZMjhOUO8IS + path: nzYfH + port: Fcx + scheme: 矪Q9 + sleep: + seconds: 3463625415546708077 + livenessProbe: + failureThreshold: -560403806 + grpc: + port: 1751268094 + service: I + httpGet: + host: 0Sb + path: Utm2X + port: 395973041 + scheme: 醆蚎忨ŕ縨ƍ爋釬šÒ暺ƒŎO記岣 + initialDelaySeconds: -1011110535 + periodSeconds: -1229381750 + successThreshold: 260149510 + timeoutSeconds: 74546945 + name: e + resizePolicy: + - resourceName: XNKV + restartPolicy: ì焹.¬哄ȾŢȎȴe$p尶m`飻Ȭ + - resourceName: "" + restartPolicy: 閭I哗.寢荨ʪɛ侭ȵ(8 + resources: + requests: + 3nUsL: "0" + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false + runAsGroup: -8616852535795885155 + terminationMessagePath: FjZ + terminationMessagePolicy: ÿb熿3,ćp寫ʃ#叺渍ƣș + volumeDevices: + - devicePath: Xvjm + name: 7yLA + - devicePath: 1Ci + name: Y0AloAQS + - devicePath: Gt + name: ZMKKc + workingDir: Mh +extraEnvFrom: +- prefix: hg + secretRef: + name: eLM59WyoAXO +fullnameOverride: ExFU3 +image: + pullPolicy: 螣暛擂ɾ#鏲*胭8饭1胠 + registry: iCFSIwyDtoG + repository: 6V6 + tag: 6uR +imagePullSecrets: +- name: vlnGQbo3y +nameOverride: 1qyLP36T +nodeSelector: + Vckw: ifBZ9p7 +priorityClassName: 6jxv +replicaCount: 297 +resources: + limits: + QZqMxIAt: "0" + SUsu9: "0" + requests: + EMOXCuje: "0" + EzKKMIR: "0" +secret: + kafka: + awsMskIamSecretKey: 8GlUc + protobufGitBasicAuthPassword: IsvQ9 + saslPassword: Vb + schemaRegistryPassword: UJ7Zl + schemaRegistryTlsCa: T1Q + schemaRegistryTlsCert: 17r + schemaRegistryTlsKey: O44 + tlsCa: n8k9 + tlsCert: aK + tlsPassphrase: Qk8 + login: + github: + clientSecret: t6z0n + personalAccessToken: "" + google: + clientSecret: h + groupsServiceAccount: fpuCEFLL + jwtSecret: 7J + oidc: + clientSecret: t + okta: + clientSecret: 3CcKl + directoryApiToken: AZt8H77 + redpanda: + adminApi: + password: NUkb3zIpwAR + tlsCa: t + tlsCert: zttTAvj + tlsKey: "" +service: + nodePort: 270 + port: 415 + targetPort: 489 + type: 2cM +serviceAccount: + annotations: + X7E: CRSzr + lPi: bGP + name: uAvlOXf +strategy: + rollingUpdate: {} + type: ɬ搢.Ƒ躂ɻɅȄ莨qc婔Åå +tolerations: +- effect: č喅Ȳ崥ï{禙ÊÿC逻準?霘2 + key: YJE + operator: 珟 + tolerationSeconds: 3838637075734495592 + value: 1VemeDTEk1 +- effect: 艋Ƿ淛襀|Ǽ&矠Ģ凍J賜ɰō + key: ggxS8L + operator: 閞判ŏ + tolerationSeconds: -2249155605077506227 + value: m3c +- effect: 'Ljə]IŴ:' + key: 4BkJSo + value: Le +topologySpreadConstraints: +- matchLabelKeys: + - uyTA + - rJcqdY3 + maxSkew: 1887613958 + nodeAffinityPolicy: u鞝侠轁蛃6Ơfrt迄ʇQ勭ĶÇǻě + topologyKey: 3f9j + whenUnsatisfiable: µ +-- case-019 -- +annotations: + lgiIA: u + wK8: JrSfKH +automountServiceAccountToken: true +configmap: + create: true +console: {} +enterprise: + licenseSecretRef: + key: Nr8uSKR + name: nucerZE +extraEnv: +- name: pJ + value: whmTukCTD + valueFrom: + configMapKeyRef: + key: OHk + name: "3" + fieldRef: + apiVersion: TSp7 + fieldPath: mEUVMSp7vUo + resourceFieldRef: + containerName: bBDw + divisor: "0" + resource: tIcs3z + secretKeyRef: + key: jIR5V + name: "9" +- name: ZCEPmHP + value: FhwE4R + valueFrom: + fieldRef: + apiVersion: Nv + fieldPath: WMXeIjk + resourceFieldRef: + containerName: Hbt + divisor: "0" + resource: mo7F +extraVolumeMounts: +- mountPath: UF6 + mountPropagation: ĻsŸ氂ǐ钋鮠Ĺ咳渼.pɫ + name: W1LIZa3 + subPath: qdDtjk + subPathExpr: Ew +fullnameOverride: NZ7h9 +image: + pullPolicy: 韃ĝ + registry: GNXgFQ + repository: W3 + tag: 2vPed +initContainers: + extraInitContainers: "" +livenessProbe: + exec: + command: + - Vc01z + failureThreshold: -1736131786 + initialDelaySeconds: 538755540 + periodSeconds: -937262167 + successThreshold: 2014961170 + timeoutSeconds: -614674118 +nameOverride: 8MIg +priorityClassName: FERw +readinessProbe: + exec: + command: + - 96w + failureThreshold: -1936056692 + grpc: + port: 939760843 + service: "" + httpGet: + host: K + path: dIrFM + port: GfrdWiqgUZBPW + scheme: 芧ʒȔ堌 + initialDelaySeconds: -2019126091 + periodSeconds: -1696700553 + successThreshold: 398361977 + timeoutSeconds: -184667912 +replicaCount: 79 +securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 狞濮噞饅烥H}湛m=U+卓Ǭï呣8Ú + privileged: true + runAsUser: -471077223001866506 +strategy: + type: 鎦v財ɕŪ +tests: {} +tolerations: +- effect: 飝壊%ǂP胅ɂǏ趸疷擁鹒DŽ营風顺z拇 + key: Ku2m + operator: ŲǪFTǗǔȟʥȰȎǎo玼Ü + value: 1u +- effect: 雾Ź歘ɇƇ昨OČƑɎ騨Ŗ=Ì楯 + key: 12vKa + operator: ( + value: u +-- case-020 -- +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - {} + - matchExpressions: + - key: a23jbG + operator: yb庇ɍ闒ǰPâƟVsJu + values: + - "" + - 1lQmmGa8 + - XzVleDXV4YoRc + - key: 3Gwd9r + operator: 4Nj7Ġ$Ea狆Ö絞Ƙ殈廔as知 + - key: 7C4FjM + operator: ɩ.叧¬ʧ倒 + matchFields: + - key: H + operator: Ğų* + values: + - 0i + - qK + - key: 7ocDt + operator: 餯ǚ璗汭槰<ƤƐ評ź膹棅珢ȹ3鮑 + values: + - g5Aa1Hm + - LKNvXrtO + - key: o + operator: ŎJ甧鷓 + values: + - vJQQjLRrqIK + - Isj + - 6EBsy + - matchFields: + - key: H0oh1dBCg + operator: 鉔qƿ氵[' + initialDelaySeconds: 1994767434 + periodSeconds: 1832245274 + successThreshold: 598112607 + timeoutSeconds: 1119900418 + name: "" + ports: + - containerPort: -330026000 + hostIP: lrMGYnI5Nd + hostPort: -823142941 + name: zuZWb + protocol: Ȳ + resources: + requests: + 4gK: "0" + restartPolicy: 腼癋ğÑ;漘傩鶷 + securityContext: + privileged: true + procMount: ʍ/O9*:zb飯Gɱ朵醴#ŌKp9嬡 + readOnlyRootFilesystem: true + runAsNonRoot: false + startupProbe: + exec: + command: + - "4" + failureThreshold: -950017148 + grpc: + port: -1475121627 + service: 8veUJnWU5 + initialDelaySeconds: 2007069941 + periodSeconds: -1193308189 + successThreshold: 22288729 + timeoutSeconds: -1492112511 + stdin: true + terminationMessagePath: HIj0kQ + terminationMessagePolicy: ȔNj + volumeDevices: + - devicePath: M + name: sDeN + workingDir: V +- args: + - "" + - ihLoishU + command: + - 8Jx + - j + env: + - name: IDOQ6d + value: 12G + image: b4Wv84l + imagePullPolicy: n暨e懔)k + lifecycle: + postStart: + exec: {} + httpGet: + host: Zl2z + path: pzUIO + port: faRx + scheme: 痣甘 + sleep: + seconds: -632399399483384435 + preStop: + exec: {} + httpGet: + host: pklCf2clqD + path: wk27n2gw1L + port: Ufz19 + scheme: ɷņƑG m刡Ęj敂鏸eāa + livenessProbe: + exec: + command: + - Ar2msVeG + - Uzq6cRL + - dujaQs + failureThreshold: -1776611485 + grpc: + port: 835455646 + service: t + httpGet: + host: hri + path: "Y" + port: 1115673796 + scheme: ʟɏķLYÆŨŔ+Č`4Đl + initialDelaySeconds: -739643640 + periodSeconds: -343509466 + successThreshold: -1698086578 + terminationGracePeriodSeconds: 1800922741783400611 + timeoutSeconds: 1182031959 + name: Bq5FHOsB11r + readinessProbe: + exec: + command: + - XaJ8ft + - 57jh + - sAD + failureThreshold: -1798651306 + grpc: + port: -1714447694 + service: ETY + httpGet: + host: V5DSH + path: g8Ygrn + port: Yp9d22 + initialDelaySeconds: 1612392972 + periodSeconds: 1418157100 + successThreshold: -1106593780 + timeoutSeconds: -1970400805 + resizePolicy: + - resourceName: 93At9v + restartPolicy: 涭ɍƍ蕂 + resources: + limits: + 9g69: "0" + h20A4o: "0" + jh: "0" + requests: + h: "0" + ub364wL: "0" + restartPolicy: Ǎ\ƽţ(鄑鴋Őńy餲ÍwWÅ + startupProbe: + failureThreshold: -513807271 + grpc: + port: -788679788 + service: 3vt1qVexq + httpGet: + host: As + path: gG3Jyf6fQ5R + port: 1058443669 + scheme: I?ʐɡ湚犭檚蚗į*o + initialDelaySeconds: 2034517113 + periodSeconds: 2103822699 + successThreshold: 343263788 + timeoutSeconds: 264518020 + stdin: true + stdinOnce: true + terminationMessagePath: AAYYpB1c + terminationMessagePolicy: 贌.[ĉ熶7dzRVç^'谣蔨d搇ĺÎ + tty: true + volumeDevices: + - devicePath: "8" + name: KZo0u22qdit + - devicePath: Fahm + name: lmO + workingDir: tGNhx3deFLdC +extraEnvFrom: +- prefix: 7DB9SS + secretRef: + name: 5rl + optional: true +- configMapRef: {} + prefix: hPVGtWNNR +- configMapRef: + name: FYMIJ1 + prefix: TEtFB3 +extraVolumes: +- name: 2LSr +- name: J +fullnameOverride: Wpq +image: + pullPolicy: M鉃裹Ú&蚑ƈñĎdzɢ/Ɲ9Ws棝 + registry: 0aw5q + repository: PTy + tag: fclX4 +imagePullSecrets: +- name: p95GzFm3JP +ingress: + annotations: + aH: YQ3 + className: IPc + tls: + - secretName: Ec4sB + - secretName: txdIkdw4sg8IB4i9 + - hosts: + - ypg9XtRg8 + - "3" + secretName: DNdM +livenessProbe: + exec: {} + failureThreshold: 913752382 + grpc: + port: 1322195744 + service: iQNfI + initialDelaySeconds: -1439870739 + periodSeconds: 178258715 + successThreshold: -1591263857 + terminationGracePeriodSeconds: 2751522374216629585 + timeoutSeconds: -1117637199 +nameOverride: aD +nodeSelector: + WUADh: 2ruBNaWxT +podLabels: + Avs0UCvd6: "" + LSaZFj: "" + N3gEYOpkd: zqsd +priorityClassName: 2v89v +readinessProbe: + failureThreshold: 1842275861 + grpc: + port: -1389426650 + service: 0bSW249 + httpGet: + host: 0T + path: RnP5zy + port: -514153800 + scheme: k*x"!掫瘑Ʀ扄]Ĝʅƭȑ + initialDelaySeconds: -1077422490 + periodSeconds: 666536934 + successThreshold: 1405066396 + terminationGracePeriodSeconds: -3980601911100433183 + timeoutSeconds: 665413705 +replicaCount: 330 +secret: + create: false + kafka: + awsMskIamSecretKey: 48EJ + protobufGitBasicAuthPassword: U4TfI + saslPassword: xbKdWIc + schemaRegistryPassword: C + schemaRegistryTlsCa: vACi + schemaRegistryTlsCert: l2SQ + schemaRegistryTlsKey: QXTWL2 + tlsCa: sxqA + tlsCert: MZR + tlsPassphrase: Bf18k +secretMounts: +- defaultMode: 278 + name: Vk + path: HIDtODq + secretName: ycVDxFmgC +service: + nodePort: 413 + port: 310 + targetPort: 265 + type: uvupqC6hE4 +strategy: + rollingUpdate: {} + type: ü +tests: {} +tolerations: +- effect: ƛ=åM綁塈'Ʈ7 + key: X + operator: Y葞ęŊ6ùųŗQ膼芏棔ĿF綩 + tolerationSeconds: -7958891124471630696 + value: iw +-- case-025 -- +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - {} + - matchFields: + - key: Jdk + operator: '''妋ū摺wȋ½骭枰ux' + values: + - L3vrBo + - key: AJyvPdo + operator: QBǏ揅饹\欤ĩ# + values: + - KA4X87 + - kAynjW + - key: INtaCgB9Suw + operator: '"' + values: + - sT5QAUbIK + - matchExpressions: + - key: B1ivFyT + operator: ıD芌ʪÌʡ6坨LʞQ蓠kl + values: + - ZM3ncD + - MaDZJN23 + - nQDH + - key: j1 + operator: ^{Q唤涭 + - key: FMwYRC4 + operator: 構ÁHƲ)ǹō + values: + - tc + - 5w4tJ + - gNCNm5J4 + matchFields: + - key: pIsVqr + operator: j@RUȃfǘ·ɏ!Ǖ灃Ņǟ + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + matchLabelKeys: + - oNBV + - ZW2Upd + mismatchLabelKeys: + - XpmujYp + - zQUvv + - o + namespaces: + - xAojOZ + - 53d1p + topologyKey: wupaWwF + weight: -813250565 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: hRMf + operator: 璢ɂo豢埆o + - key: gByq + operator: '|藐Ç钃[qȂřÜ{南湹裻ßŗyŪ赉' + mismatchLabelKeys: + - 4aBT9oEi8 + topologyKey: "" + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - matchLabelKeys: + - qDyyFpFgn0 + - qAR2Fz8Jbiq9oz + namespaceSelector: {} + namespaces: + - NKeVvij2 + topologyKey: 7OPEY5MMS +annotations: + 7YN: WjRdnTY + J0Eg: alDk +automountServiceAccountToken: false +configmap: + create: false +console: + roles: + - BU: null + - {} +deployment: {} +enterprise: + licenseSecretRef: + key: 3UhYW + name: Ooxn6uesqBg8 +extraContainers: +- args: + - zj + - Z5D + command: + - QfnH4gn + - B1xl + env: + - name: 4X + value: Bw + valueFrom: + configMapKeyRef: + key: Pdqw0Fl3V + name: v3KgbGdzsLvC + optional: true + fieldRef: + apiVersion: NUZjeNE + fieldPath: 9HRTR + resourceFieldRef: + containerName: p + divisor: "0" + resource: shkxnjmC2 + - name: 2i + value: Zxb + valueFrom: + configMapKeyRef: + key: w + name: WzK6UiO + fieldRef: + apiVersion: GnFqZ3 + fieldPath: W + resourceFieldRef: + containerName: 7JDYpnHIpM + divisor: "0" + resource: vt2RbP + secretKeyRef: + key: yl + name: 36xB2Q + optional: true + envFrom: + - configMapRef: + name: V2xmAgfwBn1 + optional: true + prefix: seW + secretRef: + name: Nt + optional: true + - configMapRef: + name: IluKDPq + prefix: N6Uhe + secretRef: + name: TvN6Z3p + image: 3fh + imagePullPolicy: Ǜmʥ薑ōB愌熹g樿ƒ畬ʙ襫,PD + lifecycle: + postStart: + exec: + command: + - wIfuPiat + sleep: + seconds: 6128979882442257912 + name: 0U + ports: + - containerPort: -975012330 + hostIP: nNpK2 + hostPort: -554886438 + name: aE + - containerPort: -2098096147 + hostIP: FeG8 + hostPort: -651932845 + name: xKI1Tv + protocol: :鿅Ǐ!Ʋ卫_ʕȼʗ壷薮蒰NJŌ + - containerPort: 520035268 + hostIP: GyA + hostPort: -1998834660 + name: PR61 + protocol: ŗ蜥aɝWCb锨ȐsO忷ODž)Ŗʃ觃輘 + readinessProbe: + failureThreshold: 1975710195 + grpc: + port: 8949492 + service: USXa + httpGet: + host: 6J2Mk51 + path: FL4SJXOTR + port: c2vVT + scheme: B哰Hȼ涪Ÿȣę + initialDelaySeconds: 1164971701 + periodSeconds: -1267122769 + successThreshold: -102609571 + terminationGracePeriodSeconds: 6799552209277780019 + timeoutSeconds: -995107635 + resources: + requests: + 2j: "0" + restartPolicy: V牜(p + securityContext: + allowPrivilegeEscalation: true + privileged: false + procMount: '@' + readOnlyRootFilesystem: true + runAsGroup: 8605999305673537166 + runAsUser: 1347603438902927360 + startupProbe: + exec: + command: + - JZX + failureThreshold: 1080874840 + grpc: + port: 1467429214 + service: NWBu1S + httpGet: + host: 4ta7S + path: RcBu6 + port: RapJB5x + scheme: ']襰騊缜ă4蘆Ȓ0礓厨獸枓8D' + initialDelaySeconds: -2008822207 + periodSeconds: -614674587 + successThreshold: -402818223 + terminationGracePeriodSeconds: -7949916801988602426 + timeoutSeconds: 209096121 + stdin: true + stdinOnce: true + terminationMessagePath: KRYz + terminationMessagePolicy: Âǚ凍ʄĒ(#Ñ狶8脍ÅdɅș妙觶.祍 + volumeMounts: + - mountPath: LdSrOQ + mountPropagation: Ɗ?ǚ[澆槱ɢ丗7鍚6A + name: sqOobya + subPath: JZEkD + subPathExpr: eJU + - mountPath: K4kwb + mountPropagation: "" + name: YNNb + readOnly: true + subPath: Z0mne + subPathExpr: ngxE + - mountPath: E2GSzT0 + mountPropagation: ȝ註鴔 + name: fRhgta + subPath: y6Y3BdtA + subPathExpr: P0gcNQL + workingDir: rCAtq +- args: + - tJjzGKfki2 + - "" + - furHsPXM1J + command: + - DK3Wlo2n + env: + - name: ud + value: FOyG7u4mv + - name: YM + value: T8mzKDDU + valueFrom: + configMapKeyRef: + key: "" + name: YlrM + optional: true + fieldRef: + apiVersion: TysS9Olq + fieldPath: RX4 + resourceFieldRef: + containerName: o + divisor: "0" + resource: HVzew + secretKeyRef: + key: moOz + name: 9IePG + optional: true + image: hy6X7dY + imagePullPolicy: 秊q魷讍暳ɁiitǦ梒Ʀ疗ǘt + lifecycle: + postStart: + exec: {} + httpGet: + host: 1bv + path: 3IXIEBTRQc + port: dHTyBrOPT + scheme: hƉǤ\ɯ竔}gŘ + sleep: + seconds: 3802753693240438477 + name: mieVkOhQ4 + ports: + - containerPort: 1406294206 + hostIP: XrMHc + hostPort: 1756733537 + name: xrlM3Cv9 + protocol: ^箅瑦|ȭ,Ī憘ʓ焯 + - containerPort: 1867162726 + hostIP: p8Zguos + hostPort: 1052086554 + name: NCa4 + protocol: Ǽ丝等I塸)kɹ~颁!跼S薒SrM + - containerPort: 1770363328 + hostIP: WPUeJ + hostPort: -1882733223 + name: gAUfp + protocol: u舨[ķ獚m灑朷ƶ慹Ʀ + resources: + requests: + CK: "0" + c6WG16NOR: "0" + restartPolicy: 欣ƎȄŚ&廚FË倔Ŋ寬Lw秮x捨 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - Ƶəʣ饅ōǧ营Sȑ粴ƞȜj嬷俋箊ʫ + - Yǻ)Iƕƺ:檂躡J勬垒ď%ɦ + drop: + - f{2Ƭɢ~lĕ猆å~? + - 曣晜Ȅ笛 + - 牧 =鄅銣閦ʜ(lȏ + privileged: true + procMount: Âȼ + readOnlyRootFilesystem: true + runAsGroup: -5895892166477051871 + runAsNonRoot: false + startupProbe: + exec: {} + failureThreshold: 1512924080 + grpc: + port: -55537357 + service: 9KQ + initialDelaySeconds: 1472203720 + periodSeconds: 1367361112 + successThreshold: -1486557603 + terminationGracePeriodSeconds: 2382050275815801400 + timeoutSeconds: 246291848 + stdin: true + terminationMessagePath: E7wMC + terminationMessagePolicy: h僊冢ʐȑ + volumeMounts: + - mountPath: "" + mountPropagation: uÞ揶椬=L>ȕ凭Śȅ3džȿȳ + name: xYM + subPath: nMMkHAUoYIsN + subPathExpr: 579Yn2LXk + - mountPath: 5z + mountPropagation: Ƀ陪7k惿Ɏǚ霤ƨƱ«ɤ»ȣ薥頠媉fʠ + name: KIX5g + readOnly: true + subPath: CGOswgk + subPathExpr: oxiB23ZW2KX + workingDir: IzOAr +- args: + - jrZTvs + env: + - name: jxl5Q + value: fm2F7DzZA + image: r7sTpTP8N + imagePullPolicy: 眒弿 + lifecycle: + preStop: + httpGet: + host: WEBUk + path: "1" + port: -377365982 + scheme: 娖阋顿|儴Éȱ鋦 + livenessProbe: + exec: + command: + - 2j + failureThreshold: -1631622345 + grpc: + port: -188887701 + service: s + httpGet: + host: "6" + path: 07rm4AD + port: DCtZ5 + scheme: ʼnK襡5殛鯙ȋʛ稲(C姓 + initialDelaySeconds: -1011676147 + periodSeconds: -1141844037 + successThreshold: -1528778970 + terminationGracePeriodSeconds: 422553046190448128 + timeoutSeconds: 99607263 + name: rhg + ports: + - containerPort: 1265703793 + hostIP: lYiq + hostPort: -931710582 + name: r2OdlKyZ + protocol: ŌK4Ʒ霖R婧,Ģ墤ʠ_Ƒ亽vĨO + - containerPort: -1093198499 + hostIP: xHuDhI2 + hostPort: 1423992590 + name: WdH + protocol: K嚜pn犓ɯ`劮ƫķPLm + resizePolicy: + - resourceName: M3EK5NW + restartPolicy: Ɲ囩 + resources: + limits: + 4zeCyo: "0" + PgUjG: "0" + requests: + IseC3: "0" + WHgRSz: "0" + yzZn: "0" + restartPolicy: ijƞ墫噌L诠=脳%Ɗ + securityContext: + privileged: false + readOnlyRootFilesystem: false + runAsGroup: -1074724161449891976 + runAsUser: 8255497511479977438 + startupProbe: + exec: {} + failureThreshold: -1172398717 + grpc: + port: 1919051215 + service: "" + initialDelaySeconds: 2020291403 + periodSeconds: 450860281 + successThreshold: 193397000 + timeoutSeconds: -665894379 + stdin: true + terminationMessagePath: MCVu + terminationMessagePolicy: ŷÍ:+壩ùI賎Rɜ卮cɣS惕mIɭ + tty: true + workingDir: 2L97y +extraEnvFrom: +- configMapRef: + name: Es + optional: false + prefix: sb4Y + secretRef: + name: 5boSPUJ +extraVolumeMounts: +- mountPath: "" + mountPropagation: ė1)ʩ瀚汋跁撯 + name: jFvwz + readOnly: true + subPath: JP5wgP3 + subPathExpr: J +extraVolumes: +- name: Jq0CSftnp +- name: QMHGzzYC2HW +- name: 1PkbzhfK +fullnameOverride: Uo +image: + registry: gFOwHIo + repository: tdq9GJrg + tag: J +imagePullSecrets: +- name: iA1C +- name: ZOdo +- name: qTOK0W +initContainers: + extraInitContainers: UHL +livenessProbe: + exec: {} + failureThreshold: 1473046311 + httpGet: + host: z + path: qQEf + port: -1047428780 + scheme: ȭ龙ğ疹ǜ"ȹȫ怆Ȉiʊ泹牫綖K + initialDelaySeconds: 272400025 + periodSeconds: -1682707125 + successThreshold: -2007433775 + terminationGracePeriodSeconds: 7823760182761119586 + timeoutSeconds: 2024118005 +nameOverride: Mh +podAnnotations: + bHXzf: nOiRsvEXH +podSecurityContext: + fsGroup: -6946946538076897241 + fsGroupChangePolicy: 呆ɔȂwijà + runAsGroup: 3944693697856007637 + runAsNonRoot: true + runAsUser: -732766343758518304 + supplementalGroups: + - -5691922089175975080 +priorityClassName: 0bGHQk7gL +readinessProbe: + exec: {} + failureThreshold: 1554150391 + grpc: + port: -2094102439 + service: 0dg5DO + initialDelaySeconds: -564389480 + periodSeconds: -266349500 + successThreshold: -428571163 + terminationGracePeriodSeconds: -4351299803972335390 + timeoutSeconds: 1803246595 +replicaCount: 345 +resources: + limits: + LxNMXlMD: "0" +secret: + create: false + enterprise: {} + kafka: + awsMskIamSecretKey: SDPuUt + protobufGitBasicAuthPassword: nq + saslPassword: TLAP + schemaRegistryPassword: AFn + schemaRegistryTlsCa: KbZhZV + schemaRegistryTlsCert: dGfweV + schemaRegistryTlsKey: X2B + tlsCa: Zmu + tlsCert: Lv4BgewmU + tlsPassphrase: bCygOn9yJR + redpanda: + adminApi: + password: AE + tlsCa: CEhIkvxe10u + tlsCert: mjaN + tlsKey: j2mDL +serviceAccount: + automountServiceAccountToken: true + name: H5TDAALUdD +tolerations: +- effect: 媄 + key: IQD9Yww8 + operator: bǾå鱍 + tolerationSeconds: -7454358062612206872 + value: odxS1Q2Sd +- effect: Ɣv璔}oȡʞ¤ + key: ySGX + operator: ƪ渺¸貗ȹV廋ȉňu増嬎Ë韍ǘz茩Ƹ怯 + tolerationSeconds: -1083807005557333468 + value: bAy +-- case-026 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: GP94 + operator: 駑Ŀ峇[ɕdž0 + values: + - jjNFKv8 + - uG7Rs + - ApO075 + weight: -549077137 + - preference: + matchExpressions: + - key: R88 + operator: Dzv)bôȏ磜覐橮波赘T^ + values: + - DscaGMdgXV + - uy + - N3d + - key: "" + operator: 誮Vw!/毴Z匌忶ª渆 + values: + - 4mX0s + - key: byy + operator: 鿟y馡錥HJ鶟b左Ő*čt顭塶 + values: + - 6oQ + - 9r22TM + matchFields: + - key: fNLkt + operator: "" + values: + - tW + - M03GnpfhQn + - key: WQQs + operator: 騡(Í芝x焍麅ɰ窓ɶÜò鵹 + weight: 579622465 + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: {} + namespaceSelector: + matchLabels: + IYAfjz: GloAc + namespaces: + - hfFjlR + - KWIdaP11Y + - 3Dn + topologyKey: UB + - labelSelector: + matchExpressions: + - key: B7LSh + operator: ɉ邦夝ɷ1傹Þ袳@ɲ鉴 + matchLabelKeys: + - "n" + namespaceSelector: {} + namespaces: + - 88M + - fIEJUewFK + topologyKey: i +autoscaling: + maxReplicas: 86 + minReplicas: 445 + targetCPUUtilizationPercentage: 362 + targetMemoryUtilizationPercentage: 8 +commonLabels: + "": h0uSAPIi + kuKPk7: "" +configmap: + create: false +console: + roleBindings: + - null + - 9T: null + fxu2XaR: null +extraVolumeMounts: +- mountPath: q + mountPropagation: 跐ʩ4鄧SD炿ɜǚhU + name: "" + subPath: SCLzbAMUW3x + subPathExpr: nzFw +- mountPath: cX8U + mountPropagation: b幈簇@艭K + name: b + readOnly: true + subPath: u5fY + subPathExpr: TRymQ +extraVolumes: +- name: LeIYAb +- name: 176OvjD +- name: b6NpMGfVo1N +fullnameOverride: qhaD +ingress: + annotations: + Lftu: PjroKEh + qvZJNWSzR: Jpoyc0 + className: cAir + enabled: true + hosts: + - host: o + - host: i18Wi + paths: + - path: apsXYvp + pathType: 7q5 + - host: 8eBXg + paths: + - path: cMbMbCQl + pathType: gJT + - path: XvfTwH + pathType: 4se + tls: + - hosts: + - fqD + - JDOgIG + secretName: vzUD + - hosts: + - M6H + - T + - twxgtsi + secretName: lg5siLdo +initContainers: + extraInitContainers: 9KiOC +livenessProbe: + exec: + command: + - 0gsq + - "" + failureThreshold: 1372450161 + grpc: + port: 347104155 + service: Vtf + httpGet: + host: 3Is + path: mFQXEnm + port: -207107285 + scheme: u + initialDelaySeconds: -913177144 + periodSeconds: 912808843 + successThreshold: -765941931 + terminationGracePeriodSeconds: 220495921853460964 + timeoutSeconds: 1174210794 +nameOverride: vLjrafvp +nodeSelector: + ggwC: SQ + rIwToCbB: tUBM5 +podAnnotations: + LtAjph: 8Q + MiPvJub: 0x + j: xR98FRh +podSecurityContext: + fsGroup: -2594082004410587315 + fsGroupChangePolicy: 'ċV1鯍E ' + runAsGroup: -880388195249084168 + runAsNonRoot: false + runAsUser: -9051010573896129766 + supplementalGroups: + - -2777109499517677979 +priorityClassName: JnI8 +readinessProbe: + exec: + command: + - GZAhRFJb + failureThreshold: 1666039794 + grpc: + port: 1689867278 + service: eUJ + httpGet: + host: 6M6GMp + path: hr5gg + port: -751083361 + scheme: 戉窻¦ǃ楓Ëʆ張ǛȤʊLȉŐX5 + initialDelaySeconds: 989921147 + periodSeconds: 536392931 + successThreshold: 1020018972 + terminationGracePeriodSeconds: -955330372102946036 + timeoutSeconds: 1790731281 +replicaCount: 78 +secret: + create: false + enterprise: + licenseSecretRef: + key: yi3 + name: "" + kafka: + awsMskIamSecretKey: J36kR7z6r + protobufGitBasicAuthPassword: xf + saslPassword: jW + schemaRegistryPassword: Z5gF2 + schemaRegistryTlsCa: eGSsHDQm + schemaRegistryTlsCert: NmVf1RW + schemaRegistryTlsKey: DKqtW + tlsCa: 8WuqzUG + tlsCert: yrd + tlsPassphrase: swQ7r + redpanda: + adminApi: + password: mN1ZSR + tlsCa: hrjyEhM + tlsCert: YozBWkwcZ + tlsKey: 1p2 +secretMounts: +- defaultMode: 45 + name: ooYxXE + path: U6f3w + secretName: LyH9zvv +- defaultMode: 429 + name: Hmms9 + path: qzOMXCl + secretName: zvR +- defaultMode: 39 + name: "" + path: dXa6uPxR + secretName: PC2Ms7 +securityContext: + capabilities: + drop: + - ɿX齀蹪 + privileged: true + procMount: Ƚ[孠犥ƶʒ)遷U竕 + runAsGroup: 5229411704597623894 + runAsNonRoot: true +serviceAccount: + annotations: + "": tWl + 5mzy: 4t87VKeHA + a: UqD3iv5LoNYP + automountServiceAccountToken: false + create: true + name: Utu8ZHG2 +strategy: + rollingUpdate: {} + type: I6终j2炅ȲbȻ +tests: + enabled: false +topologySpreadConstraints: +- labelSelector: {} + maxSkew: -154369657 + minDomains: -319419210 + nodeTaintsPolicy: '#Vʅ糗斬ƈ橮IJȶ纀' + topologyKey: dTnKex + whenUnsatisfiable: '@OȤ驮Ʀ琓' +-- case-027 -- +automountServiceAccountToken: true +autoscaling: + maxReplicas: 432 + minReplicas: 265 + targetCPUUtilizationPercentage: 239 + targetMemoryUtilizationPercentage: 130 +commonLabels: + Q0: "" + T4ZmAFi: nfIb0b +configmap: + create: false +console: + roleBindings: + - ElN: null + roles: + - DZcCdT: null + imlLddN: null + - null + - 0MFHoDlkID: null + Xe: null + daS: null +deployment: + create: false +enterprise: {} +extraContainers: +- command: + - WY + - F9X2FePO + env: + - name: MbWT2gynlq + value: S + valueFrom: + fieldRef: + apiVersion: 4msaX + fieldPath: XvlI + resourceFieldRef: + containerName: LEQ + divisor: "0" + resource: oHigE + secretKeyRef: + key: feJnSFqmYy + name: m3lrGM + optional: false + - name: omlZ5 + value: w + valueFrom: + configMapKeyRef: + key: w3iwXnte + name: LqORIZ + fieldRef: + apiVersion: D + fieldPath: bG + secretKeyRef: + key: UeU9m8 + name: 1asSl0l + optional: true + envFrom: + - prefix: HYy4 + secretRef: + name: Q2DTvNx + optional: false + image: jqvBPfz + imagePullPolicy: 庛Ƴ2ɥÔǦ /d2&xȉLJǸAƟ + lifecycle: + postStart: + exec: {} + sleep: + seconds: -1579243177624029331 + livenessProbe: + exec: {} + failureThreshold: 1986638671 + grpc: + port: -1841897347 + service: iUEc + httpGet: + host: CN + path: Dg + port: SYkYMHB + scheme: Ě緷8ĸ)=©ʢ昆ſ9 + initialDelaySeconds: 1029653594 + periodSeconds: 1999066162 + successThreshold: 1106634015 + terminationGracePeriodSeconds: -9022596879374385638 + timeoutSeconds: -809472655 + name: 4D + readinessProbe: + exec: + command: + - iBTD4t + - MY + - Nf + failureThreshold: -1222179068 + httpGet: + host: kgZUkVZPDf + path: hM0yLfiTS7 + port: 846109331 + initialDelaySeconds: 1673719989 + periodSeconds: 1380685354 + successThreshold: -606822450 + terminationGracePeriodSeconds: 2325612573519357970 + timeoutSeconds: 1351631713 + resizePolicy: + - resourceName: KQTh + restartPolicy: 變ȶjȤðʂȈE9ȹɵ礌蓍p殗Ɏ$蟙預 + - resourceName: BATAmUasox + restartPolicy: G寄7]^v腘 + resources: + limits: + 1mn: "0" + 8dnmgn7Vur: "0" + QUXI: "0" + restartPolicy: Ė + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 餋Ƹ + - ǂnlș + - VLJ2範足诮ÈƋʡĻ + procMount: u¸`TE擴弌/yƦ6帜ǏT鱷潈ř蚒 + readOnlyRootFilesystem: true + runAsGroup: -2334732936143374752 + runAsNonRoot: true + runAsUser: 8673583599260752552 + stdin: true + terminationMessagePath: M934 + terminationMessagePolicy: VF¾弎6a巭ġʥţƟ贯Ǐ飙卮ǥĤȸ + tty: true + volumeMounts: + - mountPath: DzNFL + mountPropagation: 单嶃ɠȕƢ砩寢烕TnǣɅƩ帳 + name: "75" + subPath: Up5FB + subPathExpr: 6nD + - mountPath: qj1c9JPX8 + name: 1K + readOnly: true + subPath: H + subPathExpr: LEVSxozubwU + - mountPath: Ll8X + mountPropagation: '@ï禺pƱ=庶ŊJĤ那[:晙dYĸ獘' + name: PGcOpQ3CM + subPath: 1eBZtMIP + subPathExpr: CRyBKRO + workingDir: s +extraEnv: +- name: k7DjEACXyN + value: Pa4mYEUC + valueFrom: + configMapKeyRef: + key: "" + name: RHdV76r + optional: false + fieldRef: + apiVersion: wxIgM + fieldPath: aBDwplYtr + resourceFieldRef: + containerName: xIL7REN8 + divisor: "0" + resource: QCgp9k + secretKeyRef: + key: ag7Jr1e0 + name: I8vGzsJX + optional: true +- name: pG + value: yTh3djvsV +- name: fjV8k4J8 + value: KHKYS + valueFrom: + configMapKeyRef: + key: DFyBHQO + name: s + resourceFieldRef: + containerName: vd0tsh + divisor: "0" + resource: IgH + secretKeyRef: + key: F + name: a34HcjMyaQ +extraVolumes: +- name: "n" +fullnameOverride: 61hunk +imagePullSecrets: +- name: jkqm +ingress: + annotations: + "": ZtbWlWc + y1ML9Hmg: d6h9 + className: Ijdd3 + enabled: true + tls: + - secretName: x + - secretName: aSf1 +initContainers: + extraInitContainers: vN +livenessProbe: + exec: {} + failureThreshold: 302661968 + grpc: + port: -418561550 + service: kQV1xc + httpGet: + host: UlBEGBj3 + path: qjxTH + port: n7 + scheme: '''(旆PT馷J溠F斃ɦ娴含Q嘱\t9' + initialDelaySeconds: -1367097431 + periodSeconds: 2073795341 + successThreshold: -1800407036 + terminationGracePeriodSeconds: -3519876905947517853 + timeoutSeconds: 1644960855 +nameOverride: h9P +nodeSelector: + B1PiWrl0VUETb: x + DhTxFTV: 3O4Y106 + i8QiXusZ: YBeiJfZK9g +podLabels: + Zrl6: 0D0M + wbG: ZcWnb +podSecurityContext: + fsGroup: 3334237787347678751 + runAsGroup: -5325418670707949502 + runAsNonRoot: true + supplementalGroups: + - -2717337443247240979 + sysctls: + - name: "" + value: R +priorityClassName: bpi +readinessProbe: + exec: + command: + - xz + - e2gf + failureThreshold: -1765420422 + grpc: + port: 879468582 + service: bqFsvC9nR0 + httpGet: + host: CrL + path: 9Jt + port: 7Y + scheme: )ǔ軛醲]8z傏$荸觖稄鱑Í朹s狑Ȱ螪;ǃ嘲 + values: + - gIlS + - 5lD7AvT7I + - "8" + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: hi0zfFEN + operator: 裧禿 + values: + - SymXRnv + - iKr + mismatchLabelKeys: + - wesfXhv + - Z78yvK + namespaceSelector: + matchExpressions: + - key: jqHt + operator: ûų:碃;ė燱5ìb-垢xźɆ + values: + - u8cOuqy + matchLabels: + "8": nCrnu + Fd: 5YhLJD3 + r5sMi70hp4TeB: KrDX7d + namespaces: + - LOH + - 9EvOI7HWh + - 5sHJp + topologyKey: "" + weight: 403248696 + - podAffinityTerm: + mismatchLabelKeys: + - Vrf + namespaceSelector: + matchExpressions: + - key: 5w + operator: '|泀ŏ咙ƚ' + matchLabels: + 4vRvwhR: Nz + T6uTCUGiwx: lS + ZuFER: Db8xhFevK + topologyKey: K7NA + weight: 249855905 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: No2 + operator: Ɗ]鿇躠骐 + matchLabels: + 7nohEoAMei: WrMV + ddLK: 2ehkh + qtrhf: EAAqHFcrjgT + mismatchLabelKeys: + - DrrBoq + - Nh + namespaceSelector: + matchExpressions: + - key: BEXHPr1wQ + operator: 傝魦voȪwć撈 + values: + - i3 + - gUU + - 7nmbvkGs + matchLabels: + Rh65F: rKR + namespaces: + - 1x9DGG + - xKj137E + topologyKey: CSNQy1M + - labelSelector: + matchExpressions: + - key: psq4G + operator: ɓƦ + - key: 3IlNf + operator: ćȬ4鏉1, + values: + - L0 + namespaceSelector: + matchExpressions: + - key: nVgt + operator: ɤ湿ŭò-ɋ鼴)箥Ȅ鋖ʄBK + - key: GD7 + operator: 峄9ƚ涙閉ʃ謩云飠:鎂玚wƁȖ] + values: + - i8cg6A + - TeOYSsj + topologyKey: rEB + - labelSelector: + matchLabels: + s0PrY366si5H: Qwj + ytBgNf0: e + mismatchLabelKeys: + - eylzvu + - q + namespaceSelector: + matchExpressions: + - key: os4H6DpxQ + operator: 5õċ鋵葿葄痄ɍ览逪ȋ`j + matchLabels: + vL3arho: gPmLG + namespaces: + - PjQTIWTFeK + - g5HCelWpMjnF + - QN3mXW + topologyKey: I5osiWTrzhb +annotations: + WVwaqt: gTMC + s6HZpOA: bc0 + sZaCXy: LXRQNTghxb1 +automountServiceAccountToken: true +autoscaling: + maxReplicas: 404 + minReplicas: 186 + targetCPUUtilizationPercentage: 200 + targetMemoryUtilizationPercentage: 383 +commonLabels: + HzuQ: mCfbHBQ + xi7L: ibI45 +console: + roles: + - null + - null +deployment: + create: true +enterprise: + licenseSecretRef: + key: 8MG + name: 83OH +extraContainers: +- args: + - K9 + - 02olyp + env: + - name: F + value: rhVGTadjT + valueFrom: + configMapKeyRef: + key: 3TA0cg2R2 + name: DLZ + fieldRef: + apiVersion: s + fieldPath: Ux + resourceFieldRef: + containerName: avop + divisor: "0" + resource: itl5J4xK4 + secretKeyRef: + key: Av9eKok + optional: false + - name: QaOLYDLT + value: FQu + image: 1MFnpZG + imagePullPolicy: 脓 + livenessProbe: + exec: + command: + - lH4S + failureThreshold: 1311534645 + grpc: + port: 1048835191 + service: p5EtELTs + httpGet: + path: Zjrv + port: Ypah5av + scheme: þʙ龠ȉ%Vę皓ŏ蟝ǙĿìɋN + initialDelaySeconds: 1980070741 + periodSeconds: -728109708 + successThreshold: 1412960079 + terminationGracePeriodSeconds: 4797597904045467368 + timeoutSeconds: -1164059804 + name: oron + readinessProbe: + failureThreshold: -1734715333 + grpc: + port: -673781482 + service: 20iHh + initialDelaySeconds: 270804414 + periodSeconds: 1240219458 + successThreshold: 957649997 + terminationGracePeriodSeconds: -7921460752123720147 + timeoutSeconds: 2069469191 + resizePolicy: + - resourceName: M29 + restartPolicy: tL + - resourceName: WK + restartPolicy: T軂>ȋ1觫蚴Ș + resources: + limits: + KS: "0" + ZDx: "0" + kIjQHQZ: "0" + requests: + BSB: "0" + restartPolicy: LJW獮 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ɺ嚹晐囕胐ƻ + - ņɹ桴O塾q6賤呋f铰}Ʒ輽ʁ[顝 + runAsGroup: 6868723237582569296 + runAsNonRoot: true + runAsUser: 433131246318901172 + startupProbe: + exec: + command: + - mB6 + - Om9w + - "" + failureThreshold: -1184477652 + grpc: + port: -1276243610 + service: m6d + httpGet: + host: VzPuwIiTpY + path: C + port: 0NYj1C + scheme: V=@彆鈂t³Ɉµs斾m蛊ɲ + initialDelaySeconds: -898287287 + periodSeconds: -413255468 + successThreshold: -1510482870 + terminationGracePeriodSeconds: 4884332649151510354 + timeoutSeconds: -1445193311 + stdinOnce: true + terminationMessagePath: DQTH7 + terminationMessagePolicy: ÈɁ;ň);ɑI×ĕ觫'ɣ + volumeDevices: + - devicePath: v + name: AZ6wCimJFM + - devicePath: ZtIx + name: GFe3 + volumeMounts: + - mountPath: tt + mountPropagation: 侮E墝調cé攊疀" + name: UJ + readOnly: true + subPath: JlqP + subPathExpr: lA2v + workingDir: OV90 +- command: + - 8jHRuz + envFrom: + - configMapRef: + optional: false + prefix: yfl3PI + secretRef: + name: r7eR + optional: true + image: m4Etaoz8Bf + imagePullPolicy: okÛļ閷YƗzƄǧ + lifecycle: + postStart: + exec: {} + httpGet: + host: zu9aQLsX + path: xIFogzAoC + port: 1MjUE + scheme: 斔疏ʟn菝 + preStop: + exec: {} + livenessProbe: + failureThreshold: -1399917612 + grpc: + port: -876522011 + service: 2y + httpGet: + host: X9nNdf + path: 8mVJlz + port: 220487349 + scheme: 兇)hr裳ǔ湟钑>ȓn厠tū晣颊 + initialDelaySeconds: -968878635 + periodSeconds: 411754743 + successThreshold: 2083381130 + terminationGracePeriodSeconds: 2736468416107855115 + timeoutSeconds: -423937148 + name: Or + readinessProbe: + failureThreshold: 1628351372 + grpc: + port: -1466105410 + service: b + httpGet: + host: 8kOz + path: IhSlrBw8tiX + port: 1Vd + scheme: qV·dƖ> + initialDelaySeconds: 735135195 + periodSeconds: -175995819 + successThreshold: 1379601279 + terminationGracePeriodSeconds: 386635447886660712 + timeoutSeconds: 125503732 + resources: + limits: + LuudLJ9i: "0" + iXpYUWY: "0" + mHi: "0" + requests: + XLnFU: "0" + mSq9e3u: "0" + t6WYwzmga: "0" + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - ɭ鎣肪綢ȀNj8)屫鈄骸嗢æ憰qWTƶ剡 + - "n" + - OwkʙƝk}ɾ丧< + drop: + - Ť<嶼ȯ愉9宆嵧pɡ%ɐxė鹞鸵鏞 + - ƅgʆ炊ƞąÙ$Ǯ帶SȔ黌畕ǦƖȫV9 + - Ŏʠ羮ɍ痘摬 + privileged: true + runAsGroup: 5710532895986022625 + runAsUser: -7207500526873245606 + startupProbe: + failureThreshold: 2053062827 + grpc: + port: -1076044334 + service: s8s7 + initialDelaySeconds: 7348194 + periodSeconds: 889500482 + successThreshold: -645465298 + terminationGracePeriodSeconds: 4356974427366499939 + timeoutSeconds: 136481601 + stdinOnce: true + terminationMessagePath: t4pW + terminationMessagePolicy: ƣ + volumeDevices: + - devicePath: Df8O3UFZ + name: QL93u + - devicePath: WKg + name: nD4H + volumeMounts: + - mountPath: xs9 + mountPropagation: e羝ș+oũ蘘汉 + name: grr + readOnly: true + subPath: aUYSuUM6f + subPathExpr: mm773yL + workingDir: o +extraVolumeMounts: +- mountPath: P + name: zBgE7HVQ + subPath: hw6PBLgv5R + subPathExpr: YAI5mPj5 +extraVolumes: +- name: "" +- name: SXJ +fullnameOverride: HK +image: + registry: nZ5PG + repository: 5q2qCT + tag: z10JAfCu +ingress: + className: fq2w +initContainers: + extraInitContainers: DVbGC0v6g +livenessProbe: + exec: {} + failureThreshold: -1989869025 + grpc: + port: -580257384 + service: xF + httpGet: + host: EFelM2 + path: NL + port: -1619787350 + scheme: eƌ閽2溧估槞 + initialDelaySeconds: 56050789 + periodSeconds: 193173949 + successThreshold: -1606638368 + terminationGracePeriodSeconds: 9170924509557781641 + timeoutSeconds: -1117024654 +nameOverride: 3Wh +nodeSelector: + Jy9: v + VcMeUW2U: xOwcDQYY + wkI: TbemvxUUg +podAnnotations: + IVy: ho3qpcI +podSecurityContext: + runAsGroup: -9040107238323408835 + runAsNonRoot: false +priorityClassName: sLkcwZ +readinessProbe: + exec: {} + failureThreshold: -509957017 + grpc: + port: -1088874416 + service: kVlcoq + httpGet: + host: yJj + path: SWu6bW + port: V + initialDelaySeconds: 1816814831 + periodSeconds: 406466643 + successThreshold: 450108513 + timeoutSeconds: -1862950899 +replicaCount: 385 +resources: {} +securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 邻ȸNJ"纴ý汫篤訙铵寄貹Z[逗ą弣 + - lǀ敕ɖ + privileged: true + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 3375680259081538534 +service: + annotations: + 33Yi: tesf5 + nodePort: 286 + port: 389 + targetPort: 52 + type: sIQBZD +serviceAccount: + annotations: + 0E6ZFg: nO7Yr55 + 8JN3: B + create: false + name: 43zobnL +strategy: + rollingUpdate: {} +tolerations: +- effect: 蜆³Ə抴璖獍ä鷲炥/=霒0ǷU伀稂ı + key: EMvrrkeG3 + operator: Ȓǒs夃Ȑɉ鋄蛓m÷,旂 + value: yd +- effect: 旌;"ȡ媟窐:ljʥh蓭殰Ȩƴ邃ȬIȻL + key: n87GpiB + operator: '偵~ȥʢȈ珎ſ龕5sʠŇưT4-§Ƀ ' + value: TUaznROmQffrRe1 +-- case-030 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: i3NrGin + operator: LȜɯı偎鵬ćƾ輨ɒ诏Ƞ韾ʂɅ袅 + values: + - ceEnH + - hk + - key: NcZdG + operator: 4# + matchFields: + - key: iJJ + operator: 椤甏Q"dč膌嶁ŵ + values: + - pqbO2v + weight: -888291486 + - preference: + matchExpressions: + - key: 6yk + operator: +[`¥鯦Kqlǣ詆繉ĔNjUƆ + values: + - 9jizdnZ + - 1HUyNhM + - qxDTvf + matchFields: + - key: hCPEY + operator: Ɇ>隣,讽鬓捍+瞶媘暺ɭEƙ + values: + - Ripsc + - CqS + - key: DVFDiRmz7 + operator: U[ + weight: 1468051205 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: v + operator: 舘LJwMa煗 + values: + - 8yax8 + - acSVUNTfJ + - "" + - key: oeJI7K + operator: Ȩ岵Ư塠ŕ惆^ȹ]Ǥ(蓂心[6 + values: + - VT3avr + - 1sP4V + - key: INgeGc + operator: 7ȋ_ƫ俾NīÂ缷 + values: + - K6yWR + - matchExpressions: + - key: s + operator: ǖ鱝U9y,ijO<ǯŹ斔ɥɍQŝŘ + values: + - V7Cj8gd672O + - Jxq7EqU + - "" + - key: gYq6n + operator: J30ǂ涉Ǖ絜拃Ȃ隰韤Ko + values: + - cFfLM2a + - cmwJ5 + - NvVSgzPk0K + - key: ha1vIvxMS + operator: 鹶ƦÍR\Y + values: + - kno2LivX + - ZBSIfmJ1 + - Xy + - matchFields: + - key: cGJbcb + operator: M$铯但ƙ崍0塁7ɔ籇ȏč3ţħ + - key: t9tN + operator: ĴĹApŰƎyģ+7ɬ5 + - key: q + operator: ĂǮȅ魥ď疪@ɓ擼 + values: + - GHyvS63U + - lupcwbTbly + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + q: oY6el1mi0 + w: C7Cxyx + matchLabelKeys: + - HMg6IP + namespaceSelector: + matchExpressions: + - key: Crz + operator: əɃ笕P頔ɾ絿ɟ秜Ć冦Ǒ钹圤|讪ɩ + values: + - Dtei + - 1zhZl + - bd + - key: RjH6F + operator: æ監F箂Ñ9 + values: + - n91j6BXw + - 3RLy + - m + namespaces: + - N0Oqq32Q + - TJpJ52Je1Ikj + - "" + topologyKey: HeJdmR + weight: -259316091 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: R + operator: 麦谐ƺɐqNJ7篐瘘ƊƧR菴qȃ + values: + - 8p + matchLabels: + WW: GL0oC8Fkf + mismatchLabelKeys: + - cdHA3 + namespaceSelector: + matchExpressions: + - key: ar9Y3Br + operator: pK屨鑊聫翶鲔举腏熝ɴ鷏žŝ + namespaces: + - U9UV + topologyKey: cpw + weight: -400075332 + - podAffinityTerm: + labelSelector: + matchLabels: + hYm: "" + mismatchLabelKeys: + - fCOHEas + - uHnZlu + - zhGS + namespaceSelector: + matchExpressions: + - key: HZEOkit1i + operator: '@ÍȪ蟔ʖ' + values: + - t9Xj + matchLabels: + "": so + topologyKey: "" + weight: 2103394856 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 5LP9ZW14 + operator: "" + values: + - O4Urq + - key: f3f + operator: õǷ膀3堢ƧŸ + values: + - GJnsN0 + - key: MOJiCs9Qi + operator: Ȥ:危L昝×秲d3ğd曱窸 + values: + - 3keSh + - Uyy + matchLabels: + R: dUyJ0OOVapc + mismatchLabelKeys: + - Xjqx8f + - I5k + - wq0 + namespaceSelector: + matchExpressions: + - key: UP + operator: ȡ畅fȐiú鍿6+襄懬Uċ + values: + - NmZvVOQ + - key: P0hfM + operator: 黣`倴Ŝʪ鰷淸 + values: + - 0GsglT + - MMOe + - uU7Q9 + - key: qnv + operator: æ钹eťǧI薶瘃預ʑ歪yʖb7IwɄ + values: + - McuTAiUq + - XvSAD + - 4e9Vd4vq4 + matchLabels: + "": 4O2glzZ + namespaces: + - wblXzeT2 + - qKILJo + - lPV + topologyKey: Jnwfpfk + - labelSelector: {} + matchLabelKeys: + - tMph8mi + - Ry31wp + mismatchLabelKeys: + - tBHze4gtm0s + namespaceSelector: + matchExpressions: + - key: RpYdzfZ + operator: 攆KRɮõ涸WæĥŽ¡犇fʼn利$蘁干 + values: + - 8Pxd + - V50 + - key: I0O + operator: w"ʈö褥屑ɣAR(憍Nj松趯ĩȁ + values: + - "" + - 6yt2J + - key: fR7 + operator: GǼ舿 + values: + - gP + - LxpC1 + - brLBqM + matchLabels: + "": D5eSOeauL + namespaces: + - xrd20T0 + - GVD45 + - UU3YxE + topologyKey: augu3G + - labelSelector: + matchExpressions: + - key: c17UgoCbg + operator: -蟁楉mƸ赢UȇEŏ + values: + - cr + - CSYe + - key: FM6GBGy + operator: ;疩Ȯ慫ʂy_Ɛ碷ʩʀđ忮 + matchLabels: + Q4hS: 2Z + w: pvyR + matchLabelKeys: + - PLi + - G2W4IV + namespaceSelector: + matchExpressions: + - key: 8Z + operator: Ȩ卭閃N弲ʠǠ驯Ɩ8Ýʊ + values: + - rEFXZ1 + - oXxjjBM + - iovjqaN7g + matchLabels: + 3ZwMBixAo: QeYp0O + topologyKey: AH3A + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + 7hX7: uCFlimRES0ZJ + matchLabelKeys: + - CxxMt + namespaceSelector: + matchExpressions: + - key: Xra0M + operator: ʙƤ潯ɔ + - key: "" + operator: 8媮­Ů籌<ǫ + values: + - RsIq + - wqR2cm + - key: ottvJh4 + operator: ¢M&<叇誆戛!Ʒ"(Z氇z錉¬$ + values: + - 5sMUIY + - SV + matchLabels: + iciKwm: xkq + vPG: oQs + namespaces: + - AtM4 + - rZdQ + topologyKey: 9FnG + weight: 1109931313 +annotations: + 5ya: nNowhQY2Bp +automountServiceAccountToken: false +autoscaling: + enabled: true + maxReplicas: 10 + minReplicas: 306 + targetCPUUtilizationPercentage: 227 + targetMemoryUtilizationPercentage: 477 +commonLabels: + T: f0 + jwrBMvwfg: K6I5HsI5 + nk8eJc: nS +configmap: + create: false +console: + roleBindings: + - E: null + W67WBz: null + nYCT7q9: null + - 2S0: null + Nx24C: null + WacOKFS1: null + roles: + - i5oc: null + - {} +deployment: + create: false +enterprise: + licenseSecretRef: + key: ZJGo + name: oxACi6X0cy +extraContainers: +- env: + - name: rV6MouQf3 + value: E21XoHIB + valueFrom: + configMapKeyRef: + key: LDu + name: Flu + optional: false + fieldRef: + apiVersion: Rc8broTqb + fieldPath: "6" + resourceFieldRef: + containerName: VPb + divisor: "0" + resource: PUL + secretKeyRef: + key: xwKJr5 + name: 8K3IIl70g + optional: false + image: d3e1 + imagePullPolicy: 梅E垉丿ȁƘg/§Oaq嵌艷ɖ½飚 + lifecycle: + postStart: + exec: {} + httpGet: + host: WyIob + path: sVvxO + port: SivnsYEe + scheme: Ǖɜsk煨a% + sleep: + seconds: -5241114468416153504 + preStop: + exec: + command: + - h0 + - PbwM + - xML1a5IbGl + httpGet: + host: i8l7K + path: v0TIlzugj + port: UO1j5 + scheme: 痍´荭鲪 + sleep: + seconds: -5262918982231100330 + livenessProbe: + exec: + command: + - MAKziqqn2 + - RtC + failureThreshold: 301723627 + grpc: + port: 1522990624 + service: Y2uF8U + httpGet: + host: 8E6hLWDfL + path: ptr + port: -819495670 + scheme: 畊傲Ā5ʇġ杭ăïƺƢh]薰 + initialDelaySeconds: 975121998 + periodSeconds: 1462200965 + successThreshold: -1868145610 + terminationGracePeriodSeconds: 438373319570860757 + timeoutSeconds: -992167018 + name: xGfw + ports: + - containerPort: 1210092140 + hostIP: aXzKT + hostPort: -1118392417 + name: A5VIRuB0ki + protocol: 巔B兓汳LDŽ5ǒʛ岹璜ʂá&Ɠ + - containerPort: -1184047055 + hostIP: nLlzZ + hostPort: 1916025056 + name: CSeXd7M + protocol: 朿! + readinessProbe: + exec: + command: + - AfVsN7lM + - SoZ + - yZ2uB93C + failureThreshold: -1305050809 + grpc: + port: -1574571534 + service: vhf8x + httpGet: + host: 2zqRpIh + path: ZRe + port: 1109632462 + scheme: '*h嶳椗痢%īƺ' + initialDelaySeconds: 157767030 + periodSeconds: -538159566 + successThreshold: -909232559 + terminationGracePeriodSeconds: -1089882796882580867 + timeoutSeconds: 1392958383 + resizePolicy: + - resourceName: JCDaktfU + restartPolicy: 鈇Hƣv蘺 + - resourceName: "" + restartPolicy: 魔ţv毇俺ɚ + resources: + requests: + DA9: "0" + XdW14: "0" + lUcQG: "0" + restartPolicy: 淣遦髺tMőƤ橷僟 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 兪q6赀覱勯痜.I膴6+V旱Ő佀 + - 焤Ċʐæ舁ŕ齸Ġ + - uo妿Iǥ2JǟAŊ訖ʆD + privileged: true + procMount: Ɋ胘ſȾ鞣殦ơɧ­ǶǴU譶 + readOnlyRootFilesystem: false + runAsGroup: 5199515302292266073 + runAsNonRoot: false + runAsUser: -7335995488954570305 + startupProbe: + exec: {} + failureThreshold: -777300462 + grpc: + port: 2095052331 + service: bfVTOPN1hv + httpGet: + host: Kp + path: b1bcG9oDl + port: 1383634294 + scheme: 谳涿v衃$Ơʓȳ浲呯 + initialDelaySeconds: -1373123738 + periodSeconds: -1183287381 + successThreshold: 685684993 + terminationGracePeriodSeconds: -4093444870298300516 + timeoutSeconds: -1903691809 + terminationMessagePath: olo1u + terminationMessagePolicy: 怚PʢŸiųŞv嶷宇ƏȌ¥ƀ + volumeDevices: + - devicePath: qFB10P + name: "" + volumeMounts: + - mountPath: YW9lWgZeNE + mountPropagation: 鰛8Ȗ×ʞ + name: Tot + subPath: Ty + subPathExpr: spiOgT0A + - mountPath: SgUmz6Q + mountPropagation: Ă別Z醰棘纀C蘂× + name: ddMHT + readOnly: true + subPath: 8J3YB + subPathExpr: K + workingDir: OQ4 +- args: + - bAsse7O + - u + command: + - MzlyVYHO2w + - oRBJF + - Nafr + env: + - name: U + value: RNGsZ + valueFrom: + configMapKeyRef: + key: YX6H + name: ab92 + optional: true + fieldRef: + fieldPath: 1SR7mfWfzFL + resourceFieldRef: + containerName: C92ipM + divisor: "0" + resource: x4S7 + secretKeyRef: + key: WhzPa + name: lAvfz + optional: true + image: nP + imagePullPolicy: ǫyɮȯ + lifecycle: + postStart: + exec: + command: + - ucft + - K8XaCG + httpGet: + host: rza + path: JhnYc + port: e0 + sleep: + seconds: 6253871176572388811 + preStop: + exec: + command: + - Uiuiougu + - "" + - 3Gx5Gu + httpGet: + host: VQzMXk + path: ws + port: -474919374 + scheme: w媦÷帹ȅW閫ĭ# + sleep: + seconds: 4571098797230986244 + livenessProbe: + exec: + command: + - pHp + - MDPb7 + failureThreshold: 871873843 + grpc: + port: -422130433 + service: nC + httpGet: + host: M + path: p00iJRicrG + port: bS0X1wo + scheme: m鈎Z趟樥R%飅 + initialDelaySeconds: -604803912 + periodSeconds: 1886242291 + successThreshold: -1386436865 + terminationGracePeriodSeconds: 3067492874024630757 + timeoutSeconds: -1583378445 + name: Si46O7YRR + ports: + - containerPort: 1700510643 + hostPort: 251260843 + name: JkZyRGNq + protocol: ȅz,ǹ昉 + - containerPort: -1859013382 + hostIP: NHKaXL + hostPort: 831309722 + name: y9vWUO + protocol: ʡƊX| + - containerPort: -2125300283 + hostIP: jj3qc4 + hostPort: -278349921 + name: Aa + protocol: 耛v6]jç錛洘¶緛uȁ竿 + readinessProbe: + exec: + command: + - "" + failureThreshold: -784645974 + grpc: + port: 1390591548 + service: "" + httpGet: + host: lNyXDdzed + path: W9q4gnCB + port: 4YUq5drSLjLPw + scheme: 唡家調Ô蘓狥ć4^謋遭ŧ厑Ƕ¤ + initialDelaySeconds: -315867707 + periodSeconds: -1221044118 + successThreshold: -2057597685 + terminationGracePeriodSeconds: 8064296597671882818 + timeoutSeconds: -1128414965 + resizePolicy: + - resourceName: MA + restartPolicy: tÜ榋ɼ + - resourceName: bwI + restartPolicy: 斪4瓏鍣ĊYƞ睽%ü劘ĥÑC­ + resources: {} + restartPolicy: ǫ歩ʏ朄DŽ8Ǫȩ;毆|ȕ潆Zʚ輘殈ɔ + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - '*驲' + - 纒寻$KŞ菤Ľ恎eɈ鏽 + - ě宭`羧\LƝ攅嫜ɫʡɞǍ緭p誂 + privileged: true + procMount: 楛钞óŰ)5鞊tY榋肦Ȓ + readOnlyRootFilesystem: true + runAsGroup: -3200847944437364683 + runAsNonRoot: true + runAsUser: -5188355058620722927 + startupProbe: + exec: {} + failureThreshold: -718122732 + grpc: + port: -2045013242 + service: Zg34 + httpGet: + host: slqfokZ + path: SlStyexr + port: 101605170 + scheme: Ȅ.隊ou纾ƙŨ`aʭ + initialDelaySeconds: -467990622 + periodSeconds: 446042771 + successThreshold: -504446684 + terminationGracePeriodSeconds: 1811254130314346303 + timeoutSeconds: -1983992134 + stdin: true + terminationMessagePath: zLDb + terminationMessagePolicy: ōe谕ńg"qy暵ȵ抷¬Ʃ蔚盓 + values: + - tQP + - lAyg + - "" + - key: qaIUADOI + operator: '&Ɗ³ĵLJ鎌ɝǏ縉j' + values: + - 6ot8DTU + weight: 969637277 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: j9Rzed0C + operator: Ò + - key: 02b + operator: "" + matchFields: + - key: "0" + operator: 9Š篅)笕Õ^ɤ疫ɜȬ + values: + - "n" + - key: 96k + operator: 觱踊ĝğOɎʁ胳}$g鄈ʮ誦Ň鱝炠抡凓 + values: + - pJdgL + - 00uMch + - key: pz1WHTJ + operator: 濐r! + values: + - i4rsr5 + - PI8GPtiCkkahh + - matchFields: + - key: oTjdt + operator: $ƹȔLj硍čȒŪ涏ȰŞdų悋ĶA + values: + - KOyvX + - 6JNFdnH + - e59WgamF + - key: lu3OH + operator: ǽəơȽĬt嶫cŭ + values: + - 9SKaOYPiL + - 1ioL + - pZde + - key: Jd6LB + operator: ']洔璗3NZ貦ʞ%ȮǵȺ絥ņ' + values: + - dKyLtzFaqg + - yCg + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: siTiGS + operator: ʐȱe峫LJ鐻cȚEqkwt!ģ + values: + - "" + matchLabels: + Aj: V + P5zpV: 8hC + mismatchLabelKeys: + - 4wtTpNGnV + namespaceSelector: + matchExpressions: + - key: K2ZsAt + operator: 妗巪Wɱ鲵Ǯ洭 + values: + - jxl5gm5E + - X2 + matchLabels: + ly6r: 9k + o0G: "Y" + namespaces: + - Q + - XpXqm + topologyKey: Qrt + weight: -1221853228 + - podAffinityTerm: + labelSelector: + matchLabels: + Jc9: Ftx4sR + Zi0PNgVi: EUuTsR + dQt607d6aSO: RSEoObj9yY + matchLabelKeys: + - odAAyA + - ZUwkRz709gR + namespaceSelector: + matchLabels: + Ag0Kix1n: laC2fYO + topologyKey: izD + weight: 600976747 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - QRHiPYut + - KfMAojY + - Vww + mismatchLabelKeys: + - TTnksi7Ob70 + - gGyPv + namespaceSelector: + matchExpressions: + - key: XYpda + operator: q砐ʌƭʩ烬P§Ǩ + values: + - k7 + - SKn + - eefGAA + namespaces: + - ZYe + - nivMj26 + - OhZ6 + topologyKey: xIpuYH7 + weight: -1130732649 + - podAffinityTerm: + labelSelector: + matchLabels: + ApF: Gsyd94h39Q + H: r + mismatchLabelKeys: + - aWHz7q + - xuzLo + - 5ASY1R + namespaceSelector: + matchExpressions: + - key: Zg + operator: 篃b + values: + - vh + - Rgd3V6 + - key: PNqIEbD + operator: \Ų叢T'ɰď乁ʤ駧ɧ + matchLabels: + ugZKNnsp: bUttL + topologyKey: GRNlK86 + weight: 1964668305 + - podAffinityTerm: + labelSelector: + matchLabels: + t2lvLczlk: um + wjQbQIYB: zsr5i + matchLabelKeys: + - "" + - 7H2Kg1N + - NE + namespaceSelector: + matchExpressions: + - key: 2AEBOqKWel + operator: É$íĨ鯖 + values: + - "7" + - S6PWc + - key: c9NGgT2 + operator: Dǥž駗驕咜2 + values: + - WFDcdOBg + - 8akPt + - key: v5V + operator: 苯Dzŏ趘Ɏ蹰ƦȃDz俑I^ģ鄔ĥƁ鲎硹. + values: + - Ro + namespaces: + - rrn + - Gko + - D + topologyKey: 5GfcY + weight: 1374611901 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 9BEvWF + operator: 箁梄òǣf舢ɉ N + - key: DoJZDVpdUKV + operator: '|痤"纇繁Ơ¹Rnl' + values: + - M1FUy7H + - PmETea + - key: fZB9p + operator: 艨ë寨t^ + values: + - 6SbUQEl9IF + - grOZ + - awRdbXsbbO + matchLabelKeys: + - QbnYiVnjIDt + mismatchLabelKeys: + - dzq3fg + - EHB2 + - E + namespaceSelector: + matchExpressions: + - key: C + operator: 泤煇JĀȅs滚硚ƾĐLJɚ<嗢 + values: + - qweN + - cmGvYLL9 + - key: ftTKd17 + operator: ïǸfǛD + values: + - 3Qp + - 97WXhHH + - QLVxS + - key: X + operator: x Ƙš + values: + - X7mWp + - 4YUDIL + matchLabels: + 2pOyqtJ: X5kt + DqZU: lA7g + yydzgHSxH: mX + namespaces: + - PnB + topologyKey: O2bIu + - labelSelector: + matchExpressions: + - key: lR5v3DP + operator: 8ȈDŽG弪żf[j盠zğ? + values: + - oX28u + - fcVl + - l + matchLabels: + D1CEy: o9m2rVKHK1i + q9TAhY: UxxABL + matchLabelKeys: + - gZSueHOl + mismatchLabelKeys: + - yKwrju + - OmHbxfoV + - p + namespaceSelector: + matchExpressions: + - key: y4jen13nM + operator: '}J;ƴȳ鹓ÿ莂ú' + values: + - 4Fe5y + - BrR + - key: O47QYt11Bl + operator: ıCƾ?9Ìx毧Ƿ + values: + - co + - A7y9 + matchLabels: + "8": 7mV4YD + namespaces: + - vi + topologyKey: sRbXgEn +annotations: + lZ: e +automountServiceAccountToken: true +autoscaling: + enabled: true + maxReplicas: 25 + minReplicas: 20 + targetCPUUtilizationPercentage: 460 + targetMemoryUtilizationPercentage: 169 +commonLabels: + q4ZdG9q: IJWaYu9mhun + sFTTcyl: qVyaa0ULC +configmap: + create: true +console: + roleBindings: + - {} + - {} + roles: + - {} +deployment: + create: false +enterprise: + licenseSecretRef: + key: qYIzRhBP + name: lkd8afL +extraEnv: +- name: 6aAK + value: C + valueFrom: + configMapKeyRef: + key: hSSIqC + name: QPNl + optional: true + fieldRef: + apiVersion: LhfAND6hW + fieldPath: g2J7 + resourceFieldRef: + containerName: BDRH4s + divisor: "0" + resource: "" + secretKeyRef: + key: LfIX + name: vI2UB + optional: true +- name: qUw9kXv + value: WEGTagf + valueFrom: + configMapKeyRef: + key: ejuXsJ1 + name: MYu4 + optional: false + fieldRef: + apiVersion: 9PzuPIkT3 + fieldPath: oa8Oe + resourceFieldRef: + containerName: IuMHr6gt9 + divisor: "0" + resource: dazyeM + secretKeyRef: + key: ludRIp + name: 1RhUa7B + optional: false +- name: UIdv4fEDhnwvUs + value: ZhJ + valueFrom: + configMapKeyRef: + key: 9CIrVsxQ + name: bYh + optional: false + fieldRef: + apiVersion: Fv + fieldPath: W3lmjz5mnuz + resourceFieldRef: + divisor: "0" + resource: 8sULBf + secretKeyRef: + key: mjbYsz + name: ZzZ4TUcp + optional: false +extraVolumeMounts: +- mountPath: TpG9eA0 + mountPropagation: "" + name: XFmsoqjlB + readOnly: true + subPath: rJznnSzpn + subPathExpr: kYhNPw7T1 +- mountPath: rhHVxSG + mountPropagation: Ħɔq + name: zucf + readOnly: true + subPath: rhOyK4f + subPathExpr: dxfS2ISRGUw +extraVolumes: +- name: Py +- name: Wq +- name: "N" +fullnameOverride: 59cQ0qKLI +image: + pullPolicy: 賅5尬Ƕktʈ漻`楾Ő抚@瞹%Ř忞崗Y + registry: gAh7r + repository: VvT9aH5 + tag: "" +imagePullSecrets: +- name: 2Ry3vDGf6 +- name: PE5R +- name: uWsoZ +ingress: + annotations: + Q: 3KXvHleq + YUY: BD + mdCRk: Ilk9wDjAw + className: GuB1VTCp + enabled: true + hosts: + - host: WsTbK7W + paths: + - path: MKCR56 + pathType: hEV + - path: "6" + pathType: pv + - path: rNv + pathType: L0CY1c8 + - host: OxFD + - host: Ojx + tls: + - hosts: + - C + - wxjmQWXDn + secretName: ESgom5IBQR +initContainers: + extraInitContainers: AN4 +livenessProbe: + exec: + command: + - 5m + - 1hj + failureThreshold: 1710421008 + grpc: + port: -1758154628 + service: "" + httpGet: + host: AbGz9Ql + path: 6HPb6FQP + port: 1834140801 + initialDelaySeconds: -1805305530 + periodSeconds: 580837556 + successThreshold: 1568498137 + terminationGracePeriodSeconds: 6055624087283515610 + timeoutSeconds: 1393862090 +nameOverride: xknw +nodeSelector: + "": O +podAnnotations: + IserdW: Y8zC + rKlqh6W: s9dR +podLabels: + 7yc3n: Cmh + bASmPL: XHGF + e1: s0B +podSecurityContext: + fsGroup: -6352604564338413284 + fsGroupChangePolicy: ¥ɬ屛ɀ裕量7ȅLJI/煿I庮\LÌ0 + runAsGroup: -629752081807497066 + runAsNonRoot: false + runAsUser: -7150506011583335552 + supplementalGroups: + - -2079681094590514497 + - 4310353567816636623 + sysctls: + - name: "" + value: 6bg1 + - name: v54yJPXG + value: BNnF0A + - name: DU + value: J +priorityClassName: mFg +readinessProbe: + exec: + command: + - 1A7AuNqZgrO + - 0Dv9uT + - mi + failureThreshold: -1374895470 + grpc: + port: -974870340 + service: rLr6 + httpGet: + host: ZjH9W0Mw2N7wDlEl + path: A1mi + port: VL + scheme: '''Z悁Ţ瘿ª簳Ʀx.ʞ鳃峚5ƫw牑諥ǁ' + initialDelaySeconds: -1507178072 + periodSeconds: 59289443 + successThreshold: 873349641 + terminationGracePeriodSeconds: 3372950661886875571 + timeoutSeconds: -77680726 +replicaCount: 424 +resources: {} +secret: + create: false + enterprise: + licenseSecretRef: + key: 8NBr7XfH + name: UG4to + kafka: + awsMskIamSecretKey: iq3sT9 + protobufGitBasicAuthPassword: TmKaYoY + saslPassword: 41jeqaQ + schemaRegistryPassword: lo1 + schemaRegistryTlsCa: 6ugJXi + schemaRegistryTlsCert: Dfxzy + schemaRegistryTlsKey: s6Wq0 + tlsCa: xiXLxgIB1uY + tlsCert: BoJ + tlsPassphrase: ERo + login: + github: + clientSecret: 6FsPPUCqFaQN9Z + personalAccessToken: mQjpC + google: + clientSecret: zEoO + groupsServiceAccount: sJYwU + jwtSecret: nN8l8K5 + oidc: + clientSecret: t + okta: + clientSecret: uW9S + directoryApiToken: UF7 + redpanda: + adminApi: + password: hkp2 + tlsCa: Hv + tlsCert: YIT6XYEg + tlsKey: gVxUg +secretMounts: +- defaultMode: 217 + name: 84iLClLVXmt + path: z5a16ev9 + secretName: DBNf +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - Ò4^|wƙJ3ɀªʭ÷齹æc8ǺơG + drop: + - 罩Ɵ + - 凘~蹆縇W偓Ȓ鵇膓咰ɲ俹îS泑 + privileged: true + procMount: 'č #m繰:¿ċY3扙缗_MǮJw' + readOnlyRootFilesystem: true + runAsGroup: -3419647664540135091 + runAsNonRoot: true + runAsUser: -7389132079103631330 +service: + nodePort: 398 + port: 112 + targetPort: 375 + type: N9chrF +serviceAccount: + annotations: + 4Fkdkgg: xGzY0KvisI + WBAEgggZ: v + sCN: cru + automountServiceAccountToken: true + create: false + name: REj +strategy: + rollingUpdate: {} + type: rÂ秘鲊ơ煥ËI5ɠv蜺 +tests: + enabled: true +tolerations: +- effect: Ɍ + key: P5n9NT + operator: hKW塀Bʊ祆aTɋw + tolerationSeconds: 4112555560826291604 + value: WHYsAK +- effect: Ŵ夀D朩儿 + key: QW09kcw + operator: K嗂ɩ + tolerationSeconds: 1977367920031301876 + value: FxI4 +- effect: 虻~ƤɟŪm繒敏嗕?ʅ着é殮领 + key: nkzGJU9 + operator: M鏫ɮ噀屗pq)ɋɎN + tolerationSeconds: 1704904114127412585 + value: AgyEeU +-- case-032 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: 735732238 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cFkyLM + operator: 岊B + - key: V3cKSq + operator: ǟ濈1ɑÎ"孲ȀŨFhŲ + values: + - hz + - matchExpressions: + - key: 8N + operator: 9´敤T + values: + - amWROpS + matchFields: + - key: 7hmWbsKS + operator: "" + values: + - lS + - slkOyX + - YlwPcdVh + - matchExpressions: + - key: n5YD + operator: Əüʢ軾ŚũɳnŒ + values: + - 5s4eD6x + - WMkZIzS40rxp + - zCnW + - key: JawyIOLo + operator: 巳c習Gnƛ{ɩ¯Ĭ枺lȜʩ泿趏ǙĊi + values: + - Fvzyw13fUZC + - 4w9T3GeG + - mVj9N + matchFields: + - key: 4amyTWvhx + operator: Ąŵ8雌%ɸ*W褒卒S + values: + - cPr0Nm2WFo1dBq + - a + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: XgsMMBS + operator: ȗ諹 + values: + - foI + - NN1yiUNR + matchLabels: + Qq: VB19aUlI + mismatchLabelKeys: + - hcD + namespaceSelector: + matchLabels: + vMT90cNq3PYf2z: upe + topologyKey: RSVn9W + weight: 603398420 + - podAffinityTerm: + labelSelector: {} + mismatchLabelKeys: + - 4IL0rEe9 + - yY0RMU2 + namespaceSelector: + matchExpressions: + - key: tIka9jS + operator: 7怘xə4ÏɦW + values: + - l + - ajs6c + - hkYj + - key: Qu + operator: ʊ鏀ɑ蒀刹gE + values: + - 2UvY + - hRB1wKXyHi9 + topologyKey: ZKWyn5kI + weight: -1674108352 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: KQfZ4 + operator: ġȁAu盝ȭƈŦ齬{z + values: + - itNS0T + - jL + - key: q0HemjU + operator: e銳ȇ葁õDÏ筃 + values: + - M5yeE + - gJJY + - HInHzXgX + - key: d1LKZ1 + operator: Q + matchLabels: + XElv: QGJ + nD: kNCk5qe + wUtw34v: sCjj5z + matchLabelKeys: + - ej9hOPjp7W + mismatchLabelKeys: + - lhU9gP + - T7rMlvu + namespaceSelector: {} + namespaces: + - ii3aa + topologyKey: 8U7 + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: CkQsu4fS + operator: 鄦&ɲȅ + values: + - RVnwZ + - EVk + - key: yt + operator: 傓N嬅宠H^÷ + values: + - 1L + - rVQPs + - dUHOKQ + - key: hQ1Tl + operator: ɣë筁尻!絜辩^riʨ莠8dƋ + values: + - 4D6Y + - 5TXh + - 8RH + matchLabels: + "9": jb2X + IdL: PQj0N + iB09Upiijt: JpN + matchLabelKeys: + - rKS9p8 + - sK8p + namespaceSelector: + matchExpressions: + - key: KQ6 + operator: '篛I6ÝBŘ F媍/:' + values: + - NXP47Fm + - Z0Qh2Y4 + - JeWX + - key: Yh + operator: '!j3W' + values: + - mTm5dkO58H + - "" + - key: 6q + operator: 景¨Sŝvo/ + values: + - TrgtrP + - zqIsId + matchLabels: + 7E3A1K: "7" + 63IlVL: aSxc + W1hP: 1H9k3O + namespaces: + - "" + - 2Ma + topologyKey: FFqt + - labelSelector: + matchLabels: + "": wklJJ + C8JZ: LP + U1pz: kAE1l4 + matchLabelKeys: + - shj5V + - oU074y + - Ufq2w + mismatchLabelKeys: + - oBzMiOSgd + - iSF + namespaceSelector: + matchExpressions: + - key: fCbLu + operator: 塊衅m鑀ȣ戢ŭ阻蹯ȟ獇ɨ + values: + - B6TgQ75 + - FAHTEOSesQ + - Ms2Kw7XQ + - key: 133fMqId + operator: "" + values: + - pJc0Zu8 + - T1PEuV0uism + matchLabels: + 1rfPa2b4Ny: cemR + Np9l: lcX + SjNYy4: VZX + namespaces: + - 7W + - umFBWrpUDHv + - "" + topologyKey: pPUIqPXo +annotations: + xpNWT: MpOZ +automountServiceAccountToken: true +autoscaling: + enabled: true + maxReplicas: 459 + minReplicas: 198 + targetCPUUtilizationPercentage: 497 + targetMemoryUtilizationPercentage: 146 +commonLabels: + B19ue: 8W + Kxm5R1: R + e3Cx: MIAO +configmap: + create: true +console: + roleBindings: + - K8wnWSD: null + bwYE7: null + y4j: null + - GvFfKdgL: null + enU8G4: null + wvnJcOn: null + - td7: null + roles: + - YQBucbbDX2R: null + - 2UuDKjR: null + IV0Yus9: null + ci20SljQkhw: null +deployment: + create: true +enterprise: + licenseSecretRef: + key: bujGpO7D0C + name: V +extraContainers: +- args: + - T + - Pvf1yAamEa + - jQE8UakuY + env: + - name: 3g + value: JexRP + valueFrom: + configMapKeyRef: + key: QZ + name: QcC + optional: true + fieldRef: + apiVersion: Iv + fieldPath: d7xQ + resourceFieldRef: + containerName: jLpJ + divisor: "0" + resource: m + secretKeyRef: + key: Quhh + name: HUhzPAEo85 + optional: true + - name: ehSBff + value: nHu + valueFrom: + configMapKeyRef: + key: v3Icanu + name: dNPJ8 + optional: false + fieldRef: + apiVersion: xO7UQDq0 + fieldPath: gAyGB6Nj4 + resourceFieldRef: + containerName: Bs2D + divisor: "0" + resource: xJCQsH + secretKeyRef: + key: 3T6tjIQWa0C + name: 8TvRbhP + optional: false + envFrom: + - configMapRef: + name: mf + optional: false + prefix: pZxp + secretRef: + name: v + optional: true + - configMapRef: + name: wosjc9 + optional: true + prefix: ehhmFeLY + secretRef: + name: Ll + optional: false + image: kZ8UUm + imagePullPolicy: Ɓ + lifecycle: + postStart: + exec: {} + httpGet: + host: K29SzZPo + path: y2bQL8 + port: Cr + scheme: 轂Ì蕏ʋ + sleep: + seconds: -3765902632580054640 + preStop: + exec: + command: + - 1pT5X + httpGet: + host: NouEQF + path: WITzSW + port: 1565482371 + scheme: ƒ塒廛鎐藽瀫 + sleep: + seconds: 1831382645860081979 + livenessProbe: + exec: {} + failureThreshold: -1525719681 + grpc: + port: 99688681 + service: xa0sl3k5KM + httpGet: + host: prjHPqf + path: RHwZIE + port: 2UZ7hXI + scheme: 瑀ċ廤ȵ + initialDelaySeconds: -1367665605 + periodSeconds: -1023789296 + successThreshold: 206844073 + terminationGracePeriodSeconds: -3901072071078889022 + timeoutSeconds: 1670691424 + name: t + ports: + - containerPort: 2046398071 + hostIP: pJg + hostPort: -1247541550 + name: DrYeHQ6 + protocol: ²ȑBŸ + readinessProbe: + exec: {} + failureThreshold: 852505381 + grpc: + port: 8093048 + service: "N" + httpGet: + host: uuaPC + path: Mpxk6p + port: -297149767 + scheme: 這伦礗鯪àe]雚腴k£ɂ闧ɦĚH鏰浳 + initialDelaySeconds: 296244720 + periodSeconds: 1237321103 + successThreshold: 722306410 + terminationGracePeriodSeconds: 7739978307238029730 + timeoutSeconds: -2129506856 + resizePolicy: + - resourceName: NBfNOBC + restartPolicy: ƞdWǝi鎠R殩杜Ś晚尒尧ǐ; + - resourceName: oDw8xEb + restartPolicy: ja侬ƕ + resources: + limits: + BJcVkW: "0" + Ub5Spt: "0" + nWi63TNlCyM: "0" + requests: + e5vcw0H: "0" + eKz0z: "0" + gK: "0" + restartPolicy: 嗈ǒɟNǭ臥穥Ť + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - $拷霒Ø耖} + - ijĸN藬?w粯痵餒薃辕5勅ů + - 幒Ƹʁòĺǂ浼GX + drop: + - 宖 + privileged: true + procMount: 凝 + readOnlyRootFilesystem: false + runAsGroup: -7000080292188880782 + runAsNonRoot: false + runAsUser: 9107304642056618949 + startupProbe: + exec: {} + failureThreshold: -208121509 + grpc: + port: 133215347 + service: pj4Kw + httpGet: + path: hGLW3 + port: -239286046 + scheme: YsÌǮŦʁ¡ē峪3 + initialDelaySeconds: -817672524 + periodSeconds: 1846655614 + successThreshold: -243958761 + terminationGracePeriodSeconds: 4190490525804645179 + timeoutSeconds: -973067987 + terminationMessagePath: 9vMe3Y + terminationMessagePolicy: 雍Wȯ嘷台厃$Țʍ13b霞两e + tty: true + volumeMounts: + - mountPath: yZbL + mountPropagation: 鲫絎Q(銞ÎÕX堙Ľ銃曅注t锋ɮj覧« + name: UFfAqsgd + subPath: wSo + subPathExpr: bIsBP3O + workingDir: DYBcINRq +- command: + - wgBryFN + image: NorbK + imagePullPolicy: 鉓Ĕʠ;兮)Frë + lifecycle: + postStart: + exec: {} + httpGet: + host: Z + path: 3v + port: W1vDkt + scheme: ŷ索gp=ŵāǼ餆嬦Ƹl媓R}豟ɠĖ. + sleep: + seconds: 1583583004300077159 + preStop: + exec: + command: + - XztEol6So + - GveA + - H4aUl + httpGet: + host: 75LDW + path: nu + port: I + scheme: 胛Uȁ¬ + sleep: + seconds: 4617693270470586770 + livenessProbe: + exec: {} + failureThreshold: 1423393786 + grpc: + port: 2097410769 + service: "" + httpGet: + host: W7 + path: PyPprD6 + port: dHwCyz + initialDelaySeconds: -1439644816 + periodSeconds: 182024489 + successThreshold: -1861505070 + terminationGracePeriodSeconds: -4166230023615503394 + timeoutSeconds: -704907360 + name: sFz5 + ports: + - containerPort: 1977465061 + hostIP: kxqRig + hostPort: 393211643 + name: DRO + protocol: ķǔȈ + readinessProbe: + exec: + command: + - mn + - 4TZCjrWPW18 + failureThreshold: 972699487 + grpc: + port: -1384519737 + service: IY5quWWV4JC + httpGet: + host: wq91i + path: Zy + port: -1192576969 + scheme: Á^_ + initialDelaySeconds: 2107832874 + periodSeconds: 1041520026 + successThreshold: -118135340 + terminationGracePeriodSeconds: -4946782594204672541 + timeoutSeconds: -1933961678 + resizePolicy: + - resourceName: MG7PMkMMObJJU + restartPolicy: §觫困Ȏ龝ƃȃɩ芴ÎĽ + resources: + requests: + I4: "0" + zLy: "0" + restartPolicy: 粛醑綇蝙Ɣò犁鶓A + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 掀ǃA颺LnFąɏ動 + drop: + - 输6sĺ宯hĢ + - ĨƨO檔暰z + - Neɬ慿Ȁ0ɳ蠈ǚǦO¸Ğ崔ʂ¢剚 + privileged: false + procMount: 翄怉DžǬ?胉獄ǙƊɚx虉F + readOnlyRootFilesystem: false + runAsGroup: -1943526545280953812 + runAsNonRoot: true + runAsUser: -7089742793545456579 + startupProbe: + exec: + command: + - hDj + - ONyz91fkTFY9t3 + - ynDWkO + failureThreshold: -5561223 + grpc: + port: -1069825885 + service: oQmy + httpGet: + path: l4sWc + port: 53AhP + scheme: ȩ + initialDelaySeconds: -6165070 + periodSeconds: 1844899228 + successThreshold: 903779261 + terminationGracePeriodSeconds: -3909221818854749789 + timeoutSeconds: 746670574 + stdinOnce: true + terminationMessagePath: egr00cLki + terminationMessagePolicy: ɯ2鰌^坪yN蠏Ĵ + tty: true + volumeMounts: + - mountPath: YOyu1MjxN2 + mountPropagation: :鸛o鮓L`<]ơ1b忙n鲃{< + name: dODfVz + subPath: ZknFq + subPathExpr: oX1n + - mountPath: 4TEsoc + mountPropagation: 帺Õ斯剅ƫf鳌麓HƸŘÂ瘖?謾軌 + name: hau + subPath: w24Wq4e + subPathExpr: i2TEix + - mountPath: uuujj + mountPropagation: 氻ʃ2NFJ啼铗"O{À-ŧLJ弟 + name: klnXhhnxKk + subPath: SEx + subPathExpr: CK2FmmyYThL + workingDir: NCvZAa +extraEnvFrom: +- configMapRef: + name: nJXDn + optional: true + prefix: g3ZpAEUJC + secretRef: + name: 5Yin + optional: true +- configMapRef: + name: spYG9o0 + optional: false + prefix: Wv01 + secretRef: + name: BxDbe + optional: true +extraVolumes: +- name: 1zZI6J +- name: D +- name: OUqOnvjvba +fullnameOverride: llK4G +image: + pullPolicy: "" + registry: mU + repository: xY76Tj + tag: AgKh6S1 +ingress: + annotations: + Lhm: f24CRNEJvs + pk6fq: "2" + className: EXqR + enabled: true + tls: + - hosts: + - xEciJGskt + - pBxfBltrqACoat + - INyj + secretName: Qy + - hosts: + - F6sf + - EHuJ + - 95my0 + secretName: XOIr +initContainers: + extraInitContainers: nNSsTt6 +livenessProbe: + exec: + command: + - poXliUr + - PT + failureThreshold: 1396135036 + grpc: + port: -224883306 + service: 3pE97 + httpGet: + host: aUivZn75m + path: ELvTnGaV + port: uLGz4AgHb + scheme: ʟ#ĭ輑槳桓ȡȰ-o廕óʒÉ帇ʗ + initialDelaySeconds: 1526591550 + periodSeconds: -972224922 + successThreshold: -39437670 + terminationGracePeriodSeconds: 2216517890191965292 + timeoutSeconds: -1229662908 +nameOverride: wB +nodeSelector: + ih: xT3Dk3PXT + xhq: vu + zLR9: wFjrfu +podLabels: + So: waKMMvnY + VXPE0: 8ExVsj + ip1RGEzt4t6: "1" +podSecurityContext: + fsGroup: 7101468120327600630 + fsGroupChangePolicy: ȴ鳁ƨ殳h`熡ƍʊ0ŀ擳琗图.AƱX滋 + runAsGroup: 4262945102741076844 + runAsNonRoot: false + runAsUser: -9214274730002703336 + supplementalGroups: + - 4135587743067906306 + - -2908166639165702539 + sysctls: + - name: Yo9 + value: zak2 +priorityClassName: WeB9y8 +readinessProbe: + exec: {} + failureThreshold: 1061708880 + grpc: + port: 241985990 + service: 4id9HdK + httpGet: + host: PcSuBI + path: X5YjgFI2n + port: -1395013021 + scheme: Ȁ/ŚDŽR²庭$ê-d蟄Ä + initialDelaySeconds: 1618839364 + periodSeconds: -2098998213 + successThreshold: -846859522 + terminationGracePeriodSeconds: -4028618433241851907 + timeoutSeconds: 1824930679 +replicaCount: 371 +resources: {} +secret: + create: false + enterprise: + licenseSecretRef: + key: "" + name: be + kafka: + awsMskIamSecretKey: fs + protobufGitBasicAuthPassword: pUSXv + saslPassword: 1tdj + schemaRegistryPassword: iEgQQMH + schemaRegistryTlsCa: TlBV301 + schemaRegistryTlsCert: fRDnVgKC + schemaRegistryTlsKey: 0yblU + tlsCa: 4tIzJcND + tlsCert: NLnN + tlsPassphrase: iI + login: + github: + clientSecret: WHD + personalAccessToken: 9B7Wu + google: + clientSecret: UZnD3r + groupsServiceAccount: 9b + jwtSecret: cdvBine + oidc: + clientSecret: rQyq1alKY + okta: + clientSecret: ED1 + directoryApiToken: p + redpanda: + adminApi: + password: CWqwAXxFtl + tlsCa: gDQRbrAC8l + tlsCert: EDjU6 + tlsKey: Zm +securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 退晦Ţ鲛 + - '}ʄ攏嫫;Mǐ豒ɇf,搅Ð貑ș|Óf' + privileged: false + procMount: D + readOnlyRootFilesystem: false + runAsGroup: 1564095685271138849 + runAsNonRoot: true + runAsUser: -3929576237300142573 +service: + nodePort: 312 + port: 418 + targetPort: 486 + type: aaIqePq +serviceAccount: + annotations: + QHMG: ur9Qr + ZQRGr8gxPSL: BzNE1Ja0avq + yKwL8DJSG: SRC + automountServiceAccountToken: false + create: false + name: zpH +strategy: + rollingUpdate: {} + type: ȁ进辫fu +tests: + enabled: true +-- case-033 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: 1O + operator: 拺5ř(Ƅ餕ʟ{鐻Ƈ + weight: -2070567569 + - preference: + matchFields: + - key: JlGR + operator: 脱?ĶA蛜頒ǽGǷ藸 , + values: + - 8zZEVom + - TY + - FSSQQ + - key: w3C + operator: sɯeM^筘褑 + values: + - Q + - i48uKb + weight: -1969968900 + - preference: + matchExpressions: + - key: ZsgVr + operator: Eȗ + - key: RfMZL + operator: "" + - key: r + operator: džɬ毿鵮V町iAÉ橁zy题ʔu7ÆO9 + values: + - uj8h + matchFields: + - key: "" + operator: :止褮Ȃ宸 + values: + - 9h + - Do + weight: 1160212382 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: nmW + operator: '%U<Ȫk7家fƥ降]:' + values: + - e4hDXWb9G8Qi + - SynNDfUn + - C8kz + matchFields: + - key: QO0Q + operator: l!m0ʒbƹ豫ň + values: + - eh + - key: VE5mZtP + operator: ~x蹵#ÂvǗRɩ啭Ö澭肞¤7跜庛Ɍ + values: + - yT + - key: 1Cony + operator: 阃 + values: + - ahj6j + - matchExpressions: + - key: TvhlZutK + operator: 5叹ùz + values: + - rog + - key: qLPNTFw8 + operator: 藘鸘Œé溇ʄsoɷƱǺȾ蹾K混īl軇 + - key: F + operator: 則Yǹ郰饉貓伜ſ0|麊 az襽准 + matchFields: + - key: VcfFwmb + operator: WJMU狰槃žiǶq挿} + values: + - b7G + - "" + - wzxeij27DD + - key: "" + operator: 殀ǥ + values: + - "9" + - 0E3EkrfSX + - vzth + - key: omoz + operator: e´Ģ桇适TŽǤʈ + values: + - TVj0W7 + - 7HjUt2w + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: nN1614M7 + operator: '鰺/堅ý髉铊ɇƴ2友凇3 ' + values: + - D0tt + - sG9E + matchLabelKeys: + - l + mismatchLabelKeys: + - vqTKCL2D + namespaceSelector: + matchLabels: + LIgB: qqC9YL + namespaces: + - BLdVDzfY + - eq + - qB + topologyKey: qwces + weight: 899210618 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: hIz8wo + operator: ĥ\{ė + values: + - ZwYh1 + - 4l9U + - Q5Io + - key: sd3eCUDob + operator: 蒴ǚ<灁Q柷娸颂嘃üĸƢı + values: + - U0 + - "" + - WXJjoBRKrfEY + matchLabels: + QSrEl7t0: hxsiSGCubb + mismatchLabelKeys: + - PiUy + - VhBWFCyx6C + namespaceSelector: + matchLabels: + G: 07tU6 + ZCO1QQK: b + uq: HISLIo9ZC + topologyKey: 87eQuI + weight: 1750437304 + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: nK0RSDE + operator: R(陛m诜ȯơȴ豨躻 + matchLabels: + CE9: u8FukDT + U5N: "y" + matchLabelKeys: + - 5I6wiiY + - JDZsP + - zGyW + mismatchLabelKeys: + - 4WZHZ + namespaceSelector: + matchExpressions: + - key: N9E9 + operator: ȅ)礯占鷨ʫɩfǡnʎə掅Ux曶HŁ遐 + values: + - JdC + - 3NS25HFHxU + - key: "" + operator: ı獗& + - key: q + operator: 髢£Ȋ泽ZwVfc剻Ţ嬊j + topologyKey: "" + - labelSelector: + matchExpressions: + - key: Tof0 + operator: ĥM:ɑȏF叆綯炩藁û漄f + values: + - jTpj + - gYZ8IIq + - key: avL + operator: ɼƌ壟.敾¦ + matchLabels: + P1w: Nb9t3e + matchLabelKeys: + - TkIx94Dmu + - 8KVE + - UEJW + namespaceSelector: + matchExpressions: + - key: gQOOR5Pz + operator: Ȁ蛝畆粔辧殤,ǔžɨʜ + values: + - MiGt + topologyKey: nn1x + - labelSelector: + matchExpressions: + - key: C + operator: 瘎%瑧¹$兤 + values: + - p5TR + matchLabels: + c9PNRTZ: L + matchLabelKeys: + - 9xrNO + - saFgUzTD530EV + namespaceSelector: + matchExpressions: + - key: "" + operator: 琨j貙ŰĤ煾骣ƢƐ肾Q`ĥ?舶 + values: + - "7" + - T4pSI + - key: u0lbHcT + operator: čÉ壶霻*ǻ蠦Źê潡%!Ȱʁr.ň沀痊 + values: + - voUu0X + namespaces: + - tX + - uDgtoDt + topologyKey: "1" +automountServiceAccountToken: true +autoscaling: + enabled: false + maxReplicas: 264 + minReplicas: 267 + targetCPUUtilizationPercentage: 341 + targetMemoryUtilizationPercentage: 404 +commonLabels: + gZ85uw3T: e + qO: F4dqLo67vKYZ +configmap: + create: true +console: + roleBindings: + - 7x: null + Ia1K2tdRuYi: null + j6c9: null + roles: + - {} + - 6Vndf: null + f: null +deployment: + create: true +enterprise: + licenseSecretRef: + key: 9y6KmPZ + name: QM +extraContainers: +- args: + - 3OUsoZkVHy + - Gn3 + command: + - NLtY + env: + - name: 51Xcm68sAs + value: PUTq + valueFrom: + configMapKeyRef: + key: udLx6h9 + name: wSgnPbc + optional: false + fieldRef: + apiVersion: oVPbc + fieldPath: CGK + resourceFieldRef: + containerName: Ind7j + divisor: "0" + resource: 9tlZc + secretKeyRef: + key: z2i + name: aloI0W + optional: true + - name: nGb + value: I91 + valueFrom: + configMapKeyRef: + key: Ft8IZO4DX + name: 7PY9CO1 + optional: false + fieldRef: + apiVersion: DysSUO + fieldPath: M + resourceFieldRef: + containerName: i + divisor: "0" + resource: mbVAnrQ + secretKeyRef: + key: ZVD + name: 4gLX + optional: true + - name: SEd7KC2 + value: I0 + valueFrom: + configMapKeyRef: + key: 71k + name: B + optional: true + fieldRef: + apiVersion: vJE + fieldPath: nvSzEcQ + resourceFieldRef: + divisor: "0" + resource: fYaXGkFYlrz + secretKeyRef: + key: xDT4Uhi + name: a + optional: false + image: NLoqH + imagePullPolicy: U肵銨龋搁}ŗ=;ī篱ɺ頁掆薑 + lifecycle: + postStart: + exec: + command: + - NAmBp8Ijy9vgKS + httpGet: + path: GukCZ + port: umdXEe + scheme: ɭL莒ƠĦZ¢.0tȠȴF梩¯牏GȐ + sleep: + seconds: 2463489515348869616 + preStop: + exec: + command: + - RAP7lxh + - 0WRf37xLvaEE + httpGet: + host: Xi + port: 395093084 + scheme: '}Ä*諓懚泾ıɥ磀>ȃÓ愍瘞5' + sleep: + seconds: -2989387296528249021 + livenessProbe: + exec: + command: + - AondI + - CvX + - X9Dwm + failureThreshold: -1669443788 + grpc: + port: 1602861347 + service: 5dF71q + httpGet: + host: yOYLS + path: m99M + port: 1421693426 + scheme: cǶ嫙x勬´筮 + initialDelaySeconds: -348887387 + periodSeconds: -855526929 + successThreshold: -1868658835 + terminationGracePeriodSeconds: 7220662525875543964 + timeoutSeconds: -893266456 + name: 62y7 + ports: + - containerPort: 41082986 + hostIP: H + hostPort: -671022955 + name: Q + protocol: Ģ + - containerPort: -676585553 + hostIP: jdTqIIXMX + hostPort: 441858691 + name: bam + protocol: ã鯑 + readinessProbe: + exec: {} + failureThreshold: -1607827734 + grpc: + port: -732628448 + service: d + httpGet: + host: q2uSglvPX + path: 5YB9kNfy37 + port: -425352890 + scheme: ZʇįʔÌ玫Ʊ儝$緀ƥǣ鮀 + initialDelaySeconds: 1646541382 + periodSeconds: 597275764 + successThreshold: 1444783765 + terminationGracePeriodSeconds: -4224719974242331571 + timeoutSeconds: 1778484407 + resizePolicy: + - resourceName: YWwAdc + restartPolicy: 蓊ƽqs洊蛀Ƴ澠誉 + resources: + limits: + 9c5: "0" + DJI: "0" + uyw: "0" + requests: + 7livK1: "0" + PWZFD5fFpVA: "0" + restartPolicy: ǐ踊丸y苡汎0塛yM眗酊L攚dzyÚmG + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - țƒ摨1娣Q札遢ʌā4魯 + drop: + - W~ + - ȮnLv|麬O稕Ʉ幖0Ţ&揵¸ + - àPĪɉɯ鋹芨ȲƿƛĞx + privileged: false + procMount: ɉq$|ŀ蘨寱彣ɎȈORe]O掓I + readOnlyRootFilesystem: false + runAsGroup: -2438856757446632999 + runAsNonRoot: false + runAsUser: -8511671649189408390 + startupProbe: + exec: + command: + - "" + failureThreshold: 157629836 + grpc: + port: -20533111 + service: vASy4b + httpGet: + host: 94HpH + path: t70 + port: W59mpID + scheme: ħ6琏 + initialDelaySeconds: -146258274 + periodSeconds: 47385732 + successThreshold: -1646222325 + terminationGracePeriodSeconds: -5575789846018254584 + timeoutSeconds: -351943504 + terminationMessagePath: r0ZY2 + terminationMessagePolicy: 傂G嶃a橢抴=Ȃĺ庆ɏ鬹揖絴鹥ɣ¸Ȫs + tty: true + workingDir: XFFilzd +- command: + - VSuU6yfyc8y + - gLgP + env: + - name: PSOr4 + value: m2ujo1f4 + valueFrom: + configMapKeyRef: + key: B9Gc + name: BaR3c + optional: true + fieldRef: + apiVersion: OFu + fieldPath: Pydi + resourceFieldRef: + containerName: jPiF + divisor: "0" + resource: jyp8A7uPD + secretKeyRef: + key: fcGCM + name: Hs + optional: false + - name: Ax9HfRa4p + value: S3R2 + valueFrom: + configMapKeyRef: + key: ZDzzhFD + name: soDgOej + optional: false + fieldRef: + apiVersion: iSfQ + fieldPath: Plzxy53z + resourceFieldRef: + containerName: DfBt3S + divisor: "0" + resource: 757s44h + secretKeyRef: + key: bn2IGjj + name: x8E + optional: false + - name: r + value: PmO + valueFrom: + configMapKeyRef: + key: Htzib1 + name: gfbsiTcDY + optional: true + fieldRef: + apiVersion: Frhab7p2yh + fieldPath: K6XKg + resourceFieldRef: + containerName: CLX + divisor: "0" + resource: cq + secretKeyRef: + key: R + name: zPHkUHXQ + optional: false + image: bSZCow + lifecycle: + postStart: + exec: + command: + - "y" + httpGet: + host: 2cDO + path: L5m + port: yhJI + sleep: + seconds: 6222265361848815058 + preStop: + exec: + command: + - yVT + httpGet: + host: Ibt0C5XF + path: Kf7kW1 + port: Tlj66QW + scheme: 砰僮 + sleep: + seconds: 4926532563180301873 + livenessProbe: + exec: {} + failureThreshold: 982752870 + grpc: + port: -257993986 + service: XKTDj + httpGet: + host: 7vfaAybCd + path: GuTTi + port: 1952486193 + scheme: 馾耼qȩ罔磙ɮƥŴ²叇yēņȮ藺 + initialDelaySeconds: -817095459 + periodSeconds: 603211453 + successThreshold: -1693358568 + terminationGracePeriodSeconds: 3002071779676478929 + timeoutSeconds: 992801771 + name: 9QZX + ports: + - containerPort: -1838828544 + hostIP: cQQMftB + hostPort: -321659395 + name: XBD7a + protocol: '>V>ŝO随;YƁ' + - containerPort: -439290918 + hostIP: Bp0lf + hostPort: 431013681 + name: WQ5qc + protocol: 髄Ĝ估螗ȳ鎷ʫh + readinessProbe: + exec: + command: + - PjwAB3G + - k + failureThreshold: -2015478850 + grpc: + port: 156976837 + service: RSgDfH + httpGet: + host: Yi7aQ + path: 8Ql9 + port: 1150587533 + scheme: C箿i綔ȍȢ ŅŴ娒燸孆5乬瓤Ɛ + initialDelaySeconds: -486757233 + periodSeconds: -994300453 + successThreshold: 2128356439 + terminationGracePeriodSeconds: 4683705418302064343 + timeoutSeconds: 1635565784 + resizePolicy: + - resourceName: deutsepb + restartPolicy: õ崑o¾oɞø°ŮƑ欩Ʋ + - resourceName: WaO + restartPolicy: ±蜊ư蕭材y昍U + resources: + limits: + XiOokB: "0" + gxJ8zn4y: "0" + requests: + "": "0" + RFaH: "0" + restartPolicy: 7岻ðȸɉo熮燍ȉ=n + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 迠譚綞撪颫,ʖʃ佞诌Ŧ丞śɧ璯PʥT + privileged: false + procMount: 荞£DS + readOnlyRootFilesystem: true + runAsGroup: 6728166770219183734 + runAsNonRoot: true + runAsUser: 2918288689668335051 + startupProbe: + exec: + command: + - o + failureThreshold: -949081542 + grpc: + port: 220928812 + service: EIuHGNT4 + httpGet: + host: 21BmFcJ50ov + path: WC7WP + port: njQtxPF + scheme: 鲰ʌȱ卹烛橇淃ō雀)缅tb憅棔JǓ*ɒ + initialDelaySeconds: 1631334347 + periodSeconds: -785602818 + successThreshold: -1111896125 + terminationGracePeriodSeconds: -8014749222013301241 + timeoutSeconds: 795835881 + stdinOnce: true + terminationMessagePath: m08AZSt + terminationMessagePolicy: 盛P1砦ǚ瀱#Ʌ穇嘜\Ɍ + volumeDevices: + - devicePath: NdQPZme + name: uHcdGnKv + volumeMounts: + - mountPath: IX + mountPropagation: diȔiN6ļɃƐ釭卬O + name: fPg + subPath: iY + subPathExpr: U + - mountPath: E + mountPropagation: 1ĵ氓ŝ瘛o扬=[蟗 + name: xt + readOnly: true + subPath: 2KRhR + subPathExpr: Vm0HMwn + workingDir: jusEo +- args: + - Ejt + - DYgNM8X + env: + - name: HkwQ + value: fpHbv + valueFrom: + configMapKeyRef: + key: 3e + name: Q + optional: true + fieldRef: + apiVersion: lh + fieldPath: "" + resourceFieldRef: + containerName: E1uEhn3 + divisor: "0" + resource: 0Pa + secretKeyRef: + key: co85cv7H + name: KL1I3G + optional: false + - name: 5MQMJhqUni + value: 34PEKwUkR + valueFrom: + configMapKeyRef: + key: ABhM + name: qq5b + optional: false + fieldRef: + apiVersion: vCLN + fieldPath: tge3Z + resourceFieldRef: + containerName: ST + divisor: "0" + resource: qFS8 + secretKeyRef: + key: Am + name: BLI353a5GI + optional: false + envFrom: + - configMapRef: + name: KBum1 + optional: false + prefix: 56g + secretRef: + name: zt5 + optional: true + image: XgUFG + imagePullPolicy: 锄ģnj[眈例ƚ淍ƁĐ~ + lifecycle: + postStart: + exec: {} + httpGet: + host: Yp7F87b + path: "y" + port: OtElY + scheme: ǐʮŕ + sleep: + seconds: 640752187186511134 + preStop: + exec: + command: + - 4GYkI2pQ + - QB + httpGet: + host: DFjlmWGAFM + path: qLfFaRePdtA + port: GTUH4 + scheme: 罛&ĥ顱Ƌ + sleep: + seconds: -1289822532228205848 + livenessProbe: + exec: + command: + - youyR + - J + - IiK3AJ + failureThreshold: 527043957 + grpc: + port: -1790391516 + service: wFKNeu + httpGet: + host: TjItsuCL + path: Lo07CoiEpmJ + port: 1449812891 + scheme: 聗œdz_x忔8 + initialDelaySeconds: -923296146 + periodSeconds: -920279093 + successThreshold: 1372003156 + terminationGracePeriodSeconds: 4545671926845562588 + timeoutSeconds: -1730135112 + name: ouxZOTiA7 + ports: + - containerPort: 365499724 + hostIP: c3z3 + hostPort: -1622732613 + name: jfpQ + protocol: 鬍匤<ɔɟǜ鼴`ʃ荞ɗ线亮Ô¼ + - containerPort: 387750436 + hostIP: 7OF + hostPort: -922470687 + name: 20ZoNWnefc + - containerPort: -1003650010 + hostIP: yK31 + hostPort: -479225666 + name: 1Up + protocol: 郣-齡^c艃7ɑU牌驀墭:煞 + readinessProbe: + exec: {} + failureThreshold: -189409295 + grpc: + port: -880806937 + service: N1zEO + httpGet: + host: vN9 + path: n8TKqPF + port: -995680865 + initialDelaySeconds: -2090855365 + periodSeconds: 1849358636 + successThreshold: 811072097 + terminationGracePeriodSeconds: -5833095732594202880 + timeoutSeconds: -65186305 + resizePolicy: + - resourceName: 9rUpDkTFnW + restartPolicy: KSʮ1ĩ`乀_Ɠ颩紵 慒¨ƶ挢¸s诡 + resources: + limits: + MYEa: "0" + ngW: "0" + requests: + 174vfq: "0" + restartPolicy: 軵ƿǽ嚢遳E + securityContext: + allowPrivilegeEscalation: true + capabilities: {} + privileged: true + procMount: Ő\烔Z座畄睸zɩCɎx簫S悍a + readOnlyRootFilesystem: false + runAsGroup: -6410700953715650696 + runAsNonRoot: true + runAsUser: -8187102783441071897 + startupProbe: + exec: {} + failureThreshold: 1640672315 + grpc: + port: -799307372 + service: w9KE22PLk + httpGet: + host: e6Zo4rWs + path: tscGwI + port: 2071839677 + scheme: '&ǂȞ<辳)9撆ʚ6&U}P%捸`y' + initialDelaySeconds: 652003075 + periodSeconds: 1077051101 + successThreshold: 1528128815 + terminationGracePeriodSeconds: -2176015428967645191 + timeoutSeconds: -998563216 + stdinOnce: true + terminationMessagePath: P + terminationMessagePolicy: 8痃v7ȱ噣愜Å%Ġ3 + volumeDevices: + - devicePath: k8uvc + name: GL + - devicePath: 31O9l + name: ivY + workingDir: PtgSFsc1GvC +extraEnv: +- name: RTz9f + value: kK5WtZCFpsl + valueFrom: + configMapKeyRef: + key: CB1UV + name: 0pF + optional: false + fieldRef: + apiVersion: xO4s + fieldPath: n2G + resourceFieldRef: + containerName: GmnwMQ + divisor: "0" + resource: yX30Dke4u + secretKeyRef: + key: vPbHh + name: oBAn1EoZmPzN + optional: true +extraEnvFrom: +- configMapRef: + name: lo + optional: false + prefix: mSdySXyKqEkl + secretRef: + name: t4daT3 + optional: true +- configMapRef: + name: IFTvBGq + optional: false + prefix: qKk6o + secretRef: + name: "4" + optional: true +extraVolumeMounts: +- mountPath: gRGvu + mountPropagation: Ŋ4ǔ盍薟惮睌ȿ濍ȯȀüƳ$ + name: oJv65V + readOnly: true + subPath: P20XHtoR + subPathExpr: SzD +- mountPath: xhuwGvn + mountPropagation: 搛悈nj鰣*颵俠Ʀ慫灗岵ȆǴ騔Ė栢č)q + name: ebDa1q2nKt + readOnly: true + subPath: "6" + subPathExpr: N0xOT +- mountPath: xHTM + mountPropagation: 0關ɮUeŪ + name: P8noEsWy3t + subPath: y5E + subPathExpr: oP2A6C +extraVolumes: +- name: MqQb15NA +fullnameOverride: foGC +image: + pullPolicy: 躂Qʢ瞶CǁȮ + registry: JWsGq + repository: JAUpWzFL + tag: 3WF1aV +imagePullSecrets: +- name: s1B +- name: R54rm +ingress: + annotations: + "71": 1aSj + B3N4dn: hsJR8Fl + S9: x8u + className: xm + enabled: false + tls: + - hosts: + - 6PBjnokDE5 + - df + - SMIi + secretName: VVeSdJP + - hosts: + - kY + - VSdS4nZ + secretName: rR5tuP +initContainers: + extraInitContainers: DZkf1 +livenessProbe: + exec: + command: + - b5k + - "8" + - 74zV7hI + failureThreshold: 604102540 + grpc: + port: 1351493068 + service: a + httpGet: + host: pbTe + path: l3E3mpnq + port: nBQsx + scheme: . + initialDelaySeconds: 93396392 + periodSeconds: 1323534907 + successThreshold: 2044410955 + terminationGracePeriodSeconds: -5171571423145940595 + timeoutSeconds: -725304614 +nameOverride: bCPeYVWao +nodeSelector: + TDma3: eGasO + cs6G: CyEFp0L + r: xdylcKb +podLabels: + 1bb6: "" + 3U: mfPv + T: Q +podSecurityContext: + fsGroup: -4412504815274791692 + fsGroupChangePolicy: Ȯƭhjb糯妔ȂǑʜ胴}轣 + runAsGroup: 3860793197532219812 + runAsNonRoot: true + runAsUser: -1963293898483195295 + supplementalGroups: + - 2429921255984048344 + - -2773566751575632894 + - 5629450590441918989 + sysctls: + - name: h + value: zKVw + - name: D5ekUqS2 + value: 5FxU + - name: dgHyyau + value: o +priorityClassName: uHKqx +readinessProbe: + exec: {} + failureThreshold: -1216486926 + grpc: + port: -173591622 + service: CPUt + httpGet: + host: hry + path: KRRaps9O + port: W + scheme: ƈ;黷ç駵P!瘠瘀/ǹ + initialDelaySeconds: -1636119248 + periodSeconds: -1587206371 + successThreshold: 1085720843 + terminationGracePeriodSeconds: 788084162692446331 + timeoutSeconds: 1603673472 +replicaCount: 390 +resources: + limits: + HS: "0" + sspp8OAsyF: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: enS + name: "" + kafka: + awsMskIamSecretKey: 6Rpozk + protobufGitBasicAuthPassword: b9bAHSr + saslPassword: xFMbXwVAO + schemaRegistryPassword: wMc7l + schemaRegistryTlsCa: Iqy + schemaRegistryTlsCert: B2Y5 + schemaRegistryTlsKey: ooeFo3mZ4 + tlsCa: YCVA9R6f + tlsCert: b5AAaCcgXX + tlsPassphrase: HVdFrCml + login: + github: + clientSecret: JWVOWiL + personalAccessToken: B6DA + google: + clientSecret: lk1l + groupsServiceAccount: KFTHdrXBq + jwtSecret: IfZ3S + oidc: + clientSecret: 33jad4PG + okta: + clientSecret: pEYKMXqE + directoryApiToken: S5N6 + redpanda: + adminApi: + password: cNTmA + tlsCa: Ymp + tlsCert: 5Xquj + tlsKey: f2AsWMK +secretMounts: +- defaultMode: 64 + name: v1bEam0d + path: WfYQ + secretName: FOCtz7x +- defaultMode: 494 + name: 2keqwtlu + path: hpZaUwi + secretName: 1dug +- defaultMode: 354 + name: RAI0g6yvn + path: bCeiaipj + secretName: "2" +securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - ɇǎȬ+丰DZ}薞ɎƐ + privileged: false + procMount: Ȧ杖煃a/ɓ<3ő+笽pȗdzSj + readOnlyRootFilesystem: true + runAsGroup: 8336843233603802952 + runAsNonRoot: true + runAsUser: 956863148985923497 +service: + annotations: + lrtdFF: 60R7 + nodePort: 446 + port: 229 + targetPort: 59 + type: 2K35 +serviceAccount: + annotations: + M: 37JLL + TSllzWgI: ZA + gOSHO: 00aEHRLh + automountServiceAccountToken: false + create: false + name: S9Bk +strategy: + rollingUpdate: {} + type: 呇弰$腕煴贔棳軀+œʃǀŖ* +tests: + enabled: false +tolerations: +- effect: 酼駘宁ì<^ʉ逐GM¼韹宅劑圦ȢN鵸; + key: LjdOPUZjJ + operator: 窃銥ɺ嘭t緯ȇw,[t捻S麨vɂ閰 + tolerationSeconds: 1714321621775966634 + value: Uvm9nY3 +topologySpreadConstraints: +- labelSelector: + matchExpressions: + - key: AUro1 + operator: 聘 + values: + - x5E03owNK1 + - 61u06hoBRErcl + matchLabels: + HMA: 7iZSaiF + jCP15v: ksLC1iD + matchLabelKeys: + - cp + - CZpJKgP + maxSkew: 644443933 + minDomains: 1722624609 + nodeAffinityPolicy: ú(ʆɴȾ狍lfĒHȉ嫔7ix壿 + nodeTaintsPolicy: 遡lşř门Ǣl + topologyKey: qP + whenUnsatisfiable: "" +- labelSelector: + matchExpressions: + - key: i8xDfgO + operator: ʖĝ#烕ɋřĊI + values: + - bOA4n + - ByUsK + - key: 6fCdAFtmFF + operator: 靕ƭ錒Ĕ + values: + - JIMC2Pc + - a7wA08 + - key: xMn + operator: "" + values: + - gSa5XT + - 50IS6 + - "8" + matchLabels: + DoGCwvltR: vVXQcZcxdz + JLmhsQlh: L3AY0Pv + X9: U + maxSkew: -2038040013 + minDomains: -1884001920 + nodeAffinityPolicy: 嵋磋ɹ:ɢ慚TA烁.X幰 + nodeTaintsPolicy: 奒)ʅm=矕郔o鬻鴊ȵɯt债CŔ儤 + topologyKey: qkx4gKx7 + whenUnsatisfiable: 匊aO卞肝喚覕Ȭnr說ɉƢ/Æȧ婡賛 +-- case-034 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: -982889256 + - preference: + matchFields: + - key: XhG + operator: 萎Nc汏帞 + values: + - CY + - key: SQm3as + operator: :g憓痳ʑ^荔ĚE慮ǫ鶉 + values: + - gKNU + - "4" + weight: -2081315042 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: "" + operator: '[棉' + - matchExpressions: + - key: YgpJq + operator: ës曬¡岹V瀈ȭ岅mK + - key: HKYARp + operator: '完RQ\u穩[憄籎禨 ' + values: + - 2wfWZQ9 + - key: M0 + operator: 酺縿Ȼ慭苾Ʉ6Ʀ + values: + - xr7e9 + matchFields: + - key: O + operator: 笿眷ē睡党ǎf鴋Ɗ給 + values: + - HjtABxYy + - key: TD8D + operator: Ȃ顈筻ůȳM!剢nZÁx.}鯡L颗eĵ + values: + - xDTUGq1 + - 9xI + - key: 2B + operator: ']ţ峝輴{ȳ鬻ŶøU)ŢŤ' + values: + - 8hQz + - BtJ6XJwj8 + - bB1HqX + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: QrP50c0 + operator: 2蕦!#ɺĠȿLy2ǽǃƝFʡ + - key: sh4AX + operator: '"ă粸Ǘ筽齣zƪƭŰ''鴚ǝʠƲy>A' + - key: AyAj1WrXn2nZbf + operator: 郥m,攃 + values: + - xuX0t + mismatchLabelKeys: + - 94CSmERwUUu + - "" + - 3lJqWyss + namespaceSelector: + matchLabels: + XPKK9buQTkk: hK + c6yMPKCuDUW: NaXtSSb31Vtc + topologyKey: 4IWq1 + weight: 1215591736 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: bKgv7w5BLU9 + operator: 佱$Ɛɯȳǚ½ȴk + values: + - Rc6Akw + matchLabelKeys: + - nj2vCk + - GT7VEmkOiP + - D81b9yrN + mismatchLabelKeys: + - xrrln + - "" + namespaceSelector: + matchExpressions: + - key: Okpa0 + operator: ȳɃ互B¸砂霿枹蔪 + - key: bG + operator: "" + values: + - 9Az3OOsKzxT + - qufp1g + - hPp0e + namespaces: + - ia + - wpgLWCg + topologyKey: t9 + weight: 1536631188 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: xCMZF2V + operator: p仯F寃Rm慽財Ū-宩>ɗ呈3嚱Y + values: + - 2IrEZ + - ox + - S1NOR4go + - key: M + operator: ƙ岉 ʛZ3 + values: + - 61kg + - gCY32n2G + - key: z7jqw + operator: '´鋁k透 ' + values: + - 3bI7Mo + - V15M6 + - Elw2un19FO + matchLabels: + "1": jTzLL + E3HVo8p: 8mRx + tHPA: X + mismatchLabelKeys: + - sA + - eKQcaD + - 67tHuF + namespaceSelector: + matchExpressions: + - key: CrZYZ + operator: FWɺŮ + - key: K7SRYb + operator: .ØƣƎ 對猣#倳s7Ǵ栔Ħn4 + - key: k2Bz + operator: "" + matchLabels: + r6: SsE6YhO00w + namespaces: + - bECP + - nZT + topologyKey: ATU + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: T8nB5f + operator: 虁Iɂ飇ě + values: + - bTYBHU + - PWWBtWcP + - key: BJo + operator: 焜Eâ簋@ʘ芮暸UĖ + values: + - DI + - dh9e + - 0hiMkvD + matchLabels: + 7TSrj3: t4aVDF0 + P8L: liB + TkxKc: 4k + matchLabelKeys: + - C + - Uxzu6ju3L0 + mismatchLabelKeys: + - 7JBQmr5 + - K2WwmaMb + - ZGo5q7x + namespaceSelector: + matchExpressions: + - key: "603" + operator: 溝ʫ"zNĂ + values: + - 217W38 + - DjaFqo + - 34Dd6xS + matchLabels: + Le1shqQ: q6Ra + jocxC9: 1wwizZ9OUc3 + t9v: p7 + namespaces: + - tNw7r0z + topologyKey: WB + weight: -695352638 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Et + operator: "N" + values: + - iXi + - AZpWUZE + - bB + - key: 6e8xewD + operator: 拒D挼霘%Ǧ珕 + values: + - cLLOT + - LzhXzKVG + matchLabelKeys: + - v1hg0Fb0 + mismatchLabelKeys: + - i + - vh3C0ZF + - i694fjp + namespaceSelector: + matchExpressions: + - key: Rt + operator: 4%{ź*妻=舉佸EǩɛW杚察ű + values: + - gx + - x + - M0 + - key: S1J9kEl0 + operator: 湻膴L鮠#桽 + values: + - Lpx + - key: QzUh3 + operator: 閛V;Ĝ棱碗闃{竀%狮闀ʩE腡¹#C + values: + - qh0l + - Jgu1EIM + matchLabels: + tZ: y7 + u7: jkFA4i + namespaces: + - httsx + topologyKey: wNV2 + weight: -441999969 +annotations: + "": kBVzs + JKJQy: g8k + Zcnpm: TWUNV +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 23 + minReplicas: 122 + targetCPUUtilizationPercentage: 266 + targetMemoryUtilizationPercentage: 92 +commonLabels: + 0fz: qRhpB + blGSa: Hnim0SflkfpF +configmap: + create: true +console: + roleBindings: + - zktoFv: null + - BnTf: null + N30: null + O: null + - "5": null + up6oELWDxO: null + roles: + - 3vFSt6CV6h: null + - zwoEunAfS: null + - "": null + Kz: null +deployment: + create: false +enterprise: + licenseSecretRef: + key: wTtzVK + name: f +extraContainers: +- command: + - fbGgvGkx + - edBIWrM + env: + - name: 8jJnT7Zj + value: Mq + valueFrom: + configMapKeyRef: + key: JC + name: sVkSiknR2xCa3 + optional: true + fieldRef: + apiVersion: wANryBKXLB + fieldPath: NyZCECkxJ + resourceFieldRef: + containerName: OZ8 + divisor: "0" + resource: cmCxr + secretKeyRef: + key: DwO8j5 + name: B + optional: false + - name: EHh + value: QCji0tC6i + valueFrom: + configMapKeyRef: + key: WAw2dVgj1 + name: Ay + optional: false + fieldRef: + apiVersion: Qi + fieldPath: gpyTLtuoWjh2y + resourceFieldRef: + containerName: lU + divisor: "0" + resource: eblZRy9ULY2IzA + secretKeyRef: + key: mv + name: j + optional: false + - name: aUVmiB + value: kpqOP + valueFrom: + configMapKeyRef: + key: s + name: bQ6 + optional: false + fieldRef: + apiVersion: SdqbUuwjM + fieldPath: 2l + resourceFieldRef: + containerName: tw3t5LDN + divisor: "0" + resource: rwu + secretKeyRef: + key: 4BhlrEVh0 + optional: true + envFrom: + - configMapRef: + name: Hjuj9nlmmK + optional: false + prefix: 1f + secretRef: + name: ZAvqr + optional: true + - configMapRef: + name: xM7XvJNDv + optional: true + prefix: a3u3 + secretRef: + name: cvRqlow + optional: true + - configMapRef: + name: bRyp + optional: false + prefix: 5mEO + secretRef: + name: axWGwhmN + optional: false + image: EszTqv + imagePullPolicy: 輧脙ĭr恐荌ǩ\ȓȫ訷鿍湲瑁u楊禅ɤ& + lifecycle: + postStart: + exec: + command: + - WMJ1Vj + - bt + - UpuoW2L + httpGet: + host: ZQUCS + path: XvmuYh + port: p + scheme: 瘿ā|^k*雗 + sleep: + seconds: -4794985278116558932 + preStop: + exec: + command: + - fNY + - Rk + httpGet: + path: vcHj + port: 94X + scheme: ʕ煤}f + sleep: + seconds: -572101244460663065 + livenessProbe: + exec: + command: + - HoQxW7Nhx + - 1vL7TCk + failureThreshold: 1202856974 + grpc: + port: -177653984 + service: dd + httpGet: + host: cFj8k7 + path: l91YUo + port: -205856494 + scheme: '''朔6嚍¹*¢ɰȯK' + initialDelaySeconds: -1838390355 + periodSeconds: -2089935919 + successThreshold: 745930955 + terminationGracePeriodSeconds: 651854435833106407 + timeoutSeconds: -451727064 + name: LUkN + ports: + - containerPort: 52213129 + hostIP: pBen4iN + hostPort: -1605812710 + name: embL6 + protocol: 隠:ʀǙƴ茝鞝剟蚓遆積ǯ槦黽虼m + - containerPort: -1355336717 + hostIP: Vq9h1OAN6 + hostPort: 1469157628 + name: DgLmxr8 + protocol: ơ阆Ƃ + readinessProbe: + exec: {} + failureThreshold: 1404262379 + grpc: + port: 617847874 + service: wZ + httpGet: + host: 7f + path: 4gU9kDN5 + port: MXWfnK + scheme: 鬮ŵVƉ + initialDelaySeconds: -498539377 + periodSeconds: 1569378042 + successThreshold: 1909376148 + terminationGracePeriodSeconds: -3310812073755566654 + timeoutSeconds: 957960925 + resources: + limits: + 5k: "0" + wIlp6Km9XNo: "0" + requests: + RaT: "0" + restartPolicy: 车WđƜ嚓Ŭ罀ǑȪ + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - w}ɼ簖#s>腭hWɘnj嗠/ʜ墭呣lj + - dT劍Il捝s+;暷ƻņʖ馺ª贐 + drop: + - '*¢炐96ʑ叛z¢á5ɏeEɢ@Ƨ' + - ƭ樯Ɉ>ƈ@Ɨ + - ńɜʢnij咓ƹ灀}¿\ + privileged: false + procMount: 堲渢)#珯犠ƙYĮ鷝Ƈ蚈_ + readOnlyRootFilesystem: true + runAsGroup: 5272751894835649479 + runAsNonRoot: true + runAsUser: -777021971579066284 + startupProbe: + exec: {} + failureThreshold: 48102716 + grpc: + port: -1093646129 + service: bIKooEs + httpGet: + host: Mv + path: fstI2uQ + port: Qd + scheme: dzLBʖ飐吃ê傧靲dz + initialDelaySeconds: -187921670 + periodSeconds: -217914776 + successThreshold: -664446049 + terminationGracePeriodSeconds: 8083333456613274947 + timeoutSeconds: 399455066 + terminationMessagePath: jqUx + tty: true + volumeDevices: + - devicePath: LLB2W + name: kDDD + - devicePath: 9DhP1 + name: aW0PgFJODCAEF + volumeMounts: + - mountPath: "4" + mountPropagation: ;bŊcN啲;蜩½ǒ朒Q"EƙȌ{甐岊 + name: c + subPath: c + subPathExpr: cXqUzbd + - mountPath: NY + mountPropagation: ʋS溸呖Ä翫ɧȐ{豒lÔș:ľ玠3íw + name: 7nseZUY + readOnly: true + subPath: itHF + subPathExpr: eHexIOW + workingDir: BZZ6 +- args: + - 5cCg + - E7 + - iFP6rZ + env: + - name: qEiC5K + value: HE + valueFrom: + configMapKeyRef: + key: Q4ff + name: c6s + optional: false + fieldRef: + apiVersion: jBI6X + fieldPath: zpTUfYD + resourceFieldRef: + containerName: mzmkl8 + divisor: "0" + resource: 81k8LI + secretKeyRef: + key: "" + name: N9yqj + optional: false + envFrom: + - configMapRef: + optional: false + prefix: WYG + secretRef: + name: DFBRLWb + optional: false + image: Z + imagePullPolicy: ǂAM鳘墊šéDz!迒A + lifecycle: + postStart: + exec: + command: + - r + - RbH + httpGet: + host: FG + path: gzf4kd + port: 813947014 + scheme: '&X垮Ą:S褦慺ʛ竆閃_m鑙òó' + sleep: + seconds: -1141547218815402249 + preStop: + exec: {} + httpGet: + host: ZA8qVd + path: 9ooQ + port: -271801527 + scheme: 鏡稂;ňȓRH愦Ƚ + sleep: + seconds: -8502483422139801966 + livenessProbe: + exec: + command: + - I4WNnF + failureThreshold: -637772395 + grpc: + port: -1513640963 + service: CpWh0e + httpGet: + host: JrZk + path: YCnQ4z + port: 13mIiI + scheme: 鏘 + initialDelaySeconds: -200843985 + periodSeconds: -502259067 + successThreshold: 1719668769 + terminationGracePeriodSeconds: 6044193620909725026 + timeoutSeconds: -388757192 + name: Vem + readinessProbe: + exec: {} + failureThreshold: 1932036046 + grpc: + port: 940655155 + service: h5HN + httpGet: + host: H + path: G1p4WFvGD + port: iMuM + scheme: ŗ颁njNą筵 + initialDelaySeconds: 271733079 + periodSeconds: 1483111043 + successThreshold: -1186732202 + terminationGracePeriodSeconds: 8539189418162863572 + timeoutSeconds: 1565787262 + resources: + limits: + AfrFB6Ne: "0" + UFzEjwa: "0" + regGR: "0" + requests: + 30st: "0" + restartPolicy: Ǫ豥ɗ槻T+Ĕʓȣ+卮Ȱ + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 1蒟顨ƽėȰ + values: + - TGv + - VVtqHApm + - 7Mub + matchLabels: + PI: elzxW + Wd1Q: MYEPScu1su + i: uENdc + topologyKey: QlwUBoDWM +automountServiceAccountToken: true +autoscaling: + enabled: false + maxReplicas: 367 + minReplicas: 105 + targetCPUUtilizationPercentage: 126 + targetMemoryUtilizationPercentage: 500 +commonLabels: + 5NU: UG7t + 6NmZI: QxuTdplvdDdc + BYcISWrd5: YZbXA +configmap: + create: true +console: + roles: + - CSJ: null + - 0hM2tbS5: null + ZhG3M: null +deployment: + create: true +enterprise: + licenseSecretRef: + key: xLO4B2BCZUJ + name: BQR2Y +extraContainers: +- command: + - DlBCuc8xa + - X2hi8Mp + image: 00GQ5 + imagePullPolicy: 賎ʂG}Ƌ煚6ūaĠ腻f + lifecycle: + postStart: + exec: + command: + - mVlE + - cFmlozRTJ + - "" + httpGet: + host: RIzcOYFo + path: eZge9wzJjW + port: ugY08 + scheme: 讣Ɨƶ"ɇǘƓƮ + sleep: + seconds: -5362042555365295319 + preStop: + exec: + command: + - "" + httpGet: + host: hLxRfJhv + path: JA8kOIY + port: tpH1 + scheme: '''k:嘡葊佒ďȏǓɡ毫/视倴ĩ}Ɓ u' + sleep: + seconds: -915316715834475044 + livenessProbe: + exec: {} + failureThreshold: 1628387875 + grpc: + port: -119747124 + service: 3cnWKI + httpGet: + host: 6Wzb9 + path: Af + port: RAzYX + scheme: 嘾Q經f + initialDelaySeconds: 4951530 + periodSeconds: 1309655668 + successThreshold: 918641827 + terminationGracePeriodSeconds: -3073080783253286451 + timeoutSeconds: -1896420637 + name: yML27O + ports: + - containerPort: 509868797 + hostIP: XMFIjyy7MNejY + hostPort: 2083818454 + name: gd + protocol: 槏 R¨ƽT³簑ƤA$<猿.0d + - containerPort: -164866787 + hostIP: eh + hostPort: 1842390272 + name: H7 + protocol: y擫`/洄]ʢÓ7Ā紐ǟ塋 + readinessProbe: + exec: + command: + - 5MrELPMn + - 23x1a + failureThreshold: 1394382122 + grpc: + port: -96138878 + service: DBq + httpGet: + host: 60SrHkgc + path: OwZeja1P + port: 721461548 + scheme: ' `$ħ' + initialDelaySeconds: -2125734502 + periodSeconds: 66441733 + successThreshold: 130216629 + terminationGracePeriodSeconds: -7113768241875088710 + timeoutSeconds: -977567736 + resizePolicy: + - resourceName: 8VNf4C + restartPolicy: Ě} + resources: + limits: + 2TX: "0" + Yd3: "0" + avcFFX: "0" + restartPolicy: Ę<彪6 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - ūW銹fn|óOB¶őǝ:ɛ暙- 嫴 + - 韣噺Ȑ主鋥Ɣ睩熾@Ĥvƈ + - 気ʎɭ愢勈īɔ垆ŀ槌,q儇p顼ǯ歳 + drop: + - EģIJ>筡|n譌ɶd2鍇$X/ȴ偎穾7 + - "赻探ǞiN胂a + name: 79CeZyd + subPath: xMQ + subPathExpr: NvU + - mountPath: smgfnmvP + mountPropagation: ʈ + name: CuKUC + subPath: hZ8KJ3 + subPathExpr: CK4WsX + - mountPath: zm + mountPropagation: 傩骟Ⱥ|尤fŇɓ呣ɘĩŽ + name: wRtUU + readOnly: true + subPath: T1 + subPathExpr: cidBhX8I + workingDir: M0jsi8 +- args: + - rQ7QBmZ4 + - Q32wY3lGUA + - VGeP + command: + - "6" + - 5vVr2Q + - 4YDd + env: + - name: DY1 + value: sge + valueFrom: + configMapKeyRef: + key: O8RUTpJ + name: SCF5ph + optional: true + fieldRef: + apiVersion: NY0hb + fieldPath: ViZ0f + resourceFieldRef: + containerName: "Y" + divisor: "0" + resource: sCX + secretKeyRef: + key: Ma + name: 6s6lc5 + optional: false + - name: m19lk2eiDtcdB7 + value: 0JaB + valueFrom: + configMapKeyRef: + key: VolU + name: jnFjMLIQ19 + optional: true + fieldRef: + apiVersion: "6" + fieldPath: N0wIEnFmQ + resourceFieldRef: + containerName: QwDG86d + divisor: "0" + resource: pda + secretKeyRef: + key: Uc7x1XF + name: efgc + optional: true + - name: 8A + value: 1kUmljHSb + valueFrom: + configMapKeyRef: + key: "" + name: z18yxT + optional: true + fieldRef: + apiVersion: 1qaE + fieldPath: vEzPx + resourceFieldRef: + containerName: GYhSz + divisor: "0" + resource: Ttq + secretKeyRef: + key: aaGRQS + name: C + optional: false + envFrom: + - configMapRef: + name: "0" + optional: false + prefix: 5cqcw + secretRef: + name: O7Gex12 + optional: false + - configMapRef: + name: DHEYwZ + optional: false + prefix: wSbyGx + secretRef: + name: 9nM86dZi + optional: false + image: E + imagePullPolicy: 栧Z + lifecycle: + postStart: + exec: + command: + - 6775E + httpGet: + host: hIoYmpbc + path: qEf + port: rnJpXG69m + scheme: 赙¯6a腚 + sleep: + seconds: 4894208532244895909 + preStop: + exec: + command: + - mHtY + - 0hh1Tr + - "" + httpGet: + host: BuElf + path: fJPDiyG + port: PybmIT + scheme: M*Ķ + sleep: + seconds: 7544543348205057985 + livenessProbe: + exec: + command: + - z7IJ + failureThreshold: -360493877 + grpc: + port: -1395908290 + service: zV1i + httpGet: + host: GLn + port: -279409955 + scheme: ǃU螄骰褃Ʀ诐Ɯ{,ɍb萎Ɲʢ鰪\U + initialDelaySeconds: 1831688310 + periodSeconds: -280461011 + successThreshold: 84363106 + terminationGracePeriodSeconds: 7513815341722354757 + timeoutSeconds: 442815657 + name: pGthpc + readinessProbe: + exec: + command: + - T39QO5 + - "" + - DbSsPel + failureThreshold: -1901163919 + grpc: + port: 1255815597 + service: xeTv + httpGet: + host: bipPJGJ + path: nghEbF + port: uyLPK + scheme: 翁渹牯澖 + initialDelaySeconds: 1295268788 + periodSeconds: 17921235 + successThreshold: -212369586 + terminationGracePeriodSeconds: 1061046207943693656 + timeoutSeconds: -1707711843 + resizePolicy: + - resourceName: RLHi + restartPolicy: 掳?帐(Ǖčĭ纜 + - resourceName: H1Bv + restartPolicy: Ɉ駃愝ɲƁ2*ʍJ蕦ʃĹr}尕5J埉g + - resourceName: f + restartPolicy: ɧ帨y晒ʪäǗ«ǤǞugT埤X澇寿Ù\ + resources: {} + restartPolicy: 7Y熀7rúǬ轘 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - Ǒn%Aʙ]m* + privileged: false + procMount: 鼷R珍沌 + readOnlyRootFilesystem: false + runAsGroup: -287129322294347273 + runAsNonRoot: true + runAsUser: 3942212766283409661 + startupProbe: + exec: + command: + - gN + - zpmlcJ + - DeLJ4s + failureThreshold: 102924404 + grpc: + port: -1304933194 + service: 0iK + httpGet: + host: jbg + path: ZqaSpx8C + port: UPJqfy9dOO + scheme: 韼QY岩沴ì釪儇9ĩN + initialDelaySeconds: -46268668 + periodSeconds: -1126074804 + successThreshold: -2093938118 + terminationGracePeriodSeconds: -3498490773203628311 + timeoutSeconds: -736335366 + terminationMessagePath: "7" + terminationMessagePolicy: 辺OB¯悱楆3Ǫ首傭ɟ鮛ïƇ豙ǁUȵ + tty: true + volumeDevices: + - devicePath: DSh1 + name: 1OMawuQAlZD7 + - devicePath: "Y" + name: liCI2j + volumeMounts: + - mountPath: JPO9Ewk3kgaeuBD + mountPropagation: k釂Żɮ>ɸêW箁B| + name: QGO7HtoR + readOnly: true + subPath: oYudCrOqA + subPathExpr: Z1oG + - mountPath: iH6 + mountPropagation: dP帗俪Ťŷ/6¤þ剛&Ģ趽qi + name: 9Ro4aQU5yby + readOnly: true + subPath: piBl3 + subPathExpr: nfDFn + - mountPath: uU2H4 + mountPropagation: ljQ + name: "" + subPath: rj2 + subPathExpr: E + workingDir: BveK3 +extraEnv: +- name: 14jKCyMC + value: Mb95Ivlchi + valueFrom: + configMapKeyRef: + key: FMRh9 + name: VwME2dRYnb + optional: true + fieldRef: + apiVersion: NlY1uxRPgql + fieldPath: NDrKU5 + resourceFieldRef: + containerName: gPQ1TD3MX + divisor: "0" + resource: r6HOpjj + secretKeyRef: + key: "n" + name: RQLa2rQL7Y + optional: false +extraVolumeMounts: +- mountPath: pqfdKzb + mountPropagation: "" + name: 6btv + subPath: xLjoA + subPathExpr: UseM +- mountPath: EYXxm + mountPropagation: 煊`ś蠶+蓲慅4曌Ƥ4臜.魼簌m缽荈巇 + name: 6ut6g + subPath: 7N + subPathExpr: ypY +extraVolumes: +- name: 00PT1WRWHX +- name: P4 +- name: fn +fullnameOverride: Bv0I +image: + pullPolicy: 垿儣Ƈ#WMƻ + registry: XB9ke7yB + repository: EwU0pzhz + tag: SmZAnO7 +imagePullSecrets: +- name: ygWNP7C0W9 +- name: lo0PU +ingress: + className: vg + enabled: true + hosts: + - host: daRMGxIy7gKoE + paths: + - path: GVhF41Ue + pathType: TeM8 + - path: UontjIzl + pathType: MN + - path: "" + pathType: xN + - host: YCgI + paths: + - path: MPhdfahEcn + pathType: ECPrn + - host: GDOlAVRM + paths: + - path: H5pExfzke + pathType: v8 + tls: + - hosts: + - dQiMWdJ8cYKS + - 35K + - 8Kin + secretName: C + - hosts: + - zPo + - Z7 + secretName: SiZz +initContainers: + extraInitContainers: ITIY +livenessProbe: + exec: {} + failureThreshold: 724782955 + grpc: + port: -2055628426 + service: kYxAdPiz + httpGet: + host: JfFu5eafS + path: S8lsKuv + port: 45830231 + scheme: 嵋6ǞkĤ閾8_Tu鍓 + initialDelaySeconds: 1633166106 + periodSeconds: 2105675880 + successThreshold: 225361138 + terminationGracePeriodSeconds: -5739612377473505352 + timeoutSeconds: -1665363921 +nameOverride: "" +nodeSelector: + LAqpO: N7lh0C2 + RqG8qj: ltTa5 + X3q: F5c +podLabels: + Klzm: we + e: C2swj + s: vw1lrq +podSecurityContext: + fsGroup: -8750452531563962174 + fsGroupChangePolicy: RȗɻÎ + runAsGroup: 3754171381447903160 + runAsNonRoot: false + runAsUser: 2565919490422334632 + supplementalGroups: + - 2907772986244331938 + - -4686580881125536152 + - -7134026849524391427 + sysctls: + - name: 8gezWufB + value: 2Jv + - name: 4nhjhT6P + value: 32ZuT + - name: cQk5tljX + value: Aimzt8kirN +priorityClassName: F +readinessProbe: + exec: {} + failureThreshold: -1128918125 + grpc: + port: -1566880140 + service: wMGGUi + httpGet: + host: EwUYUz5 + path: qC4K0 + port: frlhx + scheme: 2鳳ǿ{ǿN + initialDelaySeconds: -116128728 + periodSeconds: -1936485392 + successThreshold: -1735161598 + terminationGracePeriodSeconds: -4458812029359989949 + timeoutSeconds: -1293939870 +replicaCount: 464 +resources: + limits: + 0PRJ1bi: "0" + JUjtrq: "0" + WN9h: "0" + requests: + TCeGWCB: "0" + x5O0IxuN: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: Sfb6 + name: Fkoh + kafka: + awsMskIamSecretKey: Bof21IpUS + protobufGitBasicAuthPassword: fIQwt + saslPassword: KBS + schemaRegistryPassword: TehF8FK + schemaRegistryTlsCa: 40HTol + schemaRegistryTlsCert: cgz0Y9o + schemaRegistryTlsKey: QUpyP + tlsCa: naM + tlsCert: cC23TMJ + tlsPassphrase: NxVcNj + login: + github: + clientSecret: IDQ0 + personalAccessToken: "4" + google: + clientSecret: P + groupsServiceAccount: oKbW15 + jwtSecret: "5" + oidc: + clientSecret: YcYiIJm + okta: + clientSecret: CtRNDaLkEFXR + directoryApiToken: pH3E2YC7xP + redpanda: + adminApi: + password: "y" + tlsCa: 4ieHo3L + tlsCert: pQ6AshR + tlsKey: s9 +securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - '@晏駚T!UɎȉépg鎘Ȉ' + drop: + - ÚơĊ猴渋ĭ8膔櫔ż択ůĦ抹 + privileged: true + procMount: 偖躪 + readOnlyRootFilesystem: false + runAsGroup: -543916493751029755 + runAsNonRoot: false + runAsUser: 7772713475568767829 +service: + annotations: + C3p: uCspVMX + nodePort: 441 + port: 51 + targetPort: 456 + type: ZQQlqx7Np +serviceAccount: + annotations: + 7lpi: QQ + RK: "" + od3x: "3" + automountServiceAccountToken: true + create: true + name: HMyYp +strategy: + rollingUpdate: {} + type: Ʉ>朄崍ʡƥɼ戋\IJĹ +tests: + enabled: true +tolerations: +- effect: aƻƀi + key: 7II7D0fA + operator: 跳<ȴŤƇ梐ȸŷR + tolerationSeconds: -92963183946417046 + value: U +- effect: p鸿xś冣9ɩ揊Ů忁琺ȖP壡o繊堮 + key: 5sC + operator: XɦǨ燖Ż綯逆挤ʦ斝蟏滣ʣ + tolerationSeconds: -6405135249548565002 + value: c2m6hlo +topologySpreadConstraints: +- labelSelector: + matchExpressions: + - key: bsO + operator: Ⱥ8欟慡Ƿţ6氙絿鐘黬聠ç + values: + - hbuLC + - SdAZnchI + - key: b4Pjya + operator: jɀh5湧,Ȳǣ6謉<ɦ + - key: gXEm + operator: ',k涃栏岴g橚甇ȳ0禰餝榖睌ěB縩侾F' + values: + - q9VqX4l + - zoMoc9Vb5 + matchLabels: + B0T: uiIEpLD2 + V: jdhpTcaa + pz: V1dJXS8 + matchLabelKeys: + - yoFhTrxV + - o + maxSkew: -1837539887 + minDomains: 2144009248 + nodeAffinityPolicy: 怓覷環ʤ苷疿ʡB聧!]LJƱĿGť + nodeTaintsPolicy: V~0韾¾Ȣû&嵙纠&ȠVƧ鍌 + topologyKey: GldA + whenUnsatisfiable: Ƀk纩{寍HƋ&庝僟D徼聊 +-- case-036 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: bkwD5 + operator: B砟摫ʟ]估ȽÓĖ頒ʙǯ + - key: 4n + operator: "" + - key: DDWUTPllaee + operator: ǒ@訹Ðđɤ軗ɲǃZ袓6悔ʙ[x] + values: + - bHwxZg + - iPWF3DQz + - yhiFQZ98w6h + weight: -551427274 + - preference: + matchExpressions: + - key: kZ + operator: "" + values: + - BMfDa + - key: l + operator: unɚʀɂ7Ǩ蘕 + values: + - 1vsAjW + - lEGj0 + matchFields: + - key: EYCyU + operator: 袒雬Ǐ蔡|骐pOĆƍbʌʝl + - key: e9QdJHV + operator: Ɏ鼛鏗擌-悝Ű + values: + - DToToJ + - Gq4 + - key: M4b3wwVy + operator: 煛苅=İ哋ońɢ\Głh斳hɷ韙 + values: + - fMIoNrUiyJdi + - tcNEhOds + - N0 + weight: -906035045 + - preference: + matchExpressions: + - key: 05VafuKQo + operator: ƃèĢC篘 + values: + - McUwm + - oMXVW + matchFields: + - key: "" + operator: 9ȮLǟ3V廉\5膏ɩ袴 + values: + - t + - r8d6G + - FevHe + - key: KeJd9X4 + operator: \Y#uɆɫwĉɎ卲S + weight: -773391374 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: PiRY + operator: 週畯嘰Œ铖'ȸ0Į5k,逊 + values: + - Fo9oE + - KLfm4 + - PiZJC + - key: 6HCuuj + operator: Ȋ!ʈh牅HŹ蓓% + values: + - PU34U + - bZ12kwJ4s1 + matchFields: + - key: CCVSIZH + operator: (铴Njʦ釖Ĩ鎅ƒ獞p)唓u¸::2 + values: + - DjvLD + - key: 9gy6tFM + operator: ø + values: + - lPjPu0 + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 2oL + operator: Ì溄祤BNjɎ_ )jðZF + - key: Tl1mGP + operator: r0ȨȵeēP眼饾j + - key: 98uL + operator: "" + matchLabels: + "": H0F + IGfr: 8iR8 + pTjU: 2vy5Ol + matchLabelKeys: + - l2d3an + mismatchLabelKeys: + - gomcuJ + - UMhaBnQUuSH4 + namespaceSelector: + matchExpressions: + - key: CyYjfraf + operator: 鸫ʊűoǪĞ3 + values: + - uPW + - key: vuREiHB + operator: ^ĄçȂ挌 + matchLabels: + tlcI6jz: 87JK + namespaces: + - eUszN + topologyKey: yJ + weight: 1657692208 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 3d3mr + operator: 鿈Ė聭焚歉Ð(币帄Ⱥ + values: + - h + - key: Z5c + operator: ma琓 + values: + - i5Ae6oUo + - EWixIB + - "y" + namespaceSelector: + matchExpressions: + - key: XFYbW + operator: M~ + - key: lWHcsQ + operator: 铿X异~<ÿ缇ī*^ĩ + matchLabels: + s: l6sxM + vFiVA7j: WEOy1jtU + topologyKey: JW85dr45m2G + weight: 444678250 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: bMT + operator: ^)4ɊDZǸDŽ + values: + - CG9Onrt + - key: T + operator: ƞ傏 + values: + - bXs59oj + matchLabels: + 6BRwn: Pdm + Yy: aaoLnp + myN: rwJGrW + mismatchLabelKeys: + - "n" + - c + namespaceSelector: + matchLabels: + 5QMzPp: AP + D: "2" + u: Dca + namespaces: + - 8Af + - NYfxoYf + - R4G + topologyKey: yY + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 2uhHhqog + operator: Ȧ + values: + - YgsgGf + - key: EaR + operator: 愅YVǵ楔¢4Ʋ + values: + - xaEk + - key: NV5iPi5Kw + operator: ' 軕氡#晉Ʀ筜篧e蹶ʀSɟʂÊʕT' + values: + - BY4 + matchLabelKeys: + - 9fTYFH7s + - aK6HB6 + mismatchLabelKeys: + - 13L + namespaceSelector: + matchExpressions: + - key: 3FT + operator: Tğ枕Ōo*a種JU-ɶƠdz鱓fƑS + values: + - 4ISUCT + - po8yM2L + - T5Q0UARu + - key: RhB + operator: "" + values: + - Re7 + - 7id + - 91GFPdrt + - key: ShRTzNRj + operator: ʬ吇Ȭ?搰Ç + values: + - HiGOGJE + - wOi + - HmllR83Dbvoz + namespaces: + - "" + - TBCPW + topologyKey: 0H + weight: 1493754197 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: CESaz + operator: ŢaæX#暁鲸'媩俛5齗aw'ĥ煆W + values: + - "" + - key: YtpoWP + operator: 瀽LƠ' + values: + - uS13z + - ip0h + - o8m9MWnmr92 + matchLabels: + 7o4tt: QX9gjN + KScJOoR95: Dpu + wfAk1b: rH5Z + matchLabelKeys: + - Yh1S1nZ7hm + - Fwx + - 6mhp + mismatchLabelKeys: + - ihvyNa7 + - m8 + - Q + namespaceSelector: + matchLabels: + 2KH67NR4: Vy8qZyy + topologyKey: w0KJ + weight: 1592497187 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + 1UcAh: h + namespaceSelector: + matchExpressions: + - key: yxz + operator: ',酵ýhȿ鲹芫澥 Ǧ_Ź躄_莯ʊ傡硬M' + values: + - Fof + - key: 8KwNEN + operator: 8炮逴8`M鞵ȍȟ蟷盱 + - key: N0 + operator: Ì崌爷矉&佷* JQȴ躀厇退ƿƍ肙 + values: + - kjlwyKc + - DDz + - Yf8Vf5Ar7w7 + topologyKey: n5cRtvXjK +annotations: + GvX4jkWw: xAyNk + MdtXxfH: "" + WyrWx: 8QO +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 213 + minReplicas: 211 + targetCPUUtilizationPercentage: 270 + targetMemoryUtilizationPercentage: 495 +commonLabels: + Nv: YHcp9u + RMi5: o4 + ViLr0: zrEw3 +configmap: + create: false +console: + roleBindings: + - cwSnKnhS: null + mzA9: null + oRCBU: null + - 4VfdtEVC: null + UF: null + - 785va: null + Cmlc: null + NyhDjFL: null +deployment: + create: true +enterprise: + licenseSecretRef: + key: teD + name: fP2IA +extraContainers: +- args: + - gfDaDhh + command: + - Eu + envFrom: + - configMapRef: + name: 9LtiYU + optional: false + prefix: dS5JDbtZJ + secretRef: + name: 3X5 + optional: false + - configMapRef: + name: vpOLCCmA + optional: true + prefix: IJpeUVYk3 + secretRef: + name: TaghAr + optional: true + image: Nw59jHFBw + imagePullPolicy: Eźz购綗映ò#ZuS絇溾^飷 + lifecycle: + postStart: + exec: + command: + - N2F2q + - XKeJn + - CfoVd + httpGet: + host: 0u3Kgf + port: PVA8u + scheme: ȧX[噦摼鎥憈ǴńƘŅ + sleep: + seconds: 9185496374723367536 + preStop: + exec: + command: + - lrWSClt + httpGet: + host: uS + path: 51Gzg9s + port: -1680102290 + scheme: 8涒齃ɠĬ諛鰅jyr塸ȷg× + sleep: + seconds: -302278202696680147 + livenessProbe: + exec: + command: + - fmu + - wJR3 + - 60zV6s4327rKb9 + failureThreshold: 2122798666 + grpc: + port: 1914605377 + service: ES + httpGet: + host: 7LAmwy8 + path: o2XAC + port: S5 + scheme: 犘ßħɚÂ剐*鬰ȇxȺ錎 + initialDelaySeconds: 343978803 + periodSeconds: -1725283583 + successThreshold: 1055506692 + terminationGracePeriodSeconds: -737021961431151273 + timeoutSeconds: 1721351711 + name: r + ports: + - containerPort: -341996687 + hostIP: zR + hostPort: -641414216 + name: AGa7X6lnw + protocol: 阧 + - containerPort: -1616018360 + hostIP: 8q + hostPort: -2060443566 + name: B + protocol: 位ŲȟHbfp餪魹| + - containerPort: -321829785 + hostIP: S + hostPort: 850049722 + protocol: ĢŔ=ɦŊ鳺醩hĂ踻鉀 + readinessProbe: + exec: + command: + - VRq0lZK + - nCUDH3Zgc + - f2h2C + failureThreshold: -444080905 + grpc: + port: -1484737838 + service: UL8hSUw + httpGet: + host: 8DDb + path: Z + port: It67aEO18 + scheme: 蹐疒Į浤 + initialDelaySeconds: -1225398553 + periodSeconds: -1497056806 + successThreshold: -1256842388 + terminationGracePeriodSeconds: -3265344141862786392 + timeoutSeconds: 1127947387 + resources: + limits: + "36": "0" + Oaiu: "0" + v: "0" + requests: + F0olO: "0" + tvGpYtd: "0" + restartPolicy: Ě卿ɫȰLZ懁 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - "" + drop: + - Ę螅7O5Ɵ駢Ó宮緂 + privileged: true + procMount: ʤ敠æx漭fƈŸʄ + readOnlyRootFilesystem: true + runAsGroup: -1779689763650765955 + runAsNonRoot: true + runAsUser: -1786517016760367110 + startupProbe: + exec: + command: + - Mcn36l + - "n" + - OMT3J + failureThreshold: 1137002720 + grpc: + port: -2106637755 + service: OYW + httpGet: + path: K + port: STUmUBT + scheme: 貪iɐ巶ɿiɲbɎ;Ŏċ2橺汲ŋ刢g + initialDelaySeconds: -648188998 + periodSeconds: -278768915 + successThreshold: 890955082 + terminationGracePeriodSeconds: 5660177701724482122 + timeoutSeconds: 959596283 + stdin: true + terminationMessagePath: h2a2mAm + terminationMessagePolicy: pjĉ + volumeDevices: + - devicePath: cZ95 + name: wLm + - devicePath: P9RW + name: PjzHR + volumeMounts: + - mountPath: b + mountPropagation: 脣Į + name: bOY + readOnly: true + subPath: mBuB + subPathExpr: 0io + - mountPath: DYp + mountPropagation: 9鹺t"Ĭij(?NB4ɖ鴼B屈桲ȋ噤ǁ + name: O + readOnly: true + subPath: EcI7mF + subPathExpr: HKfaS + - mountPath: NTgHw + mountPropagation: (ńÆ;裉嵀 + name: U6TGXB + subPath: wjpyjQ + subPathExpr: nqq + workingDir: NpjQN3dM +- args: + - m + - fmRfLPl + command: + - okKsRu + env: + - name: y8FxBu + valueFrom: + configMapKeyRef: + key: 1kdTq + name: NGzFHD + optional: false + fieldRef: + apiVersion: WDoDm + fieldPath: HTHz + resourceFieldRef: + containerName: aWk + divisor: "0" + resource: RcTwrpd4PaqW + secretKeyRef: + key: 27uDnW9fM1 + name: diwId6SMC + optional: true + - name: NZ1pEV + value: Xq7fA + valueFrom: + configMapKeyRef: + key: cYo + name: IhK1oKNNr + optional: true + fieldRef: + apiVersion: 0C + fieldPath: "" + resourceFieldRef: + containerName: OywKEud3 + divisor: "0" + resource: E4 + secretKeyRef: + key: gGTl + name: V + optional: false + envFrom: + - configMapRef: + name: fJ + optional: true + prefix: zFUU1PguE + secretRef: + name: S7Jre + optional: false + image: gbZ4mqT + imagePullPolicy: '*罖Ē掙*uĕĥ世û煨o曁ɖ)嬫噩肖Ñ' + lifecycle: + postStart: + exec: + command: + - nxKsxt + - F25ka4x + httpGet: + host: "0" + path: 9k0yMphk + port: GJdG + scheme: 婁箅蝼đ杣Ɗ°VAƭ0ĺ钘1 + sleep: + seconds: 8039264634100238529 + preStop: + exec: + command: + - NuJoJm + - gykEI + - "6" + httpGet: + host: UnkqD3SS + path: BhN + port: 712546393 + scheme: u + sleep: + seconds: 409536667065008471 + livenessProbe: + exec: {} + failureThreshold: 204373937 + grpc: + port: 1803358082 + service: VXsxSeh + httpGet: + host: Ht64jf7Eo + path: u1jjW9Qu + port: 556487018 + scheme: 熖Ű存ŖT磇ɘ外 + initialDelaySeconds: -1152834471 + periodSeconds: -1133396594 + successThreshold: -1385193405 + terminationGracePeriodSeconds: 2915006546098799012 + timeoutSeconds: -1401054296 + name: dfD716 + ports: + - containerPort: 691082006 + hostIP: b + hostPort: 636825973 + name: S5FmEWKv + protocol: g]se墰掀媸晓櫚驟憽hbƥsư° + readinessProbe: + exec: {} + failureThreshold: 152987910 + grpc: + port: 642951905 + service: q2qfom8L + httpGet: + host: GaxyfqlQ + path: Oh0t + port: -766612198 + scheme: UÂ_ + initialDelaySeconds: -1382761032 + periodSeconds: 967018272 + successThreshold: -178373997 + terminationGracePeriodSeconds: 6605400648980208248 + timeoutSeconds: -1404918452 + resources: + limits: + 7cu: "0" + 22n7v: "0" + XsU5mrE: "0" + requests: + kyXuqf: "0" + mBk4P9DWW: "0" + restartPolicy: ʓdT>NȚks_q祈 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ȸŏ脸(Yǃ¯~垇耗A) + - T翱ĥ + drop: + - 商ʏ軒Ƣ厢 + - Ⱥãt\跋þ漙苣ű吡憕鿶0傜om + privileged: false + procMount: Ŷ% + readOnlyRootFilesystem: true + runAsGroup: -1052699124096043871 + runAsNonRoot: false + runAsUser: 3737016357651072730 + startupProbe: + exec: + command: + - jefRNS + failureThreshold: -9144267 + grpc: + port: 642233169 + service: WjvgDkGG + httpGet: + host: 8hzgS0q + path: z + port: -885964296 + scheme: ɸliŵ + initialDelaySeconds: 1014078949 + periodSeconds: 1410148112 + successThreshold: 1164669668 + terminationGracePeriodSeconds: -3385668069040237914 + timeoutSeconds: -1723583731 + stdin: true + terminationMessagePath: zbCh + terminationMessagePolicy: 4攨2õė+軩Ç + tty: true + volumeDevices: + - devicePath: Nx + name: QLHA + - devicePath: 9JAgFLSdSqQ + name: "5" + volumeMounts: + - mountPath: KXG1 + mountPropagation: ȁ捄ɺ絒馢A¥`Èť + name: aghWO + readOnly: true + subPath: el7KEVsV + subPathExpr: tdksniBM + - mountPath: 5nus8 + mountPropagation: N饢杼M7X尅扐ǗÃɱNƞeuĦg儡 + name: TS4kHG + readOnly: true + subPath: i + subPathExpr: ktDaTCGG + - mountPath: CSkt9N0i + mountPropagation: 爕ɐYYȁ<獱椂@椗áʇ憣>\Ɋ筙纉Ë + name: KIKRXUR + readOnly: true + subPath: bWYTiq + subPathExpr: cgxlHqVV + workingDir: F +extraEnv: +- name: 0iCX + value: UfKNkXj6I + valueFrom: + configMapKeyRef: + key: GGYmdb5PBtUx + name: Zl1rWu9 + optional: true + fieldRef: + apiVersion: 1pKgni + fieldPath: 8Zmv + resourceFieldRef: + containerName: nK + divisor: "0" + resource: Yizp + secretKeyRef: + key: Dxqh + name: td + optional: false +- name: bm + value: K06vl + valueFrom: + configMapKeyRef: + key: dOTjzfwtRPzX + name: YleYOzRS + optional: true + fieldRef: + apiVersion: xl + fieldPath: 6NM2 + resourceFieldRef: + containerName: jreT + divisor: "0" + resource: "" + secretKeyRef: + key: B7 + name: cu + optional: true +- name: F4Vp + value: 9q + valueFrom: + configMapKeyRef: + key: dAPalKT0 + name: UXC7S + optional: false + fieldRef: + apiVersion: bTxwQmS + fieldPath: XW + resourceFieldRef: + containerName: iqnl + divisor: "0" + resource: e9 + secretKeyRef: + key: c1WJ + name: sg2TuPSW + optional: false +extraEnvFrom: +- configMapRef: + name: 3PT + optional: true + prefix: l + secretRef: + name: zakko + optional: false +- configMapRef: + name: RdxlkV + optional: false + prefix: 9Ae4W + secretRef: + name: UiJ + optional: true +- configMapRef: + name: bp + optional: true + prefix: SU + secretRef: + name: fy + optional: true +extraVolumeMounts: +- mountPath: Oly + mountPropagation: ƈįlñ + name: QuM + readOnly: true + subPath: NPJ + subPathExpr: vn +- mountPath: xsiqpcicm + mountPropagation: Ŝȃ燩čƃʤǸ儼 + name: blYv + readOnly: true + subPath: 8f + subPathExpr: I +- mountPath: "" + mountPropagation: 犒k洐ɨ3UʓďȏUm8/x艂" + name: i2 + readOnly: true + subPath: G + subPathExpr: Wo47OrA +extraVolumes: +- name: HUa7xM +fullnameOverride: AumW +image: + pullPolicy: ǫtŖŮƘ瓧ù¹勍u + registry: ai + repository: f54I + tag: iO +imagePullSecrets: +- name: bbjdn +- name: VI +ingress: + annotations: + RX47S: lb0 + Ton: ukp + className: R3Ykmr + enabled: false + hosts: + - host: bybyr6XsLFPDg + paths: + - path: c9F + pathType: TyYv +initContainers: + extraInitContainers: q +livenessProbe: + exec: + command: + - dRbj + failureThreshold: 864346345 + grpc: + port: -568790446 + service: 9WyiSW + httpGet: + host: EbFlYW + path: HC + port: C1Fv7 + scheme: 軔ǷʧP + initialDelaySeconds: -1341055636 + periodSeconds: 2055603833 + successThreshold: -175204389 + terminationGracePeriodSeconds: -2333626465204273709 + timeoutSeconds: -589897727 +nameOverride: 9mG8n4Wu4 +nodeSelector: + U3Rfg9: WSTvjvP + hODw: LSv + iwleZ: fD +podAnnotations: + jLE31lUP: LWc +podLabels: + 6W: FQvOa + YwkBSNWK: 0qqd + jP3: iNkD +podSecurityContext: + fsGroup: 8205502301244812774 + fsGroupChangePolicy: "" + runAsGroup: -8440674019915815616 + runAsNonRoot: true + runAsUser: 4432310384984167581 + supplementalGroups: + - 7965846110903121951 + - -9174375158887062481 + sysctls: + - name: OkeQ + value: A + - name: 24y + value: fIPA + - name: "" + value: b3 +priorityClassName: gPB +readinessProbe: + exec: + command: + - NjJ7Lit5 + - 29odviV2mnb + failureThreshold: 1075627654 + grpc: + port: 364618769 + service: g1wc + httpGet: + host: 40i + path: OTDO + port: -2089902693 + scheme: $Gȇ表匾ʞG絁娚彰ŝê<ĭ + initialDelaySeconds: 333726894 + periodSeconds: 1376975278 + successThreshold: 112483424 + terminationGracePeriodSeconds: 1389336444380098948 + timeoutSeconds: 669945326 +replicaCount: 24 +resources: + limits: + 7VHN3: "0" +secret: + create: true + enterprise: + licenseSecretRef: + key: jPpQY + name: uRkzw + kafka: + awsMskIamSecretKey: B + protobufGitBasicAuthPassword: EfQbyB + saslPassword: w + schemaRegistryPassword: qiltVq + schemaRegistryTlsCa: kyT4j + schemaRegistryTlsCert: Tu4varJ + schemaRegistryTlsKey: bmT + tlsCa: UyskLmDZ + tlsCert: "" + tlsPassphrase: IdsCzt + login: + github: + clientSecret: hPt + personalAccessToken: vRbRqD0 + google: + clientSecret: "" + groupsServiceAccount: lcc9 + jwtSecret: tf0x + oidc: + clientSecret: A9RDbO6GzTtHYG + okta: + clientSecret: HktzleLAg + directoryApiToken: qX + redpanda: + adminApi: + password: 5imX8ztdqjU + tlsCa: opQQ + tlsCert: PGcfJC3zH + tlsKey: IhqyTvQn4T +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - '*·戌ɳKõʚK(懷ë蟅ȣg' + - vOpɔm&ɞ法槪ųf + drop: + - l¤0ɖK樌ŕDĪ箰ɬȓũ梫h揼 + - 躟OBZş互鹫Íʨƶ`ã + privileged: false + procMount: 9®俠ɳ屑ŏO'pe,Q+膿麣 + readOnlyRootFilesystem: false + runAsGroup: -289823929905824069 + runAsNonRoot: true + runAsUser: -4392330066259666500 +service: + nodePort: 249 + port: 113 + targetPort: 414 + type: XHYb2qmrk +serviceAccount: + automountServiceAccountToken: true + create: false + name: Jg +strategy: + rollingUpdate: {} + type: LJėwǮ甧 +tests: + enabled: false +-- case-037 -- +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: IPWU1 + operator: 魡燸"趵p砮ƘċÈ3ljDŽ + values: + - i + matchFields: + - key: "" + operator: 廋46齄aā[傡ŤXjğ@ɫ聱昣ȞA + values: + - hrjhAJC + - RGJEJ + - key: 9XRD + operator: 鏖Ų姓萲1蜓舆 + - key: nmlhnezDL + operator: =WF»圻礼鍕4u-瘸]NJ + values: + - MlE9xcsLb + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: vxH0 + operator: kűŐ鄴 + matchLabels: + YR: ZYyx + matchLabelKeys: + - lrfi + - 9s + - "2" + mismatchLabelKeys: + - "" + - vc + - rz4SvG + namespaceSelector: + matchExpressions: + - key: ybBiR8Fm + operator: UlƜ寻眅崈O+聁ȴ + values: + - xxao + - key: UpNi + operator: v韠Ʀ.Ɓ氩諑ʊ0ɔ凹 + values: + - ECPGYavF2 + matchLabels: + 7qRB: 56MM + tcHg1: kpR + topologyKey: "7" + weight: 212582037 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + 6PJt: OILe3j + mismatchLabelKeys: + - PB + namespaceSelector: + matchExpressions: + - key: "1" + operator: ǯVɳCĬ鷹儉ïXǐʐ楏ċŇǽ + - key: aFA + operator: ƣ諔&ȵ%ǼQ傠ûQ& + values: + - tdkCJmsLj + - 2WF + - nlO + matchLabels: + "": JgBcTwL + gUx2lrPlU: 2MEiay0i + namespaces: + - iUHz + - F + - C + topologyKey: 0DqLIsLvEJ + - labelSelector: + matchLabels: + D65k: m + v: Wf73pl + namespaceSelector: + matchExpressions: + - key: Mql8T + operator: Ȳ + values: + - kiCXA + matchLabels: + QJPP2Wmbc: MGiu + tm: POZGk072F + v: OdyUJaKz8sW + topologyKey: CaAJ + - labelSelector: + matchExpressions: + - key: kJFGWDPIX + operator: '`園bsN唲幈ùÄ!鑢' + values: + - x + - key: PQktimeqK + operator: Í Ho亜q毂EɌ39蓷 + values: + - rYZ + - key: L6Wp + operator: '&去鉼晆Äě菉' + values: + - BPX5 + - 7Ows + matchLabelKeys: + - PhOMWnct + - 4Iar + mismatchLabelKeys: + - SfvAwYYqtwPc + - w9 + namespaceSelector: + matchExpressions: + - key: VmRQ2 + operator: 錛ȋʤ`搲ZL婨ƅ\鴃m闬ǿ戺ƨĤs@ + values: + - Ah8tj + matchLabels: + JBFf5vLf4: q2X6daLRz + VuZT: gmluiWbT + p64cMTP: B9 + namespaces: + - Ri6BSDl1 + topologyKey: nACF7H8 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: ZZaxS + operator: 黦ƒ©瀂 + values: + - "" + - 20OCN + - IZ86eI1 + - key: RXLfn + operator: .惊ŝ4ni`ræseȕƌ筬NJ@pŻ + values: + - Fuy + - 6ZIkwShr + matchLabels: + RJHcF0aLL9: avVll8hJB + Spsji: hW + mismatchLabelKeys: + - RDiUdFmoEZ + namespaceSelector: + matchExpressions: + - key: RmcZbbc + operator: uŒ¶鱸K + values: + - 90lQUM5B + - J07lI + matchLabels: + 6hQX9h: Sr5NoqB + L0vc: i + iJ6hIS: yLkpjBIU + namespaces: + - i1uGAcY9Xxf + - DO5c + topologyKey: uVcRZ + weight: 608820709 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Mgdm + operator: 惋¯ʢÝǒ=h佅茆接 + - key: "n" + operator: 系¦澜C2騗ā穩 + values: + - yelaWfaB + - Cq + - Va + - key: Ymvr + operator: 7 ^»ðq> + values: + - GES + - gPThP + matchLabels: + zj9Ud7LvFtg: trcgDo5 + matchLabelKeys: + - X + mismatchLabelKeys: + - peo1 + - zVPvCpJUM + - "" + namespaceSelector: + matchLabels: + "1": qRCy + namespaces: + - Eczjbhs + - F8 + topologyKey: Az + weight: -470853400 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: {} + matchLabelKeys: + - VWM7 + namespaceSelector: + matchLabels: + Q4BC: BojBLo + Vz06Yne: "" + namespaces: + - yEEmKNg + - iGJzcn + - G1bhP4 + topologyKey: pcOSh + - labelSelector: + matchExpressions: + - key: lCW5OK2A6HKOaC7 + operator: 蚿~2婈 ʝ似矉k + values: + - 5IOGWj + - UwmQ + - Ser + matchLabels: + "4": PB0Pb9 + Ykh3k: oX8w + matchLabelKeys: + - SfZ9pUjA + mismatchLabelKeys: + - i16lOT + - 8iU + namespaceSelector: + matchExpressions: + - key: ZxE + operator: 恇3 + values: + - "" + - 43TqLr + - key: ikCzWLGa + operator: E + values: + - W1 + - ZqA + matchLabels: + "": YJaQ + 7h: dybADQ + topologyKey: "" + - labelSelector: + matchExpressions: + - key: 0bZO + operator: '[ ' + values: + - DPm + matchLabelKeys: + - "" + namespaceSelector: + matchExpressions: + - key: b8XGJRAsiP7 + operator: ']眆寜眴z' + values: + - MsgI + - dhrJF0b + - key: SMx + operator: JɦĈ + values: + - o + - yknE + - key: rfxn3qvEK + operator: 綐岮~2熗昕Ñ占Wm员Ƴ橝灃Ɗ + values: + - "" + - K + matchLabels: + 2Jd: g3du2W + ZHju0: u7DvsT5e + zUssA7: ZKAL + namespaces: + - Qpqer2VPQ6oA + - zR0okqL + - nuH + topologyKey: i +annotations: + 1B8qie: FSPYCLoT + I: hpwL4TH + Z: 0LFy +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 370 + minReplicas: 221 + targetCPUUtilizationPercentage: 463 + targetMemoryUtilizationPercentage: 49 +commonLabels: + BJ: Gq0Rw + FPcPYvmbB7dAZe: Cy7WaeI + uEVMkDkYRvnn: zvptNai +configmap: + create: true +console: + roleBindings: + - 2m: null + VNrY1fwY: null + eaGm2c: null + - Ng0sM: null + Txhv6: null + e2uo: null + roles: + - Dd: null + H0QLXtA: null +deployment: + create: false +enterprise: + licenseSecretRef: + key: HqS5hb + name: 3sA8DqHdr +extraContainers: +- args: + - UaqwQ7 + image: 9gJVF + imagePullPolicy: 5傅c諹ɕ ƅƬDr1鰹瀣n怌ʡ + lifecycle: + postStart: + exec: + command: + - EJfXoz + - pxAl7T7 + httpGet: + host: 4dtyQHxp + path: 9i + port: BmGAi + scheme: ¼ů + sleep: + seconds: 2333336810403167963 + preStop: + exec: + command: + - EF + httpGet: + host: gc + path: 5IcdjR2 + port: Ln1 + scheme: Ȱʛ{`Ɓʛ劽Ŋ劧Yǥ + sleep: + seconds: -8338094784810815040 + livenessProbe: + exec: {} + failureThreshold: -1009316117 + grpc: + port: 434468004 + service: hOHaw7yL5 + httpGet: + host: r0OfO9Tjf + path: rvqaH + port: 1861701721 + scheme: 蓫AȚ%Țx痷 + initialDelaySeconds: -1210592458 + periodSeconds: -1685889023 + successThreshold: -1513585658 + terminationGracePeriodSeconds: -2039599439532369874 + timeoutSeconds: 615837494 + name: 0z + ports: + - containerPort: 920384597 + hostIP: amIbTg + hostPort: -1446796645 + name: H + protocol: tsė歟ū$B,qʐ医枝 + - containerPort: 533680030 + hostIP: AQrcm57h + hostPort: 436553418 + name: zI + protocol: mĖ}ʘá~滬 + - containerPort: -88474612 + hostIP: 5Q7z7DzPSmu1KQ + hostPort: -894572877 + name: Ie31rl + protocol: Z尤汸 + readinessProbe: + exec: + command: + - Ig53IR5s + - X + - MD + failureThreshold: -697650972 + grpc: + port: -1408023460 + service: q3NQW + httpGet: + host: NClmq + path: "y" + port: 4KJj4nVotN + scheme: ®顫jV/懔e + initialDelaySeconds: 1925202911 + periodSeconds: 1008375062 + successThreshold: -1515262628 + terminationGracePeriodSeconds: -9135279372752511888 + timeoutSeconds: -757546061 + resizePolicy: + - resourceName: BhTx + restartPolicy: O憢%ȔnjŸƓx汮$ + resources: + limits: + 0R8h7mczbiK0u: "0" + ngcoDm: "0" + requests: + FvPC8: "0" + restartPolicy: 竴xJ飊µ + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - eF + drop: + - '#泪<1饤ǯȲ78狎外龬郄晛頯6汐嫏' + privileged: true + procMount: bűƍȓ2C޵舕秗騛^ĪĪ溫Nȇ + readOnlyRootFilesystem: true + runAsGroup: -3343110605261139689 + runAsNonRoot: true + runAsUser: 7479178344552716344 + startupProbe: + exec: + command: + - 4mbBa0iSAgQ + - 9Vb + - B5u + failureThreshold: 753806032 + grpc: + port: 1382157718 + service: Sbk + httpGet: + host: bVoIiYzvoi0B2 + path: H7pGt3 + port: TTVi + scheme: 厪$dıQǵ_ƀÁ釔ɵ徣 + initialDelaySeconds: 849023271 + periodSeconds: -1908074475 + successThreshold: 328769480 + terminationGracePeriodSeconds: 5149904224053969297 + timeoutSeconds: 1277324377 + terminationMessagePath: 00uJXyD + terminationMessagePolicy: 禣儛x~靰ɿ`šŀǼŋP^n + tty: true + volumeDevices: + - devicePath: TMbZU + name: hFJz + - devicePath: yr + name: O0NQRcuq + - devicePath: UHqeq + name: Ydaqo + workingDir: TzR +- args: + - 1EEFNaNA + - U2l + command: + - CsMZk + - 4HgTHX + - Sqt9at + envFrom: + - configMapRef: + name: RRMDeJ + optional: false + secretRef: + name: lcA + optional: false + image: GQ69 + imagePullPolicy: Ɉǥ + lifecycle: + postStart: + exec: + command: + - 3YpG + - vZTzHN + httpGet: + host: cPtKCkyO + path: "4" + port: -1049236742 + scheme: 硺=ɸǖɵ恆Žd0 + sleep: + seconds: -7566729856608460688 + preStop: + exec: + command: + - y2fpvM + - VG + - hhX3m + httpGet: + host: o + path: "7" + port: nl5CZNKB + scheme: Ȉ + sleep: + seconds: -9000479934802388409 + livenessProbe: + exec: {} + failureThreshold: 115197733 + grpc: + port: 418872789 + service: mK04M1 + httpGet: + host: tYy4jqPpZ + path: om7u1 + port: 6vYh + scheme: 鬧ĕ,b嫲ʞÈȅɼ瑀\-ŤÔĞ{ + initialDelaySeconds: -1996330627 + periodSeconds: -2123682197 + successThreshold: -274102072 + terminationGracePeriodSeconds: -4086669261853017280 + timeoutSeconds: 1671175282 + name: MN + ports: + - containerPort: -581773322 + hostIP: w + hostPort: -1918799357 + name: NUQc5 + protocol: lɡFàW6ǼC7騰僮氁繸{Ȏ + readinessProbe: + exec: + command: + - IYC3M + failureThreshold: 178025639 + grpc: + port: -205038391 + service: EGqI + httpGet: + host: oGjb56 + path: mnq + port: pb9x + initialDelaySeconds: -1053907742 + periodSeconds: -777502604 + successThreshold: -350871959 + terminationGracePeriodSeconds: -6813701492426236069 + timeoutSeconds: -1712603807 + resources: + limits: + TwWe: "0" + requests: + 4FGQT: "0" + 57DEge: "0" + zBEzXaq: "0" + restartPolicy: 焂ś(Z緌挄ǥȪȑq*刾 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - Ư#æ9NF犔帙錈 + - N範3>ȖlǖɥöS竾ƾÔŸ烠dk弸 + privileged: false + procMount: ı.ĔtQ+p銍/盂pJr替àŽ + readOnlyRootFilesystem: true + runAsGroup: -9023516459602390407 + runAsNonRoot: false + runAsUser: 2513546243926544067 + startupProbe: + exec: + command: + - C + - 9o + failureThreshold: -1595663358 + grpc: + port: 879782754 + service: E3 + httpGet: + host: j + path: ZwGu + port: -1183682475 + scheme: ȉʬ|Ȗ-胨\GǴ酥âïŀ + initialDelaySeconds: -320635887 + periodSeconds: -1762048755 + successThreshold: -1206942688 + terminationGracePeriodSeconds: 2874889772540953352 + timeoutSeconds: 201190682 + terminationMessagePath: D5nhSA2KK + terminationMessagePolicy: '|Áʊv~' + tty: true + volumeDevices: + - devicePath: fl + name: "" + - devicePath: Pivii + name: SAJBTs + volumeMounts: + - mountPath: os + mountPropagation: 霤ņd碤 + name: Wma3F + readOnly: true + subPath: J + subPathExpr: rp + - mountPath: 7p + mountPropagation: ʜ塖ɥw阒ɠ·閐駔址遥铣C龂ȵ槂瑷 + name: EKv9jGIV + readOnly: true + subPath: YjGj1 + subPathExpr: goeN5mMZVyE + workingDir: 9pZ +- env: + - name: jUF3n5Y + value: 5Oas + valueFrom: + configMapKeyRef: + key: NjvBzcrV9 + name: kjnqdL + optional: true + fieldRef: + apiVersion: EKxzT + fieldPath: keiWEt + resourceFieldRef: + containerName: 6ei + divisor: "0" + resource: 5SYJ0LG + secretKeyRef: + key: khTsQnn + name: R22Yc + optional: true + - name: Eqsqk + value: ZbUl8L + valueFrom: + configMapKeyRef: + key: LBJ9Co8gX + name: 5F + optional: false + fieldRef: + apiVersion: BBXJwlU6ov + fieldPath: tR7Z2 + resourceFieldRef: + divisor: "0" + resource: Kw7UxsTdNB + secretKeyRef: + key: x1Ijg6T + name: qqT6Y + optional: true + - name: 7zUt + value: 92wkXugDh + valueFrom: + configMapKeyRef: + key: JfY0lIp0Jdtpv + name: nYzr + optional: false + fieldRef: + apiVersion: IDhOF + fieldPath: aTWd + resourceFieldRef: + containerName: m4s0LUsO + divisor: "0" + resource: jJSLfi + secretKeyRef: + key: KzYvK2KKl0 + name: sR + optional: true + envFrom: + - configMapRef: + name: LuhmK + optional: true + prefix: z3 + secretRef: + name: bhwKfwEMY + optional: true + - configMapRef: + name: ZLn6PrNZ + optional: true + prefix: CZK + secretRef: + name: ln + optional: false + image: 40twCh1 + lifecycle: + postStart: + exec: + command: + - "" + - 4qZLs + - OKN + httpGet: + host: L1rE + path: zDyVFyy + port: kQZa + scheme: l + sleep: + seconds: -7109845505283004784 + preStop: + exec: + command: + - HBLUwI5qG + httpGet: + host: vM5bd + path: "y" + port: 1065237668 + scheme: 働ı愊GƜǻo4qtHŢ*獊K[w + sleep: + seconds: -1099871671561452384 + livenessProbe: + exec: + command: + - K1 + - O5Tdq + failureThreshold: 1326476911 + grpc: + port: 1266228568 + service: 0yovH + httpGet: + host: feV + path: HDTE + port: "1" + scheme: '!@ȄKh8淫~ǿ%硬睇鵤嵤' + initialDelaySeconds: 1175577649 + periodSeconds: 1877040036 + successThreshold: -1354358221 + terminationGracePeriodSeconds: -925123122471881643 + timeoutSeconds: 1464454545 + name: W8b6OOS + readinessProbe: + exec: + command: + - i + failureThreshold: 1781656452 + grpc: + port: -1606887908 + service: RrbvDP + httpGet: + host: mKx + path: HD + port: hiq5RvT05 + scheme: 鱑Ȍ¾ĵ覓{>鿼钇 + initialDelaySeconds: -1803086365 + periodSeconds: 450703172 + successThreshold: -1624696013 + terminationGracePeriodSeconds: -5286538260023923986 + timeoutSeconds: -528162423 + resizePolicy: + - resourceName: um0g1naPII7 + restartPolicy: ¹俞Wƌ甝 + resources: + limits: + EDhQ2V: "0" + OQ: "0" + WtnTV: "0" + requests: + jQaF: "0" + restartPolicy: '{鉪蟏E喧t庛Þa¦ʕ' + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - Ň鰍坸Ñ霰ʁ攽$Ơ + - 蟒磁砈Z芥EDZ + drop: + - ċ6洌扼雚nj墣l睧奟*躾ƛƌ秡t + privileged: true + procMount: 蜵5>MU + readOnlyRootFilesystem: true + runAsGroup: -7704085956113873818 + runAsNonRoot: false + runAsUser: 5730999299228810722 + startupProbe: + exec: + command: + - ImPt + - cIB + - e58MzW + failureThreshold: 310737712 + grpc: + port: 1849024783 + service: B1W + httpGet: + host: 1nU5qLkMA + path: Oo7nHt + port: hxGSeC + scheme: ƇĒɔmĦɦ齋貢 + initialDelaySeconds: -1797908483 + periodSeconds: -761708273 + successThreshold: -1316915468 + terminationGracePeriodSeconds: 8128903938581944374 + timeoutSeconds: -1573011089 + terminationMessagePath: FYPtlxf + terminationMessagePolicy: Pʏɉ{ů囏Ì4鰸曘Ʃ氕峵 + tty: true + volumeDevices: + - devicePath: "93" + name: t3A + workingDir: w +extraEnv: +- name: fXB4uyH + value: GPmKm1YgQuvB8 + valueFrom: + configMapKeyRef: + key: BYyG6 + name: Kr8iKZ + optional: true + fieldRef: + apiVersion: sSt + fieldPath: 7r3LBO + resourceFieldRef: + containerName: B8G + divisor: "0" + resource: 3cRQ + secretKeyRef: + key: nQtb + name: B8Snqwl0U0 + optional: true +extraEnvFrom: +- configMapRef: + name: C1P + optional: true + prefix: KcZH45pd2 + secretRef: + name: N7Yt + optional: true +extraVolumeMounts: +- mountPath: twfjF9 + mountPropagation: ȶ唗蠤S柋ɖȈƻ + name: MMcC8 + subPath: UwT0sYVo + subPathExpr: 9ugOBQ +- mountPath: 6cj + mountPropagation: "" + name: 3iQ + subPath: SaQ + subPathExpr: QQI +extraVolumes: +- name: xbuLqNQHFY +fullnameOverride: ADIhC +image: + pullPolicy: '|í' + registry: CIzpk + repository: O + tag: F +imagePullSecrets: +- name: Yi +- name: 6XnEhUN +- name: oeoW +ingress: + annotations: + "8": SeJ + className: PHr + enabled: true + hosts: + - host: PXAcFs520n + paths: + - path: 1uGP0 + pathType: dWpX + - path: hAH + pathType: LjzFf + - path: 7Qy + pathType: vjB + - host: z9QAJ5 + - host: "" + paths: + - path: Hc0IpaX + pathType: bc0T + - path: dzn1ldJ5h + pathType: M +initContainers: + extraInitContainers: 7DdMwNg +livenessProbe: + exec: + command: + - XRPuLpEO + - nplEP2IP3 + - 9jrKdj2 + failureThreshold: 1516033986 + grpc: + port: -531236004 + service: 11bsOMf + httpGet: + host: 9PMyxMco + path: RI3zx + port: -2029405965 + scheme: G隠Ī:ŁuƠ禲oŇO鿈Ⱥȡ + initialDelaySeconds: 1774510914 + periodSeconds: 1308551645 + successThreshold: 752675362 + terminationGracePeriodSeconds: 8661862683503969755 + timeoutSeconds: 437106483 +nameOverride: u2r6 +nodeSelector: + CrYMUu1pg: "" + ftZ: dKqEwc + pNPla: Cc +podAnnotations: + dApB5noz: fJm84 +podLabels: + 9c2: 3fwyB6m1 + MyocWENxGGa: TrRadg +podSecurityContext: + fsGroup: 5618615494228351604 + fsGroupChangePolicy: ʩrXù济延唇ė袡 ʊ + runAsGroup: -3861060047548570674 + runAsNonRoot: false + runAsUser: 3602747950735365650 + supplementalGroups: + - -5665823160677538937 + - 2942720231280319982 + - -7811581565559124250 + sysctls: + - name: X + value: sWo + - name: MI521Dolo + value: ETgcRWsr + - name: 4gVCXpSch + value: csKV +priorityClassName: U7wS +readinessProbe: + exec: + command: + - cYKp + - vP + failureThreshold: 670800660 + grpc: + port: 1721771977 + service: y69H + httpGet: + host: mtLvsm + path: hd4c + port: 326683785 + scheme: X½鼅餕嚶渭闬脮ƧŗŠ#7êk.] + initialDelaySeconds: 713201976 + periodSeconds: 1611391820 + successThreshold: 604905966 + terminationGracePeriodSeconds: 8452879830155323173 + timeoutSeconds: 981065048 +replicaCount: 471 +resources: + limits: + avG: "0" + q: "0" + w8p: "0" + requests: + AZ: "0" + fGW: "0" + vom84xUd0: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: 41x + name: HHI4WeIS + kafka: + awsMskIamSecretKey: vvbXmwn + protobufGitBasicAuthPassword: uJNU2 + saslPassword: 1wgp7riu8 + schemaRegistryPassword: nKfA7t + schemaRegistryTlsCa: dsi + schemaRegistryTlsCert: 85xiT + schemaRegistryTlsKey: "1e0" + tlsCa: hEe0gyNOx + tlsCert: "" + tlsPassphrase: Jktiu0 + login: + github: + clientSecret: BDnf + personalAccessToken: MrWfu + google: + clientSecret: tkAac + groupsServiceAccount: w6hg3 + jwtSecret: zpS + oidc: + clientSecret: d + okta: + clientSecret: "" + directoryApiToken: a + redpanda: + adminApi: + password: raQeh15W + tlsCa: Ax453qH + tlsCert: 5cvfDAz7XB + tlsKey: ve +securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - Ȏ煣+ȗ爸詤rȱoCö:踕v;D'茈% + - 斉 + - 劝 + drop: + - 6儌 + privileged: false + procMount: G + readOnlyRootFilesystem: true + runAsGroup: 6433461052261949548 + runAsNonRoot: false + runAsUser: -8726272423258831483 +service: + nodePort: 150 + port: 226 + targetPort: 87 + type: At +serviceAccount: + automountServiceAccountToken: true + create: true + name: ItYso +strategy: + rollingUpdate: {} + type: 匏ǛǢ²Ƴ屣EǙ9Gʡy +tests: + enabled: true +topologySpreadConstraints: +- labelSelector: {} + matchLabelKeys: + - ImKkR6l + - oUu1w + maxSkew: 373901521 + minDomains: -938191316 + nodeAffinityPolicy: "" + nodeTaintsPolicy: 梄焑ȅƗH + topologyKey: Mh1K + whenUnsatisfiable: CǑ庬Kf鄊珪t忒訾Ɗ壚pv餲(ɯŕT铈藘SȂ臏閏@ȗ云Ȧ + weight: -1530606902 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: R8 + operator: 茔íȟÁ嗮敚S顕DZ躨ijȱ厎ɬɏl蜶拼 + values: + - PRc + - svCs + - key: LBaaOWdWW + operator: 0ŧĸ荕fR焌禗#ȰȶŁA + values: + - G0FXBn + - IpnG + - NM8oL + matchLabels: + lrB: NtdoEuXoTr2r + y1BSzp: ivK7CU + matchLabelKeys: + - 6ZNJrk5JxOHW + - B9Q + mismatchLabelKeys: + - "48" + - nm1WD5nM + - vLqhDh + namespaceSelector: + matchExpressions: + - key: GF6EQ8mKus + operator: B"(ň枣<吰檰戱R&狅Ɍ鋋Ļ飮 + values: + - f0plBpNy + - Gzl + - key: x4 + operator: Dz謶ʮ_ūKNdv· 壼×z朤 + values: + - zo + namespaces: + - QMv + topologyKey: r1z + weight: 1950038583 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: x3pdwI + operator: ǿLȴ8涣ÎƶǛ醌Õ纺網(đ倠樓纗Ǯg + values: + - xJlJ3H5 + - iza5 + - 4rszgB8v9aH + - key: 9j5f + operator: ǘ賊ƾA迌磡m摾烊 + values: + - EMECS8f + - oveu + - He + matchLabelKeys: + - 33y4E5v + - 5XIM + - "" + mismatchLabelKeys: + - 37I + - a02Re + - GVqKNcGgl + namespaceSelector: + matchExpressions: + - key: Rtiwm + operator: 萱J矻軚fC + matchLabels: + 8ipw: G + JwDA: 8EVkJ + oiQ2p: mYGgaz + topologyKey: 5l6PI + weight: -1824427504 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "" + operator: 晑2%·QHVJTM錈 + values: + - CTU + - X5a + matchLabels: + WdJU6: I + bN: "" + uoTcuu: w1Y3yLW2rz + matchLabelKeys: + - O80Pf1RfMp + - WRJOT6B + mismatchLabelKeys: + - "" + - "6" + - nwQikpclV + namespaceSelector: + matchExpressions: + - key: CNaHfk + operator: 蕵Qmƀʁ6鲿)żȯ+ɩ玙9 + values: + - OuxZv + - key: dS + operator: 炧踮P-.壨ġ + values: + - 6ZJp7y + - key: jiLGGAQ + operator: 蟾Ɵ餌|ƨ綁訲bǝɋ圼 + values: + - mQ + - Fk3eA81t + - YR3WT + topologyKey: "5" + weight: 1634860618 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: "" + operator: (冁粄Ƴ\Ē4ǀ9峖樾t燠熂鷸ȿź蛼* + values: + - fnrA + - g + - gptz8 + - key: 4Hue + operator: oğ魀Ʌ¦榴 + values: + - InPtpb + - rxTpo + - HXnghAhWU1 + - key: EE2p + operator: á儬倏qȼ療ƚ + matchLabels: + YvCi: 1Tg + oLQ9OhyY: pFYpYKV + matchLabelKeys: + - J7 + - VR5 + namespaceSelector: + matchExpressions: + - key: cwgATYQvdj + operator: ÷Zá磋舫棹瑗-神ĕ嘟泦猵 + matchLabels: + Inz: BpiLQXOvEh + topologyKey: 5sHov5x + - labelSelector: + matchExpressions: + - key: vLI2 + operator: 歑ūĿɒ + values: + - FiQIMCFX2 + - vqhAaV5N7 + matchLabels: + 6DNwSiVsen: 1fRK + V: 3L49A8YEn + matchLabelKeys: + - K0sPcZWy + - fqn0luLnrF + - "" + namespaceSelector: + matchLabels: + O9bMG: CvBa11UI9OL + cm56v: Z83nkLc + gLJIEvg5: tUJq + namespaces: + - yP + topologyKey: 3RN + - labelSelector: {} + matchLabelKeys: + - vMX6FV1t + - vP + - TU8VLc + mismatchLabelKeys: + - ZAaEBYk + - Y0F4V0C + namespaceSelector: {} + namespaces: + - LwoHgQ + - qAJ + topologyKey: "0" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: afwQ + operator: X(^Ȓ蘘}例 + values: + - 2ak8Yfa6P + - key: T4 + operator: ȵë_-Òŝ/c諒M攕窸 + values: + - Vktm + - trH51Z3 + - key: in74thKl + operator: HþČ謼ijƉË + values: + - NK2D3 + - NUsncshnv + - YDiqn6 + matchLabels: + T1: "" + nQFxJe: tdqf + matchLabelKeys: + - KI + - 6LjhIKmlnlhpI + - 88DArl53wb + mismatchLabelKeys: + - Bn30p + - zjq + namespaceSelector: {} + topologyKey: LrLYm2oYCgO + weight: -1318876164 + - podAffinityTerm: + labelSelector: + matchLabels: + T837hItO1qv: mCNMYnPq + gDh4Dxx2O: JUZxy4z + matchLabelKeys: + - sTn + - 4nu + - CSgSC + namespaceSelector: + matchExpressions: + - key: A5z + operator: "" + values: + - PJ6Zh + - S + - key: VufLBVvFECvIW + operator: ʝcƘʣ]筍ġ0Ğ鎏£<艻錯瀢 + values: + - tz64EN + - i + - key: 8Q2s + operator: E1戠天:ɺ勎sȸɾ + matchLabels: + XTI: 7cIZ + jpH49wkR: D5u5c + namespaces: + - XyGPkW + - CERSWYSVu + - Ms80R + topologyKey: 57PFRYX + weight: -1558645933 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: ZGO5iRhr + operator: 堭ŷz + values: + - IfLuRt6FZf7 + - 03fn3j1 + - key: HL + operator: M螎õ}shƏ檅葜0<瘼Ɗț夡J偦ʆ + values: + - "96" + - 4uInca + - KsWaAE + - key: nKr + operator: ʋƲ~uè蟪ʗƁʬȌ势ȃVÄ穵Ą + matchLabels: + DVRktk1U: 1XFlhcXH + matchLabelKeys: + - kJMI + - Js8qeQ + mismatchLabelKeys: + - lnn1G + - A4nlWqCrE3 + - BzU + namespaceSelector: + matchExpressions: + - key: "" + operator: ɍįmŐ冹?E蹣ƋH肥=ɭuR訷$ + values: + - faDMJv + - b0VUPX + - lOsWCl + - key: 7iy + operator: 0:H碼\b黵禧鐃 + - key: nbn + operator: 疬厼掚Ƿ蛬ƞÜ9懎拖ų洜 + values: + - byjrbi + - RqfcIc + - dLaAUt + topologyKey: BUfQ +annotations: + He: OemFaO9 + QE5O: 6CBP +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 400 + minReplicas: 455 + targetCPUUtilizationPercentage: 64 + targetMemoryUtilizationPercentage: 472 +configmap: + create: true +console: + roleBindings: + - zn: null + - WCQKaiaj: null + py: null + roles: + - {} +deployment: + create: false +enterprise: + licenseSecretRef: + key: 4F + name: k +extraEnv: +- name: fqLRMsbtI + value: VzzHe + valueFrom: + configMapKeyRef: + key: "" + name: 1au8QkGsYcK + optional: true + fieldRef: + apiVersion: "38" + fieldPath: rM + resourceFieldRef: + containerName: Moz + divisor: "0" + resource: V + secretKeyRef: + key: IQ7AC3i60u + name: BCb + optional: false +extraEnvFrom: +- configMapRef: + name: twq36B + optional: false + secretRef: + name: OLKXh + optional: true +- configMapRef: + name: Pyr + optional: true + prefix: nyu + secretRef: + name: HDmfly7EP + optional: true +- configMapRef: + name: 2TmUL8GD + optional: false + prefix: R5 + secretRef: + name: TyS + optional: false +extraVolumeMounts: +- mountPath: 4zQSAo1Lj + mountPropagation: 檛ȂWg + name: eeS + subPath: iaw3G + subPathExpr: N02q4 +extraVolumes: +- name: "" +fullnameOverride: j1dUk8TGy8Np +image: + pullPolicy: 谝鞛榜ɸ暐ɸ刀x喋 + registry: zi + repository: MTSoVvJ + tag: a25lJOfGpG +imagePullSecrets: +- name: OlRQO +- name: Hkuk3 +- name: fP +ingress: + annotations: + ADJxl: n5EK4WzM0 + M: Zoud6 + eWXUqq: "" + className: "27" + enabled: false + hosts: + - host: 6PclZ7Q + paths: + - path: RqbF29XX + pathType: WB + - path: npV1GL + pathType: zxvm + tls: + - secretName: Q + - hosts: + - EvjYI + secretName: gRDta + - hosts: + - zlgJP1 + - g367Bgr1 + secretName: eQ +initContainers: + extraInitContainers: d5lM +livenessProbe: + exec: + command: + - S + - eqi + failureThreshold: -574948042 + grpc: + port: -653621031 + service: ir + httpGet: + host: qboin0qudh2Y + path: 4jFbHK + port: 9APWoaII + scheme: ćdž埭]KU + initialDelaySeconds: 1217073146 + periodSeconds: 2084735603 + successThreshold: -1091703574 + terminationGracePeriodSeconds: -4975007928507132892 + timeoutSeconds: -203727359 +nameOverride: ld +podAnnotations: + Scdn: fLH1yCm + lCp: Hi +podLabels: + 6AmpBMD: yDh + lPb: vi6tx4 + u: Vai7 +podSecurityContext: + fsGroup: -4268923634359973318 + fsGroupChangePolicy: 椶'ɏ4Ŝʘþf¸ǚļţRď0 + runAsGroup: -5513988494785819878 + runAsNonRoot: true + runAsUser: 3348050323720255791 + supplementalGroups: + - -9211346208910065015 +priorityClassName: 89gnK9rXyDXui +readinessProbe: + exec: + command: + - WCCn1 + failureThreshold: 1866953941 + grpc: + port: -978078521 + service: Gk8q + httpGet: + host: 4aDbYIp + path: sFssnZ8D + port: b9TEE2n + scheme: n8鞘呷2ef嫰髡箩棔螇džNj雤 + initialDelaySeconds: -1624688782 + periodSeconds: -231284043 + successThreshold: 1609785496 + terminationGracePeriodSeconds: -564252460349465292 + timeoutSeconds: 767134266 +replicaCount: 444 +resources: + limits: + wjrESvfqh: "0" + requests: + fSPJBFEwK58: "0" + j: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: iKQ6Nz + name: OD68lA + kafka: + awsMskIamSecretKey: "" + protobufGitBasicAuthPassword: GKaL + saslPassword: J6S + schemaRegistryPassword: 8PuilRN + schemaRegistryTlsCa: "" + schemaRegistryTlsCert: "" + schemaRegistryTlsKey: LsoxQcg + tlsCa: rGkjDT + tlsCert: gzs + tlsPassphrase: "70" + login: + github: + clientSecret: BGgKCBXeA + personalAccessToken: S + google: + clientSecret: KQXew + groupsServiceAccount: Ll + jwtSecret: 95jKDcdtX + oidc: + clientSecret: "" + okta: + clientSecret: b + directoryApiToken: "" + redpanda: + adminApi: + password: y2jU08n6KI + tlsCa: 6YyBT + tlsCert: ZkxE + tlsKey: MpUTYb4y +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - Ƹłš硇¹,9菧ȉŪ転Ǹï7ĭɜ + privileged: false + procMount: 榷ŋĦƨÈ俟ţUȫ桊fLŊƐbƼɤ襐 + readOnlyRootFilesystem: true + runAsGroup: 2134851813508950156 + runAsNonRoot: false + runAsUser: 1677623433130194771 +service: + nodePort: 470 + port: 46 + targetPort: 43 + type: uqFB +serviceAccount: + automountServiceAccountToken: true + create: true + name: fP77cJ3T +strategy: + rollingUpdate: {} + type: '>Ƒ梚ǩ' +tests: + enabled: true +topologySpreadConstraints: +- labelSelector: + matchLabels: + IoAy: C6rMwI0 + eM8D7JD5PJ: "n" + lFmG: gJ3l + maxSkew: 839777044 + minDomains: -1438737093 + nodeAffinityPolicy: Ƭ氄ɿ[閾pʙ9 + nodeTaintsPolicy: j珙%!溌BN + topologyKey: 2GZ + whenUnsatisfiable: 屄ɧȄ +- labelSelector: + matchExpressions: + - key: UQkB4Vn + operator: D86i溨F'>亖÷ + values: + - pH + - LHgYM1W9 + - gO + matchLabels: + bw52WaG7: 5zm31oU + t99k: AF0 + matchLabelKeys: + - lkYaHo + - 4tzd + maxSkew: -1948819142 + minDomains: -1754532325 + nodeAffinityPolicy: 酝ʪ+彨緱Y塞雾}捋嗭0]ȰʤĖé横 + nodeTaintsPolicy: '#騅Ɵ$F圃拱鿎鵅xq' + topologyKey: z2NL + whenUnsatisfiable: uȤÝ酑 +-- case-039 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: OiH + operator: Eʤ#/7諨 + values: + - iYzfGpa4 + - PaMqxj5fj8 + - sWaI + - key: Pw + operator: Kw[o0鿚 + values: + - Gnm + matchFields: + - key: YO9QL + operator: ȏ网牙鍩橷潗D9騭ŗʈ求U縷讒Ƴ漏哟 + values: + - XV65fSG5o + weight: 144962453 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: p2uqgWn7p + operator: ǙmX窀ʄʙ婘m.Ƈ谱qŴĆ揿 + values: + - IQGwhE + - Hiut + - key: mrN9GbREak + operator: oʟ + values: + - GZkF1BV + matchLabels: + 8bOT0: pvv + VYd3OWm: 0gW5 + matchLabelKeys: + - thrYIp + namespaceSelector: + matchExpressions: + - key: sonam3I + operator: "" + values: + - a9M + - bM + - key: ZFAy + operator: yW揚ɻʖî床哲ɯǮ^DzǓ + - key: ZwHE + operator: sǍ逘璿Ǧ5u軟DZ鞏綇鏑Ɲ` + values: + - 1D6 + matchLabels: + MoK3: j4Rw + namespaces: + - yS + - F2VMFv + topologyKey: wNv3 + weight: -1334539094 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: Hp + operator: QɃ蒜§Ɩ5SyǸ鎧ȝ)ɒ獬v氮n兡Ĝ + values: + - "" + - y3ufRu75J + matchLabels: + Sbhb4LC: p + U1NMpjoLa: BC1D + eIgw: tBbWDRZ7j + mismatchLabelKeys: + - iWKlUgr + namespaceSelector: + matchExpressions: + - key: 9HkK + operator: ȃĕ送 + - key: P9rh1yxLN + operator: ŋľ&謮稠Ÿ珀胔俨ʎŰ + values: + - 16yHoCooS + - r3ym6YAoy + matchLabels: + PrnS8: K2h + namespaces: + - s + - US2hE + topologyKey: 5SbLzS + weight: 1219402233 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 082AGo10x + operator: pȁij~搣ɢDĝ偩ʣȘ'oIʓ?憏圽U + - key: CXjEgRK + operator: 颭镃Ș蠮S闬耧涐²ǒ圡窽ǹ(ǁ + values: + - zIVWI7jXh + - HE8UDiZnhVG + - "" + matchLabels: + FRgh: MUBtKVc + iu: K3 + jV: 5jM + mismatchLabelKeys: + - h2 + namespaceSelector: + matchExpressions: + - key: "" + operator: mHɻȐĪ$ + values: + - GFueB + - 5prw02 + matchLabels: + KgBnfc: t9Hb4 + SxGw: 4qCJppj + h3m2: gRc + namespaces: + - 1maI + topologyKey: UCy + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 08Q + operator: $鏪轟ſ俨+嬯呦ĄȕɓJp + matchLabels: + kSy3s8nE: Q0 + matchLabelKeys: + - bf0Tpn + - I + mismatchLabelKeys: + - 0Bm09lf + - P7 + - lyb2 + namespaceSelector: + matchExpressions: + - key: 6zTBp0G7 + operator: 氯¥+Dz睧勪娳Ƨ伮慒{ąɫ`瑛稃5绨 + values: + - 1YVGovQ + - bJ + - key: Cxm + operator: 芼 + topologyKey: f + - labelSelector: + matchExpressions: + - key: jNrAref + operator: 接ʼnĎ + values: + - N0 + - ZNwtHjxR + - key: 33k8BGf + operator: rĴr+qȩȃ休3Ȳȅ + values: + - "" + - E8yL4W + - 9anWnm + matchLabels: + WyV0Ct: 6BVL + vLUV: mvMLwn + matchLabelKeys: + - 9O + mismatchLabelKeys: + - CO + namespaceSelector: + matchExpressions: + - key: Jiyaq + operator: ɯ唺饓9 + values: + - qogYf + - key: UXg6 + operator: à! + values: + - phW2 + - BItew + - c09DZ9v + - key: hPhLpBwJ + operator: g«疻:糄Ś$q + namespaces: + - jAvA + - 0V6Uv6PU + - AOoh3 + topologyKey: d2QYa +annotations: + IJC774: 5hK + P1Py: YYAic7jN + REyW: 7LdLtJYMz +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 461 + minReplicas: 403 + targetCPUUtilizationPercentage: 297 + targetMemoryUtilizationPercentage: 161 +configmap: + create: true +console: + roleBindings: + - 6O4d: null + EY: null + oPTMvYGp: null +deployment: + create: false +enterprise: + licenseSecretRef: + key: KvJNskb5ptO + name: vVsE +extraContainers: +- args: + - fajfbgt + - 1XG4cARu + envFrom: + - configMapRef: + name: F5n + optional: false + prefix: Prg + secretRef: + name: vq2FHcobO + optional: false + - configMapRef: + name: Mfdidfx + optional: false + prefix: eggfGpU + secretRef: + name: gX5GT + optional: false + image: H + imagePullPolicy: 玣ɟ踣 + lifecycle: + postStart: + exec: + command: + - 5ABG2Ao + httpGet: + host: D4S2dPB + path: QCCIL6 + port: wu + scheme: eSÉĝ嶤ʮ牑 + sleep: + seconds: -6736232898620818377 + preStop: + exec: + command: + - "" + - 9oy + httpGet: + host: vIPKpEbM + path: l4HaTS9 + port: -180983347 + scheme: h儷#PX盩ʋÈ + sleep: + seconds: -3654571329064470871 + livenessProbe: + exec: + command: + - zGWiFCpvJyG + - 2A + failureThreshold: 130427535 + grpc: + port: -458689504 + service: keBJI3 + httpGet: + host: fkJ + path: MFy2 + port: 1638404838 + scheme: ƵĜRóM螻作仄ĨgŋƷ蔶慅Ƹ + initialDelaySeconds: -1024094942 + periodSeconds: -1045387639 + successThreshold: 966241980 + terminationGracePeriodSeconds: 43907789703605006 + timeoutSeconds: -2115548430 + name: n65z1Le + ports: + - containerPort: -496460005 + hostIP: m9e0LZZ + hostPort: 557092727 + name: hG + protocol: 奀x儋韖ȃ嶍射擋- + readinessProbe: + exec: {} + failureThreshold: 1620135876 + grpc: + port: -1149097195 + service: 7KtLa + httpGet: + host: Mel9pu + path: J + port: Bl + scheme: 臹欔 + initialDelaySeconds: -750113074 + periodSeconds: 820678693 + successThreshold: 1708685033 + terminationGracePeriodSeconds: 6351250062493105403 + timeoutSeconds: -89282235 + resizePolicy: + - resourceName: Cm2W + restartPolicy: o^Cǐɬ醒ÛQȌ帧圷孩Ą + - resourceName: jhEz4gNWQKP + restartPolicy: DV庴 + - resourceName: EgwUKXikbg + restartPolicy: 瑚 + resources: + limits: + 2jSTU8: "0" + 7OI: "0" + FIfseL: "0" + requests: + EPF86: "0" + GcwO1SNT: "0" + restartPolicy: '>Ǥ摔ȶ蘭ɘʜɩ' + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - J + - 8垺ŭihȸ£gJĠǐ!İ0 + - ƶ害Ƈ§孶邸 + drop: + - 龈PeęIJ傮ȅ溣E忬鮷蜆GÊ霌 + - þƢ^ + - RTmī07ý謐ɩ噎 + privileged: true + procMount: (朴頲碞!0¿搻ź)磑[哈YǓěNG$ + readOnlyRootFilesystem: false + runAsGroup: 3606686082741296584 + runAsNonRoot: true + runAsUser: -9076124251416402294 + startupProbe: + exec: {} + failureThreshold: -2038237600 + grpc: + port: -992723564 + service: bMQIm4Y6fY + httpGet: + host: w0Z6WQWwn + path: Kw + port: KdZFUIvpm + scheme: L媰 + initialDelaySeconds: 266050830 + periodSeconds: -879749840 + successThreshold: 1098563171 + terminationGracePeriodSeconds: -3577990655544091297 + timeoutSeconds: -838391922 + stdinOnce: true + terminationMessagePath: bh7 + terminationMessagePolicy: 餔Ŵ婜 + tty: true + volumeDevices: + - devicePath: 5EA9lR0y + name: wCP0dl2Uf + - devicePath: IKOQwmn + name: connmB4Ve + - devicePath: hssHEiwb + name: vP68uD + volumeMounts: + - mountPath: 9Yvkg + mountPropagation: Q众XM娪08菫 + name: XP + readOnly: true + subPath: Mk + subPathExpr: LV + - mountPath: 381fE + mountPropagation: ǚ钍jǍŏh濢n1ŕǼ姕ŗđċCʏ(漇 + name: 4prce + subPath: tvkrRPN + subPathExpr: Otc + workingDir: D4 +extraEnvFrom: +- configMapRef: + name: zdN8iNs1e + optional: true + prefix: z + secretRef: + name: tGw + optional: false +- configMapRef: + name: qRSvRtA6 + optional: false + prefix: dE0dDLvy + secretRef: + name: m + optional: false +extraVolumeMounts: +- mountPath: nTxUyaL + mountPropagation: "" + name: cwkJrEER + readOnly: true + subPath: FKU9h + subPathExpr: 12vLerk +- mountPath: DuUpWysEh2r + mountPropagation: IƏ + name: YlcuH + readOnly: true + subPath: 1faJ4ypp7 + subPathExpr: ZDct +extraVolumes: +- name: bdnliW +- name: Tr +- name: cd +fullnameOverride: bbshm +image: + pullPolicy: ɴ烚庻阐狘:ŭ(M$tY炜ī崞Ž + registry: QxUvz + repository: Gr + tag: hrAYj1i +imagePullSecrets: +- name: MTOK84IL +- name: YAl +ingress: + className: qyKUEOUT4u + enabled: true + tls: + - hosts: + - F7m23 + - "7" + secretName: M +initContainers: + extraInitContainers: aSeq42klM +livenessProbe: + exec: + command: + - ajpIBjdV + failureThreshold: -1650923727 + grpc: + port: -598400902 + service: NoUl1T + httpGet: + host: "1" + path: T + port: -1011339684 + initialDelaySeconds: -1047122153 + periodSeconds: 300714247 + successThreshold: 1660165948 + terminationGracePeriodSeconds: -6817463041894309382 + timeoutSeconds: 497385152 +nameOverride: o2F37Lr +nodeSelector: + Md8w5MD: cTipUm6 + Y31W: uQ5xyo +podAnnotations: + 5oGD5: wKq + Qi815eSQdI7wJ: SwgPh + vAJU: z +podSecurityContext: + fsGroup: -1210907643611065698 + fsGroupChangePolicy: IJ鄔ȫ荪癓椥%k矜椒ʊ0宻lƑɜIɇ + runAsGroup: -4059110951032458810 + runAsNonRoot: false + runAsUser: -6169453912741831517 + supplementalGroups: + - 5292690601828357137 + sysctls: + - name: xY9WN + value: JL + - name: v7R + value: q1nexB5KTD3SE + - name: PN + value: neE5ismaY +priorityClassName: aDlP +readinessProbe: + exec: + command: + - 2xO + - BlUV + failureThreshold: -2130189853 + grpc: + port: 996585883 + service: qWavRHqQOBBP + httpGet: + host: U + path: MJdmT7Y + port: aujUU + scheme: ¹Ť碏譽> + initialDelaySeconds: -781516024 + periodSeconds: 241739148 + successThreshold: 912206192 + terminationGracePeriodSeconds: 1472699093368179429 + timeoutSeconds: -1948646722 +replicaCount: 122 +resources: + limits: + g51: "0" + requests: + Wd: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: PXlML + name: 1ZXP + kafka: + awsMskIamSecretKey: Q8ZB + protobufGitBasicAuthPassword: 6x8Cv + saslPassword: kPhPSQWJJ + schemaRegistryPassword: JK + schemaRegistryTlsCa: SnQ + schemaRegistryTlsCert: nrxxx8 + schemaRegistryTlsKey: aizaszl + tlsCa: tKnCvE97 + tlsCert: XQGOjdnSY + tlsPassphrase: UIS + login: + github: + clientSecret: RAo + personalAccessToken: YJtxt19kpv + google: + clientSecret: V0kmwLq + groupsServiceAccount: AaiW + jwtSecret: FGWF3nXjDA4 + oidc: + clientSecret: rnv + okta: + clientSecret: ZE5mxhO6s + directoryApiToken: 7z + redpanda: + adminApi: + password: YwKgntj3 + tlsCa: ywmMdJU + tlsCert: OK6C5sNI0 + tlsKey: eNdF9knNN +secretMounts: +- defaultMode: 368 + name: GaEvNh0Ifo + path: 8c1 + secretName: "" +- defaultMode: 412 + name: Dy8Ef + path: X2Ct + secretName: QRQFk +- defaultMode: 211 + name: cLEkHy + path: alMc11eGER + secretName: 8miR +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ƕE仍腽ʨLJ甴Z´:涟 + - mŠ'菴h饘ǦŃ2 + privileged: false + procMount: 麤绊噃ȳ{ɚƪ秥ȧG + readOnlyRootFilesystem: false + runAsGroup: -8188439767627968973 + runAsNonRoot: true + runAsUser: 2990782549155496077 +service: + annotations: + 4yhZo: zLVEslN + Amz4VM: QAvK + IPCS: b1R + nodePort: 233 + port: 400 + targetPort: 329 + type: dPOD9Kzb +serviceAccount: + annotations: + PPZDrdmxKV: UBjiSx + automountServiceAccountToken: false + create: true + name: 8s2qVhKEW +strategy: + rollingUpdate: {} + type: '!蘃«2狺čH' +tests: + enabled: false +topologySpreadConstraints: +- labelSelector: + matchExpressions: + - key: K98063hAMXd + operator: 閃ŘDZƳwųA旰C汔§挦塳¹@ē + matchLabels: + y9: GJEjaj + matchLabelKeys: + - 4xZpqk + maxSkew: -659297182 + minDomains: 1124395321 + nodeAffinityPolicy: ʬC8 + nodeTaintsPolicy: 鱯禓瞝 + topologyKey: mq + whenUnsatisfiable: A´ʕɭNÀȜ龎q擞u貒槂轌v +- labelSelector: + matchExpressions: + - key: Yd + operator: "" + values: + - dCWo2pjVuA + - hl8G3Kp + - M + - key: VYxo + operator: _k?Ř + matchLabels: + 3kRK: xOzJ6 + KUwsC: FN5bAqvV + QPay: w0lIH + matchLabelKeys: + - gkJFY + maxSkew: 501038978 + minDomains: -2011840701 + nodeAffinityPolicy: Łdz倾僚ʒ屆9ÐE釤Ŏo + nodeTaintsPolicy: Ǩʖ#Ŭǧ¦Ûũ°啑 + topologyKey: JCJYk4 + whenUnsatisfiable: 暛ūZɆǗ絜皼bȇĀ簁搿WXƪçɗÁ +- labelSelector: + matchExpressions: + - key: gyZMV + operator: ƲƬ釒橙ȋ齸鑝鷳ĔǸɊZ聻趁õÈc + matchLabels: + T1YT: SJYt + W: ZaF + WdGxif: 3EKPjb9 + matchLabelKeys: + - ukD8HM + - mD + - Z + maxSkew: 1774410820 + minDomains: 36391976 + nodeAffinityPolicy: "" + nodeTaintsPolicy: ŵɎļ%鋏[ʞô + topologyKey: oGrtNcnUje + whenUnsatisfiable: ƓǪĈɏ荥蟗Ș鉢A +-- case-040 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 7RRFnuao + operator: 鑿梞e璺瀧敢tȱ + - key: 3qz030r9N4 + operator: 脟óȨq駥Ƽx垤R$L + - key: 4egJ + operator: 敕ƒ洀ņ+Ō轲C丼Ʒij.ƾ蚯ƺ痻3皆咒 + values: + - "" + - J66saNw8 + - xBRUfDKhiA + matchFields: + - key: Kgp4qFm + operator: 桋iz<ïŃǃ襶D齿 + - key: 7F + operator: "" + values: + - iquNT + - aFPIw + - lYMJn4Un3 + weight: -954635927 + - preference: + matchExpressions: + - key: ePHgEs + operator: 撹ł + weight: -2109244754 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: gK + operator: 垭ʮȌ)"彛 + values: + - Vvo + - "" + - key: n0 + operator: 挪VɱȒ + values: + - 595ST + - sHQoTQgQ + - ZyYxnGB + matchFields: + - key: "8" + operator: 餒ơ鋦r)锟壃m汇 + values: + - H8 + - matchExpressions: + - key: nErJm + operator: Ûɟ敀淽 + values: + - sbjW + - 1l + - go + matchFields: + - key: ozzkD4D + operator: Ʌ\h崭蠒ȓ旉蹖楚_掁S5 + values: + - NrN0Id15O + - VrahPz + - YJfhO + - {} + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: qiGNj + operator: jƯȨ穞ɿPȧ + - key: HPRR + operator: ž8ƃKKDz蠽ƚ0ƻ + values: + - NAx + - Pr2F + matchLabels: + LY: ZRjD + matchLabelKeys: + - ikCO + - n25 + - IY0AqNStYm + mismatchLabelKeys: + - uO6G + - EFKfLOM0 + namespaceSelector: + matchExpressions: + - key: frBwUGG + operator: ǧ啯ʖ6džȡ衺Z莋æȘzv + values: + - 68q + - PrId4k5Nk + - 1Izg6c + - key: H5neR + operator: "" + values: + - gf2 + - "" + - key: LTEiVQV + operator: ʅďl$y韙bO儺e籾吕ŃV + values: + - LccIflVn3 + - QX + - kRZLtn + matchLabels: + lccn5: lx6 + topologyKey: AE + - labelSelector: + matchExpressions: + - key: ljGag0 + operator: "" + values: + - 3AlcF9eOiK + - key: XPoIj + operator: ĻĵN稙²x鸴ʊ + - key: "" + operator: m[ɻD«ʯĢĥɖHÃú锺N蓍!f + values: + - cwRFs + - wJtpMgyV1I + matchLabels: + 6gzmw2BW: v1eC + QI6Gl: Ckzyw0v + uRw21: 36kl + mismatchLabelKeys: + - XiX9Mrhv + - Xk2Ri + namespaceSelector: + matchExpressions: + - key: Roq9G + operator: 槓G{? + values: + - YCBJEhS + matchLabels: + 9X5C: TU1y + PG1k: 8j76iX8R + iYq9QLUSh3bk: Mvl2WRQ + namespaces: + - Pp + - z1O9mW5rB + topologyKey: U + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: pqtCgWlk + operator: eŭñZ) + values: + - 6eUrtsX + - GmGeP7 + - pBhe0 + - key: gctw + operator: L?岤紎!蠾黅誽帯÷Ʉ坏q + values: + - G + - "" + - "" + matchLabelKeys: + - IGYc + mismatchLabelKeys: + - C + - XlxD2Y5h + - Eut + namespaceSelector: + matchExpressions: + - key: QNvJq6Uc + operator: Ǔƀ閝遨垛簙UdĢ7ȍ騽¹DŽ + values: + - m4wq + - TmuqVB1 + - key: PTVC + operator: 珙'ɀɒ虃龓楼ƺ譄êǿ + values: + - w + - K + matchLabels: + GQp: tw + namespaces: + - t + topologyKey: I9Ng7D + weight: -278680619 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: IaZiqfV6 + operator: 幋x:Ȗ + values: + - XmaYG80 + - aaEScB + - DxB + matchLabels: + J3Ny9zUJ2DOTKO: eiUL0RR + lt: bqOs + matchLabelKeys: + - XYHp1S + - JKj1 + namespaceSelector: + matchLabels: + WopugltEP1J: eaGpkiS + namespaces: + - H9w9Q + - A8D + topologyKey: pvkKW + weight: 252280673 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: lSi + operator: 襚ǫAŇþ腦W[ĕ嘱ʌſœɃ槏Z岪 + matchLabels: + OzmceOBQ: F2mtk + QcoH: qt3OR6ZcjY + t5Cqg1: 1x9WW8EUyyn + matchLabelKeys: + - 0XGJ + mismatchLabelKeys: + - K6T + namespaceSelector: + matchExpressions: + - key: KoofEA + operator: ' íɀ馩Ȭɫġo娤螗暴Û漷ʦO腔' + values: + - nj + - U + - onkfJ4 + - key: 0aO + operator: Ŷű輖+¶)罩ƌ×螂 + matchLabels: + 2hf: GeFfROs4 + pA23: kqkG + rZ: DH6cT + namespaces: + - yvfsu + - L3Pu + topologyKey: BBBCjZel + weight: 392487334 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + 0hp: sd9 + mwTeR: D3HlJbmoK8 + matchLabelKeys: + - MwDkniC + - "" + mismatchLabelKeys: + - VuQB + namespaceSelector: + matchLabels: + 1x: Pj + D3J: 4gFps + bQU: weT0tI + namespaces: + - y9zrYKWApO + - rq0K3 + - 5XUeP7 + topologyKey: P7V + - labelSelector: + matchExpressions: + - key: Jv + operator: 啽ŃŐø + matchLabelKeys: + - s + namespaceSelector: + matchExpressions: + - key: Fy5Deb + operator: 旉錛!荕Ɂ! + values: + - nbiy + - "" + - 6QORDbd6zn + matchLabels: + bba0KJ: NE1j + nYif5xu0Hy9XW: 0s + qAoT: "46" + namespaces: + - 4JHyx + topologyKey: 7621t +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 470 + minReplicas: 361 + targetCPUUtilizationPercentage: 160 + targetMemoryUtilizationPercentage: 475 +commonLabels: + X: zjmrl + "Y": yG0 +configmap: + create: true +console: {} +deployment: + create: true +enterprise: + licenseSecretRef: + key: a7Ph + name: zsHNWVcS9 +extraContainers: +- args: + - jlI16Xnnb0 + - x0Z + - Tv6z + command: + - 3MnkZe0L + - OK + - cKvaGI + env: + - name: 7RtgX9 + value: TQH + valueFrom: + configMapKeyRef: + key: "" + name: GE2 + optional: false + fieldRef: + apiVersion: x2H + fieldPath: iVYVzT + resourceFieldRef: + containerName: 3QSG + divisor: "0" + resource: AgMtPE + secretKeyRef: + key: BhGA6 + name: LKemd3Cs9 + optional: false + - name: 9dFxchX + value: huoZj + valueFrom: + configMapKeyRef: + key: skdmo + name: gSEkUx + optional: true + fieldRef: + apiVersion: ymAcwLzaJ00G + fieldPath: de9Q + resourceFieldRef: + containerName: ZgwwQvA + divisor: "0" + resource: OTraA + secretKeyRef: + key: Pe8 + name: 39mCZV7ERv + optional: true + envFrom: + - configMapRef: + name: l + optional: false + prefix: kGdnbCakM + secretRef: + name: JrDM + optional: true + - configMapRef: + name: 0iH67 + optional: true + prefix: 3JVMhcII7 + secretRef: + name: PS1J + optional: true + image: Bx3IW17kjF7 + imagePullPolicy: È8秏糇 + lifecycle: + postStart: + exec: {} + httpGet: + host: EeLx + path: JC + port: 638412697 + scheme: 翔ĩñɁɬj局³喪Eů磘Ʒ唡嬤 + sleep: + seconds: -2739564842418698030 + preStop: + exec: + command: + - zjNyV + - 3i + httpGet: + host: RxhMCXQN + path: Dq + port: -821303664 + scheme: 髒xD>?ǠĆ踃w¬ + sleep: + seconds: 8925361607851382825 + livenessProbe: + exec: {} + failureThreshold: -2015695369 + grpc: + port: 102189788 + service: VG2k6Atq + httpGet: + host: 0dxm + path: Pix7SytH + port: 284583441 + scheme: 畝ǂƬƜ聞|b + initialDelaySeconds: 1150668189 + periodSeconds: 1279412097 + successThreshold: 337444728 + terminationGracePeriodSeconds: -665826210809930777 + timeoutSeconds: -802810999 + name: 1KSo0a + readinessProbe: + exec: + command: + - 3cCL4 + - en + - VN0 + failureThreshold: 448729232 + grpc: + port: -174942651 + service: paUcCUtV8A6 + httpGet: + host: tSEChhvGgDsf + path: Jrr + port: 516172996 + scheme: c{Ƭ臾斡:Ɣ?Í + initialDelaySeconds: -714126900 + periodSeconds: -88316167 + successThreshold: -1820867160 + terminationGracePeriodSeconds: 272130190949654337 + timeoutSeconds: 1803351679 + resources: + limits: + f9GQWFTKPFP: "0" + g5: "0" + requests: + 4A89zLoFG: "0" + SmOBH: "0" + restartPolicy: Ű高ǙG%7BČCaďʥyď + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - H鞕ă鶅镀秀 + - Ŏ昮0yƤɯ斺R妕Je芓BɜCĵ + privileged: false + procMount: ÿʑ鎆乭cŇ陛ǼȠn + readOnlyRootFilesystem: true + runAsGroup: 5591360478943231672 + runAsNonRoot: false + runAsUser: 6381588597473822835 + startupProbe: + exec: + command: + - rV83LKQ + - 87Vc + failureThreshold: -2022114361 + grpc: + port: 1348736621 + service: Gx8f9phR + httpGet: + host: fWnW4CGV + path: yQl0PNEE3g + port: TYi + scheme: 絅xn,ȵ6ʎ癙 + initialDelaySeconds: 205090742 + periodSeconds: -1401542741 + successThreshold: -2130268569 + terminationGracePeriodSeconds: 4104437343850793050 + timeoutSeconds: 604054255 + terminationMessagePath: ec8kHaD + terminationMessagePolicy: 甎i + tty: true + volumeDevices: + - devicePath: NFjF + name: AH + - devicePath: "" + name: u + - devicePath: 0q6A + name: nFe3FY4 + volumeMounts: + - mountPath: ad7JXhGN + mountPropagation: =廄殞+ + name: qVHWCUHp + readOnly: true + subPath: m3RBekA0 + subPathExpr: 7F0F8Ge + workingDir: LmnqIVV +- args: + - 3g94Jb + - "n" + - HxatWli7Qe + env: + - name: yKfn + value: fni0 + valueFrom: + configMapKeyRef: + key: cQjxg02ud + name: DqLUCO + optional: false + fieldRef: + apiVersion: dS + fieldPath: aH + resourceFieldRef: + containerName: BVSH2Bxu + divisor: "0" + resource: ZLW3 + secretKeyRef: + key: J + name: APYyG5qY + optional: false + - name: b4i9WEf + value: Ru + valueFrom: + configMapKeyRef: + key: mzxgZ + name: XgDd + optional: false + fieldRef: + apiVersion: U1l + fieldPath: sG2pcjz + resourceFieldRef: + containerName: Vlc1Ru + divisor: "0" + resource: hZpqB + secretKeyRef: + key: X0W3QpdAhux + name: I3L + optional: true + envFrom: + - configMapRef: + name: DJjN7Phe + optional: true + prefix: 4K2MBzNl + secretRef: + name: s4GF + optional: true + - configMapRef: + name: td0aZ + optional: true + prefix: CYvFW + secretRef: + name: WaBWGCRa8 + optional: true + - configMapRef: + name: ehHs9m + optional: false + prefix: n1x + secretRef: + name: TdUJ + optional: true + image: UNJ6E6 + imagePullPolicy: 砓³绔丬A + lifecycle: + postStart: + exec: + command: + - Qs8Sd + - JGX4Qj + - eCw00uq + httpGet: + host: NNLSd + path: y4tS + port: QzOfwe3a + scheme: º猗ĥɮƅLɘ隮术ƒ赥;,ǝ髳Ĝ7Ĭ嬳 + sleep: + seconds: 1170469124057922158 + preStop: + exec: + command: + - TN62uDLAuIx + - ndI + httpGet: + host: t7H6l2 + port: RHeYpAvJ8 + scheme: KǠɀƴ杔¸Ɉ$毕削peýfv! + sleep: + seconds: -5232306180460338099 + livenessProbe: + exec: {} + failureThreshold: -1900233123 + grpc: + port: -1323381498 + service: wJ + httpGet: + host: pAHsn3 + path: k31zW1 + port: 2elbrK + scheme: 痯秿丌 + initialDelaySeconds: 537756270 + periodSeconds: 1139432456 + successThreshold: -289377675 + terminationGracePeriodSeconds: -709025030374540888 + timeoutSeconds: 254134433 + name: zWs + readinessProbe: + exec: + command: + - x093a + - v1 + - Ef + failureThreshold: 75768089 + grpc: + port: -237977747 + service: "y" + httpGet: + host: EBEth + path: C + port: 790399211 + scheme: ær堹mhʢ + initialDelaySeconds: -157687184 + periodSeconds: 1071897332 + successThreshold: 824432298 + terminationGracePeriodSeconds: -54575953702939670 + timeoutSeconds: -1190752843 + resizePolicy: + - resourceName: R9fM + restartPolicy: ?ʖȒƅƀ逎v鐰wģ籫 + - resourceName: 7C + restartPolicy: óʌF鿯薸k} + - resourceName: Bqy + restartPolicy: E吻X秤} + resources: + limits: + UMJnobyO: "0" + qJmAwr: "0" + requests: + ZktW7e51vRUG: "0" + restartPolicy: '>ŀ鎙莸鼔茷蝼薼Ƽƅ°3貦罌臣洴軟處姼' + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - 儜vƝ¾ + - 輝Ġ$琑+檂 + - 飂 + privileged: false + procMount: ɓĎʙʗG0瑑娄K坢Ö&Ù + readOnlyRootFilesystem: true + runAsGroup: 2234167178876811137 + runAsNonRoot: true + runAsUser: -1191472066985646967 + startupProbe: + exec: + command: + - KGi9U + - D6 + - HZ3aC1 + failureThreshold: -2057203764 + grpc: + port: -1203229903 + service: Xd + httpGet: + host: tTW + path: oWk + port: -1347841801 + scheme: 檸`sȝBULj懄 + initialDelaySeconds: 1386184157 + periodSeconds: 2110004457 + successThreshold: -692279219 + terminationGracePeriodSeconds: -7060466210747559086 + timeoutSeconds: -905577521 + terminationMessagePath: g + terminationMessagePolicy: 頨Ĥ° òȯǤū暓坐ƚă杋鍄 + volumeMounts: + - mountPath: FmQht + mountPropagation: 饌^ǩ朳ųW磀ĥAijƨ+= + name: j5 + subPath: aoEWb7k + subPathExpr: 0ra + workingDir: zmwmt +- command: + - oFEaN2U1 + - HuBj9vk17eCjI + - "" + env: + - name: n3JVvVY + value: U14PEXs + valueFrom: + configMapKeyRef: + key: Ai0Xg3owIe7XlG + name: U4 + optional: false + fieldRef: + apiVersion: ZyO4Jpwkp2hV + fieldPath: roNil + resourceFieldRef: + containerName: gx + divisor: "0" + resource: Z + secretKeyRef: + key: AcP + name: qMy + optional: false + - name: oSWakHA + value: eR + valueFrom: + configMapKeyRef: + key: qsSVOr + name: o + optional: false + fieldRef: + apiVersion: SeP3aPXfjLIcfE + fieldPath: 091i + resourceFieldRef: + containerName: T5hI + divisor: "0" + resource: KxGi43CVGe + secretKeyRef: + key: "" + name: 5uI + optional: true + envFrom: + - configMapRef: + name: MujT + optional: false + prefix: cVRH + secretRef: + name: mpF + optional: true + - configMapRef: + name: MeO3F + optional: false + prefix: w3C4 + secretRef: + name: hnYx + optional: false + - configMapRef: + name: NT5MFmC65 + optional: true + prefix: "7" + secretRef: + name: yl2ze1 + optional: false + image: A8o + imagePullPolicy: ?晐T鴭Xp + lifecycle: + postStart: + exec: + command: + - zaLOG2 + httpGet: + host: kA51kbv + path: LMnFclIJczBo + port: 402299955 + scheme: :踖坯(Iȷ碨劅 + sleep: + seconds: 245674034851902981 + preStop: + exec: + command: + - Tz87qO + httpGet: + host: Xr6sP + path: xxE + port: 1901089000 + scheme: 3媧ş>La芸`Lzuŀɽ坤¦.痻Jǻ + sleep: + seconds: 6906639179439192094 + livenessProbe: + exec: + command: + - yxk0313sz + failureThreshold: 385001414 + grpc: + port: 1589713469 + service: UA + httpGet: + host: ZWfT + path: vTNYug5RZh + port: -192111662 + scheme: e¢dYÜdz + initialDelaySeconds: 1708942834 + periodSeconds: 1356452566 + successThreshold: 1750780088 + terminationGracePeriodSeconds: -1272770054640188829 + timeoutSeconds: 1656218869 + name: FxzTg + ports: + - containerPort: 63673829 + hostIP: 4xjED0VKV0G + hostPort: 2007665826 + name: xbwJ + protocol: ¼vb皪螯ʉwʒR玔È覦劙 + readinessProbe: + exec: + command: + - 0S + - "" + - GkPj + failureThreshold: 1405674719 + grpc: + port: -1659132742 + service: gIFP + httpGet: + host: jYnI3ins7 + path: bIEaFAc1 + port: UHfz + scheme: ʼn + initialDelaySeconds: 1531278754 + periodSeconds: -238235402 + successThreshold: -1690388514 + terminationGracePeriodSeconds: -2788228502880198888 + timeoutSeconds: -567709755 + resizePolicy: + - resourceName: nxpzTS + restartPolicy: ƫŀMs+,ǼƞȒ + - resourceName: 61uCVQ1 + restartPolicy: /澰ɍ½鑀a帷[鞺鏨攬姟壃F$R犬 + resources: + requests: + YfM: "0" + restartPolicy: œ|F彟S崘Ȑ貸1Ũȷ+齳 + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 鸎dĉç荧 + privileged: true + procMount: "" + readOnlyRootFilesystem: false + runAsGroup: 5795239965908151493 + runAsNonRoot: true + runAsUser: 2409160731771391054 + startupProbe: + exec: + command: + - D6j2Q + failureThreshold: 975103738 + grpc: + port: -2081980063 + service: Nh + httpGet: + host: vdLm3FUXIs + path: jqCqF + port: "" + scheme: Ű"ƆĩNÙ襔冠ʈ + initialDelaySeconds: 524220215 + periodSeconds: 923596095 + successThreshold: 547119693 + terminationGracePeriodSeconds: 7382309226647739877 + timeoutSeconds: -1902082444 + terminationMessagePath: 2i5 + terminationMessagePolicy: 踑ĆĦ荷ýA/ǎ桫 + tty: true + volumeDevices: + - devicePath: KlUUX + name: NWO + - devicePath: W1JLM + name: qNw + - devicePath: BVE + name: c + volumeMounts: + - mountPath: yCztpht + mountPropagation: 巧苄;钽肇謌ʭɿw刄wɰM迵. + name: Mv9 + subPath: RWmlw + subPathExpr: Oy + - mountPath: Gf + mountPropagation: ɩ + name: On78O + readOnly: true + subPath: s7p + subPathExpr: 57aJIvpEm + - mountPath: m + mountPropagation: 崌蠿Ƣ湺 + name: CXSu + subPath: F8oe + subPathExpr: S +extraEnv: +- name: cD + value: JW + valueFrom: + configMapKeyRef: + key: "" + name: 8Ri7OfQ + optional: false + fieldRef: + apiVersion: Qc + fieldPath: 6ZYFg + resourceFieldRef: + containerName: qkUV + divisor: "0" + resource: yEf5zz13U + secretKeyRef: + key: xozuxs + name: z + optional: true +- name: "" + value: gea3 + valueFrom: + configMapKeyRef: + key: hwe3l3k2h + name: QX + optional: true + fieldRef: + apiVersion: kx + fieldPath: m7f + resourceFieldRef: + containerName: 0XEGE + divisor: "0" + resource: y4ce5 + secretKeyRef: + key: hmvX + name: 18Z + optional: true +extraEnvFrom: +- configMapRef: + name: DR3hdrvZIv + optional: true + prefix: kGV4HZ8 + secretRef: + name: tR3Yu1G + optional: true +- configMapRef: + name: 6pMd0VA0 + optional: true + prefix: Csp + secretRef: + name: ceqZBJ7fdqP + optional: true +extraVolumes: +- name: iPeR +- name: ZgdCb2kUB +fullnameOverride: KchYZFsbB3 +image: + pullPolicy: -0Ź桛ɼ訚Ņ;秵ňĝ苒9麡ñà臸ʫ + registry: cwfXN2KlU + repository: qYQHJ + tag: RIG +imagePullSecrets: +- name: V1 +- name: AyLzRkaGE +- name: 3pZ8 +ingress: + annotations: + 7KBv: R6qBYfCa + aBRf1: ygsbc + yL0ht8k8h: e + className: N8nne2Adwe5AYa + enabled: false + hosts: + - host: FyKy + paths: + - path: Cgcwa4F + pathType: pcConNItFmo +initContainers: + extraInitContainers: uND1 +livenessProbe: + exec: + command: + - 6VSzmxYwHC + failureThreshold: -1894321442 + grpc: + port: 487517384 + service: INsH + httpGet: + host: JNW + path: QZgsr + port: 228553774 + scheme: 躀廗裲繄鄸爖ž + initialDelaySeconds: 1986051838 + periodSeconds: 541607099 + successThreshold: -1968479306 + terminationGracePeriodSeconds: -7878496327638757142 + timeoutSeconds: 1374945691 +nameOverride: 6sW +nodeSelector: + y63G: wNiNvOMv +podSecurityContext: + fsGroup: 2302511509023017096 + fsGroupChangePolicy: 闦ñ禢`J鉤 + runAsGroup: -2347956389924856743 + runAsNonRoot: true + runAsUser: 1720952380350228641 + supplementalGroups: + - -621944387099711210 + sysctls: + - name: CvGz + value: "" + - name: dO + value: qwZyE +priorityClassName: 3A +readinessProbe: + exec: + command: + - "" + - KEndqzRiV + failureThreshold: 467513555 + grpc: + port: -1573796455 + service: ErWB + httpGet: + host: lLC + path: HH5gzp + port: -1970119534 + scheme: 酥梕ʄE訳 + initialDelaySeconds: -6410364 + periodSeconds: -623380707 + successThreshold: 1641270972 + terminationGracePeriodSeconds: -4383611239728405989 + timeoutSeconds: 1203716236 +replicaCount: 291 +resources: + limits: + "1": "0" + MrwIP: "0" + hgaW: "0" + requests: + 1lF: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: yoQYDK + name: xU86MHgk + kafka: + awsMskIamSecretKey: b1dpxuu + protobufGitBasicAuthPassword: bNLttpx0UHrQ + saslPassword: WLiPGk4IafDZkx8 + schemaRegistryPassword: d7In271W + schemaRegistryTlsCa: JYJZN + schemaRegistryTlsCert: muZOO19 + schemaRegistryTlsKey: 7cUIM + tlsCa: NWid + tlsCert: v843II + tlsPassphrase: ks1QSKsS + login: + github: + clientSecret: Bh26we + personalAccessToken: yKlBsX + google: + clientSecret: luzCc89Wm0 + groupsServiceAccount: qpX + jwtSecret: ojb + oidc: + clientSecret: cze + okta: + clientSecret: uuUR + directoryApiToken: WOW1d + redpanda: + adminApi: + password: rVI + tlsCa: yMec + tlsCert: YYHCeTg + tlsKey: 4Qv3y5Dl +secretMounts: +- defaultMode: 83 + name: ieSo8V + path: d + secretName: mD0jl +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 阊 + - DIȜO吽解诎-曅 + drop: + - 贎秨Ůɭ懾Ù盾| + privileged: true + procMount: ʪ勪įOew\Ǡ礓 + readOnlyRootFilesystem: true + runAsGroup: -6230225082797374618 + runAsNonRoot: true + runAsUser: -2569068293811684873 +service: + nodePort: 314 + port: 424 + targetPort: 17 + type: oZi +serviceAccount: + automountServiceAccountToken: true + create: false + name: Cj +strategy: + rollingUpdate: {} + type: G阏发6s +tests: + enabled: true +topologySpreadConstraints: +- labelSelector: + matchExpressions: + - key: pPoL + operator: ǭȉćŴ讶Y + values: + - "69" + - UC9 + - "7" + - key: 6toZoG + operator: Ġ+kʫȸ颷ʅÓ欽V譵; + values: + - go8adRXrn + - key: S + operator: ĕȻ*Gɝ靿暛_洳瑼Ĩ + matchLabelKeys: + - "" + - V7xIs1 + - eqq + maxSkew: 983843814 + minDomains: 854272231 + nodeAffinityPolicy: '>S篐ö抏茄(6' + nodeTaintsPolicy: e3äTȦ硷B捕萑Ǵ吷Ǿ邂Ǝièø + topologyKey: NoEcMWkg + whenUnsatisfiable: 幗鞲&渶Ÿɪ`鹵N +-- case-041 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: gRchHJ + operator: g>騿b鈐ʃB¾偡医選ȍ恋 + values: + - I + - Ei + - "" + - key: hyf + operator: 斒ʃǜƆƲ + values: + - QUyyD + - key: Bkmx + operator: ư酰姺醪芄堑 + weight: 751548356 + - preference: + matchExpressions: + - key: oLam + operator: 蟹 + values: + - ouUaVpYnKDUI + - key: vjw6GPYYTKt + operator: 竣iN¸嚿×ɮib + values: + - ZTaqp + - key: d8VuBX6qV + operator: 脼Ȩ + values: + - a8aOe1 + matchFields: + - key: twbeCR + operator: óçøG靼Ɏȸ­乷ɍ + values: + - fJAm6rm + - 2h8IU + - zE9 + weight: 291395585 + - preference: + matchExpressions: + - key: qC6uf99en + operator: 鼢犖龆醑喐蠿鯌ʛB契p + initialDelaySeconds: -879591831 + periodSeconds: 1110714898 + successThreshold: -1301180826 + terminationGracePeriodSeconds: 3872467306429462875 + timeoutSeconds: 674947774 + terminationMessagePath: bm28lY3K2pwh + terminationMessagePolicy: Ȇƍ@¦Ț'±0ž + tty: true + volumeDevices: + - devicePath: o8dr + name: XmhFb + workingDir: 5wQN +- args: + - o0cO9clz7 + - HMSb + - 6uV0c + env: + - name: M3V9WePpx + value: ysO25 + valueFrom: + configMapKeyRef: + key: UqaJg4r + name: RfxtXP + optional: true + fieldRef: + apiVersion: lwe4YmNPx + fieldPath: tQj57vj + resourceFieldRef: + containerName: ZQ + divisor: "0" + resource: T + secretKeyRef: + key: x + name: ny4NEtt3z + optional: false + - name: cc2 + value: L0hw + valueFrom: + configMapKeyRef: + key: 385Ue36 + name: mmjoQw + optional: false + fieldRef: + apiVersion: 6oECJJ + fieldPath: viT + resourceFieldRef: + containerName: gwdJxK + divisor: "0" + resource: ck7 + secretKeyRef: + key: UuNsYAQvXJ0 + name: 1NAqDCU3 + optional: true + envFrom: + - configMapRef: + name: ZFk + optional: true + prefix: bXa4IzYR + secretRef: + name: aAJU + optional: false + image: JPgUP + imagePullPolicy: Q ¶ + lifecycle: + postStart: + exec: + command: + - r1uMNf + - M + - 8G + httpGet: + host: cuhhh + path: lXMriYoe + port: -988033465 + scheme: ',轄kzĒfť' + sleep: + seconds: -8820103652541681769 + preStop: + exec: + command: + - bElmX + httpGet: + host: bCNS + path: A0F + port: "" + scheme: 砘ɁA甜猷14ʣ)ǨƿŊ\ + sleep: + seconds: 821413986956195833 + livenessProbe: + exec: + command: + - M9y + - ay + - sRaY + failureThreshold: 600887441 + grpc: + port: 1597779369 + service: ua8K + httpGet: + host: 0XuF + path: V3 + port: -703127215 + scheme: 舷$趺É螳P阁]嚂驶钋琦袳$ƸO侎 + initialDelaySeconds: -1230549565 + periodSeconds: -335663932 + successThreshold: -1184112514 + terminationGracePeriodSeconds: 9077275487127832448 + timeoutSeconds: 1992088322 + name: pz + readinessProbe: + exec: + command: + - lVaA + - E9DNIWT7reP + - NW1Cc5O2 + failureThreshold: 1119300491 + grpc: + port: 2061347792 + service: fUXdOYJ9On + httpGet: + host: "0" + path: Us3pM3OkquAEW2 + port: -1693856749 + scheme: 鞡|鬟扝}肾~ + initialDelaySeconds: 1307857751 + periodSeconds: 1903760018 + successThreshold: 612917619 + terminationGracePeriodSeconds: -4296518247806248606 + timeoutSeconds: 1025631498 + resizePolicy: + - resourceName: "8" + restartPolicy: ȯy髚ʦ=ǰɮ瓿b:劀ǴáiO3IĮ + - resourceName: 8mFXK1FTs + restartPolicy: ėv|冿瀱Ƥ鐻D[ƼŮ/ + resources: + limits: + TVwPaoBqGL: "0" + juxQS6V3mr: "0" + requests: + igiG: "0" + restartPolicy: 皷ƴȿOvJ郦'欝 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ǐ缠]館ʚƾó|őɤ + - 6 銨dN_ZɻǦ絛顆麓 + - u鹍u鼓练gʘɍK]痰痁鶄Ȼ咶嚅俊ǙǕ + drop: + - 沎闸埲dz + privileged: false + procMount: "" + readOnlyRootFilesystem: false + runAsGroup: -265773045457612130 + runAsNonRoot: true + runAsUser: -6489119899323828796 + startupProbe: + exec: + command: + - 95NULc + - cCLaGfz + failureThreshold: -414102461 + grpc: + port: 339886942 + service: 7hdbpU + httpGet: + host: bN6EBrngIW + path: Luv09 + port: plsGDEJ + scheme: ʔ垃桪抴痺MM温ǹ + initialDelaySeconds: 2135898388 + periodSeconds: 1107416140 + successThreshold: -648919802 + terminationGracePeriodSeconds: 4653203112295127978 + timeoutSeconds: 1294917615 + terminationMessagePath: C + terminationMessagePolicy: 擎:Ȓ + volumeDevices: + - devicePath: TGjb8dLs + name: QN5Dj50Kuoc + - devicePath: aRIfAur + name: wQ47Fq7W3WPNDG + - devicePath: 2Smu + name: 1Q3d5wRJf6 + volumeMounts: + - mountPath: 5Trbk9 + mountPropagation: 秮驇穁 + name: YvM + readOnly: true + subPath: pFKsUV + subPathExpr: mhIjzA + - mountPath: F3lqb + mountPropagation: 窆f + name: NJXDvoxv + subPath: zVGgP + subPathExpr: H + workingDir: IEObw8N +extraEnv: +- name: 4R567pw + value: mWumx + valueFrom: + configMapKeyRef: + key: zDKgXG8 + name: Murbi95HW + optional: false + fieldRef: + apiVersion: FE + fieldPath: WAoZL + resourceFieldRef: + containerName: KyYyulloT + divisor: "0" + resource: fqVTn + secretKeyRef: + key: "2" + name: MHnd7TscnRWwYy + optional: false +- name: fm + value: 8fbdsVIUd + valueFrom: + configMapKeyRef: + key: "" + name: 6dU18hENH + optional: false + fieldRef: + apiVersion: Z + fieldPath: yt6csyy + resourceFieldRef: + containerName: c1WXMV + divisor: "0" + resource: NJVUoKSuC7pJDm + secretKeyRef: + key: "" + name: JptOa + optional: false +- name: WjWJX + value: 9VpkkQa + valueFrom: + configMapKeyRef: + key: Rpe79 + name: os5FYjLzS + optional: true + fieldRef: + apiVersion: "0" + fieldPath: j + resourceFieldRef: + containerName: NYuP + divisor: "0" + resource: EWUuGe739oa + secretKeyRef: + key: CFh + name: 8zez51Q + optional: true +extraVolumeMounts: +- mountPath: cIK + mountPropagation: 爂 YLƝ«煘?沀#朚ń鮾+ğÔ + name: orwvhF0 + subPath: ivP1ha4I + subPathExpr: VPCFJYVRHf +- mountPath: s + mountPropagation: m椥扶ȟqÈ倕{峙刷} + name: O35 + subPath: AN + subPathExpr: vm7 +- mountPath: 7P72D19W + mountPropagation: 堂窜B,Ś贃腔Ʈ£顽ąfYR + name: 6Z + readOnly: true + subPath: d7MJ + subPathExpr: LF +extraVolumes: +- name: "4" +- name: Kry +fullnameOverride: eHZ +image: + pullPolicy: ź,Î斎殉媰Fƅ + registry: l0qIdHu + repository: 5OO0wF5p + tag: i +ingress: + annotations: + fDuBFTYK9Q: 5XXu + wYD: 6p + "y": "" + className: Zp11 + enabled: false + tls: + - hosts: + - "" + - I + secretName: yCke +initContainers: + extraInitContainers: GXh2uupW81kt +livenessProbe: + exec: {} + failureThreshold: 1618833311 + grpc: + port: -1505397275 + service: IUgXOa3 + httpGet: + host: 99a94 + path: YFX41J + port: -636645896 + scheme: ƣ[ɐ虪ǸI + initialDelaySeconds: -1510068452 + periodSeconds: -1728837159 + successThreshold: -1832841689 + terminationGracePeriodSeconds: -2499091687248362302 + timeoutSeconds: 254335269 +nameOverride: 84QIe +nodeSelector: + JDRn7n: tOGfx + lKq0V88a: uR3S + vXzm2Hny: tURxvlp +podAnnotations: + JkW1: feghYA7 + okSVM8H: 7Pau + yYrmYn: uT +podLabels: + b4I: j707zvg + eyn1: gqdp7 + sWR: MV07t +podSecurityContext: + fsGroup: 3426922926776119440 + fsGroupChangePolicy: 橣 + runAsGroup: 8316915980597683441 + runAsNonRoot: false + runAsUser: 6270039107728700969 + supplementalGroups: + - -2399342924686736516 + - 620655430084388100 +priorityClassName: 6ZbHC +readinessProbe: + exec: + command: + - u4wSt + failureThreshold: -992972964 + grpc: + port: -940292781 + service: zh5 + httpGet: + host: 1Tg + path: FfFHRfo + port: -94900838 + scheme: țcPÞ + initialDelaySeconds: 2051362912 + periodSeconds: -288287188 + successThreshold: -404266702 + terminationGracePeriodSeconds: -123318567100123885 + timeoutSeconds: 31934256 +replicaCount: 378 +resources: + limits: + 0Yl63: "0" + BUorG9: "0" + requests: + JNdWuFZf5nnT: "0" + aszsvHn: "0" + qC76cU: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: "5" + name: X2lLLdu + kafka: + awsMskIamSecretKey: RoyDigH4v7A0 + protobufGitBasicAuthPassword: 3m + saslPassword: 5E + schemaRegistryPassword: "2" + schemaRegistryTlsCa: DSr2uQnBZ2 + schemaRegistryTlsCert: mji + schemaRegistryTlsKey: EcukHN + tlsCa: HwarCHVf + tlsCert: tsx + tlsPassphrase: owRWr + login: + github: + clientSecret: 3QP + personalAccessToken: RFXhu + google: + clientSecret: KbrHoAQ + groupsServiceAccount: tSLR4 + jwtSecret: gQSZ8AC + oidc: + clientSecret: O + okta: + clientSecret: tv58V + directoryApiToken: C3j + redpanda: + adminApi: + password: OZVk + tlsCa: F4wK + tlsCert: nkKfJ + tlsKey: ewWdsq +secretMounts: +- defaultMode: 210 + name: gcTdF + path: ctE5Qa + secretName: MPU +- defaultMode: 186 + name: "4" + path: n8KpOJZ + secretName: s6 +- defaultMode: 412 + name: lBE0nAE + path: 3Ka7 + secretName: RG +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 憑 + - 贁 + - cÝ琦ŝʛD緪娥t諰ɤɼʠßʏ + drop: + - Hē粙 S綽ESFľĞóǂ + privileged: false + procMount: '>IÐ肣ɚòĺIGʖƟ穿ź' + readOnlyRootFilesystem: true + runAsGroup: -6867300864246942363 + runAsNonRoot: true + runAsUser: 972586500223089794 +service: + nodePort: 310 + port: 190 + targetPort: 396 + type: uTyclgj9tVV +serviceAccount: + annotations: + 1vh4t: 2P6FHr47JPz + JPV: tx0p + automountServiceAccountToken: true + create: false + name: gIkiPRSc53Eb4w +strategy: + rollingUpdate: {} + type: ĸ鍽3ɨ勍Ȱ¦T搟 +tests: + enabled: true +tolerations: +- effect: ć`湇Ȏ2篤螕巴蛬>@ø£鞌q + key: E7p + operator: 畁鼄瓈貔Ĕ釲ĸȚ貺|ǴĄl蔺İɽ糹 + tolerationSeconds: 3092681449541780742 + value: Zmrz8 +-- case-043 -- +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: x2q + operator: B肖HOʀ + values: + - "" + - Ys3JeXs5q + - key: kTV1 + operator: ɑɸ&楥ÃFŎł + values: + - UQJ1b + - PSnF + matchLabels: + x3: OyQXZWg + matchLabelKeys: + - c7l + - QL52 + mismatchLabelKeys: + - upadP + namespaceSelector: + matchExpressions: + - key: ve00EK + operator: 'ɗY莶ʥV蔈ƀ廜ȶƹŀLjÓ%õɽ ' + values: + - KsFwEq9un + matchLabels: + pZaTZ4dEyKe: Zr + y2udi: nOeICOHiSN + namespaces: + - eh3 + - Tk + topologyKey: sDRodPzb + weight: 950808176 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "5" + operator: 豗ŵǕ + values: + - CXc + - lamtTG39Nn + - key: PAiD + operator: 靑 + values: + - Xc2 + - 0vCS1b + - MsAd + - key: V5SqAAs0jK + operator: tŇ + values: + - "" + matchLabels: + sN: eS9 + zyhZtMI: vk + mismatchLabelKeys: + - "9" + - 8kmgYkR + namespaceSelector: {} + namespaces: + - rttEi + - LsPL05A + - vt + topologyKey: RI9Fz + weight: 735869102 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 3wYP8eoC3 + operator: Ĭ囁缯盦鍎Șe宧冸'Pțl諷鵣 + values: + - tjW4s6vTm + - dAFd + matchLabels: + MYd: Xsox8 + vdIPmBzGHW: u + vtRD: cJZSpnJ + mismatchLabelKeys: + - ysVrZBCS + namespaceSelector: + matchLabels: + LLN: an + zhG0GzF: ebgXWsq + namespaces: + - Tc7JW + - l5 + topologyKey: XvVTKe + weight: 284965413 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: snHS61E + operator: ŁjĈ偔Ĵgä缬ɏ魜竿Ȍ匊ȡf + - key: GF64H + operator: N?+痱+龟嗙糨(;籄µ_ȤP榡Ȁ + values: + - sBC5mout + - gLNrAHCql + matchLabelKeys: + - I6T + - cfQ + - bj1O + mismatchLabelKeys: + - DOsKcbZ + namespaceSelector: + matchExpressions: + - key: wabhpRnnMK + operator: 昶Ǝ傪Ȃß + values: + - 6A + matchLabels: + AWV: wH5n597Z5ZD + MO5x: gCiuzkb + namespaces: + - SE6wLN + topologyKey: i + - labelSelector: + matchExpressions: + - key: hyV52PjMCdDTPM3Xj + operator: t.卆痘惠Ú皙駼ɥ飑蝪 + values: + - df + - QinuCr3k + matchLabels: + "4": xjs7u + 26YT8Kwl: 6Fn7QaX + IyQVKh: FT + matchLabelKeys: + - 43p + - 7wOCOZltU + mismatchLabelKeys: + - 69P + - KGelm4KjR + namespaceSelector: + matchExpressions: + - key: lc1l + operator: 圼酭蟶ƿʕNȎ褷K0¢戜ŰĨ矤磓 + values: + - F5sJcyG + - gSLP4 + - key: VUC9 + operator: 伂Nxŧ}_Ť + values: + - fdEFxj + - key: TtWF1erkH + operator: 鿐ȖP薈廰ǿÅʋ + values: + - 8fCxCdw018mnN + namespaces: + - MI7v + - 4d + topologyKey: t6NgG + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: D + operator: 棎 + values: + - 20fifD + - FrMdPhx9xo + - key: UGNn3lb + operator: 佛Ǥ3 + - key: Z2RLUvJbK + operator: "" + values: + - FdkgDft + - TefWIg2 + - bpqycNdCB + matchLabels: + HS3J6YWoEqk: Z6wgyP + doC4E: kBDLOXELx + matchLabelKeys: + - AcWh + - wz1OjMAc + mismatchLabelKeys: + - TzAtxmFj + namespaceSelector: + matchExpressions: + - key: 0PcmdJ + operator: h + values: + - cUMRXCqpYKF + - key: CNiL1smGnM + operator: cSŦ胪ǟ婟魳!M + values: + - nn + - J + - DT + namespaces: + - 115aP7 + - NIr + topologyKey: pAC + - labelSelector: + matchExpressions: + - key: N5YJ + operator: '`ȺDŽ窿U澩Û' + values: + - c6b9k + - kBiQmy4m0 + matchLabels: + I7ZhU9r: mVYody9U + kY71: tu + r0veMW: zYM + matchLabelKeys: + - iswu + mismatchLabelKeys: + - CANmp649B + namespaceSelector: + matchExpressions: + - key: 9dVeM + operator: "" + values: + - j4ohdLhch + - l + - "" + - key: Dg0F + operator: wŴǂ&;计DzP.觰髬uþ + values: + - gaIEZk1 + - W + - ox3 + - key: eem + operator: F铃ø睤榺蠯ƺDZ2s瘨澌秠%晸 + values: + - gQvNAvyI + - oime + - 4Sq9 + matchLabels: + J9W: R8 + o3EOEfEW: doLp + namespaces: + - kkkj1owvoXiU0 + - yfKU6aK + - LAx8rxmN8 + topologyKey: Z +automountServiceAccountToken: true +autoscaling: + enabled: false + maxReplicas: 400 + minReplicas: 207 + targetCPUUtilizationPercentage: 127 + targetMemoryUtilizationPercentage: 234 +configmap: + create: false +console: + roles: + - Ei: null + v4ACJLz: null + - isAtO9ew4: null + yruh: null + - 51fb5in: null + ILAz4wr: null + l90: null +deployment: + create: false +enterprise: + licenseSecretRef: + key: lN0R + name: Is29uweE +extraContainers: +- args: + - lXv3W4h + command: + - 0hlaE + env: + - name: 2R4HDOw + value: Ow63m2 + valueFrom: + configMapKeyRef: + key: W + name: K4xi + optional: true + fieldRef: + apiVersion: Jky + fieldPath: 53aQO + resourceFieldRef: + containerName: FnyzXcJW0Y + divisor: "0" + resource: CEeuoM3B + secretKeyRef: + key: d1k + name: gqHwwuuW7YCi + optional: false + - name: ixNGgU + value: zzCXF + valueFrom: + configMapKeyRef: + key: pAT30it + name: t + optional: false + fieldRef: + apiVersion: yp + fieldPath: Mh1WcPCbP + resourceFieldRef: + containerName: IswD1IBE9 + divisor: "0" + resource: Ro + secretKeyRef: + key: yFZxBVZdODt + name: X + optional: true + - name: WTnCxkS + value: pEk + valueFrom: + configMapKeyRef: + key: 11H + name: QATfCX3IsDv + optional: true + fieldRef: + apiVersion: vN4 + fieldPath: qMFch + resourceFieldRef: + containerName: uO0O + divisor: "0" + resource: N0cJGosw + secretKeyRef: + key: fDMU + name: hps + optional: true + envFrom: + - configMapRef: + name: 0OJJ5YVIX03 + optional: true + prefix: qMb + secretRef: + name: Q + optional: true + - configMapRef: + name: xbFZU + optional: false + prefix: a1 + secretRef: + name: x + optional: false + - configMapRef: + name: k37 + optional: false + prefix: YoFy + secretRef: + name: ogUiKqk + optional: true + image: 0pe + imagePullPolicy: 娒菐皎X噴粗嘍»ƪ~ + lifecycle: + postStart: + exec: {} + httpGet: + host: lO6z + path: Ocry6h + port: ZXfKF + scheme: ə朕IH尹ğ殤鍻O艚Ʃj"羈 + sleep: + seconds: 5751106255636900299 + preStop: + exec: {} + httpGet: + host: 7QkaR + path: F + port: 1848101873 + scheme: 7Õ嚎c煣擢?ǙȬžREWƿY#¡DZ + sleep: + seconds: -6692990274650219794 + livenessProbe: + exec: + command: + - uNT + failureThreshold: -829813283 + grpc: + port: -567104846 + service: LDcJp + httpGet: + host: g20utb + path: SiqR + port: hDMLQykO + scheme: Ŧ螵n^ʑ柁ɼĥh韁傧厬džƑ + initialDelaySeconds: -564429238 + periodSeconds: -1564220228 + successThreshold: 358143040 + terminationGracePeriodSeconds: -3271131206023471117 + timeoutSeconds: 1743016683 + name: 0dQgH + ports: + - containerPort: 1592798281 + hostIP: Ob6i + hostPort: 1226080714 + name: owTN2e7 + - containerPort: -909719890 + hostIP: LU4ibkw2 + hostPort: -291412037 + protocol: ț榌餬<孋蔣熰瘞;癘, + - containerPort: -1320944614 + hostIP: FALEX24mB + hostPort: -2067901656 + name: 3x2T + protocol: 鑴桄ɵ珧Ū + readinessProbe: + exec: + command: + - oc + failureThreshold: -784903530 + grpc: + port: -2046315075 + service: OUsbY + httpGet: + host: s50gn + path: gPyB + port: -2077437763 + scheme: 撫ƄǥǞ + initialDelaySeconds: 1983356613 + periodSeconds: 1988783141 + successThreshold: 2066305810 + terminationGracePeriodSeconds: 2348593211159662414 + timeoutSeconds: -418402994 + resizePolicy: + - resourceName: yW + restartPolicy: 9從O9籿c绉ȠýH + - resourceName: 9WLZ + restartPolicy: 酎!8 + - resourceName: ISSu7K + restartPolicy: RǷ巫錬$e幅"Ȅ + resources: + requests: + ZAHXO: "0" + cT: "0" + ftA: "0" + restartPolicy: 箕赳箨J顏 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 厍F>%甾灵讝 dɌ撑礙Oo_ʦ + - ǮI埁艏:řŴi/隰6Ň + privileged: false + procMount: 籟ɔ矎C趶椰ʓ + readOnlyRootFilesystem: true + runAsGroup: -1819068651107678420 + runAsNonRoot: true + runAsUser: -4446960001037568719 + startupProbe: + exec: {} + failureThreshold: 1529697760 + grpc: + port: 2086810289 + service: LFhs + httpGet: + host: y7 + path: 7Q5PcVes + port: i + scheme: 阀ÿ¼+砵S麦ƺ'nǥ恪qżZǹ + initialDelaySeconds: -2048008543 + periodSeconds: -1559576850 + successThreshold: -655600930 + terminationGracePeriodSeconds: -8913842277118830912 + timeoutSeconds: -857654009 + terminationMessagePath: 9TOoj + terminationMessagePolicy: ¦ƫʇȬ儤f^_U躭 + tty: true + workingDir: cGeaEyJc6A9 +extraEnv: +- name: 1qcxFe + value: CddCzg + valueFrom: + configMapKeyRef: + key: uetPc0pnjv + name: CvmkK + optional: true + fieldRef: + apiVersion: FHMfGqk + fieldPath: 2P + resourceFieldRef: + containerName: bD1 + divisor: "0" + resource: kcSi + secretKeyRef: + key: pUu0 + name: 31uIu28D + optional: false +extraEnvFrom: +- configMapRef: + name: sJl8l + optional: false + secretRef: + name: ULPPuBUveK + optional: false +- configMapRef: + name: r4KbQIM + optional: true + prefix: vFNhdrDV + secretRef: + name: b + optional: false +extraVolumeMounts: +- mountPath: BsnW + mountPropagation: 撾<¥燩Uáb魩2wdz携W駟c韀羸â閹 + name: kS + readOnly: true + subPath: MQkyaubVs + subPathExpr: Bc +extraVolumes: +- name: FK5aYrlt +- name: BuMd +fullnameOverride: y0pa6pm83 +image: + pullPolicy: ā + registry: frvkIce + repository: Eyf5QN + tag: NF +imagePullSecrets: +- name: kBoh0Lyd +ingress: + annotations: + GOF: Fk7wcu + J2: ViiBwn6 + WODaheluZ: jCoFdBnr + className: 4Z1r6JSTY + enabled: true + tls: + - hosts: + - hAi45 + - N3wGXf + - 2Og0 + secretName: 11BdzGx + - hosts: + - MPqkMom + - mBwetJrK + - PcEKgK + secretName: HtA + - secretName: jRYKg +initContainers: + extraInitContainers: "" +livenessProbe: + exec: + command: + - 5l + - TPa5xuR1 + - pL3 + failureThreshold: -665161597 + grpc: + port: -1993107785 + service: u6KPs + httpGet: + host: R4Get + path: 0V + port: 1160926320 + scheme: ǨĄBW躼uQ劢Z + initialDelaySeconds: -958442622 + periodSeconds: 1883059027 + successThreshold: 1933410843 + terminationGracePeriodSeconds: 6283661173054068495 + timeoutSeconds: -1835273944 +nameOverride: "" +podLabels: + ZUMXq: 1paitbyR + o5jSmwn: "1" +podSecurityContext: + fsGroup: -2194962218839547968 + fsGroupChangePolicy: Ƃ搵Ņů羁nʇ雵Ri摿TǛø!ʣa饪詹 + runAsGroup: -8349123147211058668 + runAsNonRoot: false + runAsUser: -7634316416044162316 + supplementalGroups: + - -8005115528631553908 + - 3338610853164048033 + sysctls: + - name: KolWq + value: HzqTwBK4G4 + - name: rWyCA7 + value: DXY + - name: ukO43edoA + value: EVLsuF +priorityClassName: vW +readinessProbe: + exec: + command: + - 0X8tCVJI + - Sm4 + failureThreshold: -1604827341 + grpc: + port: 42051403 + service: H + httpGet: + host: 0gB9WjO + path: 0sPD + port: -849836679 + initialDelaySeconds: -1237987229 + periodSeconds: -2089146286 + successThreshold: 1944965466 + terminationGracePeriodSeconds: 6313366685724995629 + timeoutSeconds: -421565232 +replicaCount: 180 +resources: + limits: + pWciOVB3: "0" + requests: + CokuM: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: KGprr + name: w + kafka: + awsMskIamSecretKey: "" + protobufGitBasicAuthPassword: SerI + saslPassword: GKTX + schemaRegistryPassword: 4e + schemaRegistryTlsCa: "" + schemaRegistryTlsCert: 5V + schemaRegistryTlsKey: WFfrAH2a + tlsCa: kdCuX + tlsCert: j8Y2S + tlsPassphrase: jzecZl + login: + github: + clientSecret: cRkCl + personalAccessToken: 7XzR7g4 + google: + clientSecret: 1h + groupsServiceAccount: PpzN + jwtSecret: "" + oidc: + clientSecret: r + okta: + clientSecret: om + directoryApiToken: vYqev5 + redpanda: + adminApi: + password: X0 + tlsCa: MadMnzee10AL + tlsCert: SXxHZ + tlsKey: HYAn +secretMounts: +- defaultMode: 257 + name: mbhBeHK + path: 4B + secretName: "3" +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ɓ秈Ǽ霏*苇ȋɇ燡ƲɔċɈx + - 畼#QȲȬ懹脆俼[葓箘Ⱥ¿ + - ƭ + drop: + - 鉉C餱芕鳧ǥƔʚŰ + - ǖ瞱祈)售歜ŃȀƖ厀Ʃ9茡ɥq + privileged: false + procMount: '''³編Ź~莽WS2孲j禺' + readOnlyRootFilesystem: false + runAsGroup: -7898786566866618408 + runAsNonRoot: false + runAsUser: 5048177807031045156 +service: + nodePort: 402 + port: 11 + targetPort: 465 + type: 9TsjJQkJZ +serviceAccount: + automountServiceAccountToken: true + create: true + name: Gma +strategy: + rollingUpdate: {} + type: I讗烉Ð-Ǵ +tests: + enabled: false +topologySpreadConstraints: +- labelSelector: + matchExpressions: + - key: 8oHl6iWalV + operator: 嗌ƕþ]eěk歄兠惴5]nj鿵ų|暫\ + matchLabelKeys: + - n2lT + - nr + maxSkew: 565546972 + minDomains: 1026506021 + nodeAffinityPolicy: _攊v + nodeTaintsPolicy: 踠~Ë?¶嘬 + topologyKey: OZKwm9I + whenUnsatisfiable: 艽ʧj +- labelSelector: + matchExpressions: + - key: e + operator: 貙wɡȗ扊l橠,ȶ^ + values: + - "2" + - 1aeU + - X1mzNz + matchLabels: + Kw: L0rDwe + hFD: 9Kbm7CtaSg + matchLabelKeys: + - lw1gZ + maxSkew: 131623139 + minDomains: 1034504401 + nodeAffinityPolicy: NƎ乮+却ŷƑIf.L焚 + nodeTaintsPolicy: "" + topologyKey: dpa7OA + whenUnsatisfiable: 貧uƻläʯlÓʐȮ竇dʐ疮儾 +-- case-044 -- +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: AFOKvXU + operator: ¸藬 + values: + - vIFxLM + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + ZpWVx: agTJ2kP3DWNYN + matchLabelKeys: + - "4" + mismatchLabelKeys: + - 0qG + namespaceSelector: + matchExpressions: + - key: D8 + operator: d|ɬ曖 + values: + - p3iQYi6Y + - key: c + operator: ǵmV逛鲳鈐譮稹ÚȾČXú + values: + - a + - 3C55L6S7 + - SQaxr + matchLabels: + "5": jC + namespaces: + - oDKjy + - "" + topologyKey: C9jgFk + weight: 1276231314 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: lGp2 + operator: "" + matchLabels: + "": sKP1q2 + 44krG: UrYUSMsisV + unYZqLh67: tMKQ + matchLabelKeys: + - orDt3ZdEA + - LIBJK3 + mismatchLabelKeys: + - bgz2i + - CNqlQJ + namespaceSelector: + matchExpressions: + - key: 35CZTXLY + operator: 掟0笝润ɲDGĪ1Ɋ乧鴹ǥ + values: + - OOB1s + - o4H + - key: f21 + operator: nȿqh + namespaces: + - L0w7 + - DB9 + - T1mom4CrS + topologyKey: OWKJz + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: WaOHp + operator: Ƥ熅ǒe²敹Ņ0ľ(Ȯɩ6ÿ + - key: 0X + operator: be3蚛鷿_鴈y+圚ʀF虹D + values: + - ZIZDTnyfwD + - B4NWO9ffPz + - 1jsu + matchLabelKeys: + - mXhYg + mismatchLabelKeys: + - mp6 + namespaceSelector: + matchExpressions: + - key: xE + operator: ʩ畕 + values: + - uc7IZ + - Hxl1 + - key: Xb41Q + operator: cʓʁ卡嵷韻 + values: + - pA + namespaces: + - edcrY + topologyKey: sP2BdI + - labelSelector: + matchExpressions: + - key: U0 + operator: 卢ʩ + values: + - OBtefl + - yMIZlx + - key: X + operator: Ǔ%é鵔:ß侙鞅 + values: + - s1qg3meB + - e6J6ZH89 + - key: dhFO + operator: ƋŎ頖,é襺枣Ť卩骏ɰ抟篧JɂǛȝȵ + values: + - R9sJoCz + matchLabels: + 2T: 84ZhksfB + matchLabelKeys: + - Yc41 + mismatchLabelKeys: + - zgncb + - pCwXYOK + - hViR + namespaceSelector: + matchExpressions: + - key: 3hWtuB6Y + operator: ʪ+ʜǻ拎奜跁ª4鶒鲒[ʒJi\ʝ)皡 + values: + - s + - key: xGSn + operator: 羥/Br=Z擧Ŀ泀Ą舨cïŕɘʡȽIJ鉽 + values: + - lOZtQ2cI + - Vk6 + - Ri3t + - key: Z6UDhR9VLqSA + operator: 淸c欨pɝo腛ı廓齩鄬檏繑郭>Ö呡 + values: + - s6hp + topologyKey: wZZTf + - labelSelector: {} + matchLabelKeys: + - afDo + mismatchLabelKeys: + - S + namespaceSelector: + matchExpressions: + - key: AWObA + operator: ĝf表OS厅啬児0~L槩华L稙訐\Tȼ + values: + - M39 + matchLabels: + 0D9: u5 + T1: xiLiZn + v6: nSQp5 + topologyKey: mr +annotations: + 4i: zwiMMKf + ZTKUDg2t: qHc7 + fGsx: dIpd +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 220 + minReplicas: 54 + targetCPUUtilizationPercentage: 269 + targetMemoryUtilizationPercentage: 205 +commonLabels: + BvJq2xZ: jY6O0 +configmap: + create: true +console: + roleBindings: + - UiHg9: null + - "": null + mAYLjAybA: null + roles: + - 0NpG04j: null + UxtPt: null + l5dMdK: null + - J9: null + MzWfEl: null + yNu: null + - "": null + Pv: null + tGJIDyXG: null +deployment: + create: true +enterprise: + licenseSecretRef: + key: x8ik3q + name: K7c7oe +extraContainers: +- args: + - CCdc + - xnWsPf + - K9Lp8whZH + envFrom: + - configMapRef: + name: eRd + optional: true + prefix: jF9v + secretRef: + name: QS0dQM4 + optional: false + image: UEbFmY + imagePullPolicy: ɂǖ耒ȯ+Ǎ妸ÄĊ wʠB堯¥ƿɤp + lifecycle: + postStart: + exec: + command: + - 89MtW + - LOaqkcP + - JzjyxNZS + httpGet: + host: "3" + path: V + port: RUOELw + scheme: u*暪÷鰦ʭ,0噱D #干 + sleep: + seconds: 7312334685976474890 + preStop: + exec: + command: + - Cmo91luAq + - DTCwI + - d3Q8xly + httpGet: + host: e + port: -1761554680 + scheme: '|' + sleep: + seconds: -8572473558022233717 + livenessProbe: + exec: + command: + - 1K0Fir + - Ws + - jWym + failureThreshold: 1492079208 + grpc: + port: -1612320137 + service: wk3AYU + httpGet: + host: U + path: yLWf + port: dE + scheme: (魠ʫ倳|岺溻IJħu|æ粅 + initialDelaySeconds: -1551121242 + periodSeconds: 101556636 + successThreshold: -690762638 + terminationGracePeriodSeconds: -7606489989577612357 + timeoutSeconds: -947750725 + name: GKPhj2 + ports: + - containerPort: 690563670 + hostIP: mVXvug29A + hostPort: -1389446008 + name: pcUz3a8NWF + protocol: o& + readinessProbe: + exec: {} + failureThreshold: 816403475 + grpc: + port: 2090385753 + service: pp5W00 + httpGet: + host: sP9DV + path: cpLL + port: TNUIzm + scheme: '!敓GĜƝ塀ȏ@{8嶤ɍ|' + initialDelaySeconds: 911169006 + periodSeconds: 257542772 + successThreshold: 1702435185 + terminationGracePeriodSeconds: -4557510245814657403 + timeoutSeconds: -581799810 + resources: + limits: + 5UdZ91O: "0" + TXdC: "0" + bK0pEj0Mb: "0" + requests: + s8hZFXOGF: "0" + tCP: "0" + restartPolicy: Ǩ轡´@ǂȟ + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 鿞;P粜鬌)Ǭ郑&鑉k!f] + - Ċ + drop: + - ?孡渄:Ơ廔晞!ē8瞅@rDZ_ + - cfdú¯'ƱơÅś祏侪 + privileged: true + procMount: ȝ?A@û2蝓撕%o摤絡) + readOnlyRootFilesystem: true + runAsGroup: -2314751572399378702 + runAsNonRoot: true + runAsUser: 989961539055775316 + startupProbe: + exec: {} + failureThreshold: 971752114 + grpc: + port: -1594677871 + service: O + httpGet: + host: EIXRs + path: EA1CukJtUZ + port: g9g0 + scheme: 遱O靑課淁hɕ怡ņ鲥 + initialDelaySeconds: -1020857297 + periodSeconds: 1332161137 + successThreshold: -1412285197 + terminationGracePeriodSeconds: -7087737322486666596 + timeoutSeconds: 563432789 + stdin: true + terminationMessagePath: S + terminationMessagePolicy: =ɑ_èʊâ錯Ɛ窾O亇_ + tty: true + volumeDevices: + - devicePath: 2EtZS + name: "" + - devicePath: glBRF4 + name: e8K + volumeMounts: + - mountPath: L4U + mountPropagation: '}6ʓ蓱9峖3疖售Ʉ朞' + name: 4oVeDs + subPath: RoA + subPathExpr: b + - mountPath: b3TFcP + mountPropagation: ʘʟ| + name: jg4Ya + subPath: F + subPathExpr: flS + workingDir: VZi6ElPHw +- command: + - 3xxCjTRw + env: + - name: 1n + value: cHl + valueFrom: + configMapKeyRef: + key: "95" + name: gi + optional: true + fieldRef: + apiVersion: sQA8hZeZu + fieldPath: xgpJlFJ2 + resourceFieldRef: + containerName: fLR0HyM + divisor: "0" + resource: Sanx4 + secretKeyRef: + key: XgKm5 + name: gvoS9jB + optional: false + - name: s2cwze + value: hu + valueFrom: + configMapKeyRef: + key: fDoUz3 + name: XKG + optional: true + fieldRef: + apiVersion: q0CUy1W + fieldPath: B3Lkh + resourceFieldRef: + containerName: V1gnkr8hpTmU + divisor: "0" + resource: 7PEJNYX + secretKeyRef: + key: IiBIw + name: kiXa5 + optional: false + envFrom: + - configMapRef: + name: JayMLn + optional: true + prefix: Iyk + secretRef: + name: I8 + optional: true + image: uuJKCAGoiYb + imagePullPolicy: '&mɈ{DC鹪ŘƖ暢C镯VĪɮJ樟' + lifecycle: + postStart: + exec: {} + httpGet: + host: TlUl + path: v9nd + port: Khf + scheme: 雦G'獲ɕ垑Ɠ奚 + sleep: + seconds: 3204757101293724426 + preStop: + exec: + command: + - s8505Cg5U + httpGet: + host: hAMBGK + port: LNxGid + scheme: 9?Ɉ + sleep: + seconds: -7512312074000843110 + livenessProbe: + exec: {} + failureThreshold: -1252597876 + grpc: + port: -544919593 + service: "N" + httpGet: + host: xfP + path: ByIZxFF1w + port: 465839308 + scheme: ôȔʄǽȕ$Ɨ嫸% + initialDelaySeconds: 1827740835 + periodSeconds: 1434348082 + successThreshold: 1145653124 + terminationGracePeriodSeconds: -9056662989967493169 + timeoutSeconds: -741454610 + name: pkN5 + readinessProbe: + exec: + command: + - pmJ6cF + failureThreshold: -182850181 + grpc: + port: -30654612 + service: q + httpGet: + host: Vra + path: tovB7 + port: -934938952 + scheme: Ⱥǵ1茆鯨ț]ų1ơñ澂 + initialDelaySeconds: -1966697414 + periodSeconds: -1866944455 + successThreshold: -259752087 + terminationGracePeriodSeconds: -4535014313385885341 + timeoutSeconds: -1545912021 + resizePolicy: + - resourceName: RxDBqX + restartPolicy: 韌ʮ濅& + - resourceName: spCee + restartPolicy: 腋+桯PɆ誎z4µ&ȁou-囈鵼夵v| + resources: + limits: + rElH: "0" + requests: + "": "0" + restartPolicy: 7GK¦碦ǒ抩Z芍緜 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - NjǗA窇ţ + - 逈%Ǵ7QǚƶƜr + drop: + - 鹭Iv0蠤'Ɵ皝ƨ=¨ + privileged: false + procMount: èįƤ;L虥u籖ʄƎ}橃V炖 + readOnlyRootFilesystem: false + runAsGroup: -1041723617216276814 + runAsNonRoot: false + runAsUser: -3933065726531016441 + startupProbe: + exec: {} + failureThreshold: -983644738 + grpc: + port: 1827183629 + service: X7oC1 + httpGet: + host: vGk + path: ohKaYc + port: l1rVsh9 + initialDelaySeconds: -648569392 + periodSeconds: 873065120 + successThreshold: -612441773 + terminationGracePeriodSeconds: 6808330544454597158 + timeoutSeconds: 1534439066 + terminationMessagePath: VYh + terminationMessagePolicy: 唌Üi+ + volumeDevices: + - devicePath: DGsn + name: Ia + volumeMounts: + - mountPath: "14" + mountPropagation: 渉seǝ蕟厪ë嵎ǥ墮@ + name: "" + readOnly: true + subPath: C1G4VS1 + subPathExpr: eU + workingDir: odPxO +extraEnv: +- name: Ahlf + value: UEv + valueFrom: + configMapKeyRef: + key: uwaRvb + name: M8Iklu7qx + optional: true + fieldRef: + apiVersion: H + fieldPath: 43xb + resourceFieldRef: + containerName: t8wgC87mO + divisor: "0" + resource: Z + secretKeyRef: + key: "" + name: EQfJ3z7tv + optional: false +- name: xj + value: lwmxmxP + valueFrom: + configMapKeyRef: + key: "" + name: cdBhO + optional: true + fieldRef: + apiVersion: U + fieldPath: Dj1sswKP + resourceFieldRef: + containerName: 1p3yUdrvd + divisor: "0" + resource: 5A + secretKeyRef: + key: DDcgdcu + name: oD38 + optional: true +extraEnvFrom: +- configMapRef: + name: 2ECaB + optional: true + prefix: bao + secretRef: + name: CA5S95 + optional: false +extraVolumeMounts: +- mountPath: v + mountPropagation: ?IJ純ʈxɧʅ + name: 9AiRaE35OlCv + readOnly: true + subPath: 2dv5RZ + subPathExpr: H7f +- mountPath: "4" + mountPropagation: 涾頴tOĜʥ朤 + name: ePEz + readOnly: true + subPath: BY + subPathExpr: w +- mountPath: n5FPgiJmk + mountPropagation: Ǵ棢__@ŗɆ4瞑5ŗ­L/ķ{篦ǯ + name: NryERK9Q + readOnly: true + subPath: tINFMAR5 + subPathExpr: VrBKy +extraVolumes: +- name: Kt6NIoVzEY +- name: O +fullnameOverride: resP +image: + pullPolicy: 讘ɂȴɩF壜î栒p + registry: UqWwteW0x + repository: TZqk + tag: 0fpMB +ingress: + annotations: + 7CEw: nk8 + bqg: H5 + x1S7: Pu + className: 6IuECM + enabled: false + hosts: + - host: gDc + paths: + - path: len9tdPYcpq + pathType: XETm5mmK3Es + - path: zn5u + pathType: p5jlQul + - host: "" + tls: + - hosts: + - Th5w + - xssK + - xFW9 + secretName: wA + - hosts: + - bR + - U73RtLKOI + secretName: jEnKU +initContainers: + extraInitContainers: 0VCU +livenessProbe: + exec: + command: + - wV + - eooUnSLpW + failureThreshold: 1147871047 + grpc: + port: 483952618 + service: Ca + httpGet: + host: pXrlUHltqchNl + path: kMP5 + port: -1823407150 + scheme: Ò壻«Ƭ魠?ǣ×Ç + initialDelaySeconds: -470682176 + periodSeconds: 842863336 + successThreshold: 2078067842 + terminationGracePeriodSeconds: 8174922400865091455 + timeoutSeconds: 1252398573 +nameOverride: tvDI +nodeSelector: + 2i: dRi6btw6 + R4: UsW + fFNJXGk: XBkx +podAnnotations: + N0F: vSjZxkjW +podLabels: + K1uahi: UMygEU2O2 + ecdKkB: "1" +podSecurityContext: + fsGroup: -3027126285888130862 + fsGroupChangePolicy: 袺芥ŵ罋o郘渢e堫柝dž + runAsGroup: -3172565869747057973 + runAsNonRoot: true + runAsUser: 5739747577453985710 + supplementalGroups: + - -1289730562709624524 + - 2918948066534341347 + - 8836988143915675306 + sysctls: + - name: ZSspAgrV + value: ES11 +priorityClassName: 8KMLup9vb +readinessProbe: + exec: + command: + - 50jwjhoUN3n + failureThreshold: 1026367217 + grpc: + port: -238173978 + service: Ju + httpGet: + host: wDDq9i + path: w7hRVdP6kmTaLN + port: -919313657 + scheme: 闡ś + initialDelaySeconds: -233395254 + periodSeconds: -96619339 + successThreshold: -2083481091 + terminationGracePeriodSeconds: -7352799244112409845 + timeoutSeconds: 1827269276 +replicaCount: 410 +resources: + limits: + eYVLCq: "0" + requests: + P: "0" + VsuQcjg: "0" + jwq: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: zvbci + name: W0 + kafka: + awsMskIamSecretKey: SFtL8nb + protobufGitBasicAuthPassword: "" + saslPassword: "" + schemaRegistryPassword: p + schemaRegistryTlsCa: 0m5L + schemaRegistryTlsCert: fqb + schemaRegistryTlsKey: whFm7 + tlsCa: 2Ir + tlsCert: JBVRtfzSurH + tlsPassphrase: OSDd + login: + github: + clientSecret: mCF8qeqhA + personalAccessToken: 7MnYqfh + google: + clientSecret: uo83GiVX2X + groupsServiceAccount: LCEQJi + jwtSecret: cmCx + oidc: + clientSecret: jW3Syrm + okta: + clientSecret: RDyL5FTb + directoryApiToken: BmJgmq2h + redpanda: + adminApi: + password: 6pe + tlsCa: gzJP1h + tlsCert: GRhBENFNa + tlsKey: qKQ +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ɐ毻sǨ斩麀|髦 + - (波F= + - 2鱶ɥǚ蘃齯ʃE桹蹝Ȓ畸蘋桙0 + drop: + - c掁轖e9\Ǟ¦ + - ȽT下Zź%賂蕄3 + - 乯`ŤĊŸ眸ʞ缔Ň妌嵳楕ǐwč*ǩ妩ɴ + privileged: true + procMount: ŃE诩Ŗś僆 + readOnlyRootFilesystem: true + runAsGroup: 6580465723841053659 + runAsNonRoot: true + runAsUser: -56006153890553620 +service: + annotations: + CRHNsVY: Nl04 + nodePort: 437 + port: 103 + targetPort: 329 + type: "" +serviceAccount: + automountServiceAccountToken: true + create: true + name: W9k +strategy: + rollingUpdate: {} + type: ɬdW5f +tests: + enabled: true +topologySpreadConstraints: +- labelSelector: + matchLabels: + 435gSB: cXqM + XuT: nA + sKWX6pPX: YyYe + maxSkew: -1347306472 + minDomains: 1890499147 + nodeAffinityPolicy: 扒Ŕ + nodeTaintsPolicy: 諹uɔM_灢ʫ6ªWŢ庿ɛ + topologyKey: 34nlpPe2Tl + whenUnsatisfiable: šĉ鎨嶕鯖Ťȯ蝲萤ɪeCŒ5ő3|押 +-- case-045 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: MyOwAD1 + operator: 啜0Ȕ + values: + - ZGn4YX + - key: jDkjMmXqE + operator: NŤ~鷚ȃÐ醩@鿘.礡PdL + values: + - N3K + - ow + - PzPEWA + weight: -72104605 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: JvUcVrA7 + operator: Žx"ơ + - key: xqi + operator: 1匹层舕ƒ僜ʓ + values: + - e + - key: eLiG + operator: '[r-!"ĻŻ艂酁嵍鏺]髠' + values: + - EKgA + - 2tR + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + 7EKjs: lal36 + matchLabelKeys: + - DsNc + - EF + - MxSx7 + namespaceSelector: + matchExpressions: + - key: AJRciio + operator: I鎴 3ɡƞK慳hĉ + values: + - dh + - key: O8 + operator: ʤ喜牅ƫ]Ȉʚ廆Ƨ椬訐儹9ȡ趿 + values: + - QIR + - 4QIg3r + - key: xEKeM + operator: 嬕 + values: + - R0qm21j + topologyKey: yN7rFb + weight: 371178507 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 6m + operator: "" + values: + - sEP + - r + - 916oARGpag + - key: YtLdy2vWFRG + operator: "" + values: + - NbAvpL8G + - 0a3vqv + - key: TOiWxWC + operator: ǝ椦誄ȟ2沾ʩɁǢɶ攧Ţ胑< + values: + - BDKh + - NFb9UYct3p + - TFdQLF + matchLabelKeys: + - TACd + - RFCD1IMt + mismatchLabelKeys: + - CLaySswMot + - S3sEweRaY + - tC6pZ + namespaceSelector: + matchExpressions: + - key: pDz + operator: "" + - key: iRP7TsiyE + operator: 8šiƛPċŞ貲I轒ĮÜ + matchLabels: + 4IVb55JZf: "" + XokO: FntMc + namespaces: + - BOohC67i + - tv + topologyKey: Wc36G + - labelSelector: + matchExpressions: + - key: 2swiyf9 + operator: X + values: + - "2" + - Mmu6iYl3 + - XsZhnelID + matchLabels: + zf: IJlhUxrQg + namespaceSelector: + matchExpressions: + - key: RMLd0ptomdzoSd + operator: ƋŲǯ-'Dð獿礘ĘQ蕲螙x + values: + - rz5QKfx + - key: smO + operator: DɴK*4瘢齮 + matchLabels: + "": crZm + R7TX: 7hcjy + Yh: dyM1 + namespaces: + - PqubN + - elFz + - 5Iah6Cz + topologyKey: QE + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: faWSc + operator: ʚʉŝwʊ寭跼Z + values: + - dgKap + matchLabelKeys: + - sEXCWO + mismatchLabelKeys: + - BqB + - QSJQOy + namespaceSelector: + matchExpressions: + - key: 9zT + operator: 锂遼9ɎVn嵕缰~ + - key: bJi68gZ + operator: 己樚僚%隓馦d + values: + - LT + - "" + matchLabels: + yt: Z + zMv4Ez: NSxkcn + namespaces: + - bfc + topologyKey: pUFg7ZP + weight: -962989660 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: {} + matchLabelKeys: + - "" + mismatchLabelKeys: + - Mfh + namespaceSelector: + matchExpressions: + - key: 6Ax1cf + operator: ʆ骜ʣ蘧F栮,C + values: + - 1WljmgAmSY + matchLabels: + 174k: 7or9Mr + F4YETWGCg: Rt46e + cMQyYT: RTaOOxz3Li + topologyKey: 9j +annotations: + 12kkcHLZdTIn: FQ4am + LQDfr: q +automountServiceAccountToken: false +autoscaling: + enabled: true + maxReplicas: 305 + minReplicas: 326 + targetCPUUtilizationPercentage: 344 + targetMemoryUtilizationPercentage: 186 +commonLabels: + M1diW: PVb +configmap: + create: false +console: + roles: + - tvT4mf0wFe: null +deployment: + create: false +enterprise: + licenseSecretRef: + key: kMfu2CiNvgC34 + name: oa9a +extraContainers: +- args: + - HP10TO + - kuCNcTLL + command: + - m + - Nww8 + - 98Rn + env: + - name: SSO + value: dOiVAD + valueFrom: + configMapKeyRef: + key: rG6s + name: ZIOGFg7 + optional: true + fieldRef: + apiVersion: 5QpSAgTC + fieldPath: wvXbuBkn + resourceFieldRef: + containerName: ZRxTJ6p + divisor: "0" + resource: lxXIfgo + secretKeyRef: + key: a4I + name: fdAC + optional: true + - name: t + value: lhJB5Gu + valueFrom: + configMapKeyRef: + key: 9sIY7ap56C + name: jxSPO + optional: true + fieldRef: + apiVersion: 7y + fieldPath: TVs + resourceFieldRef: + containerName: Bk7GMS + divisor: "0" + resource: KghhcLY + secretKeyRef: + key: "4" + name: Q0xn + optional: true + envFrom: + - configMapRef: + name: xkM + optional: false + prefix: 6Hmq + secretRef: + name: 2W7 + optional: false + - configMapRef: + name: nw + optional: true + prefix: ZF8q + secretRef: + name: Hazz + optional: true + - configMapRef: + name: C0TBIATG + optional: true + prefix: Wm + secretRef: + name: Yg2 + optional: true + image: vXSldD9 + imagePullPolicy: .Ś.l庥抁臚蚋巸_ȧʟ[R榶E + lifecycle: + postStart: + exec: + command: + - oN + - eEYgTnILd + httpGet: + host: mg7llOt105m + path: dtlR4G + port: wD90f + scheme: ʖ两ĕ¤¬瞮U? + sleep: + seconds: -2237517267526569736 + preStop: + exec: + command: + - GMjypvCI + httpGet: + host: T8pa05 + path: u9bCqIg + port: M9zgB + scheme: '*蛬ŻĈ' + sleep: + seconds: 475574192596548942 + livenessProbe: + exec: + command: + - dUJeULUg + failureThreshold: 1485223326 + grpc: + port: 701458966 + service: CQKKuIS4d + httpGet: + host: E2fjZ + path: XvuU + port: NoCTx + scheme: 蜼烀ȏǓɦMDn糆ƥHʼn/瓏ìȢŷ + initialDelaySeconds: -1475170089 + periodSeconds: 1989433587 + successThreshold: 1386111224 + terminationGracePeriodSeconds: 5430499533574282933 + timeoutSeconds: 1740226413 + name: wG4ZxvZMuJ + readinessProbe: + exec: + command: + - "6" + - obo + failureThreshold: 2126666969 + grpc: + port: 521888256 + service: z + httpGet: + host: Fpq + path: ghrc2 + port: -314576227 + scheme: 瓰vp烫ǁĴŰDȐ插研Ǽʜ + initialDelaySeconds: 1330937719 + periodSeconds: 78230226 + successThreshold: -351220698 + terminationGracePeriodSeconds: 6147801770047971409 + timeoutSeconds: 1906635539 + resizePolicy: + - resourceName: Waf + restartPolicy: ʑ艜ɾ蘩Ƈ`7ɫ坓弎Ȗƈ + resources: + limits: + WfxZ: "0" + gZ: "0" + oup1P0j: "0" + requests: + D0AyOZ87h: "0" + Wmp9uU8: "0" + mowWvEm: "0" + restartPolicy: ǔ輋篐棶耏īʡm0Ñ!ř$曤Qʢ瞪Ļ + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - Ì酃`sŬ硪W#鿻Gƃu + - 先ĜtàX + privileged: false + procMount: Ĕʤj螹țȞVa + readOnlyRootFilesystem: true + runAsGroup: 5877071704122825347 + runAsNonRoot: true + runAsUser: 607897543692979281 + startupProbe: + exec: + command: + - 1R1GIynL2u + failureThreshold: 197417586 + grpc: + port: 581882770 + service: jrlDhPYYcBk + httpGet: + host: btMskta + path: iy + port: -1405181644 + scheme: ­劲襇板ƶ2豣Ă輒" + initialDelaySeconds: -317632223 + periodSeconds: 1128778719 + successThreshold: -878681442 + terminationGracePeriodSeconds: -5809012571377279815 + timeoutSeconds: 326998121 + stdin: true + terminationMessagePath: vlSz + tty: true + volumeDevices: + - devicePath: jpSm + name: A1S8F + volumeMounts: + - mountPath: zH + mountPropagation: Œib抪黠wƱ軭 + name: vY1XOHYYy + subPath: Tui26JLZyP + subPathExpr: 2T0bhLFBv + - mountPath: qLd4 + mountPropagation: = + name: MlJNiuK + subPath: Gt + subPathExpr: 1br + workingDir: qaJz +extraEnv: +- name: "" + value: 8qqxpUmb + valueFrom: + configMapKeyRef: + key: nyn + name: 2a6 + optional: true + fieldRef: + apiVersion: 4VL + fieldPath: mLkq5SaY + resourceFieldRef: + containerName: q58NCY4 + divisor: "0" + resource: iTwPTz + secretKeyRef: + key: fymwKG2di + name: jP + optional: false +extraEnvFrom: +- configMapRef: + name: kjk + optional: true + prefix: bXXh + secretRef: + name: ksMoUzjV + optional: true +- configMapRef: + name: 8AWI + optional: false + prefix: hqwWp6 + secretRef: + name: a + optional: false +extraVolumeMounts: +- mountPath: g + mountPropagation: ƎÀ虰|墫} + name: izh4Kt + subPath: l3Jx + subPathExpr: bgpu9UdSPr4CF +extraVolumes: +- name: UQKug +- name: giK +fullnameOverride: 9gCm5xz +image: + pullPolicy: "" + registry: I + repository: utUA + tag: 3NaFJMnq7cwb +imagePullSecrets: +- name: rTO7I +- {} +ingress: + className: y6u9o + enabled: true + hosts: + - host: V + paths: + - path: VRp3 + pathType: WX + - path: ZXqa + pathType: LXDjotJK + - path: b + pathType: 6l3svu + tls: + - hosts: + - SzMunki + secretName: OT +initContainers: + extraInitContainers: Gaa +livenessProbe: + exec: + command: + - w + - 4y0unO7q + - fUMv46yk + failureThreshold: 564680295 + grpc: + port: -274686900 + service: SZ + httpGet: + host: "97" + path: R + port: sw2f4 + scheme: ǖe灻膃爌|rQʮ` + initialDelaySeconds: -1623540175 + periodSeconds: 2083875877 + successThreshold: 1467697726 + terminationGracePeriodSeconds: 1240720412315600394 + timeoutSeconds: 514813622 +nameOverride: tOoxEiwdVpT +nodeSelector: + 4X: PJ6v +podAnnotations: + TImM2rpn: ixT +podLabels: + jAyDz: vW2 +podSecurityContext: + fsGroup: 8841428564051369991 + fsGroupChangePolicy: '''諢憭捽鉚ƾ邓鈽6M_s' + runAsGroup: 5877981406957979012 + runAsNonRoot: false + runAsUser: -2714811370596686768 + supplementalGroups: + - 3627757755693767927 + - 3933990106793080427 +priorityClassName: Op +readinessProbe: + exec: + command: + - Rvxle1 + failureThreshold: -1544911058 + grpc: + port: 1480625343 + service: iUWGjn1Yq + httpGet: + host: 0Wg8b + path: qrDi3 + port: -689203177 + scheme: 馨PƆȣdfTNʫ*ɀLɐ3} + initialDelaySeconds: -386708604 + periodSeconds: -1196967535 + successThreshold: -658970667 + terminationGracePeriodSeconds: -8534050677682835111 + timeoutSeconds: 1352482566 +replicaCount: 218 +resources: + requests: + Nh6YX: "0" + z: "0" +secret: + create: true + enterprise: + licenseSecretRef: + key: "9" + name: Pd + kafka: + awsMskIamSecretKey: "" + protobufGitBasicAuthPassword: naFpMBw + saslPassword: nKEzr + schemaRegistryPassword: xU + schemaRegistryTlsCa: pc + schemaRegistryTlsCert: fF1z9FE + schemaRegistryTlsKey: tx + tlsCa: bhhbwypQ + tlsCert: Dw1477 + tlsPassphrase: zRD + login: + github: + clientSecret: 1UD4N + personalAccessToken: LmFkP6BgmLQ + google: + clientSecret: m + groupsServiceAccount: "" + jwtSecret: 9ejQZ6 + oidc: + clientSecret: cXdjG + okta: + clientSecret: eF90RohF + directoryApiToken: 1zXLSJEQ + redpanda: + adminApi: + password: rr4c4 + tlsCa: Eonnpq + tlsCert: aPCNgYI + tlsKey: vlrLQ9I9 +secretMounts: +- defaultMode: 266 + name: omIzst + path: "" + secretName: Pn +- defaultMode: 133 + name: "1" + path: gIWg + secretName: gi4zM +- defaultMode: 451 + name: lrUYguc + path: D9pR + secretName: 3FH +securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - m优ķNJ噓+Pð + - 橯O燁 + drop: + - 褈墄ȃ杵 + - 娨Î + - rƴ}Ɇ橮ʕ*m敼ʎhǰ.ʔcZ + privileged: true + procMount: 攏O婑 + readOnlyRootFilesystem: true + runAsGroup: 8829730151763757512 + runAsNonRoot: false + runAsUser: 64441908715087607 +service: + nodePort: 325 + port: 314 + targetPort: 398 + type: C +serviceAccount: + annotations: + "": zL + EANkzh: rmy + automountServiceAccountToken: false + create: true + name: nX5G +strategy: + rollingUpdate: {} + type: ɬ(ìɅ +tests: + enabled: true +tolerations: +- effect: ɥ)藖朡YȖɌGǼRŗ迼@醹F6鎚 + key: 7Nq + operator: "4" + tolerationSeconds: 3766411560743927749 + value: TCksEtpTf +- effect: ȷ^?3HʉɚŢȾL + key: mj5pit + operator: 隱瀆J纝ɽÄ:憹欓 + tolerationSeconds: -3549323835306297633 + value: CN0gSHK7T +topologySpreadConstraints: +- labelSelector: + matchLabels: + N5pfvDQM4ZnP: "" + ZDk6ppZLAO: nn + f1Z: 2Molvtunvm + matchLabelKeys: + - cUf4VG + maxSkew: 2039905438 + minDomains: -1795353257 + nodeAffinityPolicy: 啚FLjʐəǪɠ梎Ň沮<^Zæ + nodeTaintsPolicy: Å扯R + topologyKey: qVloCmz + whenUnsatisfiable: ūh挕ŀ靕土伔澍鄓 +- labelSelector: + matchExpressions: + - key: sgB0Jx + operator: "y" + matchLabels: + Dhp: chzEB + matchLabelKeys: + - TBO + - g5M + - h + maxSkew: -825758940 + minDomains: 1383227075 + nodeAffinityPolicy: 婬ȴ羉Ā蕲k<ǯŘ`貉ì攘窼ȶ{黺( + nodeTaintsPolicy: 晓}從磹砛鬀D + topologyKey: MXei + whenUnsatisfiable: Ē舐ɒ'Q|ȃ#Y\厾h +-- case-046 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 2Nsqe + operator: 阴闤Bǘ尚僞熐蘐槄TČ鉇拍Ɣ唉f钡 + values: + - EQslZWcPKU3 + - key: clrdH7j + operator: 鹓ī郖漖8ĬwƓ + values: + - zsB2 + - HGN2A + matchFields: + - key: Is7w3FDS5zse + operator: -ĉYd + values: + - U4nF56qPTw + - mm38x0AQL5c + weight: -1981921933 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: mRa + operator: ȥǮĬʩɄeƩ蟤确= + values: + - ooR1 + - QIho6keUV5fIUe + - jrOsTe + matchFields: + - key: miXl + operator: ʯ5yɶȁ/z>Ǡb_Ȉ撿÷đ湕ǭ + - matchFields: + - key: yXFe + operator: ȁ!Ńǩ浉F蕊ƕ倉輴Q¬ß巩ɿ + - key: qEUUleUJCe + operator: dz楥Qɗ鎽嚬t轮黑<ƻ眄 + values: + - pXk + - l22 + - l6 + - key: DiInxf + operator: lťõ祟X鬀ò嬬uġ + values: + - CtW2vs2 + - x + - rT + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: 0oFNd + operator: 喯z芡I钷)bę%匾蟨 + values: + - i6xl9Mn + - "Y" + - Dnn1nA + matchLabels: + ACWAVtod: 5MsAi + W7L46x: Iohx + matchLabelKeys: + - tZcagyiX + - 5w + - SMP + mismatchLabelKeys: + - b + - f + - bqCBIIfcdw + namespaceSelector: + matchLabels: + H3qd: 6DBRkuQvCde + namespaces: + - Y3j7k + - 8i2rf + topologyKey: 290Z + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: j8OASVi + operator: Ų驐Ĥ>Ȳ`1)o}嵊袀d + values: + - DE + - key: Iir + operator: WqȊ晝ɛ唊ɵk抩Ǟ紅銫Ş秠Ś~ą + matchLabels: + 8RiTX5m: lU1nenIq2B + B1: gskcNQo6g + D1kq67: "" + matchLabelKeys: + - ii9Ab3 + mismatchLabelKeys: + - 4X2zohLQD + namespaceSelector: + matchExpressions: + - key: HyU35bXzWF + operator: 尽ǰ + values: + - "" + - sB3pY + - 4r + namespaces: + - vW + - LYI + - mhQ0 + topologyKey: pjisw + weight: 1962236401 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 9GtVGXjE + operator: 镭鱆ʁ;崽DȔ3Ĭ鐓敝 + values: + - igW0 + - Qiyx + - zMm24In + matchLabels: + AWiVWW: gPF0Yh + matchLabelKeys: + - 01T9Mphw + - qcecz73o + - o6bBrV + mismatchLabelKeys: + - uJJWe + - 8On4IIB31 + - p4t46HL8K + namespaceSelector: + matchLabels: + h: iExiiF + topologyKey: ZhTV + weight: -2130387111 +annotations: + cflWrdcz: jJe +automountServiceAccountToken: false +autoscaling: + enabled: false + maxReplicas: 451 + minReplicas: 241 + targetCPUUtilizationPercentage: 434 + targetMemoryUtilizationPercentage: 89 +commonLabels: + "": WcYTY + rHtDM6k: ZY6Kw +configmap: + create: false +console: + roleBindings: + - 0RZs: null + 3MoL: null + DS: null +deployment: + create: false +enterprise: + licenseSecretRef: + key: "" + name: mP +extraContainers: +- args: + - TLL + command: + - "" + - kyr + envFrom: + - configMapRef: + name: cGxJkM382 + optional: false + prefix: 8ZYix + secretRef: + name: sptdX + optional: true + - configMapRef: + name: sv + optional: true + prefix: juf4E1 + secretRef: + name: WrvN + optional: true + - configMapRef: + name: stixRM6Z1c + optional: false + prefix: eHg4 + secretRef: + name: kJK + optional: false + image: Q + imagePullPolicy: 榲µʪ + lifecycle: + postStart: + exec: + command: + - AHw4N6lX4 + httpGet: + host: CuJ + path: kY9OI68 + port: I6fEdljwf7WI + scheme: 0Tæ + sleep: + seconds: 8747859025599270243 + preStop: + exec: + command: + - SAiYloe + - rxrb8 + - U1 + httpGet: + host: D + path: Ck4D + port: 1235678776 + scheme: 讅º頼 + sleep: + seconds: 2255567287221174216 + livenessProbe: + exec: + command: + - rlPo + - TpvecI + - c + failureThreshold: -1194959675 + grpc: + port: 1286950474 + service: l03Ttx + httpGet: + host: iZbpkGTG + port: -104521289 + scheme: ǘɚƃŊ1_蛺ƥ篯 + initialDelaySeconds: -1041934050 + periodSeconds: 1858129919 + successThreshold: 812913269 + terminationGracePeriodSeconds: -6125486107996409317 + timeoutSeconds: -1767574186 + name: "5" + readinessProbe: + exec: {} + failureThreshold: 596482569 + grpc: + port: 1150156757 + service: qaPYsPWRM + httpGet: + host: iNasZ6 + path: CpVj + port: GC + scheme: 謭¤GȫȇƄ聭Dłʬ + initialDelaySeconds: -1604058483 + periodSeconds: -603768209 + successThreshold: 1589218932 + terminationGracePeriodSeconds: 4819160591653315271 + timeoutSeconds: 2047446198 + resizePolicy: + - resourceName: Or + restartPolicy: OȜ)漢ɨ酳h + - resourceName: i6roWBCG + restartPolicy: Ćʊ赆ʒ + resources: + limits: + ZTOf: "0" + requests: + "5": "0" + restartPolicy: ȱTǣıN飿 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - c + - Ɛ絜-Ȭ狆ǚƫȼ)ɦȗ欌3Z + drop: + - '*`N}柁番贝鍝陂±Ǖ弊' + privileged: true + procMount: 湅ʨɩƗ吞硩Ǘɵ櫜5 + readOnlyRootFilesystem: true + runAsGroup: 2454233763446715277 + runAsNonRoot: true + runAsUser: 1349777568495231591 + startupProbe: + exec: + command: + - tEiO0Gf + failureThreshold: 1955219951 + grpc: + port: -4890683 + service: 4tTWT + httpGet: + host: 5h5p4Uk + path: JX2HU + port: b6yI + scheme: 娂儯庬Xǿƫ + initialDelaySeconds: 1159427409 + periodSeconds: -1534574298 + successThreshold: 1143094739 + terminationGracePeriodSeconds: -2223019815025430450 + timeoutSeconds: -1544667872 + stdin: true + stdinOnce: true + terminationMessagePath: 1FuR + volumeDevices: + - devicePath: "Y" + name: EahA503T0 + volumeMounts: + - mountPath: QxOZw9E + mountPropagation: N"賬 + name: k4sw3lfzmj4 + subPath: 9a + subPathExpr: q5p0 + - mountPath: 9FHN + mountPropagation: o~ʆ容Ĺkjɋ5cȔcƼ诔楞 + name: wmkq + subPath: M1UIiHV + subPathExpr: IhSh2 + - mountPath: KTgxDgARv + mountPropagation: 篪k矲PƊ$ʇ謞šS婝耻遄 + name: nvW2 + readOnly: true + subPath: u6 + subPathExpr: C3n82 + workingDir: F2B +extraEnvFrom: +- configMapRef: + name: s4S + optional: true + prefix: g8JM + secretRef: + name: Km8n + optional: false +extraVolumeMounts: +- mountPath: VW + mountPropagation: gjɲi呒>[ɻ + name: HRTFVpU6YN + readOnly: true + subPath: J + subPathExpr: Zx9CYV +extraVolumes: +- name: ldO +fullnameOverride: fB6TF +image: + pullPolicy: '&Q眫' + registry: HjNl + repository: z9WL9QV + tag: jKgmVjE +imagePullSecrets: +- name: DL1OBpd0 +- name: jM +ingress: + annotations: + A4M6T: IUmZ9 + AHN: gcT00IU6 + S: lzi1Q + className: aU0xOzsFN + enabled: true + tls: + - hosts: + - PV + secretName: aHG1 + - hosts: + - bX + - Cu + - xuscoJ + secretName: fBCynrlb +initContainers: + extraInitContainers: aF +livenessProbe: + exec: + command: + - mWA8 + failureThreshold: -2111746605 + grpc: + port: -159496093 + service: 5BzT + httpGet: + host: Pgb + path: W + port: FTodWK + scheme: '@ĝȗɰ*8Eȑ' + initialDelaySeconds: 1224736641 + periodSeconds: 1490424943 + successThreshold: 2012886943 + terminationGracePeriodSeconds: 1140281843739171103 + timeoutSeconds: 1910690397 +nameOverride: "" +podAnnotations: + P10bx: 4As + RWk: E + e: rh7XI +podLabels: + SnZ: mnX + aL0TsomY: aVv4hsuMJ7Aiq + luPi3E6: iCt +podSecurityContext: + fsGroup: -137977092678744094 + fsGroupChangePolicy: ʅ翄ąIJU÷[Ɉ<Ǧ兰巒鄂 + runAsGroup: 2453672470118860 + runAsNonRoot: false + runAsUser: -2867620198524252040 + sysctls: + - name: p + value: "" +priorityClassName: wQ +readinessProbe: + exec: + command: + - bmfgcwd + failureThreshold: -1418487663 + grpc: + port: -468793496 + service: MhQm3 + httpGet: + host: nQSr0S + path: M8 + port: 1657726276 + scheme: 鶉阑 $ý + initialDelaySeconds: 1895968402 + periodSeconds: -1686229865 + successThreshold: 1934722351 + terminationGracePeriodSeconds: 2537915062001973026 + timeoutSeconds: 1366589097 +replicaCount: 376 +resources: + limits: + 87w5tBp: "0" + AmXXE: "0" + QH55ZH: "0" + requests: + EbalAlq: "0" + RpvkPX: "0" +secret: + create: true + enterprise: + licenseSecretRef: + key: ellF2F + name: K3 + kafka: + awsMskIamSecretKey: Xs8UvJPyL + protobufGitBasicAuthPassword: BKbdr + saslPassword: xW3EDKA + schemaRegistryPassword: Vewx + schemaRegistryTlsCa: te + schemaRegistryTlsCert: JxH + schemaRegistryTlsKey: jhxioPhQ + tlsCa: eP + tlsCert: H9 + tlsPassphrase: Gz + login: + github: + clientSecret: Q + personalAccessToken: akEcq + google: + clientSecret: vj6 + groupsServiceAccount: pJ8NQ + jwtSecret: jUc4rQpG + oidc: + clientSecret: 8SCyi + okta: + clientSecret: Yd + directoryApiToken: q1rSa + redpanda: + adminApi: + password: mON + tlsCa: rNzsp + tlsCert: UStA + tlsKey: 3E +secretMounts: +- defaultMode: 305 + name: smBrE0cI + path: "2" + secretName: zeb +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - pij*fƤ + privileged: false + procMount: 罽İ耲,衧駕R=k{ŝ{躈瑮L + readOnlyRootFilesystem: true + runAsGroup: 3478202026348193011 + runAsNonRoot: false + runAsUser: -5521479784565460908 +service: + annotations: + aDeGG7F9S: 5d + nodePort: 439 + port: 271 + targetPort: 481 + type: PK7oH1pcU3 +serviceAccount: + automountServiceAccountToken: false + create: false + name: "" +strategy: + rollingUpdate: {} + type: żb給ū裬M +tests: + enabled: false +tolerations: +- effect: 瑟bĕʫFuěG盲ÿ + key: d + operator: 秸ƿ + tolerationSeconds: -7614909558910242428 + value: h2U4 +topologySpreadConstraints: +- labelSelector: + matchExpressions: + - key: 60k + operator: ʉ赳Ɇǂt硴煟讒ib + values: + - M755avF + - He6fTmtHDXC + matchLabels: + c4BN5BiYtjB: tyUmvwGkL + matchLabelKeys: + - E4G8mM3 + - G1C9Cjj + maxSkew: -1527756346 + minDomains: 432090734 + nodeAffinityPolicy: qǗ阵W&喁CE®ņpPȂ\Ç苗ĈȄ + nodeTaintsPolicy: ȉ珉@:x凝謽Q釀ļn适c顦 + topologyKey: V + whenUnsatisfiable: 瀥 +-- case-047 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: 182966451 + - preference: {} + weight: -2028220392 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 5a5MXO + operator: kƎǦƙ«嚄ƭr騥邜Fċʐ叧F& + values: + - BRA + - Ywt7JHE + - key: TjE3wFb6 + operator: O`6ƥ縈L:Ckʄ鹟瑧 + values: + - "" + - dxDLfiL + - 0IgsneLlLo + - key: tuBbSOMR + operator: 桛ʫ褛ʒɩWkv濱瘛#Ěi邱CNǖ4孳 + values: + - 9zJ + - 7T3iJAwX + matchLabelKeys: + - ZYcvinlq + - PwQO9 + - M3gb + mismatchLabelKeys: + - e + - K1XrVh + - D1CkR8 + namespaceSelector: + matchExpressions: + - key: uqnyV6k + operator: rĮ'示嶠ĵ攛Ņ + - key: 0ONfMVB + operator: n梷E8ʟ菛晉 + values: + - Q + matchLabels: + IqH8n: pCJ16S + mUE: HyxdirX0F + namespaces: + - gptVP + - L + - 7CmPHtA + topologyKey: XDhewcrvK + weight: 2033587292 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: jcAfZ5VF + operator: 饀re + - key: sj + operator: U姑R° + values: + - p8zbO + - key: 2LmP5 + operator: ŸȢ庾塁BƖ + values: + - NN + matchLabels: + ApvKyKe: kHE9lIIleR + mismatchLabelKeys: + - n3VRcT5qX + - zGNqgUGNX + - hDZ + namespaceSelector: + matchExpressions: + - key: "7" + operator: 砃=G墈赞飍鵝7d + values: + - Uiz9BnY + - key: hd76 + operator: '{緶ɡnW' + values: + - vc1yj10y + - Je + - eg + - key: 06pjmB + operator: =帛胏 + values: + - RQ10 + - Z5WWhGqt + namespaces: + - seMTT1 + topologyKey: E + - labelSelector: + matchLabels: + oplIL: 67Fs0Yu4 + mismatchLabelKeys: + - T1 + namespaceSelector: + matchExpressions: + - key: hOQWYMD + operator: vǑ壞2â飿"Xʝ簮倏c + values: + - "0" + - key: WWGKqAgL + operator: '''OƼŪ祰ǑŗiU嘏ɮ?Ī語' + values: + - yU5IOsL + - koP + namespaces: + - lDs + - xQZsD + - J + topologyKey: j0k4ds + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 9nDdXGQwP + operator: '[痵lǝ,ǶÜÂD' + values: + - th + - u8xZ + - ucr3vqZeG + - key: QWVrK8k + operator: ʀăɼy耯#運+3坽« + values: + - 2lcZKn + - G2IQ + - YbYwv + - key: N4bc7Wn + operator: '%7`iɊȑ槦醒}' + values: + - NiSH90 + - 98iHVkt + - 0r3Yu9i + matchLabelKeys: + - zrV + - Ey + - R + namespaceSelector: + matchExpressions: + - key: gEbVS1wo + operator: z + matchLabels: + 2YURuF: "" + CJTjm6: nOFN + oUtlWUD: 0k14ag + topologyKey: M1yF5YA + weight: 477520510 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: mdjoxbr + operator: V2SŨǰ8嫟淦 + values: + - 3ww0Ei + - 2PjudE + - pmpvETB0n + - key: NFqQGo + operator: 处;Ƕk鎹û絹褡Sy + values: + - V + - key: HuZ + operator: ȓő&ś>S怭ť]E榕 + values: + - sUume + matchLabels: + ef2q: 4ZL0O9b + r8xqG: MJ + matchLabelKeys: + - "" + - "Y" + mismatchLabelKeys: + - djn6fDf + - ukZi8 + namespaceSelector: {} + namespaces: + - dOU1F + - 1ygQdj3xZ3YIf + - wvpeJx + topologyKey: Rq4K6z6 + weight: -1277100698 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: b + operator: "" + values: + - tmuB5 + - 9qE9GM + - oJpaRDn2 + - key: WY + operator: u酘b + values: + - RhO + - Cs2rDIRrPlii + - nG4bqoAkQU + - key: eMae + operator: ǟĕȴnjI覿9¥H艞ɋ + matchLabels: + ToIBbWL: 4k8X + i2qGkWjvF7QJ: pb0sZq + u12o4B4: Ybz + matchLabelKeys: + - HCKtJC7hm + mismatchLabelKeys: + - 21r0Z + - "" + namespaceSelector: + matchLabels: + 2BNgnKr7Ob: 5RffK5NB3ghhfO + bJC: WTOgH + uA: bxdRwsU + topologyKey: 2CsbupZ + - labelSelector: + matchExpressions: + - key: RIP + operator: Oȝ(氧罻 + values: + - 1bx3Fix9 + - key: eqQoi + operator: 68+ʈĘ + values: + - FgfwmYrR + - mznlyr2aLTGF + - GfAoC8M + matchLabels: + FKwNoJ: aJZxa + cEeo8ix: 3dHunLjp5 + ihSd: qG7x + matchLabelKeys: + - F6LQK + mismatchLabelKeys: + - ULcGW + - RYv + - fF + namespaceSelector: + matchExpressions: + - key: Tkp5 + operator: ȴ潺谡Ƣh躈ŮâÿȒũĔ + values: + - fY9NuWB + - O84 + matchLabels: + 09fI: EDSEVi + Dl: 4u38aD4O + vZCciR: neqAXd7k + namespaces: + - ozziI6FZ + - URQlLJF + topologyKey: SeSq4K +annotations: + Bx5i3M: s + svlaTGpSHD: 7P9k +automountServiceAccountToken: true +autoscaling: + enabled: true + maxReplicas: 122 + minReplicas: 449 + targetCPUUtilizationPercentage: 218 + targetMemoryUtilizationPercentage: 488 +configmap: + create: false +console: + roleBindings: + - eaLPMN8qOPT: null + xb: null + xnt: null + - 3Mgk: null + roHIFBN: null + - TtzrP: null +deployment: + create: true +enterprise: + licenseSecretRef: + key: nj + name: rl +extraContainers: +- args: + - lW + - lpUVzUh + command: + - 3mEGtoKbEWE2Jw5T + - b1GBFA + env: + - name: hsiWF93 + value: zBco + valueFrom: + configMapKeyRef: + key: 8hvvaoHB + name: "y" + optional: false + fieldRef: + apiVersion: WPT5J + fieldPath: sc + resourceFieldRef: + containerName: 0xbTU4O + divisor: "0" + resource: tPBV2ObG + secretKeyRef: + key: YEKZukl + name: px + optional: false + - name: PM0MyyH3R6R + value: yOzX + valueFrom: + configMapKeyRef: + key: I3pi + name: DC + optional: true + fieldRef: + apiVersion: "25" + fieldPath: "" + resourceFieldRef: + containerName: aZj1E7LU + divisor: "0" + resource: sxs0nE31 + secretKeyRef: + key: Ktb3c4 + name: g98T + optional: true + - name: 6kDq8UgFIS8 + value: L0i4 + valueFrom: + configMapKeyRef: + key: 9WUe9 + name: tZrRUK + optional: false + fieldRef: + apiVersion: GIc + fieldPath: AXTmU + resourceFieldRef: + containerName: E2 + divisor: "0" + resource: a63tq + secretKeyRef: + key: luWp + name: lPdowo + optional: true + envFrom: + - configMapRef: + name: vzVk + optional: true + prefix: DONFyRd + secretRef: + name: 9uct + optional: false + - configMapRef: + name: z5nC9D + optional: true + prefix: 5epUyS1iy5m8 + secretRef: + name: zqRFC + optional: true + - configMapRef: + name: awjfJlZxN + optional: true + prefix: LhArOQgbq1OCR2L + secretRef: + name: mb5axzX5 + optional: true + image: qPLiX + imagePullPolicy: '{Ĩ檽]ĻĹňɋ偌Ȏ.阛魉' + lifecycle: + postStart: + exec: + command: + - yAeOM + - s53um + - 3m + httpGet: + host: GJWsJm + path: iDQ + port: 1781170742 + scheme: 皐ű葺ȝĬ麐&ʉ執dz0娸叹 + sleep: + seconds: -4230531115544534394 + preStop: + exec: + command: + - sIGb5 + httpGet: + host: AbxhPKar + path: 3ZZ5 + port: 88852320 + scheme: 砨Ĝ_筀¤痟氻劊űI俼员z幛F + sleep: + seconds: -4758564920159898567 + livenessProbe: + exec: + command: + - ty6JMTW6vA + failureThreshold: -1459976999 + grpc: + port: -1689493187 + service: ihsDMVYd + httpGet: + host: e9NNlO5d + path: iBo4 + port: 334788778 + scheme: ƿ:ħȠL$ + initialDelaySeconds: 1625633184 + periodSeconds: 1327859251 + successThreshold: 1766792721 + terminationGracePeriodSeconds: -3971501657411371216 + timeoutSeconds: 557348614 + name: U3U + readinessProbe: + exec: + command: + - "Y" + failureThreshold: 391027623 + grpc: + port: -1858356724 + service: hnqm + httpGet: + host: g + path: C48 + port: F + scheme: 苎lɲÁ频×ȊDžȀ9Ď"昽 + initialDelaySeconds: -1404160881 + periodSeconds: 521131323 + successThreshold: 2005094455 + terminationGracePeriodSeconds: -5942417190535485186 + timeoutSeconds: 2118365394 + resources: + limits: + Ms1A: "0" + WkWhM: "0" + requests: + b4kR9nm9BfQZy: "0" + eLg: "0" + huME: "0" + restartPolicy: ľ慔/PpǏ銢9滖ɝ韍I鍌$ʪ辫Uz + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - wą&嘪研Z`ȧȢfʘ*ō + drop: + - ƿ`ĉĎ苦Ǧ蘈NJ她笻Ƞ + - 磨3踦煨1JƸc錚捁 ĊZe)ám \ + privileged: true + procMount: 鋶XJm/覹ɋ¶ȉĒȤ瀶|ƻŒ(咡 + readOnlyRootFilesystem: false + runAsGroup: -8452021579348253718 + runAsNonRoot: true + runAsUser: 5983932912975749110 + startupProbe: + exec: + command: + - sZhTLr + - GK + - kqL9aDDm + failureThreshold: 1004086477 + grpc: + port: 1266077274 + service: l1ji1IW1ic + httpGet: + host: rJI + path: H731Dr + port: 1333462733 + scheme: 项鰚ɽ洍êƳ + initialDelaySeconds: 1806670133 + periodSeconds: 1290098703 + successThreshold: -490255445 + terminationGracePeriodSeconds: -206080146769410314 + timeoutSeconds: 270060590 + terminationMessagePath: P1HCGJEbJiD4 + terminationMessagePolicy: ʇ鞯BC鸼樁÷ǹ楺 + tty: true + volumeDevices: + - devicePath: a4 + name: 0bA + - devicePath: VeRXU9 + name: A0XbFJhG + - devicePath: fdim + name: RJf + workingDir: ZoDFb +extraEnv: +- name: "" + value: YbKo + valueFrom: + configMapKeyRef: + key: bIruuA + name: x8 + optional: true + fieldRef: + apiVersion: EqX + fieldPath: ZOh + resourceFieldRef: + containerName: IDJTm5lv + divisor: "0" + resource: QDC8v + secretKeyRef: + key: "8" + name: LcSdNiKff4 + optional: false +- name: RZHq9C + value: m + valueFrom: + configMapKeyRef: + key: PZVqf + name: x + optional: true + fieldRef: + apiVersion: xQi + fieldPath: vxeo + resourceFieldRef: + divisor: "0" + resource: l7 + secretKeyRef: + key: i3lK + optional: true +extraVolumeMounts: +- mountPath: OO0aO6h + mountPropagation: "" + name: kDKM + readOnly: true + subPath: AlRCH + subPathExpr: 7UemLsIe +- mountPath: Z8zdlU + mountPropagation: 醗¡°v:胡 + name: aedAMG + subPath: zo5P1xa + subPathExpr: WmuiME +- mountPath: ufiUx + mountPropagation: '`ʡÔ关Ľ?' + name: PWBh + subPath: 2hslJ + subPathExpr: pUtN3 +fullnameOverride: YUi5JpG +image: + pullPolicy: ȕ蚧竔/´苅oC + registry: zUsK + repository: lQjo + tag: p +ingress: + annotations: + CImW98Gx2v: otj + fP: SRGkm + className: lM + enabled: false + hosts: + - host: AYT + - host: oulge + paths: + - path: 3bi + pathType: ixqeQz + - path: nG + pathType: 5LwYGxvMr + - host: "" + paths: + - path: jJrUpe + pathType: 72AAc + - path: B0K + pathType: kxnm8kN + - path: tQDn + pathType: IxAmHD + tls: + - hosts: + - n9Np8ftRtFhzi + - g + secretName: C + - hosts: + - CMhuwA + - wYA0tSvo + secretName: z + - hosts: + - 34mbP + secretName: 80Z +initContainers: + extraInitContainers: PRtnaAy8 +livenessProbe: + exec: {} + failureThreshold: -1392926461 + grpc: + port: 257623603 + service: us + httpGet: + port: L9CrR58RHnS + scheme: ʅ²7kp + initialDelaySeconds: -1384385388 + periodSeconds: -1660079876 + successThreshold: 680842396 + terminationGracePeriodSeconds: 6050526356201491316 + timeoutSeconds: 213455290 +nameOverride: nEojiMtRc +podAnnotations: + Mfsd: hmi +podLabels: + 6dZAs: xJPaLHKS1Y2 +podSecurityContext: + fsGroup: -6567182940167159103 + fsGroupChangePolicy: 6iɰ堂:齐ǪÈ + runAsGroup: -1787219330993537800 + runAsNonRoot: true + runAsUser: -5627543087390804845 + supplementalGroups: + - -3306962996817147613 + - 975882030005456556 + - -5263492609498468245 + sysctls: + - name: YC + value: 7JlDTCP6hs +priorityClassName: 0P6RnoBeb5 +readinessProbe: + exec: {} + failureThreshold: 1689894479 + grpc: + port: 222105741 + service: D + httpGet: + host: vyj + path: JoV4VZMz2Bv + port: vRf9ZHgc4j + scheme: 条om競娷Njʑ + initialDelaySeconds: -1753994274 + periodSeconds: -1189421015 + successThreshold: 1278527365 + terminationGracePeriodSeconds: -6266260075166332402 + timeoutSeconds: -209775227 +replicaCount: 391 +resources: + limits: + 8ycM: "0" + requests: + CvglPI: "0" + s5: "0" + uiHB: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: Iq + name: Tb8RGi + kafka: + awsMskIamSecretKey: gj + protobufGitBasicAuthPassword: kO + saslPassword: IB3qNjrV + schemaRegistryPassword: 4wnp6Qi + schemaRegistryTlsCa: gFBJq + schemaRegistryTlsCert: LUubckiv + schemaRegistryTlsKey: 9Op + tlsCa: 94x0v + tlsCert: h4lSMbv + tlsPassphrase: CVT4wjw + login: + github: + clientSecret: YaYETggo1hi + personalAccessToken: d + google: + clientSecret: tDqsIg + groupsServiceAccount: FSUAkU004n0k + jwtSecret: 2dWKNqarwb + oidc: + clientSecret: i2n + okta: + clientSecret: XytR0yn + directoryApiToken: m3WEq4zKv + redpanda: + adminApi: + password: ozo + tlsCa: 0g + tlsCert: hQ + tlsKey: xfpkmy +secretMounts: +- defaultMode: 184 + name: L8dbWip + path: g + secretName: LF0O +securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - «Ƙz损 + - ɟE鄱Į惪Y桦ŗɘoȍ蠣4ƪ呀R> + - "" + drop: + - 娤b + privileged: false + procMount: ʍ曏(ƶæ + readOnlyRootFilesystem: true + runAsGroup: -406748533537085799 + runAsNonRoot: false + runAsUser: 3238073083343117470 +service: + annotations: + 8v2: JbH + 95cxbjjD7C: JBMaJ + VY: yRV7d + nodePort: 18 + port: 168 + targetPort: 227 + type: WAAXkZY +serviceAccount: + annotations: + DQxrtk8: buiWLPbYq + HHbP: sAY + Y0DKOcTa: D82Nfh + automountServiceAccountToken: true + create: true + name: DSw7 +strategy: + rollingUpdate: {} + type: żʧȟ +tests: + enabled: false +-- case-048 -- +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: v + operator: ė + values: + - ln + - lU4zX8iz + - t0Xc + - key: s3fpu + operator: ɥ娿ăʄĠ mʓ銈E'袭ĵ + values: + - ljJlhx + - matchExpressions: + - key: qPBvuBghor + operator: 泱诅ʫt + values: + - a05XZwN + - SiAvFWs + - FhW1 + - key: MVFTcW + operator: º囜N赧0索d + values: + - c + - ghZI + - AjB0J + matchFields: + - key: QzMSpLW + operator: :ɉùȪÇzǥC货°ÕV? + - matchExpressions: + - key: pA7a1gYdV + operator: '[ĪtOK' + values: + - 2bE4Bw + - fyMOYi + - key: wshbw7Ix + operator: J槭~撑MS=ÑƎ薽饵a緗 + values: + - 9jt6 + matchFields: + - key: s1 + operator: 犫茬睶ňv + values: + - XhyH + - Ng1r1 + - nqis + - key: mHLiT + operator: ȁ佝L郗s稷tŻ+f舭拳鰵2e{a + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: jdvk + operator: ƶ + values: + - NV + - y4 + - V2XRZS + - key: 9VvAl5 + operator: <坎陸$§¤_ã檠奙Å饉J夗ɓ翩锸辸 + values: + - x26kYkJ + matchLabels: + DziixIJYd: yCXzPc + matchLabelKeys: + - XNuk + - RGLu + mismatchLabelKeys: + - aF3 + - R + - Tnj6SmTq + namespaceSelector: + matchExpressions: + - key: e1XR + operator: Kɞ窏ǿ,鸣ŰcNc + values: + - Yrq + matchLabels: + F2Pe7J: dlwTdhs + lK: nolQ + ys9z: euXWPiaJ3Bv + namespaces: + - tAzvw4OH1G + topologyKey: 6y + weight: -1640008169 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: XbjQvP + operator: V嶙NZ谡筩ǒ抂 + - key: i + operator: ɔŃ旓Ɍ鬺X + values: + - Zvx + - 7HWJ + - e4ucTP + matchLabelKeys: + - 0LSTZ + - ESk2r + mismatchLabelKeys: + - CKhfvR0Sg + namespaceSelector: + matchExpressions: + - key: A0tc + operator: 辛§ʢ垝V矋n握匞~嶯筪溆¸ + values: + - ML + matchLabels: + K1pr: ROFIwZhJYYo + ODc: 48WQ + namespaces: + - Wv7 + - zenLPw + topologyKey: tIVDde5U + weight: 1977587462 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 3YyUamlR + operator: 橯F + values: + - dHitre + - 90jUjk + - key: NtnSL + operator: 臰sR=坵Ěcñ黪:ɻ寊â9dƎ\V + values: + - qqzycK + - key: ICXJGRFS + operator: $貕^eėǭD鳅ʇ + values: + - txX + - SFrkJ9r + - 3jOnwEW1 + matchLabels: + Uwj1kpV: oUXOYkF + o: ts5wRqjTyCy + matchLabelKeys: + - V2DNNCORe7ZRA + - pglXe4D + - w3881 + mismatchLabelKeys: + - xbi5KtUmR + - eZenitLdd + namespaceSelector: + matchExpressions: + - key: fxd5Y + operator: 頣R熗!A麳Ƚ6r爤暓 + values: + - oe46YF + - rT30v + matchLabels: + 4WA: EH + nRhlLLx1yHy: 5UFrj + namespaces: + - 7j92oP + - 2hf + topologyKey: "" + weight: 92207265 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: wBvol + operator: Ɂüɯ + values: + - eKmyok + - key: B2uj69 + operator: "" + - key: hLrZlh + operator: ȕ嵠味 ɼ_ + mismatchLabelKeys: + - W + namespaceSelector: + matchExpressions: + - key: Qu + operator: 亣i拴ÿ + values: + - OeiUsmYu + - oGXa6Ma + matchLabels: + "": Li + oDV7yR: NP + namespaces: + - PQjQb3LP + topologyKey: Gs1 + - labelSelector: + matchLabels: + "": nF + mismatchLabelKeys: + - YG6aQj + namespaceSelector: + matchExpressions: + - key: HpxPVtw + operator: z畘ŠƽǢ蘟\ɡ忕ɋ蜹5B + values: + - EQ + - RP3fBi + - key: Lv60cZut + operator: 裰ƈ + values: + - I9JbN + - dt + - Cya + - key: 0MGm8N + operator: 遍Ż + matchLabels: + nELvnrAFr: DClM + topologyKey: N57yxG + - labelSelector: + matchExpressions: + - key: "" + operator: KǞ}ɣȿ嚶宗荝«Dž + values: + - CGw32z4JHya + - E + - u5CDtdc + matchLabels: + J5LzcLei: kBwTCGZ + iLpqu: j4bqBNDjAK + jN: jUZ0u + matchLabelKeys: + - lNM + - K3nOO5 + - 9norFQpMiC + namespaceSelector: + matchExpressions: + - key: y4teb + operator: 蚯 + values: + - P + - O0 + - MvxOu + - key: v8w1Ok + operator: 8ƴņŨƊ¹艗胲ƦpYƿ9d脙~Ë + values: + - "4" + - "66" + namespaces: + - OtWsVW + - p + topologyKey: GeF + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: GRLHy + operator: Ä椶 + - key: Z + operator: ė牫ȃ汥Ƈ娍q\桕ɄNǴ + values: + - S1hMkP + - K + - x5coDg + - key: kJzBQ + operator: ʉĻ孺bɧɬʬ柿娤e¯]每) + values: + - DbD1 + - C5dyvNew + matchLabelKeys: + - 8G + - 7cCVU + - lN + mismatchLabelKeys: + - xJ5l + namespaceSelector: + matchExpressions: + - key: U89y + operator: ȓ2浿澰V缐厧钎wň莁願菶ʈ杈 + values: + - 9m6ydjpHu + - CatqpZmUCL + - dJz + - key: SIePbOJc6H + operator: ljR2qɟ$s櫮c雕Ů幔莁沥ʫľƙŝ + values: + - 75tj75r + - XiO + - key: "" + operator: 舄或崙Ĭɐ耼Ī弋禽$ + values: + - HWwXVr4o + - WEkwi8ZNDQ + - f + matchLabels: + fi8w0BX: Z48LRdXmkJ + namespaces: + - Yaw2NnfJ + topologyKey: ElKfd7Eo + weight: 1078166465 +annotations: + Dgw3Wl: 7aofTp +automountServiceAccountToken: true +autoscaling: + enabled: true + maxReplicas: 1 + minReplicas: 224 + targetCPUUtilizationPercentage: 468 + targetMemoryUtilizationPercentage: 256 +commonLabels: + 4kU: mkn8 + Ro: NFx1P + Z1p: WE +configmap: + create: true +console: + roleBindings: + - FZ5NQS6: null + - 0ToI: null + RTwav: null + mWwdgyM: null + - {} +deployment: + create: true +enterprise: + licenseSecretRef: + key: "" + name: 3VGefRh +extraContainers: +- args: + - 3QF + - k1BJBm + command: + - PMW + - j + - V7MAcfomz + env: + - name: rAzI53 + value: WlHlq + valueFrom: + configMapKeyRef: + key: zzIBsb + name: Bh261F + optional: false + fieldRef: + apiVersion: SlA + fieldPath: "6" + resourceFieldRef: + containerName: q0BBEv + divisor: "0" + resource: JE + secretKeyRef: + key: FvrZgBz + name: ZTBeic + optional: false + - name: uPptX + value: i9 + valueFrom: + configMapKeyRef: + key: JeHwi + name: TiQHOG1EsFUgIE + optional: true + fieldRef: + apiVersion: i7dd + fieldPath: Tu + resourceFieldRef: + containerName: ChdvA + divisor: "0" + resource: Eq1V33RTZQSJRJFg3V + secretKeyRef: + key: ojxn54r + name: L + optional: false + - name: Sl9Py25FX + value: e9 + valueFrom: + configMapKeyRef: + key: Zq80J9tyR0opcz + name: gy00dyvHFa + optional: true + fieldRef: + apiVersion: UJLSQy7zL + fieldPath: Xm4sg5H + resourceFieldRef: + containerName: ZmY7Fno6Fcop3 + divisor: "0" + resource: gqZwW + secretKeyRef: + key: v + name: hJDoWtjkfL + optional: true + envFrom: + - configMapRef: + name: RdWA + optional: true + prefix: Dq + secretRef: + name: BOBOO0sLIWw0e + optional: false + - configMapRef: + name: MoMnWNTC + optional: false + prefix: "3" + secretRef: + name: B58Vvj3 + optional: false + image: Vn5V + imagePullPolicy: 筥ǏŤČ癳嶧GĒH挕ÄHɡ + lifecycle: + postStart: + exec: + command: + - hTIx + - lslygl + - lSgx5G2IfU + httpGet: + host: GNVKz7 + path: d0Y + port: Igi + scheme: 莵łEǐ嫖ʒʔvŊ>ry5贛 + sleep: + seconds: -184172880642712439 + preStop: + exec: {} + httpGet: + host: tD1TkKV0ES + path: s6 + port: OpK5riOe96 + scheme: 琊*i#欱E唂ȧ鐄膶詃7 + sleep: + seconds: -4889549574266894064 + livenessProbe: + exec: {} + failureThreshold: 1591130939 + grpc: + port: -540029946 + service: aoAN2Lx03 + httpGet: + host: vWu + path: Lo + port: 1468671948 + scheme: ȯ煐IŢ + initialDelaySeconds: -1879733088 + periodSeconds: 1106663448 + successThreshold: 240850805 + terminationGracePeriodSeconds: -7405296717602935730 + timeoutSeconds: 524743651 + name: AInfx2Rak + readinessProbe: + exec: + command: + - oIA3 + - H + - 96Uj2 + failureThreshold: -1855887857 + grpc: + port: -495541010 + service: X + httpGet: + host: ZplmMg + path: tAAr + port: 1950182935 + scheme: ʂ綽oa;n轮ęB觼Z=G泇跢揌韇锶 + initialDelaySeconds: 1057136331 + periodSeconds: -2025421367 + successThreshold: -812558156 + terminationGracePeriodSeconds: 4314843605692522234 + timeoutSeconds: -1609986779 + resizePolicy: + - resourceName: EvmpG + restartPolicy: 4ɱ + - resourceName: hTB20ObO1 + restartPolicy: ½ŏ伐Q蔏ʝ噙漃袩J]Ɣ蒘岇 + resources: + limits: + KWlx2c: "0" + O: "0" + requests: + ZCJwGBL: "0" + restartPolicy: 1nĔ:蹮>s蹬ÍǺ + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 迠寈搣弝渎İ- + drop: + - 檹Ɩ + - ɧ麧ç2ā兛杧蔙團载^P蚡5缿ʒU襩 + - cLD|ƶ虌Ȗ + privileged: false + procMount: ïƋ圏滜ľ転謀ĤP蹥ȅ|髃蒃Q癎æ + readOnlyRootFilesystem: false + runAsGroup: -4850605470374303682 + runAsNonRoot: false + runAsUser: 7731251064648990624 + startupProbe: + exec: + command: + - LqYoUQy3c4BE + - 5N + - Ug + failureThreshold: -1290004088 + grpc: + port: -1721281251 + service: H2p + httpGet: + host: 02CP5 + path: F609y + port: JjwFH + scheme: 珑 + initialDelaySeconds: -402608647 + periodSeconds: -1520214127 + successThreshold: 209058699 + terminationGracePeriodSeconds: -1900030585542850396 + timeoutSeconds: 1686394545 + terminationMessagePath: qixKzKz + terminationMessagePolicy: Ǥ衚蔁ʙ剠Ǡɭf~ + volumeDevices: + - devicePath: zM1 + name: jmc + - devicePath: IZ + name: PS + - devicePath: kN24U + name: Apu0r1U2 + workingDir: WgB +- args: + - 2Z37 + - 75kO + - TjvjkZTrc8s + command: + - M0NtzJ + env: + - name: 2EH + value: O + valueFrom: + configMapKeyRef: + key: J1ozKsuji + name: glLvAIHP7i + optional: true + fieldRef: + apiVersion: 3gAjGu + fieldPath: sNpuR8m + resourceFieldRef: + containerName: oxx + divisor: "0" + resource: PuKq + secretKeyRef: + key: Iua2L1LoCWMs2 + name: YfKwS8s + optional: true + image: PKNM + imagePullPolicy: ÍĪ0魣Ŋʒ + lifecycle: + postStart: + exec: {} + httpGet: + host: fsZ + path: EGnu + port: 765491661 + scheme: ?ğ叆ɂ&pʠ溶Ǚu + sleep: + seconds: 4688626474961012693 + preStop: + exec: {} + httpGet: + host: TB + path: "6" + port: -50369560 + scheme: ~Ǚɇ>ƃ\7]歉sh羘y4 + sleep: + seconds: -5293607398165581925 + livenessProbe: + exec: + command: + - 1g8dewdj + - lRmD + failureThreshold: -125369558 + grpc: + port: -1490211482 + service: R + httpGet: + host: CSGThzhG + path: 9NBKzoiFzs + port: -272474300 + scheme: ŀ + initialDelaySeconds: -1094670881 + periodSeconds: 1768141210 + successThreshold: -985604418 + terminationGracePeriodSeconds: -1297054466922920616 + timeoutSeconds: -1289231356 + name: KtKv6dg + ports: + - containerPort: -632764671 + hostIP: 8CU + hostPort: 917138107 + name: 1VgOx + protocol: 典ȫ窃ÛǪ3m患 + - containerPort: 739656218 + hostIP: dQQ3 + hostPort: -1348301133 + name: "3" + protocol: '?Ū慾ŘLº桒J:茦扰絥ǗȑĎ:' + readinessProbe: + exec: + command: + - qZ2J + failureThreshold: 293719665 + grpc: + port: 1235836411 + service: ig3 + httpGet: + host: Ws + path: FVnJhZq7I + port: -1075951148 + initialDelaySeconds: 321800409 + periodSeconds: -556535717 + successThreshold: -625124830 + terminationGracePeriodSeconds: -4084380722124342213 + timeoutSeconds: -904900305 + resizePolicy: + - resourceName: GKINnuJx + restartPolicy: Řl©=嬈牍]佧& + resources: + requests: + omO: "0" + uga5: "0" + xnRsp6C: "0" + restartPolicy: ʝdŌİ蒘傥>晑|癶x&ĭmŭƙŵ + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 約nɤưHĞ4WƳǤȣ糥蠇t + - ¾ʃŔ冻楟?¿揈h嘼œ + drop: + - 7忭譺屩嫕ƞʅ袬/氼Xg养ȸ陣萓 + - 胨`鯵ƪĽ藹 + privileged: true + procMount: Ulƙxȿƌ乜溬噕瀆储铐\纬 + readOnlyRootFilesystem: true + runAsGroup: 4589112012742886931 + runAsNonRoot: true + runAsUser: 3204614620414442288 + startupProbe: + exec: + command: + - TFJ + failureThreshold: -585814509 + grpc: + port: 178002023 + service: lAuHCrE + httpGet: + host: "88" + path: Th + port: In + scheme: 鷵菭g顲Ⱦ穪 + initialDelaySeconds: -1856697198 + periodSeconds: 1469578394 + successThreshold: 160563852 + terminationGracePeriodSeconds: -4442318275257517382 + timeoutSeconds: -16211809 + terminationMessagePath: 513sVbgA + terminationMessagePolicy: 隓Ǽ屼Å7嗟Ʈ麝0{ȦDžĐ! + tty: true + volumeDevices: + - devicePath: ugQAJ + name: Jf + - devicePath: BFfnTD + name: kfF6CZ + volumeMounts: + - mountPath: C3 + mountPropagation: 呍婻厦ǒ絶偂蠛ƺ蠖蕍v貰Ė + name: DQvHajhHx + subPath: aYHGugq + subPathExpr: MSs + workingDir: OE +extraEnv: +- name: rd10f1l + value: GtUE + valueFrom: + configMapKeyRef: + key: C1N + name: bi + optional: true + fieldRef: + apiVersion: 9GWlMsB + fieldPath: l2 + resourceFieldRef: + containerName: 4t + divisor: "0" + resource: eyjvzsf + secretKeyRef: + key: xBMOaej + name: O8AG + optional: false +- name: C + value: fYlde + valueFrom: + configMapKeyRef: + key: 4HvhDAkW + name: 5bgA7leE7 + optional: false + fieldRef: + fieldPath: zY6rf + resourceFieldRef: + containerName: S3 + divisor: "0" + resource: 3sD + secretKeyRef: + key: s43 + name: LpaQ + optional: true +extraVolumeMounts: +- mountPath: M5 + mountPropagation: 稤Bơ觓Ð琋 + name: yQHj49RtdzN + subPath: GdQkAKF + subPathExpr: Gvswh +- mountPath: QRg + mountPropagation: 搚Kƕ欕K貵蠜d旓ĀÝ虩釓 + name: qCEH27RF + readOnly: true + subPath: nHB05RuTZ + subPathExpr: K0yH +fullnameOverride: 3um +image: + pullPolicy: Ƀşb?師Ğ`3H觉趟糯襖 + registry: VHbf77MFq + repository: 9Gz + tag: Tg +ingress: + className: ob + enabled: false + hosts: + - host: gH + paths: + - path: Ts + pathType: CGb + - path: "" + pathType: zZQ + - host: iiV3 + tls: + - hosts: + - tHQ4 + secretName: fnmcizOYm + - hosts: + - iPP + - 6ESVwf0d + - ziZck0N + secretName: O7mKv7 + - hosts: + - 8YGvchGJ + - wN + - XtvjzH0 + secretName: VlbaTuVK +initContainers: + extraInitContainers: thAoOYwQDaAt +livenessProbe: + exec: + command: + - nCg + - T6fzKjCjD + failureThreshold: 279778022 + grpc: + port: -995356959 + service: 9yOO2 + httpGet: + host: PYJSaHej + path: fr7 + port: 8Ij + scheme: QɄ揆ѧ鶹i骡l僴Ǎ植烤ĕǘqɦ + initialDelaySeconds: 1098820524 + periodSeconds: 414174316 + successThreshold: 1178515566 + terminationGracePeriodSeconds: -5729352865043664628 + timeoutSeconds: 873461419 +nameOverride: W7q3X +nodeSelector: + Bm9U: oTYglG6dh +podAnnotations: + eG: vxInc0 + g: BI6yk + xCtSP: rQ +podLabels: + ZEXh: zufy +podSecurityContext: + fsGroup: -3794452885502571644 + fsGroupChangePolicy: 欲飹Rɦ薕µL<Ĕ + runAsGroup: -3171560656159467191 + runAsNonRoot: true + runAsUser: -4412205905842408558 + supplementalGroups: + - -7215185124091152595 + - 5139656417921062736 + - 600742233156257714 + sysctls: + - name: Te + value: cKzihj +priorityClassName: l4Mowg +readinessProbe: + exec: + command: + - "" + - c8G + failureThreshold: 37001950 + grpc: + port: 1211428387 + service: UUKg3TJGP2 + httpGet: + host: eznD + path: aBohoOMPU + port: -2044766681 + scheme: 讻;Ǩ办鈁癃靟èʣ¾fǖ^Ǟ + initialDelaySeconds: -396024246 + periodSeconds: -1467409206 + successThreshold: -1328773613 + terminationGracePeriodSeconds: -8721653473984246810 + timeoutSeconds: -1781454259 +replicaCount: 46 +resources: + limits: + 8cdWaeK7jVrR: "0" + HYBi6o: "0" + requests: + NOz: "0" + gH: "0" +secret: + create: false + enterprise: + licenseSecretRef: + key: wNZRnHu3m + name: ULOBG + kafka: + awsMskIamSecretKey: RfMF + protobufGitBasicAuthPassword: julgURa4B + saslPassword: uuq + schemaRegistryPassword: "54" + schemaRegistryTlsCa: 0rjT0gsnw3 + schemaRegistryTlsCert: kpA9ZJQgp1 + schemaRegistryTlsKey: 4rfN + tlsCa: NhTEC0A + tlsCert: iN0W + tlsPassphrase: Id1ovgK + login: + github: + clientSecret: LWyKxwgV + personalAccessToken: Nkq1DyJixsC + google: + clientSecret: tJv + groupsServiceAccount: 9jqz4h + jwtSecret: PWdr6CcxS + oidc: + clientSecret: RMxiMIY + okta: + clientSecret: SJ6I + directoryApiToken: 1wIf + redpanda: + adminApi: + password: C9I2x + tlsCa: Qpp + tlsCert: "" + tlsKey: 7uh28L +secretMounts: +- defaultMode: 80 + name: Mt1 + path: WsSL4vxNxCkXP + secretName: ZxXI0Hhv +securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - Ɋ闻ǃɗʀd撪 + - 蘑ǪY桼ɮǚɳ爥ňB + drop: + - 乄}ñ0詘蛾牪坣缰ƩǏ薷©瓚`Ʋ虯r + - ǓJğ&ĊƯʝbǠCŪzgì + - ńǜ[ɪ判Uʋ]泘狔 + privileged: false + procMount: 媹:堏_ɟ榧禙Ɲ'瞟 + readOnlyRootFilesystem: false + runAsGroup: 2759228957449300312 + runAsNonRoot: true + runAsUser: -812867783664200775 +service: + annotations: + c: DNy + kDPtPpnL: kFmmx + nodePort: 377 + port: 311 + targetPort: 29 + type: l5gj +serviceAccount: + automountServiceAccountToken: true + create: true + name: sKa +strategy: + rollingUpdate: {} + type: 顓ǝSm +tests: + enabled: false +tolerations: +- effect: 嫜ʎ愤wßj硭 + key: JO1 + operator: ȼ¾Pȇ挮ƶȋ'蹑鶚嗵ïG + tolerationSeconds: -6027642013843151183 + value: a3XbyS +-- case-049 -- +affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: L + operator: 域%Ɠ礇!ʘl.ǷŠ该貹&N + values: + - oAk8rvkey + - Fb08GpumY + - key: YJGr + operator: '|4\i事!ų藦x鳜Ǫ' + values: + - 63Yvc + - key: j + operator: ¸瀖čņ!彅搀 + values: + - RnzdW + - Nxs + - unZuno + matchFields: + - key: wLP0QqdHBmd9e + operator: ȑwȼ嶢vC`ȖĜƐ桡牆ēIa,謧ŗ + - key: mdgmMZ + operator: Ō§ȶƔ>#Z骻5S洝岛Ċ啞. + values: + - Fvf6 + - key: GQsV + operator: 涥ȕêȩȋ婍0毙舺糩\DŽŅ饒 + values: + - XccQkxG + weight: -1172839714 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: JpS0BkW + operator: 聣耥ʒ昼|Ȏ)ß瞖a癨櫒缮{v + - key: HLL3gv + operator: 铡ÞC腢z蟒Á + - key: iDGQV8Bjyu5Q + operator: 舢脛歛ƻ68 + values: + - eLCH7Nc + - QQqPUN + - "" + matchFields: + - key: AY2q9fnL + operator: ȏ伌鎩5桀ʁ + values: + - Uac + - K0q + - bY71A + - key: rBwZz + operator: '*ĴȉǼ矼SN]ʛ源' + values: + - 5yMkn + - key: S1C + operator: ÿƙ彋,嘲樦 + values: + - OXH + - vl1 + - uCYaO8Cn + - {} + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: mZ3rAF9 + operator: yŲĺȫ阁笵W®詃Œ + values: + - bhvFz + - key: uiaNXZcXT + operator: "" + - key: AAM + operator: 閸鬼駝洁c奊(Ƅ謍MǍ辰T堍癩)丗 + values: + - "9" + - ESiN3 + matchLabels: + kCSDZtsm5: vVk + oBlyCq: jlh + matchLabelKeys: + - BCZ8FFbh + - A + namespaceSelector: + matchExpressions: + - key: Lsf + operator: L + values: + - a0HB + - C + - key: eoj6ic3 + operator: ż伌oA汄俔ɿ7巪娻% + matchLabels: + Cx: wwPPM + namespaces: + - 9xhG + - JAutZqe4gGeuf + - "" + topologyKey: 1a + weight: 223935020 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: LtGRhs + operator: 棺ǔ'ɘ砒Æ擑Ɵģ + values: + - GhM4BSJqNOf + matchLabels: + "": 7Ni + matchLabelKeys: + - yxF4 + - 22RoWr + - etRteovEh9 + mismatchLabelKeys: + - 7NOfe + namespaceSelector: + matchExpressions: + - key: 3KCX2 + operator: 臞ʀ¯弄Ɨ橎琜ġ鍳¶ȣ2墛.ɮ濎ɕ磞 + values: + - 5YiE0xEC + - 4spxMd + - vUPA + matchLabels: + YHIq: nS + topologyKey: F4 + weight: 716052627 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "9" + operator: ĠƑȥ兾3ŶJ + - key: pPvuyWZ + operator: ;bļo刲+圊}MǏŅ惤ć + values: + - 9pMXT + - Ezwo11 + matchLabels: + 66347W: ccFxZoF9 + X: VrN5kt + mismatchLabelKeys: + - u4LyY1 + - zT + namespaceSelector: + matchExpressions: + - key: qwhutJo + operator: 垴ǞƼ + matchLabels: + OFxMkYx: lhxtM + topologyKey: WN8qbUgigF + weight: -1609734055 + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - "" + mismatchLabelKeys: + - XnhP + - "" + - Bk + namespaceSelector: + matchExpressions: + - key: M + operator: Ǽ糨ʡ毺Ɇw + values: + - ntvI + - vs + matchLabels: + "4": 2Y2FBpcbg + namespaces: + - 1S8c + topologyKey: jxiZ4d + weight: 1993833508 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: EpKkdimp + operator: 额ƀ箰L禼aÅ顙)C舉 + - key: e2Zu7Kb + operator: t潱髦pö鵺b澁6銹 + values: + - z9n + - LdMQ + - r + matchLabels: + F: Nc + Qa2h5toVwd: GGxZ3BQ + l: Z6Rh + matchLabelKeys: + - LsCC + - dgmxxZW + mismatchLabelKeys: + - e + - Cb + - e0DAEluN + namespaceSelector: + matchLabels: + oJ56D: 33m + tkP8tO: mIkfyE6E + namespaces: + - VxN + - hbwB9 + - t + topologyKey: qag0unul +annotations: + BceQMZiOm: E1uakdHPkLNL +automountServiceAccountToken: true +autoscaling: + enabled: true + maxReplicas: 292 + minReplicas: 381 + targetCPUUtilizationPercentage: 255 + targetMemoryUtilizationPercentage: 99 +commonLabels: + 0HYkOrz: JCwpSW + 0TgDztQSY: P + ztm: qegfb80 +configmap: + create: false +console: + roleBindings: + - K: null + nGSYV: null + roles: + - {} +deployment: + create: true +enterprise: + licenseSecretRef: + key: yAo51i + name: blNvk6O7Urx +extraContainers: +- args: + - kn0F9 + command: + - M + - Hph3 + - lZfWKF + env: + - name: HBWtNh10A + value: 8guE + valueFrom: + configMapKeyRef: + key: Chnm + name: UlwzEQ + optional: false + fieldRef: + apiVersion: 8pq9 + fieldPath: qpnfP4p + resourceFieldRef: + divisor: "0" + resource: L0tn + secretKeyRef: + key: J + name: gbfgF + optional: true + envFrom: + - configMapRef: + name: n32MM + optional: true + prefix: cp3 + secretRef: + name: Uc + optional: true + - configMapRef: + name: VGBL + optional: true + prefix: NTMU + secretRef: + name: CEg + optional: true + image: zIWYBi7 + imagePullPolicy: 蘂ȱʃ& + lifecycle: + postStart: + exec: + command: + - QpTcv + - MS0T0N + - wiE + httpGet: + host: ZCUJOIH + path: UsXT + port: 8nExSP2u + scheme: 'uŊ6熀: 焆 烷ʫ-Ŗ亾ɣʖ氝"肰' + sleep: + seconds: -2519616411083819638 + preStop: + exec: + command: + - rmQ7 + - GxRXQk + httpGet: + host: UIVpXMrzW + path: 4tHQ + port: 8xLK1VyM + scheme: ƳǃóɃȊ{回żz闓葊G嚥 + sleep: + seconds: 3595323074300269449 + livenessProbe: + exec: {} + failureThreshold: -882825879 + grpc: + port: 503069299 + service: W + httpGet: + host: FilCCd + path: NPZrCEq + port: 6NoPho8wIsxe + scheme: āȹ顺悩錣Xƕ灄ĿG乒 + initialDelaySeconds: 781680731 + periodSeconds: 205458 + successThreshold: 1115648780 + terminationGracePeriodSeconds: 4579765768791485272 + timeoutSeconds: -676867842 + name: 2tf + readinessProbe: + exec: + command: + - edKf + - 0U + - MFr2Oh + failureThreshold: 1812906550 + grpc: + port: -791379232 + service: IAqADBco + httpGet: + host: 55GZ + path: AQC + port: sxTXcp + scheme: ƷMg靚珨嘸ȗʒ鑉Ȝ梒ŗǐkōĕĵ鞍 + initialDelaySeconds: -130429301 + periodSeconds: 876742351 + successThreshold: -1424043483 + terminationGracePeriodSeconds: -1574530902871555383 + timeoutSeconds: 764935409 + resources: + limits: + 9eHi: "0" + rO52puR: "0" + requests: + UF8LV7N: "0" + ao: "0" + cRVsAz8v: "0" + restartPolicy: ɥ]×璳 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ɖ膵7&ʞíXĦx-ǰİɾ榩聨ŗ% + - DŽ熲鴼玜覲杷ȆƠ沺伤{拢 + - ɉȋʠRÂo霾噜奩ƻv$Áő + drop: + - ɑ摿愻J«ʘA宜ƹ¶ + - 餫aJ矐sǁ隑z36渢X赼 + - )ǜ鄰挺溒ŒV栜Ù涸JH-_d + privileged: false + procMount: Ito縎 + readOnlyRootFilesystem: false + runAsGroup: 2484782727894659713 + runAsNonRoot: false + runAsUser: -6936271037843914749 + startupProbe: + exec: + command: + - X + failureThreshold: -256045507 + grpc: + port: 376282302 + service: wdQrDn0 + httpGet: + host: teaO6 + path: DBHpGkYdgAJ + port: -1625640156 + scheme: Ʌ + initialDelaySeconds: 673272264 + periodSeconds: -1050905915 + successThreshold: 282500457 + terminationGracePeriodSeconds: 5768805478519709604 + timeoutSeconds: -601307290 + stdinOnce: true + terminationMessagePath: POO + terminationMessagePolicy: '#d鿂Hk閎=ɰ蜐ġOʡ蠁żǖ' + tty: true + workingDir: Z3pdGL +- args: + - a7Tqs + - UuID5t + - gRCnbjyp + env: + - name: ZV1KP + value: WrT0 + valueFrom: + configMapKeyRef: + key: zZzTgax + name: 3z3eoets + optional: true + fieldRef: + apiVersion: 88zo + fieldPath: z0vE72 + resourceFieldRef: + containerName: DF4t + divisor: "0" + resource: hfVfYFW4 + secretKeyRef: + key: I6JwpO5 + name: I88w22gsx3 + optional: true + - name: z8 + value: sgj8UHZ + valueFrom: + configMapKeyRef: + key: Q85vN + name: lYGl4 + optional: true + fieldRef: + apiVersion: oQu7 + fieldPath: TYd + resourceFieldRef: + containerName: "Y" + divisor: "0" + resource: Yx + secretKeyRef: + key: f + name: 0Pjf9YBj + optional: false + envFrom: + - configMapRef: + name: fAH + optional: false + prefix: vjjU + secretRef: + name: 9A8OgEQ9 + optional: false + image: R7L + imagePullPolicy: '}m6铤<豎ŵ,#M狥ʬo' + lifecycle: + postStart: + exec: + command: + - 2E + - gzntg + httpGet: + host: BOoVI + path: ns7ZMdNwQC + port: XF + scheme: ky咊ʅ ʂ娼ȟƐ橽ǿ唔ARɨ罙 + sleep: + seconds: -3978858376823543730 + preStop: + exec: + command: + - Hns + httpGet: + host: Lw8 + path: wdo + port: -239095421 + scheme: ƹ禍OÇ + sleep: + seconds: 3838288160382433952 + livenessProbe: + exec: + command: + - 8E + failureThreshold: -1052479375 + grpc: + port: 82058135 + service: S3UA2HwQaN + httpGet: + host: T0 + path: wYV6 + port: cEf + scheme: 斡1{嘫b葎剜屙唯皎図Ǜ錮ơxȒt駦Ƨ + initialDelaySeconds: -1976610733 + periodSeconds: 436460884 + successThreshold: -949159248 + terminationGracePeriodSeconds: 1786907735670591108 + timeoutSeconds: -2035324376 + name: 0ygO + readinessProbe: + exec: + command: + - "" + - YQ + failureThreshold: 1469514474 + grpc: + port: -1835111333 + service: 5WmTypZfT + httpGet: + host: BDf + path: ZY + port: tyrBXIqhX + scheme: 趬扬鉰昵 + initialDelaySeconds: -683847692 + periodSeconds: -95594828 + successThreshold: -1707399501 + terminationGracePeriodSeconds: 3256417681193515380 + timeoutSeconds: -2088454060 + resources: + limits: + zVX: "0" + restartPolicy: 晄d塮@ʥO%驮ÆgǍô + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ' 吓zǘa畷' + - 鲃ʍ瑘ƴɛjV艑ǔpMK杣Ġ + privileged: true + procMount: zɱÙŭǫäƿ诧聉ń醽Ƥ裩5 + readOnlyRootFilesystem: true + runAsGroup: -2381715627246700598 + runAsNonRoot: false + runAsUser: 6590063474480015904 + startupProbe: + exec: + command: + - "9" + - oRMM2F + - "" + failureThreshold: -1711876939 + grpc: + port: 1138187974 + service: OvdS + httpGet: + host: GZWJ + path: vzJeBCvGMHn7 + port: h9p1Pak + initialDelaySeconds: 447733263 + periodSeconds: 1805541821 + successThreshold: -1114184264 + terminationGracePeriodSeconds: 2730048172651207780 + timeoutSeconds: -1850805595 + terminationMessagePath: GK8 + terminationMessagePolicy: ɾDŽ÷郃ɻ玗璺,4 + volumeDevices: + - devicePath: bLf + name: UVN1o + - devicePath: fIT + name: Qiswb + - devicePath: 9b8i + name: h1 + workingDir: 1IOT +extraEnvFrom: +- configMapRef: + name: GTjM + optional: true + prefix: GSbKp + secretRef: + name: vhsV8Pl5 + optional: true +- configMapRef: + name: cvXs + optional: false + prefix: cBFtb + secretRef: + name: x9N + optional: false +- configMapRef: + name: rDSrOmdL + optional: false + prefix: 0u3 + secretRef: + name: A6PG37zBJfwNR + optional: false +extraVolumeMounts: +- mountPath: De7 + mountPropagation: 1k噟霞ƁĹ + name: 1Z2WnghTc + subPath: Ts5Ful + subPathExpr: YyidD +- mountPath: onM7c3 + mountPropagation: m=Cɬ + name: GC5ZsY07Mr + readOnly: true + subPath: Xt + subPathExpr: r6gZk +- mountPath: 8gPjX7hc + mountPropagation: ƃ柅珚ȭ能 + name: oN + subPath: auYcD + subPathExpr: aheb25w +fullnameOverride: 0BIfuN +image: + pullPolicy: õ鴀铑û + registry: RCYS61Exfql + repository: 8ZLfmymq + tag: 4BSL9iL +imagePullSecrets: +- name: h5x +ingress: + annotations: + q5IN: ehJ3uPo + zL3YTK: "3" + className: aflhQOHWYOXuZ3 + enabled: false + hosts: + - host: obOeJZKpH + - host: u1ac0 + paths: + - path: Riz + pathType: Oa0rGRl + - path: w2xzu + pathType: n2bXr + - path: a68 + pathType: S + tls: + - hosts: + - pgmng + - hosts: + - rxpJYOgPS + secretName: dMa7jxJF +initContainers: + extraInitContainers: N4zG +livenessProbe: + exec: + command: + - "8" + - hRb + - cFB + failureThreshold: -567921134 + grpc: + port: -512457609 + service: F01OY6OLj + httpGet: + host: C04PqGy + path: lMqUJbF + port: 381786117 + scheme: c隢ƖȂ賒Q'd{X旝ĤɪI,k4Ú + initialDelaySeconds: -507660572 + periodSeconds: 1912372611 + successThreshold: -232304560 + terminationGracePeriodSeconds: -4579383330955987300 + timeoutSeconds: 582403024 +nameOverride: 8dJzE +nodeSelector: + ra78: fJ +podAnnotations: + "": cuRn + qBdeU: EQv +podLabels: + O2n4u: kpFpu + g1c: XEOMg +podSecurityContext: + fsGroup: 6449559755791185949 + fsGroupChangePolicy: 慩梱ʂcƎƱ\火ɘ²ɉ_ + runAsGroup: 841256803887707704 + runAsNonRoot: true + runAsUser: -2824253868920734938 + supplementalGroups: + - 8145086042470336086 + - -5005570809576723279 +priorityClassName: JhGfjGXQ +readinessProbe: + exec: {} + failureThreshold: 1010917423 + grpc: + port: 1307350058 + service: TfOG + httpGet: + host: dKWY + path: Qr + port: -837347685 + scheme: C_ + initialDelaySeconds: -986314779 + periodSeconds: 1763110639 + successThreshold: 1473932979 + terminationGracePeriodSeconds: -4633283219964217670 + timeoutSeconds: 1291669389 +replicaCount: 308 +resources: + limits: + x6: "0" + requests: + eeR: "0" + l: "0" + xppI8xB: "0" +secret: + create: true + enterprise: + licenseSecretRef: + key: 6LDJ8t + name: 4n4q72vaO + kafka: + awsMskIamSecretKey: INqD5 + protobufGitBasicAuthPassword: SBJl + saslPassword: 78E + schemaRegistryPassword: YMuFCG7qR + schemaRegistryTlsCa: 1y5yRb6O2b + schemaRegistryTlsCert: NuhkhpMV7b + schemaRegistryTlsKey: 9zcrFj + tlsCa: 0PF + tlsCert: wArD + tlsPassphrase: bj3xqz + login: + github: + clientSecret: jdPGF7 + personalAccessToken: y6xqv + google: + clientSecret: m6FeI + groupsServiceAccount: xi1j27Lipj8 + jwtSecret: pg + oidc: + clientSecret: zbsTootC + okta: + clientSecret: rHSfT + directoryApiToken: rOXaN + redpanda: + adminApi: + password: 8c + tlsCa: CJbHIM + tlsCert: uO + tlsKey: uhB0L +secretMounts: +- defaultMode: 500 + name: 99SgdOsZD + path: AQpWvptFEk7y + secretName: B6Fq +- defaultMode: 337 + name: U + path: p44 + secretName: DddF02 +- defaultMode: 246 + name: WFd + path: UiI + secretName: tz +securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 趩燡º嗂{踦 + - CƮ + drop: + - 殟kĔ=ņŧɋ] + privileged: false + procMount: aŻ釯fȠ埱ɺȚ + readOnlyRootFilesystem: true + runAsGroup: 4284419790643993066 + runAsNonRoot: true + runAsUser: -4828746969388386674 +service: + annotations: + L: CP + Yf: K4waOjMg + tIYLLgy: d1szIPW6xt + nodePort: 291 + port: 269 + targetPort: 479 + type: IfYfRoHRG +serviceAccount: + annotations: + 5bpPp: ponDVyZ + Ml1: "" + lt: 6VN8BRlJd + automountServiceAccountToken: true + create: true + name: z12W +strategy: + rollingUpdate: {} + type: 擺m鷾DžPĨ +tests: + enabled: true +tolerations: +- key: ka + tolerationSeconds: 2857628758439265098 + value: Ohni9QGx +topologySpreadConstraints: +- labelSelector: + matchLabels: + 3Ym: o2h5aVp + yR4PPZO: 3X + matchLabelKeys: + - vCKujB + - UqCFKCN + - Xnjfai + maxSkew: -943395897 + minDomains: 1955399000 + nodeAffinityPolicy: 噙撢馥櫱m>Q脕擏w梪 + nodeTaintsPolicy: 蝚溄鑝刉=歱Mr踄 + topologyKey: cHyq + whenUnsatisfiable: Q輒ƗȈʑǯƐ| +- labelSelector: + matchLabels: + E: lyK5b9t + UuSjduy: NcK4 + fty: iP6ai + maxSkew: 1881677866 + minDomains: -561571142 + nodeAffinityPolicy: ȫ寴ī嘌.樥'ǹs + nodeTaintsPolicy: ɇ剀ǨUǜ!俛dz餂~匹呃 + topologyKey: pCHj + whenUnsatisfiable: 尘I:Ƒ匌,騸 diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases.golden.txtar b/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases.golden.txtar new file mode 100644 index 0000000000..cf65330d4f --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases.golden.txtar @@ -0,0 +1,24705 @@ +-- testdata/autoscaling-cpu.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +spec: + maxReplicas: 100 + metrics: + - resource: + name: cpu + target: + averageUtilization: 80 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 10 + type: Utilization + type: Resource + minReplicas: 1 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/autoscaling-memory.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +spec: + maxReplicas: 100 + metrics: + - resource: + name: cpu + target: + averageUtilization: 14 + type: Utilization + type: Resource + minReplicas: 1 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/autoscaling-nulls.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +spec: + maxReplicas: 100 + metrics: + - resource: + name: cpu + target: + averageUtilization: 80 + type: Utilization + type: Resource + minReplicas: 1 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/case-000.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + "": 31q1Pbz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "n" + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: HRoLg + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + "": 31q1Pbz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "n" + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: hvGoJL +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + "": 31q1Pbz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "n" + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: hvGoJL +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + "": 31q1Pbz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "n" + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: hvGoJL + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: "n" + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + Q9AVJD4: G9TEnp + creationTimestamp: null + labels: + "": 31q1Pbz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "n" + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: hvGoJL + namespace: default +spec: + replicas: 387 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: "n" + strategy: + type: Ò泆A + template: + metadata: + annotations: + checksum/config: a2b60d22337ad49c09f2108d08f05fc6590bc4b45c804adc901467f348d564e1 + lyW: mn + pjq6fDr: YA2w301 + uXvFB: VQ5gP9 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: "n" + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: Z2BpO + value: 0ggF3ha7D + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: hvGoJL + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 1028486626 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1713123405 + periodSeconds: -1411200119 + successThreshold: -1362510905 + timeoutSeconds: 1375594715 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + x0StjCjt: "0" + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: vQhDS + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: HRoLg + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: hvGoJL + name: configs + - name: secrets + secret: + secretName: hvGoJL + - name: 7iCCax + - name: meEH + - name: xYVSV +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "hvGoJL-test-connection" + namespace: "default" + labels: + "": 31q1Pbz + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: "n" + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['hvGoJL:8080'] + restartPolicy: Never + priorityClassName: vQhDS +-- testdata/case-001.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Sh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: T50cZi + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Sh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: T50cZi +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Sh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: T50cZi +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Sh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: T50cZi + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Sh + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Sh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: T50cZi + namespace: default +spec: + replicas: 414 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Sh + strategy: {} + template: + metadata: + annotations: + checksum/config: 6eb5d8456a652d5006051c8425191238a1a7d39e93a9336b0cc8ca98963c2dbd + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Sh + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: 3Nf + value: vATdo0CH + valueFrom: + configMapKeyRef: + key: IRw5 + name: fa + fieldRef: + apiVersion: 93Fjhay + fieldPath: LRa2I + - name: T0 + value: trXO4 + - name: P9hPooVH + value: yii5lolb + valueFrom: + configMapKeyRef: + key: spAKa + name: U0EYAAe0 + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: T50cZi + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - image: LlCU3if + imagePullPolicy: RɷVȄ×ʤǫĠ侻Ɏźx跻Å榜 + lifecycle: {} + name: l0 + resources: {} + securityContext: + allowPrivilegeEscalation: true + privileged: true + startupProbe: + exec: {} + failureThreshold: -1510490758 + initialDelaySeconds: 112782468 + periodSeconds: -738545847 + successThreshold: -1801864225 + timeoutSeconds: 1026753125 + terminationMessagePath: gCG + terminationMessagePolicy: hmƂÚÕʏ疅耪鯉瓉Ɏ煐8qĺ + tty: true + workingDir: ixD7Jq + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: {} + priorityClassName: NyOpfr + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: T50cZi + tolerations: + - effect: Mǣ鍙x奬Ø裗Ʈ唿踣ʘ)ɒâÄ + key: AWx + operator: yīÄLJʑʢ避 + value: cO + - effect: ï楡ɜƐf鱖À夹ǙȤK + key: Gk23T + operator: è6槈$_ȋ6}rvĕ曉¸顋ŀÓ + value: DCkzy + - effect: 蠯u牰ŇɔnÜȎĤ原H + key: qSC + operator: "n" + tolerationSeconds: -7696192156323826000 + value: z + topologySpreadConstraints: [] + volumes: + - configMap: + name: T50cZi + name: configs + - name: secrets + secret: + secretName: T50cZi +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "T50cZi-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Sh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['T50cZi:8080'] + restartPolicy: Never + priorityClassName: NyOpfr +-- testdata/case-002.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vN4yH7I + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: R1Yar8 + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vN4yH7I + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: xZty +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vN4yH7I + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: xZty +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vN4yH7I + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: xZty + namespace: default +spec: + ports: + - name: http + port: 413 + protocol: TCP + targetPort: 267 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: vN4yH7I + type: ILpSX2Cy +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vN4yH7I + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: xZty + namespace: default +spec: + replicas: 417 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: vN4yH7I + strategy: {} + template: + metadata: + annotations: + 8vRMfVroYC2: QXbUbLea + VV4w: s4sL + checksum/config: 69703ab54946efe744831224dacdb980663f666d8fa5be794fb800135f91d11f + upwTMuIqflmD: 9J0H45zXX + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: vN4yH7I + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: xZty + envFrom: + - prefix: cfVf + secretRef: + name: ha + - prefix: i2E2Jvnc + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 267 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + 27ywV: "0" + nMnjjF4kM: "0" + xar2JX: "0" + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: Y40 + mountPropagation: $寕洦敬苖ēRõøȀ + name: vn5hd + readOnly: true + subPath: oXCY9 + subPathExpr: p + imagePullSecrets: + - {} + - name: YPVBzxvx + initContainers: [] + nodeSelector: {} + priorityClassName: TeCy + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: R1Yar8 + tolerations: + - effect: ǩ趥螏|F8ǻĬ嵍Ğ错ʂĺƠǷ俆峻噸 + key: b + operator: wąȹV{İ刡嚮ȜJ + value: ZuTw + - effect: D稕栥[Ǟ$焫昲 + key: NnhmxYy + operator: Xʀ + value: v65W + - effect: 岂bĤ晏#DĢº + key: MOgT + operator: 礩懜蹻ǍBȟvɸ堊 + value: 3iXh + topologySpreadConstraints: [] + volumes: + - configMap: + name: xZty + name: configs + - name: secrets + secret: + secretName: xZty +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "xZty-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vN4yH7I + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - {} + - name: YPVBzxvx + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['xZty:413'] + restartPolicy: Never + priorityClassName: TeCy +-- testdata/case-003.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: w6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 8nE + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: w6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 8nE +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: Fb + kafka-sasl-aws-msk-iam-secret-key: SrYY84t + kafka-sasl-password: xCc3TeVY + kafka-schema-registry-password: ovCqxwz9Bf + kafka-schemaregistry-tls-ca: JL + kafka-schemaregistry-tls-cert: cS + kafka-schemaregistry-tls-key: UMwYx4F + kafka-tls-ca: HFpsnPdw + kafka-tls-cert: hseIt + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: w6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 8nE + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: w6 + type: ClusterIP +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: w6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 8nE +spec: + ingressClassName: EqUYi + rules: + - host: bKQCmfZ + http: + paths: null + - host: djItx5GtejC6 + http: + paths: null + - host: 2wLaQU8 + http: + paths: null + tls: + - hosts: + - V8BpuMCig + - 7LqG4w92 + - el3u4v + secretName: nUlu5bMwB8 + - hosts: + - 4HLzq + - 2i4g + secretName: lSgQIKwj5 +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "8nE-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: w6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['8nE:8080'] + restartPolicy: Never + priorityClassName: HNqN9h2 +-- testdata/case-004.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + "": PtQ7JxIAdPjt + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: YMl + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console-YMl + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + "": PtQ7JxIAdPjt + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: YMl + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console-YMl +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + "": PtQ7JxIAdPjt + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: YMl + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console-YMl +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + "": PtQ7JxIAdPjt + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: YMl + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console-YMl + namespace: default +spec: + ports: + - name: http + port: 112 + protocol: TCP + targetPort: 173 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: YMl + type: dO7eovC +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + "": PtQ7JxIAdPjt + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: YMl + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console-YMl + namespace: default +spec: + replicas: 261 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: YMl + strategy: + type: ɡv?ĨJ姯ɚƟć匪cb + template: + metadata: + annotations: + 1iK8Ic: Qo3FCg9qi + 63SsVxDT: v + A1Q4J4: U9jygY2t1F + checksum/config: 5f83295c905c2d3c9fea06172a38428a89334248aea9df0ebd8b589a29afeb4f + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: YMl + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: -1713447377 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: null + podAntiAffinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console-YMl + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 173 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: Oj + name: QmzFlXE + subPath: "" + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: JT0MK + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console-YMl + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console-YMl + name: configs + - name: secrets + secret: + secretName: console-YMl + - name: QmzFlXE + secret: + defaultMode: 197 + secretName: 7gi +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-YMl-test-connection" + namespace: "default" + labels: + "": PtQ7JxIAdPjt + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: YMl + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console-YMl:112'] + restartPolicy: Never + priorityClassName: JT0MK +-- testdata/case-005.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: MW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: pN + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: MW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: pN +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: R4Zj + login-github-personal-access-token: N85av + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: enei1WIcV + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: MW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: pN + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: MW + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: MW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: pN + namespace: default +spec: + replicas: 396 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: MW + strategy: {} + template: + metadata: + annotations: + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: MW + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: pN + - name: LOGIN_GITHUB_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-github-oauth-client-secret + name: pN + - name: LOGIN_GITHUB_DIRECTORY_PERSONALACCESSTOKEN + valueFrom: + secretKeyRef: + key: login-github-personal-access-token + name: pN + - name: LOGIN_OIDC_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-oidc-client-secret + name: pN + envFrom: [] + image: 7iw15D/RnJFs0:OQDirE + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -1921365096 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1548958176 + periodSeconds: -1952555242 + successThreshold: -1289242499 + timeoutSeconds: -265051013 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: JU4z + name: QEJyD + subPath: ZBEy2m0m + subPathExpr: S1Kk + - mountPath: RjUw5sX7NP + name: ett1n + subPath: NmZKwz + subPathExpr: QOMT + imagePullSecrets: + - name: ATcT6Hd + - name: l15Hhw + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: {} + priorityClassName: KnLhcy2cw + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: pN + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: pN + name: configs + - name: secrets + secret: + secretName: pN +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "pN-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: MW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: ATcT6Hd + - name: l15Hhw + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['pN:8080'] + restartPolicy: Never + priorityClassName: KnLhcy2cw +-- testdata/case-006.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gCH15URsJZr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: nd7TSb2mNTS + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gCH15URsJZr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: rzd +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: G + kafka-sasl-aws-msk-iam-secret-key: 1tq + kafka-sasl-password: K8kPgIp6 + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: Zr + kafka-schemaregistry-tls-cert: KN + kafka-schemaregistry-tls-key: t + kafka-tls-ca: CQ + kafka-tls-cert: 6xZ8 + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gCH15URsJZr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: rzd +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gCH15URsJZr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: rzd + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: gCH15URsJZr + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gCH15URsJZr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: rzd + namespace: default +spec: + replicas: 176 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: gCH15URsJZr + strategy: {} + template: + metadata: + annotations: + checksum/config: f55f3fdc49a4774db4d2377ea9b69fd8da2a190ef99f7fb31aeb393215f878cc + s2D: DMU7 + creationTimestamp: null + labels: + CoBI: 20aOZaZvs + app.kubernetes.io/instance: console + app.kubernetes.io/name: gCH15URsJZr + e0xqmoOD: Nb5V + ylGQE: p + spec: + affinity: + podAffinity: {} + podAntiAffinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: KAFKA_SASL_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-sasl-password + name: rzd + - name: KAFKA_PROTOBUF_GIT_BASICAUTH_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-protobuf-git-basicauth-password + name: rzd + - name: KAFKA_SASL_AWSMSKIAM_SECRETKEY + valueFrom: + secretKeyRef: + key: kafka-sasl-aws-msk-iam-secret-key + name: rzd + - name: KAFKA_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-tls-ca + - name: KAFKA_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-ca + - name: KAFKA_SCHEMAREGISTRY_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_KEYFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-key + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: rzd + envFrom: [] + image: zT38Q/V:iSGm6MT1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + PY: "0" + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: 5uhd1qMX + mountPropagation: ȵS鈛ZQì暗 + name: "N" + readOnly: true + subPath: lbeciOZZ + subPathExpr: Pd88cwE + - mountPath: yVo + mountPropagation: ÑƇ[嫨ĸŁ幵鿯它(ȡ~嘶ƌO情=į臺 + name: Z + readOnly: true + subPath: Nrqx + subPathExpr: Q4ChfT + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: {} + priorityClassName: 1x11c0q + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: nd7TSb2mNTS + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: rzd + name: configs + - name: secrets + secret: + secretName: rzd +-- testdata/case-007.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: HWL + app.kubernetes.io/version: v2.7.0 + cV05TKdtF: 55lItpeJD + h: 1Y7dqm4wZL + helm.sh/chart: console-0.7.29 + name: RFjc7 + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: HWL + app.kubernetes.io/version: v2.7.0 + cV05TKdtF: 55lItpeJD + h: 1Y7dqm4wZL + helm.sh/chart: console-0.7.29 + name: "y" +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: gp + login-google-oauth-client-secret: Ln0 + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: 3A593BjCuu + login-okta-directory-api-token: mSSz8MZ + redpanda-admin-api-password: t + redpanda-admin-api-tls-ca: QD1x71f + redpanda-admin-api-tls-cert: 744Ysvi + redpanda-admin-api-tls-key: 56VaHh +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - "": null + 5w1YcAu: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: HWL + app.kubernetes.io/version: v2.7.0 + cV05TKdtF: 55lItpeJD + h: 1Y7dqm4wZL + helm.sh/chart: console-0.7.29 + name: "y" +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: HWL + app.kubernetes.io/version: v2.7.0 + cV05TKdtF: 55lItpeJD + h: 1Y7dqm4wZL + helm.sh/chart: console-0.7.29 + name: "y" + namespace: default +spec: + ports: + - name: http + port: 286 + protocol: TCP + targetPort: 404 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: HWL + type: Vvrvx +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: HWL + app.kubernetes.io/version: v2.7.0 + cV05TKdtF: 55lItpeJD + h: 1Y7dqm4wZL + helm.sh/chart: console-0.7.29 + name: "y" + namespace: default +spec: + replicas: 103 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: HWL + strategy: {} + template: + metadata: + annotations: + checksum/config: 37ddb9195e66f6743cc901bea8e2e2db0492fbf3e78355ffe8c7f2395ece1e90 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: HWL + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: qY0f + value: Wu + - name: 9zVp + value: g + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: "y" + - name: LOGIN_GOOGLE_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-google-oauth-client-secret + name: "y" + - name: LOGIN_GOOGLE_DIRECTORY_SERVICEACCOUNTFILEPATH + value: /etc/console/secrets/login-google-groups-service-account.json + - name: LOGIN_OKTA_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-okta-client-secret + name: "y" + - name: LOGIN_OKTA_DIRECTORY_APITOKEN + valueFrom: + secretKeyRef: + key: login-okta-directory-api-token + name: "y" + - name: REDPANDA_ADMINAPI_PASSWORD + valueFrom: + secretKeyRef: + key: redpanda-admin-api-password + name: "y" + - name: REDPANDA_ADMINAPI_TLS_CAFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-ca + - name: REDPANDA_ADMINAPI_TLS_KEYFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-key + - name: REDPANDA_ADMINAPI_TLS_CERTFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-cert + envFrom: + - configMapRef: + name: OUS + optional: true + prefix: YWvtgT + - configMapRef: + name: 4xZZ + prefix: Djbp99U + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 1105213631 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1727299217 + periodSeconds: -579129147 + successThreshold: -1278687101 + timeoutSeconds: -603846855 + name: console + ports: + - containerPort: 404 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 114758306 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 457836757 + periodSeconds: -1914503008 + successThreshold: 1926018786 + timeoutSeconds: 458769630 + resources: + requests: + 4P1f3: "0" + DmuY: "0" + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + CAy: 19kW + R2z: OpcDywz9x + priorityClassName: rs + securityContext: + fsGroup: 99 + fsGroupChangePolicy: 驸Ǩiµ慷泱世 + runAsGroup: 6873387834465682000 + runAsUser: 7937848737866681000 + sysctls: + - name: mp + value: SkIvFN + - name: E + value: RknyuPB + - name: kcY + value: us1 + serviceAccountName: RFjc7 + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: "y" + name: configs + - name: secrets + secret: + secretName: "y" + - name: dCz +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "y-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: HWL + app.kubernetes.io/version: v2.7.0 + cV05TKdtF: 55lItpeJD + h: 1Y7dqm4wZL + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['y:286'] + restartPolicy: Never + priorityClassName: rs +-- testdata/case-008.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: YcV5zP8 + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: GbgHqD +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: GbgHqD + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: RW + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + hfXF: v4uLEC6f8m + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: GbgHqD + namespace: default +spec: + replicas: 475 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: RW + strategy: + rollingUpdate: {} + type: 堯飉J侚桤 合w犌ŝ|#è:(蹝Ƀy輐 + template: + metadata: + annotations: + BTlN: z8t + a: Pqjhw + checksum/config: 1ba99bb938e262d91c73069e0caf6c1ce45d5e92491a50db9d1af5d59db59aed + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: RW + spec: + affinity: {} + automountServiceAccountToken: false + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: [] + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 1421249778 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1194618095 + periodSeconds: 1245060237 + successThreshold: -641096828 + timeoutSeconds: -617099936 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: -10750427 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 208988771 + periodSeconds: -2096658971 + successThreshold: -233405863 + timeoutSeconds: 2042765580 + resources: {} + securityContext: + procMount: ȃ蘗ʮǺ踰蒐佛桸gɋ + readOnlyRootFilesystem: false + runAsGroup: 5367218369967094000 + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: 0fXQqWA96 + securityContext: + fsGroup: 99 + fsGroupChangePolicy: ǶȚ/廻 + runAsGroup: 3241750191956122000 + runAsNonRoot: false + runAsUser: 2693812519144067600 + supplementalGroups: + - -7558357415363805000 + - -9152494874115652000 + - -906805565867492900 + sysctls: + - name: CBe8XsS + value: bh + - name: pUYyG9c + value: xPm1 + serviceAccountName: YcV5zP8 + tolerations: [] + topologySpreadConstraints: + - maxSkew: -722842418 + nodeTaintsPolicy: uã链掎ŏȅ噘籥邟澶N3-昃嗽(七|犘 + topologyKey: vq + whenUnsatisfiable: Ȭť'Ùt苷ŲĤ蘝 + - labelSelector: {} + maxSkew: 1436245353 + nodeAffinityPolicy: 0ʠƃ氁ʆZ + topologyKey: t + whenUnsatisfiable: x叾džʜƽ耨 + - labelSelector: {} + matchLabelKeys: + - 6T2 + - FqrwFd + maxSkew: -172720268 + nodeAffinityPolicy: 觏败TʙȎ喧5婬ȑªgȢ'!ÅWp襎 + nodeTaintsPolicy: ÛB¹]ʐ梳Ě + topologyKey: VyU9 + whenUnsatisfiable: 烹wɹȐN坿¨叻ʊ鴥/Ŭ屎釽C欼 + volumes: + - configMap: + name: GbgHqD + name: configs +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "GbgHqD-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['GbgHqD:8080'] + restartPolicy: Never + priorityClassName: 0fXQqWA96 +-- testdata/case-009.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: BKV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: l1Bnpx + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: BKV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: l1Bnpx +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + efgehQaV5UI0y: GymqDudh + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: BKV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: l1Bnpx + namespace: default +spec: + ports: + - name: http + port: 229 + protocol: TCP + targetPort: 85 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: BKV + type: yZy +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: BKV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: l1Bnpx + namespace: default +spec: + replicas: 315 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: BKV + strategy: {} + template: + metadata: + annotations: + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: BKV + spec: + affinity: + nodeAffinity: {} + podAffinity: {} + podAntiAffinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: l1Bnpx + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -1420734522 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 753838163 + periodSeconds: -444344576 + successThreshold: -1003403229 + timeoutSeconds: -172453343 + name: console + ports: + - containerPort: 85 + name: http + protocol: TCP + readinessProbe: + failureThreshold: -286281002 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 138566964 + periodSeconds: -361700659 + successThreshold: 422528479 + timeoutSeconds: 352721839 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: xShE + name: yWBr98zs1 + subPath: "" + - mountPath: Wnbf + name: qUQ5 + subPath: "" + - mountPath: fgV + name: hpqapQJQ + subPath: "" + imagePullSecrets: + - name: x42RbB4KLm + initContainers: [] + nodeSelector: + OBRBvRK: hMXDLGN5 + ky: sv + priorityClassName: p0ShP6Yru + securityContext: + fsGroup: 99 + fsGroupChangePolicy: 灆Zeɪ霅ǭɒ<ǖ韆 + runAsGroup: -2394155475284911600 + runAsNonRoot: true + runAsUser: 99 + supplementalGroups: + - 802667379359895800 + - 8316082600801372000 + serviceAccountName: l1Bnpx + tolerations: [] + topologySpreadConstraints: + - maxSkew: -73453467 + minDomains: 326628755 + nodeAffinityPolicy: "" + topologyKey: zWgGRC + whenUnsatisfiable: 黚堳ʈ¡ + volumes: + - configMap: + name: l1Bnpx + name: configs + - name: secrets + secret: + secretName: l1Bnpx + - name: yWBr98zs1 + secret: + defaultMode: 414 + secretName: YMpib3J + - name: qUQ5 + secret: + defaultMode: 402 + secretName: Pw8 + - name: hpqapQJQ + secret: + defaultMode: 410 + secretName: 1JLIOjZI8 +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "l1Bnpx-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: BKV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: x42RbB4KLm + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['l1Bnpx:229'] + restartPolicy: Never + priorityClassName: p0ShP6Yru +-- testdata/case-010.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + TTsn5: s3xEhO + tZiUN: CtjX + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: JFcK + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: kIzbDF + namespace: default +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: JFcK + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: ivK + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: JFcK + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: JFcK + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: ivK + namespace: default +spec: + replicas: 250 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: JFcK + strategy: {} + template: + metadata: + annotations: + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: JFcK + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: hu5a9Q0m + operator: Ʊ飁Ɲŗʫf + values: + - fDVpOP + - fUBu2Zhz + matchFields: + - key: zOA + operator: 豔|Ĺ霱鑕yȮM錕陰蔆 + - key: uqlr1 + operator: ʏ + weight: -157546286 + - preference: + matchExpressions: + - key: yI2tB1c6Om + operator: 槼湝@)萢=\Ɇ剋Ś>(.aC俥?蔔 + values: + - 5QB3 + - C + - key: IhL2k3 + operator: "" + matchFields: + - key: Kn1 + operator: q'ʏC効L¶ƋMʐģƥƝnĤe + weight: -1818860211 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - {} + podAffinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LICENSE + valueFrom: + secretKeyRef: + key: 6Y + name: juyv + envFrom: [] + image: 4A/0YeLdES:1a4iH + imagePullPolicy: "" + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1992527736 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1233698472 + periodSeconds: 1177961840 + successThreshold: -1634725396 + timeoutSeconds: -1493252430 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: C3nMA + name: 0sxSVsP + readOnly: true + subPath: V + subPathExpr: 1E5cYdMw + - env: + - name: nE8 + value: hFfGzdv + valueFrom: + configMapKeyRef: + key: 9Sc + name: kviW + fieldRef: + fieldPath: bzL + resourceFieldRef: + containerName: ky9X6 + divisor: "0" + resource: RgwF + image: mEMnGhDi + imagePullPolicy: <Ǐ(嬘箓閁1_Y.脯鮉娇腾1 + name: ZyDivTyKOX + readinessProbe: + failureThreshold: 368214623 + initialDelaySeconds: 1711545214 + periodSeconds: -1669571514 + successThreshold: 830602444 + timeoutSeconds: -1406663042 + resources: + requests: + Ta: "0" + restartPolicy: M#L粓Ojw+ĸɊcƗ镃聆琮ǘ滂W + stdin: true + terminationMessagePath: 7hyobl + terminationMessagePolicy: gŜĶ蔓林驲%嶄ʚ轿竷 + volumeDevices: + - devicePath: zlgauG + name: Uy7Ds5N + - devicePath: pturCrgNMxS + name: "1" + volumeMounts: + - mountPath: 2ftw3U97pI + mountPropagation: ǮmW + name: NeLq9zvIQ + subPath: 5XYnpNAb + subPathExpr: rAeHuQk + - mountPath: aOj5TCBKn + name: DWFR + subPath: G + - mountPath: ovoJMYcQZ7 + mountPropagation: ɷ&娈瘱 + name: o6QaPD8 + subPath: rIo + subPathExpr: j0F1wa + workingDir: tj + - env: + - name: KO7zek + value: AE8r + valueFrom: {} + envFrom: + - prefix: T4nvtH0yCoJCx + - prefix: KaMGNcK + image: m + imagePullPolicy: 牀 + lifecycle: + preStop: + exec: {} + sleep: + seconds: -1229802121654850600 + livenessProbe: + failureThreshold: 1036399450 + grpc: + port: 1383801223 + service: nm0jd39Ta + httpGet: + host: VhafGy + path: CP9 + port: BnhNd + scheme: hxu崚奵Y + initialDelaySeconds: 141265356 + periodSeconds: 251484282 + successThreshold: 257415096 + terminationGracePeriodSeconds: 3476093234934520000 + timeoutSeconds: -1657896181 + name: UCZJ + ports: + - containerPort: 574867450 + hostPort: 156179933 + name: 0re + protocol: 頶韜»釟ţKFƂƄp錴畗~[禬B琡9 + - containerPort: -374880824 + hostPort: 1342282100 + name: OeyfSkg3EJIuD + protocol: 佃ŦŬ穷唂&2ŌĜ,gF躊貀j寝ô + readinessProbe: + failureThreshold: 978947885 + httpGet: + host: A + path: Ngfyt + port: "" + scheme: Í蠕窩獙 + initialDelaySeconds: 60101484 + periodSeconds: 1102760384 + successThreshold: 1260060937 + terminationGracePeriodSeconds: 1157546254675437000 + timeoutSeconds: -465800822 + resizePolicy: + - resourceName: P6b56 + restartPolicy: 冿÷Ý萦{[P貍ȕ,Sɕ錼 + - resourceName: azLsfqbuYlr + restartPolicy: 蒃Ký阹ǒ1T獽蛍峸伦ƨ(Ƭ-央á + - resourceName: skOpL + restartPolicy: 鸿dŶ徥w^ȏ嘳Ƙ唓Ęɸ-ɫ鷠C + resources: {} + terminationMessagePath: vmp + terminationMessagePolicy: Ƒh庛ʘ$8L藑奾ń4說 + workingDir: rgrA + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: x0ISc2 + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: kIzbDF + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: ivK + name: configs +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "ivK-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: JFcK + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['ivK:8080'] + restartPolicy: Never + priorityClassName: x0ISc2 +-- testdata/case-011.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + JwK5MKTa: WW + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cy9eHCiP + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + v7E: 1g6JB + name: hbe + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + JwK5MKTa: WW + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cy9eHCiP + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + v7E: 1g6JB + name: hbe +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + JwK5MKTa: WW + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cy9eHCiP + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + v7E: 1g6JB + name: hbe +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + "": NbuyvXjW + 2CTz: vRGLHMO53rD + yLzpKqz: uBjXvD + creationTimestamp: null + labels: + JwK5MKTa: WW + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cy9eHCiP + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + v7E: 1g6JB + name: hbe + namespace: default +spec: + ports: + - name: http + port: 478 + protocol: TCP + targetPort: 90 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cy9eHCiP + type: sl +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + pJ: f0brcnhV + creationTimestamp: null + labels: + JwK5MKTa: WW + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cy9eHCiP + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + v7E: 1g6JB + name: hbe + namespace: default +spec: + replicas: 65 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cy9eHCiP + strategy: {} + template: + metadata: + annotations: + checksum/config: 0ebeace369c9c96d75109609694bd464d6c28c2e8d1fcbd96529ef96d4ba0ec5 + creationTimestamp: null + labels: + "2": RgUAFm + D2V: V80aQ + app.kubernetes.io/instance: console + app.kubernetes.io/name: Cy9eHCiP + spec: + affinity: + podAffinity: {} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - E9nCu6aLM + topologyKey: PfPCGvStt + weight: -1379963896 + - podAffinityTerm: + namespaceSelector: {} + topologyKey: CgA4 + weight: -726546395 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: ijh1hJb + operator: ƏŧD續筚朊 + values: + - BOfF5xB + - 3iu4 + - key: "93" + operator: Dij%{欬ɽ + - key: NEd + operator: ÿD + values: + - r + - B7E1BoYQ4Njb + - BTV + matchLabelKeys: + - FuyLvc + - Lh60qi + namespaceSelector: + matchExpressions: + - key: w + operator: 嘑 + - key: eQ6nY99xw + operator: H辄萟蘎Ÿ塪²;暃 + - key: 8JrCFA + operator: "" + values: + - wVO + topologyKey: ByO + - namespaceSelector: {} + topologyKey: b21 + - namespaces: + - Ifv + topologyKey: F9j5 + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: XW + value: PCPsJt + valueFrom: + configMapKeyRef: + key: Zk0vTu6kC + name: d9zm3 + optional: false + secretKeyRef: + key: mRF + name: CW + optional: false + - name: loir2K + value: Ti0q + - name: lAxIKF7cbLlc + value: 1ksS + valueFrom: + fieldRef: + apiVersion: 8i2Z + fieldPath: vD7H + resourceFieldRef: + containerName: yqY + divisor: "0" + resource: ebRDAl + secretKeyRef: + key: E9514U + name: g3Rbzs + optional: false + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: hbe + envFrom: + - configMapRef: + name: d + prefix: Fl1 + secretRef: + name: X8xDu + optional: true + - prefix: M + secretRef: + name: 10or1C2m + optional: false + - configMapRef: + name: BBj + optional: false + prefix: Xy + secretRef: + name: ZA3 + image: gjR/U:Tl0EP + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 653767212 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 832425522 + periodSeconds: -1810991482 + successThreshold: 1954581711 + timeoutSeconds: -574178850 + name: console + ports: + - containerPort: 90 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1745353710 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1504484890 + periodSeconds: -846859037 + successThreshold: -1564014824 + timeoutSeconds: 888372342 + resources: + requests: + "Y": "0" + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: 2Qy8k + name: n4BPeF + subPath: "" + - mountPath: O + mountPropagation: ŜQLhlkU穒´宕Ïůŝƪ + name: JeSPIB + readOnly: true + subPath: RTiJ + subPathExpr: wad + - mountPath: QV6Kf + name: Pj7R + subPath: qBOd + subPathExpr: kN3Uujt + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + HC7: EI8 + priorityClassName: sJXoA3V + securityContext: + fsGroup: 4103142176308445000 + fsGroupChangePolicy: Ő6­撱悤ÅC`碸 + runAsUser: 9170579519391071000 + sysctls: + - name: 4OKA + value: P7ouRq + - name: iD9Oz + value: gL6ARE + serviceAccountName: hbe + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: hbe + name: configs + - name: secrets + secret: + secretName: hbe + - name: n4BPeF + secret: + defaultMode: 12 + secretName: auIr +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "hbe-test-connection" + namespace: "default" + labels: + JwK5MKTa: WW + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Cy9eHCiP + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + v7E: 1g6JB + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['hbe:478'] + restartPolicy: Never + priorityClassName: sJXoA3V +-- testdata/case-012.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Qr03ts + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: tmn2Kt + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Qr03ts + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: tmn2Kt +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Qr03ts + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: tmn2Kt +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Qr03ts + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: tmn2Kt + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Qr03ts + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + v: D + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Qr03ts + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: tmn2Kt + namespace: default +spec: + replicas: 407 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Qr03ts + strategy: + rollingUpdate: {} + type: 9Cɠ+餌µ骽O惠LƬɇɦ鉍挶 + template: + metadata: + annotations: + checksum/config: f03a44f92485e3dfb6772dc84dec7c868a151f08fa5c04332bebe63251290ce5 + creationTimestamp: null + labels: + "": S7BNyT + app.kubernetes.io/instance: console + app.kubernetes.io/name: Qr03ts + r1F: Fsc + yeY4LjT: MRlwtd + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: tmn2Kt + envFrom: + - prefix: RyT9JuZ + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 666524470 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1841184951 + periodSeconds: 465079780 + successThreshold: -1928046688 + timeoutSeconds: 1377323766 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + privileged: true + readOnlyRootFilesystem: false + runAsGroup: -6536894786619940000 + runAsNonRoot: false + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - command: + - "" + - 7yJE + envFrom: + - prefix: kRXk + secretRef: + name: TJsCapqoxl + - prefix: ucUEP + secretRef: + name: 1zCfpPiVt9o + optional: true + image: hwJ + imagePullPolicy: dh + name: Ody4zqt + readinessProbe: + exec: {} + failureThreshold: 1607990521 + grpc: + port: 2033135747 + service: "" + initialDelaySeconds: -889776869 + periodSeconds: -35190825 + successThreshold: -958310065 + terminationGracePeriodSeconds: 3166888730011246600 + timeoutSeconds: 806015074 + resources: + requests: + mg2KyOVo97: "0" + restartPolicy: 档媘řĖ焘傐Yʮ,+Ƽ梽讫ƭ焇 + securityContext: + readOnlyRootFilesystem: true + runAsGroup: -2035296945120192500 + stdinOnce: true + terminationMessagePolicy: '*.Q' + workingDir: 0g9 + - command: + - ktel2 + - 2gO + image: Kq1K2HexLL + imagePullPolicy: 蟫黳jª0狫ĝ| + lifecycle: + postStart: + exec: + command: + - I + name: XmcrosJ9Art + resizePolicy: + - resourceName: 8dOXgKMh + restartPolicy: T@罞 + resources: + limits: + Qf424: "0" + UkBWyCgR: "0" + yS9FH: "0" + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - Ǐ蟯ƛU賊稁uv/u讎胗< + - 1湹 + privileged: false + readOnlyRootFilesystem: false + runAsGroup: -281571585037868400 + runAsUser: 8469885005475494000 + stdin: true + stdinOnce: true + terminationMessagePath: 6ii28 + terminationMessagePolicy: ȊGī3慺Ŏ + volumeDevices: + - devicePath: "" + name: lqvpF + - devicePath: 3vTez + name: pD6EOo + workingDir: QEqnPlY6YE + - args: + - eiyTiCxBp + envFrom: + - configMapRef: + name: uxUzs + prefix: 0Oq + secretRef: + name: ahghhjB + - configMapRef: + name: yjx + prefix: cOCr6ajjpSTT + - configMapRef: + name: "4" + prefix: 0XtWv + secretRef: + name: oKDQ + image: PV + imagePullPolicy: d?遼gŜT纬ɷšǧ餝Ƨ + livenessProbe: + exec: {} + failureThreshold: 746140291 + grpc: + port: 1197495917 + service: "" + httpGet: + host: x78yAB + path: P5mSLs + port: Cb2 + scheme: 儰试9ȷǴ燀ǃ¦籇射,ǠöcƲ伙 + initialDelaySeconds: 1418617842 + periodSeconds: 187037501 + successThreshold: -1821323321 + timeoutSeconds: -894994792 + name: ToH + resizePolicy: + - resourceName: 7Ut8kM + restartPolicy: gěǏ* + - resourceName: gvoJz7 + restartPolicy: ł0Iɷ»u诎żȋ貏C炭 + - resourceName: VpTvtNnJOw + restartPolicy: 阠eR'k.Ơ糦啮ŋ睷N譺 + resources: + limits: + cYhO6a: "0" + startupProbe: + exec: {} + failureThreshold: -1040244189 + grpc: + port: 1921669257 + service: Me + httpGet: + host: 5fL4Z + path: BwLac + port: SKrb2z + scheme: ľ<Ƽ浳s剪ɍ + initialDelaySeconds: -1064995957 + periodSeconds: 230643461 + successThreshold: -1865926881 + timeoutSeconds: 1102271416 + terminationMessagePath: ZbnnI + terminationMessagePolicy: 阳壀ɀS强pŇȆDž鹩 + tty: true + volumeDevices: + - devicePath: pP2eHwth + name: S9Sy + workingDir: Z + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: {} + priorityClassName: vMcB + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: tmn2Kt + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: tmn2Kt + name: configs + - name: secrets + secret: + secretName: tmn2Kt +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "tmn2Kt-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Qr03ts + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['tmn2Kt:8080'] + restartPolicy: Never + priorityClassName: vMcB +-- testdata/case-013.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dDkIKgMwXv + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: RttlJN + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dDkIKgMwXv + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: RttlJN +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dDkIKgMwXv + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: RttlJN +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dDkIKgMwXv + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: RttlJN + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: dDkIKgMwXv + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dDkIKgMwXv + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: RttlJN + namespace: default +spec: + replicas: 412 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: dDkIKgMwXv + strategy: {} + template: + metadata: + annotations: + checksum/config: 80fd97b611d09c692bd5e12a12d43f51c7486213c5798a4f57bb8f0866119572 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: dDkIKgMwXv + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: RttlJN + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: -225696508 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1573121125 + periodSeconds: -1561542711 + successThreshold: 1804677264 + timeoutSeconds: -1540252725 + resources: + limits: + f7Jr: "0" + fl: "0" + requests: + Q4O7nA: "0" + securityContext: + privileged: true + readOnlyRootFilesystem: false + runAsNonRoot: true + runAsUser: -8804799239371185000 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: DVlVa1jiDIh5G + name: zaV + subPath: lXnque8 + subPathExpr: aFzzfyzr + - mountPath: 7VmD + name: bNuYmK + readOnly: true + subPath: zsTvmtU0 + subPathExpr: uNyQSZ + - mountPath: p + name: q3 + readOnly: true + subPathExpr: k4yfc0H + - env: + - name: bNyX + value: DpJ + valueFrom: + secretKeyRef: + key: r3ZL + name: GM2zRN8 + optional: false + - name: dS + value: u2CpI14PZ + - name: JVoNndPj + value: eCfRy + image: 9nkfM + imagePullPolicy: v洓p褾NJ翛Y/笸i洞偀fX綤鰐 + livenessProbe: + exec: + command: + - TzQ + - 5tBBhynsjV + failureThreshold: -1613952147 + httpGet: + host: gYV + path: 9qC2GovT + port: Gh + initialDelaySeconds: 1651935443 + periodSeconds: -1307313312 + successThreshold: 1553368137 + terminationGracePeriodSeconds: -4575724788805099000 + timeoutSeconds: -499895377 + name: aOBSLF + readinessProbe: + failureThreshold: 687754614 + initialDelaySeconds: -1880005074 + periodSeconds: 794268536 + successThreshold: -1510519942 + terminationGracePeriodSeconds: 3334702514671978000 + timeoutSeconds: -178867660 + resources: + requests: + hiWTQ: "0" + m7CDU: "0" + stdin: true + terminationMessagePath: Yj9V + terminationMessagePolicy: js$昦夁糎fț + tty: true + volumeMounts: + - mountPath: Xaoy + name: XuLXzMm + readOnly: true + subPath: NI8v + subPathExpr: nPRuyC + - mountPath: S + mountPropagation: ĜX鴮璫ȓĢ + name: c2o + readOnly: true + subPath: DEcziG + subPathExpr: 7UjF6H + workingDir: yPE + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: {} + priorityClassName: BDUfm1wSRDI + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: RttlJN + tolerations: + - effect: ƞ嬂 + key: wnH + operator: Ā蔥ąʏƅȑǚ缗'r~熐{Ǎ楯&鑫咂] + value: LYZYjeFUmK29wdL + - effect: 硞撤幅娰tȬ婒ĎɕÏǜ蚭馸諄W)偒½ + key: e2 + operator: bƤrZ + value: 8ssobF8u + topologySpreadConstraints: [] + volumes: + - configMap: + name: RttlJN + name: configs + - name: secrets + secret: + secretName: RttlJN +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "RttlJN-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: dDkIKgMwXv + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['RttlJN:8080'] + restartPolicy: Never + priorityClassName: BDUfm1wSRDI +-- testdata/case-014.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vi2vH + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: h6eHrUr + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vi2vH + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: htymHJ +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vi2vH + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: htymHJ +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vi2vH + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: htymHJ + namespace: default +spec: + ports: + - name: http + port: 41 + protocol: TCP + targetPort: 168 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: Vi2vH + type: Oiwzbmtjpb +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "htymHJ-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Vi2vH + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['htymHJ:41'] + restartPolicy: Never + priorityClassName: rcxHoi +-- testdata/case-015.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + IH: 3W + K5hNNf: "" + r: 9cmm + creationTimestamp: null + labels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: KD8DmV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: zmr + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: KD8DmV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9RweMGWqBs +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: KD8DmV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9RweMGWqBs +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: KD8DmV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9RweMGWqBs + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: KD8DmV + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + 2V: 50l + jFB7K: 5ZqGXdsD94 + creationTimestamp: null + labels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: KD8DmV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9RweMGWqBs + namespace: default +spec: + replicas: 128 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: KD8DmV + strategy: {} + template: + metadata: + annotations: + checksum/config: c07b76ad8263a0560734a09b913b4c726efe461a7f519da293467d20a90d78bf + creationTimestamp: null + labels: + FlwBgvWNMrbg5: YKgnz8q + TGDbR: 4egH + Xr8XMOk: 1DAii + app.kubernetes.io/instance: console + app.kubernetes.io/name: KD8DmV + spec: + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 7eVqbmnw4 + operator: 屈ǧȔŗS#~¸Dd馔uÈ飏ƌĔ魼ȓ + values: + - eZapFDhb + - dBr2cD + - key: Z13Kq48NE0 + operator: ª + values: + - 03LE6GE + - key: s + operator: 箱+ʑ圼;0丢顃M媆熋熼妄瞬 + values: + - E + - jC2mNBN + matchLabels: + 4tdQRoO: Tgv + 7Apxz: EPl5 + bPvG5Bf: sCS + namespaceSelector: {} + namespaces: + - bkN0U + topologyKey: haPJ + weight: -1043017794 + - podAffinityTerm: + labelSelector: + matchLabels: + PP8DxAPJwUzY: z9RL6 + U1a: J + due4: eRc0tKn + namespaceSelector: + matchExpressions: + - key: "y" + operator: 霮ʡ`罵瀖Kʓa嚃*Q`UV邠想ɷġ + namespaces: + - M2GNeyD + - eDNVdz1ne46 + topologyKey: kQ + weight: -1134437930 + - podAffinityTerm: + namespaceSelector: + matchExpressions: + - key: SnD + operator: 6愔ȶ獧:öȰ浻珼»ǰs睑,s頀旓eX + - key: yt197hBb + operator: ȒǦ^(á咟獐赠5ĺĜ嶜庌愖V揺ɞ\Ș + values: + - pu5 + - Ywv1TEhK + - pAo + matchLabels: + "": rZ + topologyKey: WSD + weight: 613733383 + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: 4b6nMCalUl1 + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: iQE + value: Aj6RWPJE + - name: QwMCc + value: N9g6bDNI + - name: U5Qg5Qc0NWE + valueFrom: + configMapKeyRef: + key: R + name: n8 + optional: false + fieldRef: + apiVersion: zg0 + fieldPath: fNjpqJ + secretKeyRef: + key: MlF + name: h + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: 9RweMGWqBs + envFrom: [] + image: FezgEM/b4CZb:OoX + imagePullPolicy: '&Ŕ<駄AG' + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 398655641 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1516319657 + periodSeconds: -635156272 + successThreshold: 1338596793 + timeoutSeconds: -905426079 + resources: + requests: + I: "0" + b7jbi: "0" + r1cN: "0" + securityContext: + privileged: false + procMount: d聉l蝲ɓH>狱(Ȁ胄hʍy龝Ȼ埓Y + readOnlyRootFilesystem: false + runAsGroup: 2951274493718237000 + runAsNonRoot: true + runAsUser: -1772317555576666000 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: y5BZm9v9L5 + name: mE9WF + readOnly: true + subPathExpr: 3vKqLj2 + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + vy4h: rk + priorityClassName: "68" + securityContext: + fsGroup: 99 + fsGroupChangePolicy: ¶鮬眴帘ʥb豚DIĂ + runAsGroup: 4190388773600424000 + runAsUser: 99 + supplementalGroups: + - 6652209348598506000 + - 5521245057591626000 + - 6754698685787706000 + sysctls: + - name: "7" + value: vp + serviceAccountName: zmr + tolerations: + - effect: '#U媷ɑɥ±箑妌RɱfÈB矅蒟(' + key: g + operator: Řg~歟1ƹ,纙蝝垺 + tolerationSeconds: -9038490283678034000 + value: x6T1NM + - effect: ė{ɼ 5;^ʤàOKv泣0ƫ¢ + key: wdW6LI1a5 + operator: ú4ʫ-哖ýȻȣŦiĩġ膳". + tolerationSeconds: -5247520709138794000 + value: NXt + topologySpreadConstraints: + - labelSelector: + matchExpressions: + - key: dme + operator: )\鹮İ又Ȥ鏥Ĝ + matchLabels: + Cdk: atEBel + PhEVPxOjN: QTW4 + fC0YTiwm: fdAQN8t + maxSkew: 472867304 + minDomains: 1802867157 + nodeAffinityPolicy: ʈǔ聿ŶŹ&y鰜# + nodeTaintsPolicy: '"篍Ɛɰl鄱' + topologyKey: fqmSu + whenUnsatisfiable: äƟĻ鍣ųø啼ǫǷ" + - labelSelector: + matchExpressions: + - key: BEj + operator: Ɠ墳 + values: + - qBJ + - KZbk + - key: 9wxm2wFXlY + operator: ì蠁{\媽;ě8ɠ + values: + - yiuVv9DzzRse + - "N" + - z + - key: SWu + operator: Ī½曖1șWb3 + maxSkew: 774109577 + minDomains: -110979462 + nodeAffinityPolicy: 醿卨¬婾豜ʦKd` + topologyKey: 4iskW3Hbv + whenUnsatisfiable: ǮXƞ棤Ǘ + volumes: + - configMap: + name: 9RweMGWqBs + name: configs + - name: secrets + secret: + secretName: 9RweMGWqBs +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + "": ZKQ6I + ES: uo + creationTimestamp: null + labels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: KD8DmV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9RweMGWqBs +spec: + ingressClassName: x7Um + rules: + - host: chart-example.local + http: + paths: + - backend: + service: + name: 9RweMGWqBs + port: + number: 8080 + path: / + pathType: ImplementationSpecific + tls: + - hosts: null + secretName: Ye6 + - hosts: + - nNQW2NL + - g + - "N" + secretName: YQl +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "9RweMGWqBs-test-connection" + namespace: "default" + labels: + B0Pmybnj: gh8 + MdyMnFBP0Cd1: UUVRKbjhv + ShHkukRGF9k: KlIyX6upO + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: KD8DmV + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['9RweMGWqBs:8080'] + restartPolicy: Never + priorityClassName: 68 +-- testdata/case-016.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: SC + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: DdF7ALq + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: SC + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 6maz +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - Q0kslM: null + - null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: SC + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 6maz +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: SC + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 6maz + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: SC + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: SC + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 6maz + namespace: default +spec: + replicas: 331 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: SC + strategy: + rollingUpdate: {} + type: ŀ剭º(;ƍ4兖ȇ + template: + metadata: + annotations: + JYLUc483y: gTnWiG + checksum/config: e4b69acb9132e0c7dea94f0e868bb2c5850883e5487d4cca28762798c1b9dda6 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: SC + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 2Ldss9 + operator: ?霏ƦxǰA7ȇ(堃R + values: + - Ce7pGgB5o + - B8EWZ + - key: pJKw3VVY5 + operator: 2wq6JK?Ȏ惙徵r儊ǒ嵀匫W + matchFields: + - key: EQvFQjoLm1 + operator: «/o咑澇ƉɑȨŞƙ|5時 + weight: -508343495 + - preference: + matchExpressions: + - key: VRoHsoMNa + operator: cƄábŊɕg追ĦǙȿ男)hŬ + values: + - tcCIpd9m + - FsoFrK + - key: ReH4ocoZ + operator: "" + values: + - bnUyPckbz + - AE + - njW + - key: fZBGR + operator: 租ǜ藇錼 + weight: -1003115262 + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + namespaceSelector: + matchLabels: + qGlBCw: zUBwqj2xV + zlHLG: TDTkLQOC + namespaces: + - QWFH + - TEzgQKPSQ + topologyKey: "" + weight: 682123393 + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - 1MiHrQ + namespaceSelector: + matchExpressions: + - key: JUYumiiJFrY + operator: .ƽCDZo& + values: + - t3wDXa + - 70HCTbI6g + - C + - key: ik + operator: Œ8v + values: + - Wp + - Zf + - c2q7e + topologyKey: Sc1Q + weight: 869908297 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: ore + operator: ?ɴ$瀜蝪ĪźȀŐƌS莣幮屒n×U锇Ľ + values: + - mJM + - oc + - aU + - key: SQmv + operator: ȥī+ūĬ诧犂¹ + - key: Hh1r9 + operator: h蓟x蹵D¨谧罬 + matchLabelKeys: + - mDk + - Hki8 + topologyKey: x2q0Rx1f1N + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + namespaceSelector: + matchExpressions: + - key: H1Ni + operator: Ȧ厜OŊ + values: + - UWzAFu2 + - key: M + operator: 罐hĹ;'ǫ貉yĊ啉刉DzQį + - key: zZ + operator: 颉śĴJ|@W補A篐S献;ɾ[_鶙ȱ + values: + - 4BL + namespaces: + - Thgfgf7Z + topologyKey: XBju19e + weight: 1392601493 + automountServiceAccountToken: false + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: 6maz + envFrom: [] + image: PYDGV/HV3:cI8TzaYkws + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 713465020 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1849009003 + periodSeconds: 2079209425 + successThreshold: 1679782943 + timeoutSeconds: 2000039211 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + procMount: 垮Ř2 + readOnlyRootFilesystem: true + runAsGroup: 5797501600954334000 + runAsNonRoot: true + runAsUser: -8444673787636984000 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - command: + - opIk + - v9eJ + - 4V + env: + - name: 5Q + value: o + envFrom: + - prefix: eBWmLK + secretRef: + name: FedJi + optional: false + - configMapRef: + name: M + optional: false + prefix: vUvV7W8k0 + secretRef: + name: IA + image: T4SYV + imagePullPolicy: Ƈ祃ǗǤɈ遖竀壙/ + livenessProbe: + failureThreshold: 20929095 + grpc: + port: -1775507003 + service: UZ6BT7NDI + httpGet: + host: QFkZxI6kA + path: tzQ + port: "" + scheme: Ƞ揞á惗É莏6XȪ/ʡ忨償 + initialDelaySeconds: 1046895310 + periodSeconds: -1971173139 + successThreshold: -476756841 + terminationGracePeriodSeconds: 144861231583008740 + timeoutSeconds: 814968592 + name: gEB + ports: + - containerPort: 2060914354 + hostIP: 9IXWKx38q5 + hostPort: -1191426039 + name: 5Mw7k + protocol: 悛ķ鳉ɍ恽j頔Œ6Eʮnx + resources: {} + restartPolicy: 樦ýȃ梪ĵ + stdin: true + stdinOnce: true + terminationMessagePath: c0e + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: XtKq + securityContext: + fsGroup: -1425599568169885200 + fsGroupChangePolicy: ƶ Ÿ恢 + runAsGroup: -8737472966684837000 + runAsUser: 99 + supplementalGroups: + - 809809813702093200 + - 6124706841582845000 + - 6159358527003038000 + serviceAccountName: DdF7ALq + tolerations: [] + topologySpreadConstraints: + - labelSelector: {} + maxSkew: 972537130 + minDomains: -499606767 + topologyKey: q5 + whenUnsatisfiable: 鳯°ôŕƨʪuɘ"h貇榧0?cɉjA蜝 + - labelSelector: + matchExpressions: + - key: lAV + operator: 嵖xߟ擱ʄ衯"xɂ + - key: U6 + operator: =换J+Ř:嫚ʥ畠餐ǒŃ + values: + - Vj + - snF6cyZ + - 0sW9y4T5 + matchLabelKeys: + - 2wCjBs + maxSkew: -324080521 + minDomains: 695322418 + nodeAffinityPolicy: ʖ[兘Ũ鬎盦İƲ + topologyKey: z5y4Q8jyHH + whenUnsatisfiable: =Y~É.J樢ȃŤƫ甶Ȍ* + - labelSelector: {} + maxSkew: -1720129802 + minDomains: 1017048856 + nodeTaintsPolicy: 龨9猶e僦ɻ髧Ȍc + topologyKey: qKf6Ef3o + whenUnsatisfiable: ʂ?$鳴寘ŧ6脹餗ſ媷,峇埽 + volumes: + - configMap: + name: 6maz + name: configs + - name: secrets + secret: + secretName: 6maz +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "6maz-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: SC + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['6maz:8080'] + restartPolicy: Never + priorityClassName: XtKq +-- testdata/case-017.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tPiY + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9XG3SZW + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tPiY + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9XG3SZW +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: jw6tY22 + login-github-personal-access-token: JvG1jx + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: MalR2 + login-okta-client-secret: mDILgPMjOS9 + login-okta-directory-api-token: M2ywAiP + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + roles.yaml: |- + roles: + - JlwOk: null + QUzHpm: null + ch3WnNF: null + - {} + - null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tPiY + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9XG3SZW +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tPiY + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9XG3SZW + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: tPiY + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + J5Z: aLYd149 + LCqYvOjK: Qsk + bU: "" + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tPiY + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9XG3SZW + namespace: default +spec: + replicas: 173 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: tPiY + strategy: {} + template: + metadata: + annotations: + checksum/config: a9353e622b2ed64d835d05830dc4357d8eb982e89685498d39ac88a30931fb87 + creationTimestamp: null + labels: + LBQpbD: AHB4hNVL + app.kubernetes.io/instance: console + app.kubernetes.io/name: tPiY + ey1GpAHh: fA + spec: + affinity: {} + automountServiceAccountToken: false + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: Z + value: 1PasJFATvz + valueFrom: + configMapKeyRef: + key: Out + name: Z + - name: pUN + value: QTGN + valueFrom: + configMapKeyRef: + key: BLzs5FKV + name: xsgY3vBvZ + optional: true + fieldRef: + apiVersion: 5Ng + fieldPath: Psowh + resourceFieldRef: + containerName: pMz + divisor: "0" + resource: "" + secretKeyRef: + key: IY9s0 + optional: false + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: 9XG3SZW + - name: LOGIN_GITHUB_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-github-oauth-client-secret + name: 9XG3SZW + - name: LOGIN_GITHUB_DIRECTORY_PERSONALACCESSTOKEN + valueFrom: + secretKeyRef: + key: login-github-personal-access-token + name: 9XG3SZW + - name: LOGIN_OKTA_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-okta-client-secret + name: 9XG3SZW + - name: LOGIN_OKTA_DIRECTORY_APITOKEN + valueFrom: + secretKeyRef: + key: login-okta-directory-api-token + name: 9XG3SZW + - name: LOGIN_OIDC_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-oidc-client-secret + name: 9XG3SZW + envFrom: + - prefix: oK16T1 + - configMapRef: + name: GxM9 + optional: false + prefix: Hj8 + secretRef: + name: o5P67 + image: 3s/kPWhaC:BcBi + imagePullPolicy: k痿蹒 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 738983906 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1729478206 + periodSeconds: 902558671 + successThreshold: 989047880 + timeoutSeconds: -402268186 + resources: + limits: + 0fvc8: "0" + W19cC: "0" + loZ4: "0" + securityContext: + capabilities: + add: + - "" + - 鸼ǀɛ_Y + - 利ƯǢ謼Ŀʇ佔4銣 + privileged: false + procMount: 頿ū詁ǎTɁ¯PlFd只鶗ƝǛƤ臃 + readOnlyRootFilesystem: true + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: TLaWLIiD + name: 3SwG7HrS + subPath: "" + - mountPath: dXXPfK + name: Bfv9SGjlbgN + subPath: "" + - mountPath: YEOA49 + name: wz4K9oIYM + subPath: "" + - args: + - Bd + command: + - QwtEp + - lLi7 + - kxB1 + image: RpMWaJ + imagePullPolicy: ~崆Ǭe侊k + livenessProbe: + exec: {} + failureThreshold: -2101638962 + grpc: + port: -208999597 + service: jICxjA + initialDelaySeconds: 925230214 + periodSeconds: -996383814 + successThreshold: 152844544 + terminationGracePeriodSeconds: -7802949917649734000 + timeoutSeconds: -188255799 + name: qwOkQZ + ports: + - containerPort: -255758148 + hostIP: R + hostPort: 316791912 + name: 09i3b5oQR + protocol: 腴醗9-鐶 + - containerPort: 247145105 + hostIP: L4 + hostPort: 1727912240 + name: bz7Y1N7 + protocol: 暄璎 + readinessProbe: + exec: + command: + - 2fQQ + failureThreshold: -873648342 + grpc: + port: 889903834 + service: C3 + httpGet: + host: IPHal + path: 5Nb6iW9 + port: tkqo + scheme: m说Ď盐2Ƹ,约h鰥Ȕť3 + initialDelaySeconds: 1391319902 + periodSeconds: -1638942635 + successThreshold: 644454270 + timeoutSeconds: -553602240 + resources: + requests: + 0XxId: "0" + VsY2R9: "0" + ZLtS2: "0" + restartPolicy: ų蓶Lj,g珯i'Sû竒 + terminationMessagePath: Mx7V + terminationMessagePolicy: =Jƈ乚貃庪ș¯ÑVȯ6筌巨华ɀ(v + tty: true + workingDir: nKFDPLJvOh + - args: + - AV3kjV + - Gwq78lY2 + - wq + command: + - D + - EI + - fY5J + env: + - name: eCtpNU + value: jLkcq8S + - name: rynLbx + value: CdqgJabHhM + valueFrom: + configMapKeyRef: + key: uBUH5 + name: Uxei4G1 + optional: false + fieldRef: + apiVersion: Ul9al + fieldPath: vtGid + resourceFieldRef: + containerName: Oc + divisor: "0" + resource: "" + - name: GmDNpa0 + value: 7VJM2XsPm8N + valueFrom: + configMapKeyRef: + key: x3J0PMWE + resourceFieldRef: + containerName: x9Q + divisor: "0" + resource: EKFgoq + secretKeyRef: + key: lOZRvK9 + name: V + image: 1xn6 + imagePullPolicy: ɀ稤¼Mɻ«鐾6Ú{ŬtŮ鄖SSɌ戲 + lifecycle: + postStart: + exec: {} + httpGet: + host: sT2dWyT + path: vvbIxNVANZ + port: aCK8 + scheme: 昿孊卿昤軒JYƜÁ嶠şe灶 + sleep: + seconds: -3542823673709563400 + preStop: + exec: + command: + - "N" + - qkHmJ + - HupYy + httpGet: + host: 137dx + path: y3u7HE + port: -1357399425 + scheme: '@济ɉ鳛讧跕(#7NJɓũǸ]ɨ梊sj' + sleep: + seconds: -2408406850575106600 + name: J6VFtJd3giFt + resources: + requests: + 3dqK0M: "0" + restartPolicy: 70ʆ氶応爱怙鉉塼tƗhY嚇 + securityContext: + allowPrivilegeEscalation: false + capabilities: {} + privileged: false + procMount: ȚƼ提瀴t8oƥc + startupProbe: + exec: {} + failureThreshold: 1782005431 + grpc: + port: 676289916 + service: 3xqeCsf + httpGet: + host: YDL1TP + path: "8" + port: lLWR + scheme: BKō筹 + initialDelaySeconds: 134613881 + periodSeconds: 1547524591 + successThreshold: 1778605907 + terminationGracePeriodSeconds: -7593859121613943000 + timeoutSeconds: 2026260743 + terminationMessagePath: E + terminationMessagePolicy: 碓 + workingDir: kl + - command: + - "" + env: + - name: TG1HQA + value: 5X + valueFrom: + fieldRef: + apiVersion: Vhn + fieldPath: jluMkQnv9 + resourceFieldRef: + containerName: rLfbH + divisor: "0" + resource: "" + - name: "" + value: TOTyqqGn + valueFrom: + fieldRef: + apiVersion: 0CAdSa + fieldPath: LWMRC + resourceFieldRef: + divisor: "0" + resource: G5eZP4R + secretKeyRef: + key: xYOgJL + name: vMTywG + image: 2Z + imagePullPolicy: z.鎸ƦʖFNj棪Ƃ鯌b抵#Dzr + lifecycle: + postStart: + exec: {} + httpGet: + host: k8z + path: TxNa2e + port: -573570086 + scheme: oɌdǹ[M灙螮伪芛探塢庖Njȕ仸 + sleep: + seconds: 4118046687980194000 + preStop: + exec: + command: + - 6iZbF + - OeZTW + httpGet: + host: rbqq + path: sno + port: -429531729 + scheme: s璙Ȼȗ榛ǵ0ƿ.忋闳溨 + name: Cms + ports: + - containerPort: -211101225 + hostIP: 8v + hostPort: 1994344080 + name: kyMvksZa + protocol: fȞ蚊悘ū錩Ȩ龒ċŴ + - containerPort: -806313867 + hostIP: Ky2F2 + hostPort: 1605736520 + name: oe0nMMl + protocol: 慿)"Ǒ3浹襈}(VE-B³閪叒k1绝 + readinessProbe: + exec: {} + failureThreshold: 1398486074 + grpc: + port: 1157090744 + service: oFrTS0 + httpGet: + host: 5pfrE + port: TJb4 + scheme: 畢î + initialDelaySeconds: -1830121652 + periodSeconds: -1398007905 + successThreshold: 1183454316 + timeoutSeconds: 1797763090 + resizePolicy: + - resourceName: hzxTj + restartPolicy: 渣箢樳掯ȉÏǼ店喘©g + resources: + limits: + zGvF9poISMtK: "0" + requests: + lUp3T: "0" + restartPolicy: '}賩6''V霟足''È''*F÷ƙǕ' + stdin: true + terminationMessagePath: 4tn + terminationMessagePolicy: ɢ荵鯴庡ǁ婛埽猜犝笖á7譃ǁ¦GɖC + volumeDevices: + - devicePath: eGfD9B + name: G3Bd + - devicePath: x + name: TB + workingDir: iKksE1 + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: qcIlT + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: 9XG3SZW + tolerations: + - effect: 懻 + key: JifsKW + operator: 檧űÊǮȡ廄儱RəȏĮ顪ÅÞ + tolerationSeconds: 4501363800484543000 + value: KkCBzwToBMjJ + - effect: B囧ƉOß + key: Q3cj + operator: ɲ朁ß栢 + tolerationSeconds: 4944598504260379000 + value: Z5 + - effect: 敘愰ɰuƪ晐 + key: K8wM + operator: ș + tolerationSeconds: 8375376960471889000 + value: TnWS + topologySpreadConstraints: [] + volumes: + - configMap: + name: 9XG3SZW + name: configs + - name: secrets + secret: + secretName: 9XG3SZW + - name: 3SwG7HrS + secret: + defaultMode: 442 + secretName: VR + - name: Bfv9SGjlbgN + secret: + defaultMode: 383 + secretName: T + - name: wz4K9oIYM + secret: + defaultMode: 13 + secretName: WzM +-- testdata/case-018.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + X7E: CRSzr + lPi: bGP + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 1qyLP36T + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: uAvlOXf + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 1qyLP36T + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: ExFU3 +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: IsvQ9 + kafka-sasl-aws-msk-iam-secret-key: 8GlUc + kafka-sasl-password: Vb + kafka-schema-registry-password: UJ7Zl + kafka-schemaregistry-tls-ca: T1Q + kafka-schemaregistry-tls-cert: 17r + kafka-schemaregistry-tls-key: O44 + kafka-tls-ca: n8k9 + kafka-tls-cert: aK + kafka-tls-key: "" + login-github-oauth-client-secret: t6z0n + login-github-personal-access-token: "" + login-google-groups-service-account.json: fpuCEFLL + login-google-oauth-client-secret: h + login-jwt-secret: SECRETKEY + login-oidc-client-secret: t + login-okta-client-secret: 3CcKl + login-okta-directory-api-token: AZt8H77 + redpanda-admin-api-password: NUkb3zIpwAR + redpanda-admin-api-tls-ca: t + redpanda-admin-api-tls-cert: zttTAvj + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 1qyLP36T + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: ExFU3 + namespace: default +spec: + ports: + - name: http + port: 415 + protocol: TCP + targetPort: 489 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 1qyLP36T + type: 2cM +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + "": 3E5rtKA + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 1qyLP36T + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: ExFU3 + namespace: default +spec: + replicas: 297 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 1qyLP36T + strategy: + rollingUpdate: {} + type: ɬ搢.Ƒ躂ɻɅȄ莨qc婔Åå + template: + metadata: + annotations: + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 1qyLP36T + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: -37659402 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + matchLabelKeys: + - ajbCE + - Y0MRgpE8 + namespaceSelector: + matchExpressions: + - key: Auai + operator: ùfƽÜQķɨ逑ʒÅģ + values: + - Q + - key: 1S2Nfq + operator: 臺瑷tƎ鍤p}滳`竦ÙǾ晖ǃʏȵ + namespaces: + - 4GTSAZF + topologyKey: NS733 + weight: -968286112 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: eyt3TPSYPBWDt + operator: e偁&蔄癳.ŚƘ + matchLabelKeys: + - eE7PA8D + - cKalkvb + mismatchLabelKeys: + - Lan + topologyKey: v + weight: -2133598054 + - podAffinityTerm: + mismatchLabelKeys: + - "5" + namespaceSelector: + matchExpressions: + - key: UrrD + operator: ƞ + - key: rkfCsnUcx + operator: ȇ睾¦棌鉝-m糤LPjX.;Ğ× + - key: kla + operator: '"竮壣祠ł9抵墙' + namespaces: + - gyF + topologyKey: ZG + weight: -428742233 + requiredDuringSchedulingIgnoredDuringExecution: + - matchLabelKeys: + - tZZj + namespaces: + - VuG + - I5XU + topologyKey: V2CZqa + - labelSelector: {} + mismatchLabelKeys: + - "" + - q9L4 + - C4YJ57 + namespaces: + - 8xRk06ngy + - WeZO2 + - 7tbTFK + topologyKey: rnpto + automountServiceAccountToken: false + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: KAFKA_SASL_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-sasl-password + name: ExFU3 + - name: KAFKA_PROTOBUF_GIT_BASICAUTH_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-protobuf-git-basicauth-password + name: ExFU3 + - name: KAFKA_SASL_AWSMSKIAM_SECRETKEY + valueFrom: + secretKeyRef: + key: kafka-sasl-aws-msk-iam-secret-key + name: ExFU3 + - name: KAFKA_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-tls-ca + - name: KAFKA_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-ca + - name: KAFKA_SCHEMAREGISTRY_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_KEYFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-key + - name: KAFKA_SCHEMAREGISTRY_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-schema-registry-password + name: ExFU3 + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: ExFU3 + - name: LOGIN_GOOGLE_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-google-oauth-client-secret + name: ExFU3 + - name: LOGIN_GOOGLE_DIRECTORY_SERVICEACCOUNTFILEPATH + value: /etc/console/secrets/login-google-groups-service-account.json + - name: LOGIN_GITHUB_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-github-oauth-client-secret + name: ExFU3 + - name: LOGIN_OKTA_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-okta-client-secret + name: ExFU3 + - name: LOGIN_OKTA_DIRECTORY_APITOKEN + valueFrom: + secretKeyRef: + key: login-okta-directory-api-token + name: ExFU3 + - name: LOGIN_OIDC_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-oidc-client-secret + name: ExFU3 + - name: REDPANDA_ADMINAPI_PASSWORD + valueFrom: + secretKeyRef: + key: redpanda-admin-api-password + name: ExFU3 + - name: REDPANDA_ADMINAPI_TLS_CAFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-ca + - name: REDPANDA_ADMINAPI_TLS_CERTFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-cert + envFrom: + - prefix: hg + secretRef: + name: eLM59WyoAXO + image: iCFSIwyDtoG/6V6:6uR + imagePullPolicy: 螣暛擂ɾ#鏲*胭8饭1胠 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 489 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + QZqMxIAt: "0" + SUsu9: "0" + requests: + EMOXCuje: "0" + EzKKMIR: "0" + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - envFrom: + - prefix: EVZ + secretRef: + name: MxD + optional: true + - configMapRef: + name: A + optional: false + prefix: HuqxI + secretRef: + name: A + optional: true + image: SU + imagePullPolicy: 禵7璙p + lifecycle: + postStart: + httpGet: + host: YZMjhOUO8IS + path: nzYfH + port: Fcx + scheme: 矪Q9 + sleep: + seconds: 3463625415546708000 + livenessProbe: + failureThreshold: -560403806 + grpc: + port: 1751268094 + service: I + httpGet: + host: 0Sb + path: Utm2X + port: 395973041 + scheme: 醆蚎忨ŕ縨ƍ爋釬šÒ暺ƒŎO記岣 + initialDelaySeconds: -1011110535 + periodSeconds: -1229381750 + successThreshold: 260149510 + timeoutSeconds: 74546945 + name: e + resizePolicy: + - resourceName: XNKV + restartPolicy: ì焹.¬哄ȾŢȎȴe$p尶m`飻Ȭ + - resourceName: "" + restartPolicy: 閭I哗.寢荨ʪɛ侭ȵ(8 + resources: + requests: + 3nUsL: "0" + securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false + runAsGroup: -8616852535795885000 + terminationMessagePath: FjZ + terminationMessagePolicy: ÿb熿3,ćp寫ʃ#叺渍ƣș + volumeDevices: + - devicePath: Xvjm + name: 7yLA + - devicePath: 1Ci + name: Y0AloAQS + - devicePath: Gt + name: ZMKKc + workingDir: Mh + imagePullSecrets: + - name: vlnGQbo3y + initContainers: [] + nodeSelector: + Vckw: ifBZ9p7 + priorityClassName: 6jxv + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: uAvlOXf + tolerations: + - effect: č喅Ȳ崥ï{禙ÊÿC逻準?霘2 + key: YJE + operator: 珟 + tolerationSeconds: 3838637075734495700 + value: 1VemeDTEk1 + - effect: 艋Ƿ淛襀|Ǽ&矠Ģ凍J賜ɰō + key: ggxS8L + operator: 閞判ŏ + tolerationSeconds: -2249155605077506300 + value: m3c + - effect: 'Ljə]IŴ:' + key: 4BkJSo + value: Le + topologySpreadConstraints: + - matchLabelKeys: + - uyTA + - rJcqdY3 + maxSkew: 1887613958 + nodeAffinityPolicy: u鞝侠轁蛃6Ơfrt迄ʇQ勭ĶÇǻě + topologyKey: 3f9j + whenUnsatisfiable: µ + volumes: + - configMap: + name: ExFU3 + name: configs + - name: secrets + secret: + secretName: ExFU3 +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "ExFU3-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 1qyLP36T + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: vlnGQbo3y + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['ExFU3:415'] + restartPolicy: Never + priorityClassName: 6jxv +-- testdata/case-019.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8MIg + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: NZ7h9 + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8MIg + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: NZ7h9 +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8MIg + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: NZ7h9 +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8MIg + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: NZ7h9 + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8MIg + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + lgiIA: u + wK8: JrSfKH + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8MIg + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: NZ7h9 + namespace: default +spec: + replicas: 79 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8MIg + strategy: + type: 鎦v財ɕŪ + template: + metadata: + annotations: + checksum/config: 9960ac5c5faddbc59ee9638bfac7f4fd7513b7e295e3fcc28b0fdfabc2aba1d3 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8MIg + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: pJ + value: whmTukCTD + valueFrom: + configMapKeyRef: + key: OHk + name: "3" + fieldRef: + apiVersion: TSp7 + fieldPath: mEUVMSp7vUo + resourceFieldRef: + containerName: bBDw + divisor: "0" + resource: tIcs3z + secretKeyRef: + key: jIR5V + name: "9" + - name: ZCEPmHP + value: FhwE4R + valueFrom: + fieldRef: + apiVersion: Nv + fieldPath: WMXeIjk + resourceFieldRef: + containerName: Hbt + divisor: "0" + resource: mo7F + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: NZ7h9 + envFrom: [] + image: GNXgFQ/W3:2vPed + imagePullPolicy: 韃ĝ + livenessProbe: + failureThreshold: -1736131786 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 538755540 + periodSeconds: -937262167 + successThreshold: 2014961170 + timeoutSeconds: -614674118 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: -1936056692 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -2019126091 + periodSeconds: -1696700553 + successThreshold: 398361977 + timeoutSeconds: -184667912 + resources: {} + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 狞濮噞饅烥H}湛m=U+卓Ǭï呣8Ú + privileged: true + runAsNonRoot: true + runAsUser: -471077223001866500 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: UF6 + mountPropagation: ĻsŸ氂ǐ钋鮠Ĺ咳渼.pɫ + name: W1LIZa3 + subPath: qdDtjk + subPathExpr: Ew + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: FERw + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: NZ7h9 + tolerations: + - effect: 飝壊%ǂP胅ɂǏ趸疷擁鹒DŽ营風顺z拇 + key: Ku2m + operator: ŲǪFTǗǔȟʥȰȎǎo玼Ü + value: 1u + - effect: 雾Ź歘ɇƇ昨OČƑɎ騨Ŗ=Ì楯 + key: 12vKa + operator: ( + value: u + topologySpreadConstraints: [] + volumes: + - configMap: + name: NZ7h9 + name: configs + - name: secrets + secret: + secretName: NZ7h9 +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "NZ7h9-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8MIg + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['NZ7h9:8080'] + restartPolicy: Never + priorityClassName: FERw +-- testdata/case-020.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + Cs0Tv: PNgn + tawhZGj4: yuBQ1 + xdl: jbYUlUI + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zzmAR9 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: HMpc + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zzmAR9 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Om7 +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: XhRg8T + login-github-personal-access-token: oB8xbs + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: saEi + login-okta-directory-api-token: tq8L + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zzmAR9 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Om7 +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zzmAR9 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Om7 + namespace: default +spec: + ports: + - name: http + port: 310 + protocol: TCP + targetPort: 28 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: zzmAR9 + type: "" +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + 0lA: PZvwfKrip + AUm: KY + KBFrJC: hkdfq + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zzmAR9 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Om7 + namespace: default +spec: + replicas: 344 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: zzmAR9 + strategy: + rollingUpdate: {} + type: x&N涮ĶJ­ɕ + template: + metadata: + annotations: + checksum/config: 2881fbe0f4a9d0f2f17dbbbe515c08d46dd6d4a6d2c84c3482c94ace8ee6b09f + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: zzmAR9 + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - {} + - matchExpressions: + - key: a23jbG + operator: yb庇ɍ闒ǰPâƟVsJu + values: + - "" + - 1lQmmGa8 + - XzVleDXV4YoRc + - key: 3Gwd9r + operator: 4Nj7Ġ$Ea狆Ö絞Ƙ殈廔as知 + - key: 7C4FjM + operator: ɩ.叧¬ʧ倒 + matchFields: + - key: H + operator: Ğų* + values: + - 0i + - qK + - key: 7ocDt + operator: 餯ǚ璗汭槰<ƤƐ評ź膹棅珢ȹ3鮑 + values: + - g5Aa1Hm + - LKNvXrtO + - key: o + operator: ŎJ甧鷓 + values: + - vJQQjLRrqIK + - Isj + - 6EBsy + - matchFields: + - key: H0oh1dBCg + operator: 鉔qƿ氵[ȕ凭Śȅ3džȿȳ + name: xYM + subPath: nMMkHAUoYIsN + subPathExpr: 579Yn2LXk + - mountPath: 5z + mountPropagation: Ƀ陪7k惿Ɏǚ霤ƨƱ«ɤ»ȣ薥頠媉fʠ + name: KIX5g + readOnly: true + subPath: CGOswgk + subPathExpr: oxiB23ZW2KX + workingDir: IzOAr + - args: + - jrZTvs + env: + - name: jxl5Q + value: fm2F7DzZA + image: r7sTpTP8N + imagePullPolicy: 眒弿 + lifecycle: + preStop: + httpGet: + host: WEBUk + path: "1" + port: -377365982 + scheme: 娖阋顿|儴Éȱ鋦 + livenessProbe: + exec: + command: + - 2j + failureThreshold: -1631622345 + grpc: + port: -188887701 + service: s + httpGet: + host: "6" + path: 07rm4AD + port: DCtZ5 + scheme: ʼnK襡5殛鯙ȋʛ稲(C姓 + initialDelaySeconds: -1011676147 + periodSeconds: -1141844037 + successThreshold: -1528778970 + terminationGracePeriodSeconds: 422553046190448100 + timeoutSeconds: 99607263 + name: rhg + ports: + - containerPort: 1265703793 + hostIP: lYiq + hostPort: -931710582 + name: r2OdlKyZ + protocol: ŌK4Ʒ霖R婧,Ģ墤ʠ_Ƒ亽vĨO + - containerPort: -1093198499 + hostIP: xHuDhI2 + hostPort: 1423992590 + name: WdH + protocol: K嚜pn犓ɯ`劮ƫķPLm + resizePolicy: + - resourceName: M3EK5NW + restartPolicy: Ɲ囩 + resources: + limits: + 4zeCyo: "0" + PgUjG: "0" + requests: + IseC3: "0" + WHgRSz: "0" + yzZn: "0" + restartPolicy: ijƞ墫噌L诠=脳%Ɗ + securityContext: + privileged: false + readOnlyRootFilesystem: false + runAsGroup: -1074724161449892000 + runAsUser: 8255497511479977000 + startupProbe: + exec: {} + failureThreshold: -1172398717 + grpc: + port: 1919051215 + service: "" + initialDelaySeconds: 2020291403 + periodSeconds: 450860281 + successThreshold: 193397000 + timeoutSeconds: -665894379 + stdin: true + terminationMessagePath: MCVu + terminationMessagePolicy: ŷÍ:+壩ùI賎Rɜ卮cɣS惕mIɭ + tty: true + workingDir: 2L97y + imagePullSecrets: + - name: iA1C + - name: ZOdo + - name: qTOK0W + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: {} + priorityClassName: 0bGHQk7gL + securityContext: + fsGroup: -6946946538076897000 + fsGroupChangePolicy: 呆ɔȂwijà + runAsGroup: 3944693697856007700 + runAsNonRoot: true + runAsUser: -732766343758518300 + supplementalGroups: + - -5691922089175975000 + serviceAccountName: H5TDAALUdD + tolerations: + - effect: 媄 + key: IQD9Yww8 + operator: bǾå鱍 + tolerationSeconds: -7454358062612207000 + value: odxS1Q2Sd + - effect: Ɣv璔}oȡʞ¤ + key: ySGX + operator: ƪ渺¸貗ȹV廋ȉňu増嬎Ë韍ǘz茩Ƹ怯 + tolerationSeconds: -1083807005557333500 + value: bAy + topologySpreadConstraints: [] + volumes: + - configMap: + name: Uo + name: configs + - name: Jq0CSftnp + - name: QMHGzzYC2HW + - name: 1PkbzhfK +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "Uo-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: Mh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: iA1C + - name: ZOdo + - name: qTOK0W + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['Uo:8080'] + restartPolicy: Never + priorityClassName: 0bGHQk7gL +-- testdata/case-026.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: + "": tWl + 5mzy: 4t87VKeHA + a: UqD3iv5LoNYP + creationTimestamp: null + labels: + "": h0uSAPIi + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vLjrafvp + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + kuKPk7: "" + name: Utu8ZHG2 + namespace: default +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + "": h0uSAPIi + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vLjrafvp + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + kuKPk7: "" + name: qhaD + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: vLjrafvp + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + "": h0uSAPIi + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vLjrafvp + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + kuKPk7: "" + name: qhaD + namespace: default +spec: + replicas: 78 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: vLjrafvp + strategy: + rollingUpdate: {} + type: I6终j2炅ȲbȻ + template: + metadata: + annotations: + LtAjph: 8Q + MiPvJub: 0x + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + j: xR98FRh + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: vLjrafvp + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: GP94 + operator: 駑Ŀ峇[ɕdž0 + values: + - jjNFKv8 + - uG7Rs + - ApO075 + weight: -549077137 + - preference: + matchExpressions: + - key: R88 + operator: Dzv)bôȏ磜覐橮波赘T^ + values: + - DscaGMdgXV + - uy + - N3d + - key: "" + operator: 誮Vw!/毴Z匌忶ª渆 + values: + - 4mX0s + - key: byy + operator: 鿟y馡錥HJ鶟b左Ő*čt顭塶 + values: + - 6oQ + - 9r22TM + matchFields: + - key: fNLkt + operator: "" + values: + - tW + - M03GnpfhQn + - key: WQQs + operator: 騡(Í芝x焍麅ɰ窓ɶÜò鵹 + weight: 579622465 + podAffinity: {} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: {} + namespaceSelector: + matchLabels: + IYAfjz: GloAc + namespaces: + - hfFjlR + - KWIdaP11Y + - 3Dn + topologyKey: UB + - labelSelector: + matchExpressions: + - key: B7LSh + operator: ɉ邦夝ɷ1傹Þ袳@ɲ鉴 + matchLabelKeys: + - "n" + namespaceSelector: {} + namespaces: + - 88M + - fIEJUewFK + topologyKey: i + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: [] + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 1372450161 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -913177144 + periodSeconds: 912808843 + successThreshold: -765941931 + timeoutSeconds: 1174210794 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1666039794 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 989921147 + periodSeconds: 536392931 + successThreshold: 1020018972 + timeoutSeconds: 1790731281 + resources: {} + securityContext: + capabilities: + drop: + - ɿX齀蹪 + privileged: true + procMount: Ƚ[孠犥ƶʒ)遷U竕 + runAsGroup: 5229411704597624000 + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: U6f3w + name: ooYxXE + subPath: "" + - mountPath: qzOMXCl + name: Hmms9 + subPath: "" + - mountPath: dXa6uPxR + name: "" + subPath: "" + - mountPath: q + mountPropagation: 跐ʩ4鄧SD炿ɜǚhU + name: "" + subPath: SCLzbAMUW3x + subPathExpr: nzFw + - mountPath: cX8U + mountPropagation: b幈簇@艭K + name: b + readOnly: true + subPath: u5fY + subPathExpr: TRymQ + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + ggwC: SQ + rIwToCbB: tUBM5 + priorityClassName: JnI8 + securityContext: + fsGroup: -2594082004410587000 + fsGroupChangePolicy: 'ċV1鯍E ' + runAsGroup: -880388195249084200 + runAsNonRoot: false + runAsUser: -9051010573896130000 + supplementalGroups: + - -2777109499517678000 + serviceAccountName: Utu8ZHG2 + tolerations: [] + topologySpreadConstraints: + - labelSelector: {} + maxSkew: -154369657 + minDomains: -319419210 + nodeTaintsPolicy: '#Vʅ糗斬ƈ橮IJȶ纀' + topologyKey: dTnKex + whenUnsatisfiable: '@OȤ驮Ʀ琓' + volumes: + - configMap: + name: qhaD + name: configs + - name: ooYxXE + secret: + defaultMode: 45 + secretName: LyH9zvv + - name: Hmms9 + secret: + defaultMode: 429 + secretName: zvR + - name: "" + secret: + defaultMode: 39 + secretName: PC2Ms7 + - name: LeIYAb + - name: 176OvjD + - name: b6NpMGfVo1N +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + Lftu: PjroKEh + qvZJNWSzR: Jpoyc0 + creationTimestamp: null + labels: + "": h0uSAPIi + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vLjrafvp + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + kuKPk7: "" + name: qhaD +spec: + ingressClassName: cAir + rules: + - host: o + http: + paths: null + - host: i18Wi + http: + paths: + - backend: + service: + name: qhaD + port: + number: 8080 + path: apsXYvp + pathType: 7q5 + - host: 8eBXg + http: + paths: + - backend: + service: + name: qhaD + port: + number: 8080 + path: cMbMbCQl + pathType: gJT + - backend: + service: + name: qhaD + port: + number: 8080 + path: XvfTwH + pathType: 4se + tls: + - hosts: + - fqD + - JDOgIG + secretName: vzUD + - hosts: + - M6H + - T + - twxgtsi + secretName: lg5siLdo +-- testdata/case-027.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + "": ta51q + RW5sX: LXvP + creationTimestamp: null + labels: + Q0: "" + T4ZmAFi: nfIb0b + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: h9P + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 55C9f3 + namespace: default +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + Gi0OSuP5jF: ARBECJB + qId: Bo + wPKI: "" + creationTimestamp: null + labels: + Q0: "" + T4ZmAFi: nfIb0b + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: h9P + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 61hunk + namespace: default +spec: + ports: + - name: http + port: 376 + protocol: TCP + targetPort: 473 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: h9P + type: G2gqK +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + "": ZtbWlWc + y1ML9Hmg: d6h9 + creationTimestamp: null + labels: + Q0: "" + T4ZmAFi: nfIb0b + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: h9P + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 61hunk +spec: + ingressClassName: Ijdd3 + rules: + - host: chart-example.local + http: + paths: + - backend: + service: + name: 61hunk + port: + number: 376 + path: / + pathType: ImplementationSpecific + tls: + - hosts: null + secretName: x + - hosts: null + secretName: aSf1 +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "61hunk-test-connection" + namespace: "default" + labels: + Q0: "" + T4ZmAFi: nfIb0b + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: h9P + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: jkqm + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['61hunk:376'] + restartPolicy: Never + priorityClassName: bpi +-- testdata/case-028.yaml.golden -- +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + BKrxjHNg8: qlqPhj + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 5XQu4RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: odFI2M4 +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: aM + kafka-sasl-aws-msk-iam-secret-key: pcNJ4lPh + kafka-sasl-password: OT9m4 + kafka-schema-registry-password: 4VybIhiIU + kafka-schemaregistry-tls-ca: FVWvaL5HS3DE + kafka-schemaregistry-tls-cert: UqZl + kafka-schemaregistry-tls-key: ch + kafka-tls-ca: 0h0Ac6CS + kafka-tls-cert: pNm4uHVMn + kafka-tls-key: "" + login-github-oauth-client-secret: 5XbGmlDmls + login-github-personal-access-token: y0PF13 + login-google-groups-service-account.json: w3 + login-google-oauth-client-secret: lEvrgxa + login-jwt-secret: SECRETKEY + login-oidc-client-secret: VfRrL3 + login-okta-client-secret: 1Gm + login-okta-directory-api-token: hgmY7AyguR + redpanda-admin-api-password: WvzP1D53 + redpanda-admin-api-tls-ca: dxtnG + redpanda-admin-api-tls-cert: Rs3rHA8Qdb + redpanda-admin-api-tls-key: 7hsD +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + BKrxjHNg8: qlqPhj + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 5XQu4RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: odFI2M4 +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + BKrxjHNg8: qlqPhj + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 5XQu4RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: odFI2M4 + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 5XQu4RW + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + VLzukyGLL5H: "" + creationTimestamp: null + labels: + BKrxjHNg8: qlqPhj + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 5XQu4RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: odFI2M4 + namespace: default +spec: + replicas: 278 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 5XQu4RW + strategy: + rollingUpdate: {} + type: 砓涶rƀł庫x烮ȯ~茤įêŎZ姮Ⱦ + template: + metadata: + annotations: + YefFO9J: uVUZra + checksum/config: cc3f7478d926a8c80ab516ac0060a56c87bbbfdd227b765567fa8644fbee7f09 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 5XQu4RW + n8PG: NEb + sINjD1zSK: exkAcWK3 + yG: T + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + 9yhGd: kXTYKV + xb5Co: trB98 + matchLabelKeys: + - gTre + - 3SLXY + namespaceSelector: {} + namespaces: + - q + - j3 + - k76qB + topologyKey: gz6KtIn43 + - labelSelector: + matchLabels: + 9slaN: 9Cv + M: NcJRMIAxd6 + f4JK: QX + matchLabelKeys: + - BGI9Dr + mismatchLabelKeys: + - SZUKIlPB + - WzTTmXWoFc + - wXLg9viobEw + namespaceSelector: + matchLabels: + MZx: u + NztFyV3: EvzmJzLQcn + topologyKey: iLs + - labelSelector: + matchExpressions: + - key: d3S + operator: ò洏ʓ暝歆Ű鈰钌鸔栵ù舁Tb曯ƫ貊ȵ + values: + - sanCz + - lZ + - 5rZ0 + matchLabels: + MEoILl9k: Jd + hVfX4: "" + "n": yhV + matchLabelKeys: + - HOI + namespaceSelector: + matchLabels: + fodO5ovc74m: lvF + mlCh: E1 + ve7: r4P5biTA + topologyKey: CtXr + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: wti + value: AYZm + valueFrom: + configMapKeyRef: + key: Sxryl + name: xXe78 + fieldRef: + apiVersion: HoyJsUxLKd + fieldPath: 2Ns + secretKeyRef: + key: w7WydZL + name: CgxV7 + optional: true + - name: eEKnv + value: BBAXaggk0n + valueFrom: + secretKeyRef: + key: GRP + name: dYBHtrO + optional: true + - name: KAFKA_SASL_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-sasl-password + name: odFI2M4 + - name: KAFKA_PROTOBUF_GIT_BASICAUTH_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-protobuf-git-basicauth-password + name: odFI2M4 + - name: KAFKA_SASL_AWSMSKIAM_SECRETKEY + valueFrom: + secretKeyRef: + key: kafka-sasl-aws-msk-iam-secret-key + name: odFI2M4 + - name: KAFKA_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-tls-ca + - name: KAFKA_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-ca + - name: KAFKA_SCHEMAREGISTRY_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_KEYFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-key + - name: KAFKA_SCHEMAREGISTRY_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-schema-registry-password + name: odFI2M4 + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: odFI2M4 + - name: LOGIN_GOOGLE_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-google-oauth-client-secret + name: odFI2M4 + - name: LOGIN_GOOGLE_DIRECTORY_SERVICEACCOUNTFILEPATH + value: /etc/console/secrets/login-google-groups-service-account.json + - name: LOGIN_GITHUB_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-github-oauth-client-secret + name: odFI2M4 + - name: LOGIN_GITHUB_DIRECTORY_PERSONALACCESSTOKEN + valueFrom: + secretKeyRef: + key: login-github-personal-access-token + name: odFI2M4 + - name: LOGIN_OKTA_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-okta-client-secret + name: odFI2M4 + - name: LOGIN_OKTA_DIRECTORY_APITOKEN + valueFrom: + secretKeyRef: + key: login-okta-directory-api-token + name: odFI2M4 + - name: LOGIN_OIDC_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-oidc-client-secret + name: odFI2M4 + - name: REDPANDA_ADMINAPI_PASSWORD + valueFrom: + secretKeyRef: + key: redpanda-admin-api-password + name: odFI2M4 + - name: REDPANDA_ADMINAPI_TLS_CAFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-ca + - name: REDPANDA_ADMINAPI_TLS_KEYFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-key + - name: REDPANDA_ADMINAPI_TLS_CERTFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-cert + envFrom: + - configMapRef: + name: I6Dbq + optional: false + secretRef: + name: fhgE + optional: false + - prefix: L0m + - configMapRef: + name: pVHt + optional: true + prefix: 0xFYui3Ke2pJ + secretRef: + name: IBHH4sd + optional: false + image: qnkfx/ARBa:BetSp + imagePullPolicy: ȸ才TkâĆ8o + livenessProbe: + failureThreshold: -544797053 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1464359845 + periodSeconds: -775253635 + successThreshold: -2065370772 + timeoutSeconds: 3873767 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 286014638 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1755094379 + periodSeconds: 712612179 + successThreshold: 1265199044 + timeoutSeconds: 939664799 + resources: + limits: + H2g: "0" + requests: + i0vpd: "0" + piR58NXU: "0" + securityContext: + privileged: true + procMount: '`4乬+ʍÿȦ!常ʥ_' + readOnlyRootFilesystem: false + runAsNonRoot: true + runAsUser: 8119235947749130000 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: hHTC4sQ + mountPropagation: ƭ埢Ş@ʮ擈Ɓsmďĝ + name: mVbo + subPath: bI + subPathExpr: q6R + - mountPath: "" + name: gC + readOnly: true + subPath: 5xyS + subPathExpr: Ju9L6o + imagePullSecrets: + - name: Nu2 + - name: j0 + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + fD: q5Hun + priorityClassName: u8cTjKLB + securityContext: + fsGroup: -9123846953160880000 + fsGroupChangePolicy: UƻA竘锵]湞ȊM + runAsNonRoot: false + runAsUser: 2594597056592417300 + sysctls: + - name: 4eRaw + value: HnWeNFR + - name: 4hP + value: UoCU8Ni + - name: d + value: TpLFHKFo + serviceAccountName: 5zV + tolerations: + - effect: x)|綻%ŴC¸÷G) + key: 6c + operator: 皐łʨɆ挓R衯Ǫ诌ƍ爂vĂB麧尣Ć* + tolerationSeconds: 341291117142213700 + value: 45gIZCr + - effect: ɿ鎅ɸƱɿ韆頟R躦0P^,豐ƨe祠攇覙 + operator: ß¼ʐȻ*溃N妞 + tolerationSeconds: -7034164218355111000 + value: xb5 + topologySpreadConstraints: [] + volumes: + - configMap: + name: odFI2M4 + name: configs + - name: secrets + secret: + secretName: odFI2M4 + - name: 0nP + - name: 5Mq +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "odFI2M4-test-connection" + namespace: "default" + labels: + BKrxjHNg8: qlqPhj + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 5XQu4RW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: Nu2 + - name: j0 + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['odFI2M4:8080'] + restartPolicy: Never + priorityClassName: u8cTjKLB +-- testdata/case-029.yaml.golden -- +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + HzuQ: mCfbHBQ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 3Wh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + xi7L: ibI45 + name: HK +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + roles.yaml: |- + roles: + - null + - null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + HzuQ: mCfbHBQ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 3Wh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + xi7L: ibI45 + name: HK +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + 33Yi: tesf5 + creationTimestamp: null + labels: + HzuQ: mCfbHBQ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 3Wh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + xi7L: ibI45 + name: HK + namespace: default +spec: + ports: + - name: http + port: 389 + protocol: TCP + targetPort: 52 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 3Wh + type: sIQBZD +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + WVwaqt: gTMC + s6HZpOA: bc0 + sZaCXy: LXRQNTghxb1 + creationTimestamp: null + labels: + HzuQ: mCfbHBQ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 3Wh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + xi7L: ibI45 + name: HK + namespace: default +spec: + replicas: 385 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 3Wh + strategy: + rollingUpdate: {} + template: + metadata: + annotations: + IVy: ho3qpcI + checksum/config: ed80a6573dafe73ab884b6322e9c75c1018d618e61286f9e61f445266092293d + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 3Wh + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: hPtYq9oSSQ + operator: ŗ妃Mīú玢盛 + values: + - T0M + - aywAkbl + - key: F7yCY + operator: '2Pl@äEɜś`PȾ槯c:' + values: + - n7sIXrD6 + - 5EPSQgq3v + matchFields: + - key: wOOgY + operator: 乾Ǧ + values: + - GqfE + - key: gRF5bu + operator: DŸQ95ʊÊj蕵髪OHōM4Ľɝ钣 + values: + - 2rEXM1C + - BB + - key: TK75p + operator: 譌嵡荀Ș枻賿ė + values: + - MHB + - sI + weight: -1638497382 + - preference: + matchExpressions: + - key: sgUr6t + operator: ʁE'[剳嫯Ȧ梳*&櫺窟ľ幣ɥ{紌 + values: + - 6x + - NRmDb1X + - key: VrZW4eZ + operator: 蘨ȘÚ籘J嬋JƒÎhUl田U + values: + - 0cG6ed0 + - I + - key: Ui + operator: 遂樸tUŏǞF)橷嵱 + values: + - mUT9H9 + matchFields: + - key: zzI6 + operator: ƈ肶帅ʒb漄i + values: + - 9Xi0r + - key: Bm + operator: 嚏鈻峓霙ʊcʔ暏g圖鹔夺mą¹跑 + values: + - tvOC + weight: 1006541829 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: ZlUi + operator: ʯ鼙%淹ȏ č>稄鱑Í朹s狑Ȱ螪;ǃ嘲 + values: + - gIlS + - 5lD7AvT7I + - "8" + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: hi0zfFEN + operator: 裧禿 + values: + - SymXRnv + - iKr + mismatchLabelKeys: + - wesfXhv + - Z78yvK + namespaceSelector: + matchExpressions: + - key: jqHt + operator: ûų:碃;ė燱5ìb-垢xźɆ + values: + - u8cOuqy + matchLabels: + "8": nCrnu + Fd: 5YhLJD3 + r5sMi70hp4TeB: KrDX7d + namespaces: + - LOH + - 9EvOI7HWh + - 5sHJp + topologyKey: "" + weight: 403248696 + - podAffinityTerm: + mismatchLabelKeys: + - Vrf + namespaceSelector: + matchExpressions: + - key: 5w + operator: '|泀ŏ咙ƚ' + matchLabels: + 4vRvwhR: Nz + T6uTCUGiwx: lS + ZuFER: Db8xhFevK + topologyKey: K7NA + weight: 249855905 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: No2 + operator: Ɗ]鿇躠骐 + matchLabels: + 7nohEoAMei: WrMV + ddLK: 2ehkh + qtrhf: EAAqHFcrjgT + mismatchLabelKeys: + - DrrBoq + - Nh + namespaceSelector: + matchExpressions: + - key: BEXHPr1wQ + operator: 傝魦voȪwć撈 + values: + - i3 + - gUU + - 7nmbvkGs + matchLabels: + Rh65F: rKR + namespaces: + - 1x9DGG + - xKj137E + topologyKey: CSNQy1M + - labelSelector: + matchExpressions: + - key: psq4G + operator: ɓƦ + - key: 3IlNf + operator: ćȬ4鏉1, + values: + - L0 + namespaceSelector: + matchExpressions: + - key: nVgt + operator: ɤ湿ŭò-ɋ鼴)箥Ȅ鋖ʄBK + - key: GD7 + operator: 峄9ƚ涙閉ʃ謩云飠:鎂玚wƁȖ] + values: + - i8cg6A + - TeOYSsj + topologyKey: rEB + - labelSelector: + matchLabels: + s0PrY366si5H: Qwj + ytBgNf0: e + mismatchLabelKeys: + - eylzvu + - q + namespaceSelector: + matchExpressions: + - key: os4H6DpxQ + operator: 5õċ鋵葿葄痄ɍ览逪ȋ`j + matchLabels: + vL3arho: gPmLG + namespaces: + - PjQTIWTFeK + - g5HCelWpMjnF + - QN3mXW + topologyKey: I5osiWTrzhb + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: HK + envFrom: [] + image: nZ5PG/5q2qCT:z10JAfCu + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: -1989869025 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 56050789 + periodSeconds: 193173949 + successThreshold: -1606638368 + timeoutSeconds: -1117024654 + name: console + ports: + - containerPort: 52 + name: http + protocol: TCP + readinessProbe: + failureThreshold: -509957017 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1816814831 + periodSeconds: 406466643 + successThreshold: 450108513 + timeoutSeconds: -1862950899 + resources: {} + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 邻ȸNJ"纴ý汫篤訙铵寄貹Z[逗ą弣 + - lǀ敕ɖ + privileged: true + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 3375680259081538600 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: P + name: zBgE7HVQ + subPath: hw6PBLgv5R + subPathExpr: YAI5mPj5 + - args: + - K9 + - 02olyp + env: + - name: F + value: rhVGTadjT + valueFrom: + configMapKeyRef: + key: 3TA0cg2R2 + name: DLZ + fieldRef: + apiVersion: s + fieldPath: Ux + resourceFieldRef: + containerName: avop + divisor: "0" + resource: itl5J4xK4 + secretKeyRef: + key: Av9eKok + optional: false + - name: QaOLYDLT + value: FQu + image: 1MFnpZG + imagePullPolicy: 脓 + livenessProbe: + exec: + command: + - lH4S + failureThreshold: 1311534645 + grpc: + port: 1048835191 + service: p5EtELTs + httpGet: + path: Zjrv + port: Ypah5av + scheme: þʙ龠ȉ%Vę皓ŏ蟝ǙĿìɋN + initialDelaySeconds: 1980070741 + periodSeconds: -728109708 + successThreshold: 1412960079 + terminationGracePeriodSeconds: 4797597904045468000 + timeoutSeconds: -1164059804 + name: oron + readinessProbe: + failureThreshold: -1734715333 + grpc: + port: -673781482 + service: 20iHh + initialDelaySeconds: 270804414 + periodSeconds: 1240219458 + successThreshold: 957649997 + terminationGracePeriodSeconds: -7921460752123720000 + timeoutSeconds: 2069469191 + resizePolicy: + - resourceName: M29 + restartPolicy: tL + - resourceName: WK + restartPolicy: T軂>ȋ1觫蚴Ș + resources: + limits: + KS: "0" + ZDx: "0" + kIjQHQZ: "0" + requests: + BSB: "0" + restartPolicy: LJW獮 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ɺ嚹晐囕胐ƻ + - ņɹ桴O塾q6賤呋f铰}Ʒ輽ʁ[顝 + runAsGroup: 6868723237582569000 + runAsNonRoot: true + runAsUser: 433131246318901200 + startupProbe: + exec: + command: + - mB6 + - Om9w + - "" + failureThreshold: -1184477652 + grpc: + port: -1276243610 + service: m6d + httpGet: + host: VzPuwIiTpY + path: C + port: 0NYj1C + scheme: V=@彆鈂t³Ɉµs斾m蛊ɲ + initialDelaySeconds: -898287287 + periodSeconds: -413255468 + successThreshold: -1510482870 + terminationGracePeriodSeconds: 4884332649151511000 + timeoutSeconds: -1445193311 + stdinOnce: true + terminationMessagePath: DQTH7 + terminationMessagePolicy: ÈɁ;ň);ɑI×ĕ觫'ɣ + volumeDevices: + - devicePath: v + name: AZ6wCimJFM + - devicePath: ZtIx + name: GFe3 + volumeMounts: + - mountPath: tt + mountPropagation: 侮E墝調cé攊疀" + name: UJ + readOnly: true + subPath: JlqP + subPathExpr: lA2v + workingDir: OV90 + - command: + - 8jHRuz + envFrom: + - configMapRef: + optional: false + prefix: yfl3PI + secretRef: + name: r7eR + optional: true + image: m4Etaoz8Bf + imagePullPolicy: okÛļ閷YƗzƄǧ + lifecycle: + postStart: + exec: {} + httpGet: + host: zu9aQLsX + path: xIFogzAoC + port: 1MjUE + scheme: 斔疏ʟn菝 + preStop: + exec: {} + livenessProbe: + failureThreshold: -1399917612 + grpc: + port: -876522011 + service: 2y + httpGet: + host: X9nNdf + path: 8mVJlz + port: 220487349 + scheme: 兇)hr裳ǔ湟钑>ȓn厠tū晣颊 + initialDelaySeconds: -968878635 + periodSeconds: 411754743 + successThreshold: 2083381130 + terminationGracePeriodSeconds: 2736468416107855400 + timeoutSeconds: -423937148 + name: Or + readinessProbe: + failureThreshold: 1628351372 + grpc: + port: -1466105410 + service: b + httpGet: + host: 8kOz + path: IhSlrBw8tiX + port: 1Vd + scheme: qV·dƖ> + initialDelaySeconds: 735135195 + periodSeconds: -175995819 + successThreshold: 1379601279 + terminationGracePeriodSeconds: 386635447886660740 + timeoutSeconds: 125503732 + resources: + limits: + LuudLJ9i: "0" + iXpYUWY: "0" + mHi: "0" + requests: + XLnFU: "0" + mSq9e3u: "0" + t6WYwzmga: "0" + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - ɭ鎣肪綢ȀNj8)屫鈄骸嗢æ憰qWTƶ剡 + - "n" + - OwkʙƝk}ɾ丧< + drop: + - Ť<嶼ȯ愉9宆嵧pɡ%ɐxė鹞鸵鏞 + - ƅgʆ炊ƞąÙ$Ǯ帶SȔ黌畕ǦƖȫV9 + - Ŏʠ羮ɍ痘摬 + privileged: true + runAsGroup: 5710532895986022000 + runAsUser: -7207500526873246000 + startupProbe: + failureThreshold: 2053062827 + grpc: + port: -1076044334 + service: s8s7 + initialDelaySeconds: 7348194 + periodSeconds: 889500482 + successThreshold: -645465298 + terminationGracePeriodSeconds: 4356974427366500000 + timeoutSeconds: 136481601 + stdinOnce: true + terminationMessagePath: t4pW + terminationMessagePolicy: ƣ + volumeDevices: + - devicePath: Df8O3UFZ + name: QL93u + - devicePath: WKg + name: nD4H + volumeMounts: + - mountPath: xs9 + mountPropagation: e羝ș+oũ蘘汉 + name: grr + readOnly: true + subPath: aUYSuUM6f + subPathExpr: mm773yL + workingDir: o + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + Jy9: v + VcMeUW2U: xOwcDQYY + wkI: TbemvxUUg + priorityClassName: sLkcwZ + securityContext: + fsGroup: 99 + runAsGroup: -9040107238323409000 + runAsNonRoot: false + runAsUser: 99 + serviceAccountName: 43zobnL + tolerations: + - effect: 蜆³Ə抴璖獍ä鷲炥/=霒0ǷU伀稂ı + key: EMvrrkeG3 + operator: Ȓǒs夃Ȑɉ鋄蛓m÷,旂 + value: yd + - effect: 旌;"ȡ媟窐:ljʥh蓭殰Ȩƴ邃ȬIȻL + key: n87GpiB + operator: '偵~ȥʢȈ珎ſ龕5sʠŇưT4-§Ƀ ' + value: TUaznROmQffrRe1 + topologySpreadConstraints: [] + volumes: + - configMap: + name: HK + name: configs + - name: secrets + secret: + secretName: HK + - name: "" + - name: SXJ +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "HK-test-connection" + namespace: "default" + labels: + HzuQ: mCfbHBQ + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 3Wh + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + xi7L: ibI45 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['HK:389'] + restartPolicy: Never + priorityClassName: sLkcwZ +-- testdata/case-030.yaml.golden -- +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + T: f0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: J + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + jwrBMvwfg: K6I5HsI5 + nk8eJc: nS + name: G9 +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: DtIy + kafka-sasl-aws-msk-iam-secret-key: 9xCf7 + kafka-sasl-password: 8F + kafka-schema-registry-password: krNk2 + kafka-schemaregistry-tls-ca: 5I73C + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "34" + kafka-tls-ca: DaT + kafka-tls-cert: LaU0jwOpGv + kafka-tls-key: "" + login-github-oauth-client-secret: BoOjni + login-github-personal-access-token: uUxZ + login-google-groups-service-account.json: NulwlJ + login-google-oauth-client-secret: oeL6p7fcL + login-jwt-secret: SECRETKEY + login-oidc-client-secret: yRSh2 + login-okta-client-secret: xKLBJ9ZAR + login-okta-directory-api-token: HTZWfHt + redpanda-admin-api-password: 5DQTqKD + redpanda-admin-api-tls-ca: m5pg + redpanda-admin-api-tls-cert: yfP + redpanda-admin-api-tls-key: gzG +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + T: f0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: J + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + jwrBMvwfg: K6I5HsI5 + nk8eJc: nS + name: G9 + namespace: default +spec: + ports: + - name: http + port: 250 + protocol: TCP + targetPort: 475 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: J + type: QAVsE +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + T: f0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: J + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + jwrBMvwfg: K6I5HsI5 + nk8eJc: nS + name: G9 +spec: + maxReplicas: 10 + metrics: + - resource: + name: cpu + target: + averageUtilization: 227 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 477 + type: Utilization + type: Resource + minReplicas: 306 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: G9 +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "G9-test-connection" + namespace: "default" + labels: + T: f0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: J + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + jwrBMvwfg: K6I5HsI5 + nk8eJc: nS + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: wu1 + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['G9:250'] + restartPolicy: Never + priorityClassName: KuRS +-- testdata/case-031.yaml.golden -- +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - {} + - {} + roles.yaml: |- + roles: + - {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xknw + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + q4ZdG9q: IJWaYu9mhun + sFTTcyl: qVyaa0ULC + name: 59cQ0qKLI +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xknw + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + q4ZdG9q: IJWaYu9mhun + sFTTcyl: qVyaa0ULC + name: 59cQ0qKLI + namespace: default +spec: + ports: + - name: http + port: 112 + protocol: TCP + targetPort: 375 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: xknw + type: N9chrF +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xknw + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + q4ZdG9q: IJWaYu9mhun + sFTTcyl: qVyaa0ULC + name: 59cQ0qKLI +spec: + maxReplicas: 25 + metrics: + - resource: + name: cpu + target: + averageUtilization: 460 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 169 + type: Utilization + type: Resource + minReplicas: 20 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: 59cQ0qKLI +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + Q: 3KXvHleq + YUY: BD + mdCRk: Ilk9wDjAw + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xknw + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + q4ZdG9q: IJWaYu9mhun + sFTTcyl: qVyaa0ULC + name: 59cQ0qKLI +spec: + ingressClassName: GuB1VTCp + rules: + - host: WsTbK7W + http: + paths: + - backend: + service: + name: 59cQ0qKLI + port: + number: 112 + path: MKCR56 + pathType: hEV + - backend: + service: + name: 59cQ0qKLI + port: + number: 112 + path: "6" + pathType: pv + - backend: + service: + name: 59cQ0qKLI + port: + number: 112 + path: rNv + pathType: L0CY1c8 + - host: OxFD + http: + paths: null + - host: Ojx + http: + paths: null + tls: + - hosts: + - C + - wxjmQWXDn + secretName: ESgom5IBQR +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "59cQ0qKLI-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: xknw + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + q4ZdG9q: IJWaYu9mhun + sFTTcyl: qVyaa0ULC + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: 2Ry3vDGf6 + - name: PE5R + - name: uWsoZ + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['59cQ0qKLI:112'] + restartPolicy: Never + priorityClassName: mFg +-- testdata/case-032.yaml.golden -- +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - K8wnWSD: null + bwYE7: null + y4j: null + - GvFfKdgL: null + enU8G4: null + wvnJcOn: null + - td7: null + roles.yaml: |- + roles: + - YQBucbbDX2R: null + - 2UuDKjR: null + IV0Yus9: null + ci20SljQkhw: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + B19ue: 8W + Kxm5R1: R + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wB + app.kubernetes.io/version: v2.7.0 + e3Cx: MIAO + helm.sh/chart: console-0.7.29 + name: llK4G +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + B19ue: 8W + Kxm5R1: R + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wB + app.kubernetes.io/version: v2.7.0 + e3Cx: MIAO + helm.sh/chart: console-0.7.29 + name: llK4G + namespace: default +spec: + ports: + - name: http + port: 418 + protocol: TCP + targetPort: 486 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: wB + type: aaIqePq +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + xpNWT: MpOZ + creationTimestamp: null + labels: + B19ue: 8W + Kxm5R1: R + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wB + app.kubernetes.io/version: v2.7.0 + e3Cx: MIAO + helm.sh/chart: console-0.7.29 + name: llK4G + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: wB + strategy: + rollingUpdate: {} + type: ȁ进辫fu + template: + metadata: + annotations: + checksum/config: ae52af057e6331e5caa1d321881f906df93659aa45a5458c4dd4ae890cf7695b + creationTimestamp: null + labels: + So: waKMMvnY + VXPE0: 8ExVsj + app.kubernetes.io/instance: console + app.kubernetes.io/name: wB + ip1RGEzt4t6: "1" + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: 735732238 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cFkyLM + operator: 岊B + - key: V3cKSq + operator: ǟ濈1ɑÎ"孲ȀŨFhŲ + values: + - hz + - matchExpressions: + - key: 8N + operator: 9´敤T + values: + - amWROpS + matchFields: + - key: 7hmWbsKS + operator: "" + values: + - lS + - slkOyX + - YlwPcdVh + - matchExpressions: + - key: n5YD + operator: Əüʢ軾ŚũɳnŒ + values: + - 5s4eD6x + - WMkZIzS40rxp + - zCnW + - key: JawyIOLo + operator: 巳c習Gnƛ{ɩ¯Ĭ枺lȜʩ泿趏ǙĊi + values: + - Fvzyw13fUZC + - 4w9T3GeG + - mVj9N + matchFields: + - key: 4amyTWvhx + operator: Ąŵ8雌%ɸ*W褒卒S + values: + - cPr0Nm2WFo1dBq + - a + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: XgsMMBS + operator: ȗ諹 + values: + - foI + - NN1yiUNR + matchLabels: + Qq: VB19aUlI + mismatchLabelKeys: + - hcD + namespaceSelector: + matchLabels: + vMT90cNq3PYf2z: upe + topologyKey: RSVn9W + weight: 603398420 + - podAffinityTerm: + labelSelector: {} + mismatchLabelKeys: + - 4IL0rEe9 + - yY0RMU2 + namespaceSelector: + matchExpressions: + - key: tIka9jS + operator: 7怘xə4ÏɦW + values: + - l + - ajs6c + - hkYj + - key: Qu + operator: ʊ鏀ɑ蒀刹gE + values: + - 2UvY + - hRB1wKXyHi9 + topologyKey: ZKWyn5kI + weight: -1674108352 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: KQfZ4 + operator: ġȁAu盝ȭƈŦ齬{z + values: + - itNS0T + - jL + - key: q0HemjU + operator: e銳ȇ葁õDÏ筃 + values: + - M5yeE + - gJJY + - HInHzXgX + - key: d1LKZ1 + operator: Q + matchLabels: + XElv: QGJ + nD: kNCk5qe + wUtw34v: sCjj5z + matchLabelKeys: + - ej9hOPjp7W + mismatchLabelKeys: + - lhU9gP + - T7rMlvu + namespaceSelector: {} + namespaces: + - ii3aa + topologyKey: 8U7 + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: CkQsu4fS + operator: 鄦&ɲȅ + values: + - RVnwZ + - EVk + - key: yt + operator: 傓N嬅宠H^÷ + values: + - 1L + - rVQPs + - dUHOKQ + - key: hQ1Tl + operator: ɣë筁尻!絜辩^riʨ莠8dƋ + values: + - 4D6Y + - 5TXh + - 8RH + matchLabels: + "9": jb2X + IdL: PQj0N + iB09Upiijt: JpN + matchLabelKeys: + - rKS9p8 + - sK8p + namespaceSelector: + matchExpressions: + - key: KQ6 + operator: '篛I6ÝBŘ F媍/:' + values: + - NXP47Fm + - Z0Qh2Y4 + - JeWX + - key: Yh + operator: '!j3W' + values: + - mTm5dkO58H + - "" + - key: 6q + operator: 景¨Sŝvo/ + values: + - TrgtrP + - zqIsId + matchLabels: + 7E3A1K: "7" + 63IlVL: aSxc + W1hP: 1H9k3O + namespaces: + - "" + - 2Ma + topologyKey: FFqt + - labelSelector: + matchLabels: + "": wklJJ + C8JZ: LP + U1pz: kAE1l4 + matchLabelKeys: + - shj5V + - oU074y + - Ufq2w + mismatchLabelKeys: + - oBzMiOSgd + - iSF + namespaceSelector: + matchExpressions: + - key: fCbLu + operator: 塊衅m鑀ȣ戢ŭ阻蹯ȟ獇ɨ + values: + - B6TgQ75 + - FAHTEOSesQ + - Ms2Kw7XQ + - key: 133fMqId + operator: "" + values: + - pJc0Zu8 + - T1PEuV0uism + matchLabels: + 1rfPa2b4Ny: cemR + Np9l: lcX + SjNYy4: VZX + namespaces: + - 7W + - umFBWrpUDHv + - "" + topologyKey: pPUIqPXo + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LICENSE + valueFrom: + secretKeyRef: + key: bujGpO7D0C + name: V + envFrom: + - configMapRef: + name: nJXDn + optional: true + prefix: g3ZpAEUJC + secretRef: + name: 5Yin + optional: true + - configMapRef: + name: spYG9o0 + optional: false + prefix: Wv01 + secretRef: + name: BxDbe + optional: true + image: mU/xY76Tj:AgKh6S1 + imagePullPolicy: "" + livenessProbe: + failureThreshold: 1396135036 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1526591550 + periodSeconds: -972224922 + successThreshold: -39437670 + timeoutSeconds: -1229662908 + name: console + ports: + - containerPort: 486 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1061708880 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1618839364 + periodSeconds: -2098998213 + successThreshold: -846859522 + timeoutSeconds: 1824930679 + resources: {} + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 退晦Ţ鲛 + - '}ʄ攏嫫;Mǐ豒ɇf,搅Ð貑ș|Óf' + privileged: false + procMount: D + readOnlyRootFilesystem: false + runAsGroup: 1564095685271138800 + runAsNonRoot: true + runAsUser: -3929576237300142600 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - args: + - T + - Pvf1yAamEa + - jQE8UakuY + env: + - name: 3g + value: JexRP + valueFrom: + configMapKeyRef: + key: QZ + name: QcC + optional: true + fieldRef: + apiVersion: Iv + fieldPath: d7xQ + resourceFieldRef: + containerName: jLpJ + divisor: "0" + resource: m + secretKeyRef: + key: Quhh + name: HUhzPAEo85 + optional: true + - name: ehSBff + value: nHu + valueFrom: + configMapKeyRef: + key: v3Icanu + name: dNPJ8 + optional: false + fieldRef: + apiVersion: xO7UQDq0 + fieldPath: gAyGB6Nj4 + resourceFieldRef: + containerName: Bs2D + divisor: "0" + resource: xJCQsH + secretKeyRef: + key: 3T6tjIQWa0C + name: 8TvRbhP + optional: false + envFrom: + - configMapRef: + name: mf + optional: false + prefix: pZxp + secretRef: + name: v + optional: true + - configMapRef: + name: wosjc9 + optional: true + prefix: ehhmFeLY + secretRef: + name: Ll + optional: false + image: kZ8UUm + imagePullPolicy: Ɓ + lifecycle: + postStart: + exec: {} + httpGet: + host: K29SzZPo + path: y2bQL8 + port: Cr + scheme: 轂Ì蕏ʋ + sleep: + seconds: -3765902632580054500 + preStop: + exec: + command: + - 1pT5X + httpGet: + host: NouEQF + path: WITzSW + port: 1565482371 + scheme: ƒ塒廛鎐藽瀫 + sleep: + seconds: 1831382645860082000 + livenessProbe: + exec: {} + failureThreshold: -1525719681 + grpc: + port: 99688681 + service: xa0sl3k5KM + httpGet: + host: prjHPqf + path: RHwZIE + port: 2UZ7hXI + scheme: 瑀ċ廤ȵ + initialDelaySeconds: -1367665605 + periodSeconds: -1023789296 + successThreshold: 206844073 + terminationGracePeriodSeconds: -3901072071078889000 + timeoutSeconds: 1670691424 + name: t + ports: + - containerPort: 2046398071 + hostIP: pJg + hostPort: -1247541550 + name: DrYeHQ6 + protocol: ²ȑBŸ + readinessProbe: + exec: {} + failureThreshold: 852505381 + grpc: + port: 8093048 + service: "N" + httpGet: + host: uuaPC + path: Mpxk6p + port: -297149767 + scheme: 這伦礗鯪àe]雚腴k£ɂ闧ɦĚH鏰浳 + initialDelaySeconds: 296244720 + periodSeconds: 1237321103 + successThreshold: 722306410 + terminationGracePeriodSeconds: 7739978307238029000 + timeoutSeconds: -2129506856 + resizePolicy: + - resourceName: NBfNOBC + restartPolicy: ƞdWǝi鎠R殩杜Ś晚尒尧ǐ; + - resourceName: oDw8xEb + restartPolicy: ja侬ƕ + resources: + limits: + BJcVkW: "0" + Ub5Spt: "0" + nWi63TNlCyM: "0" + requests: + e5vcw0H: "0" + eKz0z: "0" + gK: "0" + restartPolicy: 嗈ǒɟNǭ臥穥Ť + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - $拷霒Ø耖} + - ijĸN藬?w粯痵餒薃辕5勅ů + - 幒Ƹʁòĺǂ浼GX + drop: + - 宖 + privileged: true + procMount: 凝 + readOnlyRootFilesystem: false + runAsGroup: -7000080292188881000 + runAsNonRoot: false + runAsUser: 9107304642056619000 + startupProbe: + exec: {} + failureThreshold: -208121509 + grpc: + port: 133215347 + service: pj4Kw + httpGet: + path: hGLW3 + port: -239286046 + scheme: YsÌǮŦʁ¡ē峪3 + initialDelaySeconds: -817672524 + periodSeconds: 1846655614 + successThreshold: -243958761 + terminationGracePeriodSeconds: 4190490525804645400 + timeoutSeconds: -973067987 + terminationMessagePath: 9vMe3Y + terminationMessagePolicy: 雍Wȯ嘷台厃$Țʍ13b霞两e + tty: true + volumeMounts: + - mountPath: yZbL + mountPropagation: 鲫絎Q(銞ÎÕX堙Ľ銃曅注t锋ɮj覧« + name: UFfAqsgd + subPath: wSo + subPathExpr: bIsBP3O + workingDir: DYBcINRq + - command: + - wgBryFN + image: NorbK + imagePullPolicy: 鉓Ĕʠ;兮)Frë + lifecycle: + postStart: + exec: {} + httpGet: + host: Z + path: 3v + port: W1vDkt + scheme: ŷ索gp=ŵāǼ餆嬦Ƹl媓R}豟ɠĖ. + sleep: + seconds: 1583583004300077000 + preStop: + exec: + command: + - XztEol6So + - GveA + - H4aUl + httpGet: + host: 75LDW + path: nu + port: I + scheme: 胛Uȁ¬ + sleep: + seconds: 4617693270470586000 + livenessProbe: + exec: {} + failureThreshold: 1423393786 + grpc: + port: 2097410769 + service: "" + httpGet: + host: W7 + path: PyPprD6 + port: dHwCyz + initialDelaySeconds: -1439644816 + periodSeconds: 182024489 + successThreshold: -1861505070 + terminationGracePeriodSeconds: -4166230023615503400 + timeoutSeconds: -704907360 + name: sFz5 + ports: + - containerPort: 1977465061 + hostIP: kxqRig + hostPort: 393211643 + name: DRO + protocol: ķǔȈ + readinessProbe: + exec: + command: + - mn + - 4TZCjrWPW18 + failureThreshold: 972699487 + grpc: + port: -1384519737 + service: IY5quWWV4JC + httpGet: + host: wq91i + path: Zy + port: -1192576969 + scheme: Á^_ + initialDelaySeconds: 2107832874 + periodSeconds: 1041520026 + successThreshold: -118135340 + terminationGracePeriodSeconds: -4946782594204673000 + timeoutSeconds: -1933961678 + resizePolicy: + - resourceName: MG7PMkMMObJJU + restartPolicy: §觫困Ȏ龝ƃȃɩ芴ÎĽ + resources: + requests: + I4: "0" + zLy: "0" + restartPolicy: 粛醑綇蝙Ɣò犁鶓A + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 掀ǃA颺LnFąɏ動 + drop: + - 输6sĺ宯hĢ + - ĨƨO檔暰z + - Neɬ慿Ȁ0ɳ蠈ǚǦO¸Ğ崔ʂ¢剚 + privileged: false + procMount: 翄怉DžǬ?胉獄ǙƊɚx虉F + readOnlyRootFilesystem: false + runAsGroup: -1943526545280953900 + runAsNonRoot: true + runAsUser: -7089742793545457000 + startupProbe: + exec: + command: + - hDj + - ONyz91fkTFY9t3 + - ynDWkO + failureThreshold: -5561223 + grpc: + port: -1069825885 + service: oQmy + httpGet: + path: l4sWc + port: 53AhP + scheme: ȩ + initialDelaySeconds: -6165070 + periodSeconds: 1844899228 + successThreshold: 903779261 + terminationGracePeriodSeconds: -3909221818854749700 + timeoutSeconds: 746670574 + stdinOnce: true + terminationMessagePath: egr00cLki + terminationMessagePolicy: ɯ2鰌^坪yN蠏Ĵ + tty: true + volumeMounts: + - mountPath: YOyu1MjxN2 + mountPropagation: :鸛o鮓L`<]ơ1b忙n鲃{< + name: dODfVz + subPath: ZknFq + subPathExpr: oX1n + - mountPath: 4TEsoc + mountPropagation: 帺Õ斯剅ƫf鳌麓HƸŘÂ瘖?謾軌 + name: hau + subPath: w24Wq4e + subPathExpr: i2TEix + - mountPath: uuujj + mountPropagation: 氻ʃ2NFJ啼铗"O{À-ŧLJ弟 + name: klnXhhnxKk + subPath: SEx + subPathExpr: CK2FmmyYThL + workingDir: NCvZAa + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + ih: xT3Dk3PXT + xhq: vu + zLR9: wFjrfu + priorityClassName: WeB9y8 + securityContext: + fsGroup: 7101468120327600000 + fsGroupChangePolicy: ȴ鳁ƨ殳h`熡ƍʊ0ŀ擳琗图.AƱX滋 + runAsGroup: 4262945102741077000 + runAsNonRoot: false + runAsUser: -9214274730002703000 + supplementalGroups: + - 4135587743067906600 + - -2908166639165702700 + sysctls: + - name: Yo9 + value: zak2 + serviceAccountName: zpH + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: llK4G + name: configs + - name: 1zZI6J + - name: D + - name: OUqOnvjvba +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + B19ue: 8W + Kxm5R1: R + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wB + app.kubernetes.io/version: v2.7.0 + e3Cx: MIAO + helm.sh/chart: console-0.7.29 + name: llK4G +spec: + maxReplicas: 459 + metrics: + - resource: + name: cpu + target: + averageUtilization: 497 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 146 + type: Utilization + type: Resource + minReplicas: 198 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: llK4G +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + Lhm: f24CRNEJvs + pk6fq: "2" + creationTimestamp: null + labels: + B19ue: 8W + Kxm5R1: R + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wB + app.kubernetes.io/version: v2.7.0 + e3Cx: MIAO + helm.sh/chart: console-0.7.29 + name: llK4G +spec: + ingressClassName: EXqR + rules: + - host: chart-example.local + http: + paths: + - backend: + service: + name: llK4G + port: + number: 418 + path: / + pathType: ImplementationSpecific + tls: + - hosts: + - xEciJGskt + - pBxfBltrqACoat + - INyj + secretName: Qy + - hosts: + - F6sf + - EHuJ + - 95my0 + secretName: XOIr +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "llK4G-test-connection" + namespace: "default" + labels: + B19ue: 8W + Kxm5R1: R + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: wB + app.kubernetes.io/version: v2.7.0 + e3Cx: MIAO + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['llK4G:418'] + restartPolicy: Never + priorityClassName: WeB9y8 +-- testdata/case-033.yaml.golden -- +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - 7x: null + Ia1K2tdRuYi: null + j6c9: null + roles.yaml: |- + roles: + - {} + - 6Vndf: null + f: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bCPeYVWao + app.kubernetes.io/version: v2.7.0 + gZ85uw3T: e + helm.sh/chart: console-0.7.29 + qO: F4dqLo67vKYZ + name: foGC +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + lrtdFF: 60R7 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bCPeYVWao + app.kubernetes.io/version: v2.7.0 + gZ85uw3T: e + helm.sh/chart: console-0.7.29 + qO: F4dqLo67vKYZ + name: foGC + namespace: default +spec: + ports: + - name: http + port: 229 + protocol: TCP + targetPort: 59 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: bCPeYVWao + type: 2K35 +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: bCPeYVWao + app.kubernetes.io/version: v2.7.0 + gZ85uw3T: e + helm.sh/chart: console-0.7.29 + qO: F4dqLo67vKYZ + name: foGC + namespace: default +spec: + replicas: 390 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: bCPeYVWao + strategy: + rollingUpdate: {} + type: 呇弰$腕煴贔棳軀+œʃǀŖ* + template: + metadata: + annotations: + checksum/config: b3a4b261d0705e207d46ac15067d5c7d7c951cf0c0fa7736607331369bd47b6d + creationTimestamp: null + labels: + 1bb6: "" + 3U: mfPv + T: Q + app.kubernetes.io/instance: console + app.kubernetes.io/name: bCPeYVWao + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchFields: + - key: 1O + operator: 拺5ř(Ƅ餕ʟ{鐻Ƈ + weight: -2070567569 + - preference: + matchFields: + - key: JlGR + operator: 脱?ĶA蛜頒ǽGǷ藸 , + values: + - 8zZEVom + - TY + - FSSQQ + - key: w3C + operator: sɯeM^筘褑 + values: + - Q + - i48uKb + weight: -1969968900 + - preference: + matchExpressions: + - key: ZsgVr + operator: Eȗ + - key: RfMZL + operator: "" + - key: r + operator: džɬ毿鵮V町iAÉ橁zy题ʔu7ÆO9 + values: + - uj8h + matchFields: + - key: "" + operator: :止褮Ȃ宸 + values: + - 9h + - Do + weight: 1160212382 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: nmW + operator: '%U<Ȫk7家fƥ降]:' + values: + - e4hDXWb9G8Qi + - SynNDfUn + - C8kz + matchFields: + - key: QO0Q + operator: l!m0ʒbƹ豫ň + values: + - eh + - key: VE5mZtP + operator: ~x蹵#ÂvǗRɩ啭Ö澭肞¤7跜庛Ɍ + values: + - yT + - key: 1Cony + operator: 阃 + values: + - ahj6j + - matchExpressions: + - key: TvhlZutK + operator: 5叹ùz + values: + - rog + - key: qLPNTFw8 + operator: 藘鸘Œé溇ʄsoɷƱǺȾ蹾K混īl軇 + - key: F + operator: 則Yǹ郰饉貓伜ſ0|麊 az襽准 + matchFields: + - key: VcfFwmb + operator: WJMU狰槃žiǶq挿} + values: + - b7G + - "" + - wzxeij27DD + - key: "" + operator: 殀ǥ + values: + - "9" + - 0E3EkrfSX + - vzth + - key: omoz + operator: e´Ģ桇适TŽǤʈ + values: + - TVj0W7 + - 7HjUt2w + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: nN1614M7 + operator: '鰺/堅ý髉铊ɇƴ2友凇3 ' + values: + - D0tt + - sG9E + matchLabelKeys: + - l + mismatchLabelKeys: + - vqTKCL2D + namespaceSelector: + matchLabels: + LIgB: qqC9YL + namespaces: + - BLdVDzfY + - eq + - qB + topologyKey: qwces + weight: 899210618 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: hIz8wo + operator: ĥ\{ė + values: + - ZwYh1 + - 4l9U + - Q5Io + - key: sd3eCUDob + operator: 蒴ǚ<灁Q柷娸颂嘃üĸƢı + values: + - U0 + - "" + - WXJjoBRKrfEY + matchLabels: + QSrEl7t0: hxsiSGCubb + mismatchLabelKeys: + - PiUy + - VhBWFCyx6C + namespaceSelector: + matchLabels: + G: 07tU6 + ZCO1QQK: b + uq: HISLIo9ZC + topologyKey: 87eQuI + weight: 1750437304 + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: nK0RSDE + operator: R(陛m诜ȯơȴ豨躻 + matchLabels: + CE9: u8FukDT + U5N: "y" + matchLabelKeys: + - 5I6wiiY + - JDZsP + - zGyW + mismatchLabelKeys: + - 4WZHZ + namespaceSelector: + matchExpressions: + - key: N9E9 + operator: ȅ)礯占鷨ʫɩfǡnʎə掅Ux曶HŁ遐 + values: + - JdC + - 3NS25HFHxU + - key: "" + operator: ı獗& + - key: q + operator: 髢£Ȋ泽ZwVfc剻Ţ嬊j + topologyKey: "" + - labelSelector: + matchExpressions: + - key: Tof0 + operator: ĥM:ɑȏF叆綯炩藁û漄f + values: + - jTpj + - gYZ8IIq + - key: avL + operator: ɼƌ壟.敾¦ + matchLabels: + P1w: Nb9t3e + matchLabelKeys: + - TkIx94Dmu + - 8KVE + - UEJW + namespaceSelector: + matchExpressions: + - key: gQOOR5Pz + operator: Ȁ蛝畆粔辧殤,ǔžɨʜ + values: + - MiGt + topologyKey: nn1x + - labelSelector: + matchExpressions: + - key: C + operator: 瘎%瑧¹$兤 + values: + - p5TR + matchLabels: + c9PNRTZ: L + matchLabelKeys: + - 9xrNO + - saFgUzTD530EV + namespaceSelector: + matchExpressions: + - key: "" + operator: 琨j貙ŰĤ煾骣ƢƐ肾Q`ĥ?舶 + values: + - "7" + - T4pSI + - key: u0lbHcT + operator: čÉ壶霻*ǻ蠦Źê潡%!Ȱʁr.ň沀痊 + values: + - voUu0X + namespaces: + - tX + - uDgtoDt + topologyKey: "1" + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: RTz9f + value: kK5WtZCFpsl + valueFrom: + configMapKeyRef: + key: CB1UV + name: 0pF + optional: false + fieldRef: + apiVersion: xO4s + fieldPath: n2G + resourceFieldRef: + containerName: GmnwMQ + divisor: "0" + resource: yX30Dke4u + secretKeyRef: + key: vPbHh + name: oBAn1EoZmPzN + optional: true + - name: LICENSE + valueFrom: + secretKeyRef: + key: 9y6KmPZ + name: QM + envFrom: + - configMapRef: + name: lo + optional: false + prefix: mSdySXyKqEkl + secretRef: + name: t4daT3 + optional: true + - configMapRef: + name: IFTvBGq + optional: false + prefix: qKk6o + secretRef: + name: "4" + optional: true + image: JWsGq/JAUpWzFL:3WF1aV + imagePullPolicy: 躂Qʢ瞶CǁȮ + livenessProbe: + failureThreshold: 604102540 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 93396392 + periodSeconds: 1323534907 + successThreshold: 2044410955 + timeoutSeconds: -725304614 + name: console + ports: + - containerPort: 59 + name: http + protocol: TCP + readinessProbe: + failureThreshold: -1216486926 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1636119248 + periodSeconds: -1587206371 + successThreshold: 1085720843 + timeoutSeconds: 1603673472 + resources: + limits: + HS: "0" + sspp8OAsyF: "0" + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - ɇǎȬ+丰DZ}薞ɎƐ + privileged: false + procMount: Ȧ杖煃a/ɓ<3ő+笽pȗdzSj + readOnlyRootFilesystem: true + runAsGroup: 8336843233603803000 + runAsNonRoot: true + runAsUser: 956863148985923500 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: WfYQ + name: v1bEam0d + subPath: "" + - mountPath: hpZaUwi + name: 2keqwtlu + subPath: "" + - mountPath: bCeiaipj + name: RAI0g6yvn + subPath: "" + - mountPath: gRGvu + mountPropagation: Ŋ4ǔ盍薟惮睌ȿ濍ȯȀüƳ$ + name: oJv65V + readOnly: true + subPath: P20XHtoR + subPathExpr: SzD + - mountPath: xhuwGvn + mountPropagation: 搛悈nj鰣*颵俠Ʀ慫灗岵ȆǴ騔Ė栢č)q + name: ebDa1q2nKt + readOnly: true + subPath: "6" + subPathExpr: N0xOT + - mountPath: xHTM + mountPropagation: 0關ɮUeŪ + name: P8noEsWy3t + subPath: y5E + subPathExpr: oP2A6C + - args: + - 3OUsoZkVHy + - Gn3 + command: + - NLtY + env: + - name: 51Xcm68sAs + value: PUTq + valueFrom: + configMapKeyRef: + key: udLx6h9 + name: wSgnPbc + optional: false + fieldRef: + apiVersion: oVPbc + fieldPath: CGK + resourceFieldRef: + containerName: Ind7j + divisor: "0" + resource: 9tlZc + secretKeyRef: + key: z2i + name: aloI0W + optional: true + - name: nGb + value: I91 + valueFrom: + configMapKeyRef: + key: Ft8IZO4DX + name: 7PY9CO1 + optional: false + fieldRef: + apiVersion: DysSUO + fieldPath: M + resourceFieldRef: + containerName: i + divisor: "0" + resource: mbVAnrQ + secretKeyRef: + key: ZVD + name: 4gLX + optional: true + - name: SEd7KC2 + value: I0 + valueFrom: + configMapKeyRef: + key: 71k + name: B + optional: true + fieldRef: + apiVersion: vJE + fieldPath: nvSzEcQ + resourceFieldRef: + divisor: "0" + resource: fYaXGkFYlrz + secretKeyRef: + key: xDT4Uhi + name: a + optional: false + image: NLoqH + imagePullPolicy: U肵銨龋搁}ŗ=;ī篱ɺ頁掆薑 + lifecycle: + postStart: + exec: + command: + - NAmBp8Ijy9vgKS + httpGet: + path: GukCZ + port: umdXEe + scheme: ɭL莒ƠĦZ¢.0tȠȴF梩¯牏GȐ + sleep: + seconds: 2463489515348869600 + preStop: + exec: + command: + - RAP7lxh + - 0WRf37xLvaEE + httpGet: + host: Xi + port: 395093084 + scheme: '}Ä*諓懚泾ıɥ磀>ȃÓ愍瘞5' + sleep: + seconds: -2989387296528249000 + livenessProbe: + exec: + command: + - AondI + - CvX + - X9Dwm + failureThreshold: -1669443788 + grpc: + port: 1602861347 + service: 5dF71q + httpGet: + host: yOYLS + path: m99M + port: 1421693426 + scheme: cǶ嫙x勬´筮 + initialDelaySeconds: -348887387 + periodSeconds: -855526929 + successThreshold: -1868658835 + terminationGracePeriodSeconds: 7220662525875544000 + timeoutSeconds: -893266456 + name: 62y7 + ports: + - containerPort: 41082986 + hostIP: H + hostPort: -671022955 + name: Q + protocol: Ģ + - containerPort: -676585553 + hostIP: jdTqIIXMX + hostPort: 441858691 + name: bam + protocol: ã鯑 + readinessProbe: + exec: {} + failureThreshold: -1607827734 + grpc: + port: -732628448 + service: d + httpGet: + host: q2uSglvPX + path: 5YB9kNfy37 + port: -425352890 + scheme: ZʇįʔÌ玫Ʊ儝$緀ƥǣ鮀 + initialDelaySeconds: 1646541382 + periodSeconds: 597275764 + successThreshold: 1444783765 + terminationGracePeriodSeconds: -4224719974242331600 + timeoutSeconds: 1778484407 + resizePolicy: + - resourceName: YWwAdc + restartPolicy: 蓊ƽqs洊蛀Ƴ澠誉 + resources: + limits: + 9c5: "0" + DJI: "0" + uyw: "0" + requests: + 7livK1: "0" + PWZFD5fFpVA: "0" + restartPolicy: ǐ踊丸y苡汎0塛yM眗酊L攚dzyÚmG + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - țƒ摨1娣Q札遢ʌā4魯 + drop: + - W~ + - ȮnLv|麬O稕Ʉ幖0Ţ&揵¸ + - àPĪɉɯ鋹芨ȲƿƛĞx + privileged: false + procMount: ɉq$|ŀ蘨寱彣ɎȈORe]O掓I + readOnlyRootFilesystem: false + runAsGroup: -2438856757446633000 + runAsNonRoot: false + runAsUser: -8511671649189409000 + startupProbe: + exec: + command: + - "" + failureThreshold: 157629836 + grpc: + port: -20533111 + service: vASy4b + httpGet: + host: 94HpH + path: t70 + port: W59mpID + scheme: ħ6琏 + initialDelaySeconds: -146258274 + periodSeconds: 47385732 + successThreshold: -1646222325 + terminationGracePeriodSeconds: -5575789846018255000 + timeoutSeconds: -351943504 + terminationMessagePath: r0ZY2 + terminationMessagePolicy: 傂G嶃a橢抴=Ȃĺ庆ɏ鬹揖絴鹥ɣ¸Ȫs + tty: true + workingDir: XFFilzd + - command: + - VSuU6yfyc8y + - gLgP + env: + - name: PSOr4 + value: m2ujo1f4 + valueFrom: + configMapKeyRef: + key: B9Gc + name: BaR3c + optional: true + fieldRef: + apiVersion: OFu + fieldPath: Pydi + resourceFieldRef: + containerName: jPiF + divisor: "0" + resource: jyp8A7uPD + secretKeyRef: + key: fcGCM + name: Hs + optional: false + - name: Ax9HfRa4p + value: S3R2 + valueFrom: + configMapKeyRef: + key: ZDzzhFD + name: soDgOej + optional: false + fieldRef: + apiVersion: iSfQ + fieldPath: Plzxy53z + resourceFieldRef: + containerName: DfBt3S + divisor: "0" + resource: 757s44h + secretKeyRef: + key: bn2IGjj + name: x8E + optional: false + - name: r + value: PmO + valueFrom: + configMapKeyRef: + key: Htzib1 + name: gfbsiTcDY + optional: true + fieldRef: + apiVersion: Frhab7p2yh + fieldPath: K6XKg + resourceFieldRef: + containerName: CLX + divisor: "0" + resource: cq + secretKeyRef: + key: R + name: zPHkUHXQ + optional: false + image: bSZCow + lifecycle: + postStart: + exec: + command: + - "y" + httpGet: + host: 2cDO + path: L5m + port: yhJI + sleep: + seconds: 6222265361848815000 + preStop: + exec: + command: + - yVT + httpGet: + host: Ibt0C5XF + path: Kf7kW1 + port: Tlj66QW + scheme: 砰僮 + sleep: + seconds: 4926532563180302000 + livenessProbe: + exec: {} + failureThreshold: 982752870 + grpc: + port: -257993986 + service: XKTDj + httpGet: + host: 7vfaAybCd + path: GuTTi + port: 1952486193 + scheme: 馾耼qȩ罔磙ɮƥŴ²叇yēņȮ藺 + initialDelaySeconds: -817095459 + periodSeconds: 603211453 + successThreshold: -1693358568 + terminationGracePeriodSeconds: 3002071779676479000 + timeoutSeconds: 992801771 + name: 9QZX + ports: + - containerPort: -1838828544 + hostIP: cQQMftB + hostPort: -321659395 + name: XBD7a + protocol: '>V>ŝO随;YƁ' + - containerPort: -439290918 + hostIP: Bp0lf + hostPort: 431013681 + name: WQ5qc + protocol: 髄Ĝ估螗ȳ鎷ʫh + readinessProbe: + exec: + command: + - PjwAB3G + - k + failureThreshold: -2015478850 + grpc: + port: 156976837 + service: RSgDfH + httpGet: + host: Yi7aQ + path: 8Ql9 + port: 1150587533 + scheme: C箿i綔ȍȢ ŅŴ娒燸孆5乬瓤Ɛ + initialDelaySeconds: -486757233 + periodSeconds: -994300453 + successThreshold: 2128356439 + terminationGracePeriodSeconds: 4683705418302065000 + timeoutSeconds: 1635565784 + resizePolicy: + - resourceName: deutsepb + restartPolicy: õ崑o¾oɞø°ŮƑ欩Ʋ + - resourceName: WaO + restartPolicy: ±蜊ư蕭材y昍U + resources: + limits: + XiOokB: "0" + gxJ8zn4y: "0" + requests: + "": "0" + RFaH: "0" + restartPolicy: 7岻ðȸɉo熮燍ȉ=n + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 迠譚綞撪颫,ʖʃ佞诌Ŧ丞śɧ璯PʥT + privileged: false + procMount: 荞£DS + readOnlyRootFilesystem: true + runAsGroup: 6728166770219184000 + runAsNonRoot: true + runAsUser: 2918288689668335000 + startupProbe: + exec: + command: + - o + failureThreshold: -949081542 + grpc: + port: 220928812 + service: EIuHGNT4 + httpGet: + host: 21BmFcJ50ov + path: WC7WP + port: njQtxPF + scheme: 鲰ʌȱ卹烛橇淃ō雀)缅tb憅棔JǓ*ɒ + initialDelaySeconds: 1631334347 + periodSeconds: -785602818 + successThreshold: -1111896125 + terminationGracePeriodSeconds: -8014749222013301000 + timeoutSeconds: 795835881 + stdinOnce: true + terminationMessagePath: m08AZSt + terminationMessagePolicy: 盛P1砦ǚ瀱#Ʌ穇嘜\Ɍ + volumeDevices: + - devicePath: NdQPZme + name: uHcdGnKv + volumeMounts: + - mountPath: IX + mountPropagation: diȔiN6ļɃƐ釭卬O + name: fPg + subPath: iY + subPathExpr: U + - mountPath: E + mountPropagation: 1ĵ氓ŝ瘛o扬=[蟗 + name: xt + readOnly: true + subPath: 2KRhR + subPathExpr: Vm0HMwn + workingDir: jusEo + - args: + - Ejt + - DYgNM8X + env: + - name: HkwQ + value: fpHbv + valueFrom: + configMapKeyRef: + key: 3e + name: Q + optional: true + fieldRef: + apiVersion: lh + fieldPath: "" + resourceFieldRef: + containerName: E1uEhn3 + divisor: "0" + resource: 0Pa + secretKeyRef: + key: co85cv7H + name: KL1I3G + optional: false + - name: 5MQMJhqUni + value: 34PEKwUkR + valueFrom: + configMapKeyRef: + key: ABhM + name: qq5b + optional: false + fieldRef: + apiVersion: vCLN + fieldPath: tge3Z + resourceFieldRef: + containerName: ST + divisor: "0" + resource: qFS8 + secretKeyRef: + key: Am + name: BLI353a5GI + optional: false + envFrom: + - configMapRef: + name: KBum1 + optional: false + prefix: 56g + secretRef: + name: zt5 + optional: true + image: XgUFG + imagePullPolicy: 锄ģnj[眈例ƚ淍ƁĐ~ + lifecycle: + postStart: + exec: {} + httpGet: + host: Yp7F87b + path: "y" + port: OtElY + scheme: ǐʮŕ + sleep: + seconds: 640752187186511100 + preStop: + exec: + command: + - 4GYkI2pQ + - QB + httpGet: + host: DFjlmWGAFM + path: qLfFaRePdtA + port: GTUH4 + scheme: 罛&ĥ顱Ƌ + sleep: + seconds: -1289822532228205800 + livenessProbe: + exec: + command: + - youyR + - J + - IiK3AJ + failureThreshold: 527043957 + grpc: + port: -1790391516 + service: wFKNeu + httpGet: + host: TjItsuCL + path: Lo07CoiEpmJ + port: 1449812891 + scheme: 聗œdz_x忔8 + initialDelaySeconds: -923296146 + periodSeconds: -920279093 + successThreshold: 1372003156 + terminationGracePeriodSeconds: 4545671926845562400 + timeoutSeconds: -1730135112 + name: ouxZOTiA7 + ports: + - containerPort: 365499724 + hostIP: c3z3 + hostPort: -1622732613 + name: jfpQ + protocol: 鬍匤<ɔɟǜ鼴`ʃ荞ɗ线亮Ô¼ + - containerPort: 387750436 + hostIP: 7OF + hostPort: -922470687 + name: 20ZoNWnefc + - containerPort: -1003650010 + hostIP: yK31 + hostPort: -479225666 + name: 1Up + protocol: 郣-齡^c艃7ɑU牌驀墭:煞 + readinessProbe: + exec: {} + failureThreshold: -189409295 + grpc: + port: -880806937 + service: N1zEO + httpGet: + host: vN9 + path: n8TKqPF + port: -995680865 + initialDelaySeconds: -2090855365 + periodSeconds: 1849358636 + successThreshold: 811072097 + terminationGracePeriodSeconds: -5833095732594203000 + timeoutSeconds: -65186305 + resizePolicy: + - resourceName: 9rUpDkTFnW + restartPolicy: KSʮ1ĩ`乀_Ɠ颩紵 慒¨ƶ挢¸s诡 + resources: + limits: + MYEa: "0" + ngW: "0" + requests: + 174vfq: "0" + restartPolicy: 軵ƿǽ嚢遳E + securityContext: + allowPrivilegeEscalation: true + capabilities: {} + privileged: true + procMount: Ő\烔Z座畄睸zɩCɎx簫S悍a + readOnlyRootFilesystem: false + runAsGroup: -6410700953715651000 + runAsNonRoot: true + runAsUser: -8187102783441072000 + startupProbe: + exec: {} + failureThreshold: 1640672315 + grpc: + port: -799307372 + service: w9KE22PLk + httpGet: + host: e6Zo4rWs + path: tscGwI + port: 2071839677 + scheme: '&ǂȞ<辳)9撆ʚ6&U}P%捸`y' + initialDelaySeconds: 652003075 + periodSeconds: 1077051101 + successThreshold: 1528128815 + terminationGracePeriodSeconds: -2176015428967645200 + timeoutSeconds: -998563216 + stdinOnce: true + terminationMessagePath: P + terminationMessagePolicy: 8痃v7ȱ噣愜Å%Ġ3 + volumeDevices: + - devicePath: k8uvc + name: GL + - devicePath: 31O9l + name: ivY + workingDir: PtgSFsc1GvC + imagePullSecrets: + - name: s1B + - name: R54rm + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + TDma3: eGasO + cs6G: CyEFp0L + r: xdylcKb + priorityClassName: uHKqx + securityContext: + fsGroup: -4412504815274792000 + fsGroupChangePolicy: Ȯƭhjb糯妔ȂǑʜ胴}轣 + runAsGroup: 3860793197532220000 + runAsNonRoot: true + runAsUser: -1963293898483195400 + supplementalGroups: + - 2429921255984048000 + - -2773566751575633000 + - 5629450590441919000 + sysctls: + - name: h + value: zKVw + - name: D5ekUqS2 + value: 5FxU + - name: dgHyyau + value: o + serviceAccountName: S9Bk + tolerations: + - effect: 酼駘宁ì<^ʉ逐GM¼韹宅劑圦ȢN鵸; + key: LjdOPUZjJ + operator: 窃銥ɺ嘭t緯ȇw,[t捻S麨vɂ閰 + tolerationSeconds: 1714321621775966700 + value: Uvm9nY3 + topologySpreadConstraints: + - labelSelector: + matchExpressions: + - key: AUro1 + operator: 聘 + values: + - x5E03owNK1 + - 61u06hoBRErcl + matchLabels: + HMA: 7iZSaiF + jCP15v: ksLC1iD + matchLabelKeys: + - cp + - CZpJKgP + maxSkew: 644443933 + minDomains: 1722624609 + nodeAffinityPolicy: ú(ʆɴȾ狍lfĒHȉ嫔7ix壿 + nodeTaintsPolicy: 遡lşř门Ǣl + topologyKey: qP + whenUnsatisfiable: "" + - labelSelector: + matchExpressions: + - key: i8xDfgO + operator: ʖĝ#烕ɋřĊI + values: + - bOA4n + - ByUsK + - key: 6fCdAFtmFF + operator: 靕ƭ錒Ĕ + values: + - JIMC2Pc + - a7wA08 + - key: xMn + operator: "" + values: + - gSa5XT + - 50IS6 + - "8" + matchLabels: + DoGCwvltR: vVXQcZcxdz + JLmhsQlh: L3AY0Pv + X9: U + maxSkew: -2038040013 + minDomains: -1884001920 + nodeAffinityPolicy: 嵋磋ɹ:ɢ慚TA烁.X幰 + nodeTaintsPolicy: 奒)ʅm=矕郔o鬻鴊ȵɯt债CŔ儤 + topologyKey: qkx4gKx7 + whenUnsatisfiable: 匊aO卞肝喚覕Ȭnr說ɉƢ/Æȧ婡賛 + volumes: + - configMap: + name: foGC + name: configs + - name: v1bEam0d + secret: + defaultMode: 64 + secretName: FOCtz7x + - name: 2keqwtlu + secret: + defaultMode: 494 + secretName: 1dug + - name: RAI0g6yvn + secret: + defaultMode: 354 + secretName: "2" + - name: MqQb15NA +-- testdata/case-034.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + 0fz: qRhpB + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zE + app.kubernetes.io/version: v2.7.0 + blGSa: Hnim0SflkfpF + helm.sh/chart: console-0.7.29 + name: QxrM + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - zktoFv: null + - BnTf: null + N30: null + O: null + - "5": null + up6oELWDxO: null + roles.yaml: |- + roles: + - 3vFSt6CV6h: null + - zwoEunAfS: null + - "": null + Kz: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + 0fz: qRhpB + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zE + app.kubernetes.io/version: v2.7.0 + blGSa: Hnim0SflkfpF + helm.sh/chart: console-0.7.29 + name: l +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + W8Ix4: 4kOonr2 + g93: wNXcKSBg + creationTimestamp: null + labels: + 0fz: qRhpB + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zE + app.kubernetes.io/version: v2.7.0 + blGSa: Hnim0SflkfpF + helm.sh/chart: console-0.7.29 + name: l + namespace: default +spec: + ports: + - name: http + port: 421 + protocol: TCP + targetPort: 214 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: zE + type: d2QGeqxiX +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "l-test-connection" + namespace: "default" + labels: + 0fz: qRhpB + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: zE + app.kubernetes.io/version: v2.7.0 + blGSa: Hnim0SflkfpF + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: AGiMf + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['l:421'] + restartPolicy: Never + priorityClassName: ER4 +-- testdata/case-035.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + 7lpi: QQ + RK: "" + od3x: "3" + creationTimestamp: null + labels: + 5NU: UG7t + 6NmZI: QxuTdplvdDdc + BYcISWrd5: YZbXA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: HMyYp + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + roles.yaml: |- + roles: + - CSJ: null + - 0hM2tbS5: null + ZhG3M: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + 5NU: UG7t + 6NmZI: QxuTdplvdDdc + BYcISWrd5: YZbXA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Bv0I +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + C3p: uCspVMX + creationTimestamp: null + labels: + 5NU: UG7t + 6NmZI: QxuTdplvdDdc + BYcISWrd5: YZbXA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Bv0I + namespace: default +spec: + ports: + - name: http + port: 51 + protocol: TCP + targetPort: 456 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ZQQlqx7Np +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + 5NU: UG7t + 6NmZI: QxuTdplvdDdc + BYcISWrd5: YZbXA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Bv0I + namespace: default +spec: + replicas: 464 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: + rollingUpdate: {} + type: Ʉ>朄崍ʡƥɼ戋\IJĹ + template: + metadata: + annotations: + checksum/config: 6556f5b75614fc7b5556cf3e548fa463f543604a0e97446ccd74584bf794de97 + creationTimestamp: null + labels: + Klzm: we + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + e: C2swj + s: vw1lrq + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: Zjc3H + operator: ~IJʚ伥ʜ1鷦鄪脳= + - key: AI40kXKS + operator: Tr^ǘõ8ù<鹶ĉ崱 + values: + - fCyDs + - nJRkjROTjd + matchFields: + - key: yFbZ + operator: Ĉ8%Sp + - key: AUDzh + operator: 礉 + values: + - agJ0f + - MD + - key: hREcH + operator: Ǻŀɏʉ紸戳禰ȸ酲 + values: + - JUaNJ + - CXFmegvU + weight: 1536882470 + - preference: + matchExpressions: + - key: pXW + operator: '@ļ矏鮯ɭ碊Gɽt蜮閻ƃǖ#ũ' + values: + - I8SZLF + - key: Rz + operator: '''p麛ȧ' + - key: mvD0aV1 + operator: 狴ȸ溂辷0Ġ + values: + - JpJWDh + matchFields: + - key: OB4 + operator: "" + values: + - tnWLH4yB + - "" + weight: 410194565 + - preference: + matchFields: + - key: 2C + operator: 屮少Ļɶ賊滺W + values: + - 28ZwpH + - ybv8 + - 8qy7 + - key: bs + operator: ŝ鮱芬Ǧ脸ƍ蠎Ā + weight: -1129044572 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: ayaEl + operator: Ɗ琫 + values: + - WGZPb + - EzYpfj + - key: Isb + operator: '@£驍' + matchLabelKeys: + - 2NNt + - NCBB22ja0 + - retU + mismatchLabelKeys: + - x3 + namespaceSelector: + matchExpressions: + - key: iQ + operator: u倲鹩?úʈ腄跛[¤O + values: + - 5y4bG + topologyKey: STnAVX + weight: -1894745290 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: R + operator: xʣcǦ:槠ʒ鄊喁蠨 + values: + - P + - 348OOM + - "0" + - key: hpIVL + operator: 鷭ʚ櫹hȅɩ&嘨Ād旌³ƑǫʄcǶ + matchLabels: + h6hNi: II1Z29P + t: 8wxT + matchLabelKeys: + - P + - axCJXjr + - ICeVp + mismatchLabelKeys: + - ljKwc + - mr6kl5v + - e + namespaceSelector: + matchExpressions: + - key: C + operator: =ĥĕ壚_隈]Ȑ釀侹ʩʎ痿c揜 + values: + - K1K + - c8fwp + - 8vQ4EPywlatl + - key: 28EpNe + operator: 鼓頳'ʛ1挂ō緕当gToʇ接遫 + - key: "" + operator: ƝZĂ 寑=愝奚Ĩw桟t摧pŸ + values: + - BuqtJnV + - 0hpJEbg + matchLabels: + 4lNwC: NEzAktH + h3ErklId8G: qClR4lO9e + namespaces: + - AYtMy3oUrS + - aX5P8O + topologyKey: 6D + weight: -1152164451 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: F6jo11z + operator: 亊路+M + values: + - h + - mmuiW + - GIV7E3H + - key: C + operator: v2佉鱉v辑ɞȠXɎʫǸú81Ɵ + values: + - QL + - MPxVd + - dqj9PPnthc + - key: 6JaPa + operator: 8dž貒ɑzןlȍH琧3ɞ + values: + - 1vJUmwXUq + matchLabels: + CIFj: YwH + Y2kn8RCwh: 90KzxhieelQ + y05g7PKLJ: 75bPN + matchLabelKeys: + - bYiD + mismatchLabelKeys: + - IiTYx5K5t + namespaceSelector: {} + namespaces: + - rZw0zlprDr + topologyKey: sxEn3K + weight: -1384321177 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: VgaK0hEji + operator: Ĺ礇紈銠噐ɴ諠2稇Ɠ鸈ý藁 + - key: S + operator: 鋸ɢǎ"膤ƭU軖tg埞鴤駩蹡 + - key: 9CwIty + operator: '`\糖ť8弤娹)覇gƲ妒墲9n' + values: + - 3j6O7C1tYz8 + matchLabels: + 0gEuFD: 74yF5 + matchLabelKeys: + - C + - IaGS + mismatchLabelKeys: + - W1 + - x + namespaceSelector: + matchExpressions: + - key: WXQ4P + operator: eĈ峧ʔƟ±ps缆D戭ǟ + values: + - "" + - EyV7u6ShG55 + topologyKey: DHgv6 + - labelSelector: + matchExpressions: + - key: RrGr5 + operator: 苭 + values: + - s + - Uk9D + - qTA4 + matchLabels: + yvalC: zQDHWOCId + matchLabelKeys: + - j1mN0G + mismatchLabelKeys: + - VdCZU8 + namespaceSelector: + matchExpressions: + - key: YzPO7z + operator: Lȇ杦娀 + values: + - 4UCJLskm4 + - VY + - key: arPd + operator: 燔佰馛{I諵Gƣ_*e + matchLabels: + g3PzQTKu: EtFrI + namespaces: + - ZXe + - ik9z + topologyKey: Os0u + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: DTU + operator: 鷚OíDzRě¤觹J闬#6U脥狍 + values: + - "" + - A5o + - gC + matchLabels: + Dm: WpOLJ + matchLabelKeys: + - z + mismatchLabelKeys: + - ICMl + namespaceSelector: + matchLabels: + XY9q9YY6uD: CiedBn + namespaces: + - vZ6M + topologyKey: OpLnLGsE + weight: 538966601 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: kEha + operator: Ę沌`f帞qA'躚S郻Ɏ珍韄 + values: + - etjdRyp + - zavjaM + - OYvYj + matchLabels: + KVwZfB: KEPzsU59 + RkZ: 0VcRQYQ + YpbOAE: DLjKEd + mismatchLabelKeys: + - djF + - SUMMj + - TGSC2G8I1Up + namespaceSelector: + matchExpressions: + - key: menWm + operator: k÷餌Ō + values: + - x9N + - mtsmYut + - key: szQb + operator: °« + values: + - hkxKeWqC + - key: YJUom + operator: ź²%FÔ縥:嗚K + values: + - NiQwKD + matchLabels: + 4AI5GYaY: ALH1BY + Bu43TOQ: WD + H: iujH1 + namespaces: + - Lc1PZ + - Z7LIE + - s4c0o + topologyKey: P7xmm2 + weight: 1130067767 + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - yJiUSi + mismatchLabelKeys: + - 3ulP + - "66" + - "4" + namespaceSelector: + matchExpressions: + - key: eK + operator: 钕Ŧ + values: + - yRj + - Ukm + - "" + - key: "" + operator: 锧BȾLF譨Ɣ? + values: + - MtLk2 + - mUrlwRAdRoNX + - key: rlSqK0xlaaI + operator: 'Ɏƶʗ疇ȵMÇŕ翸鑉d劯kʦĺʄ4 ' + matchLabels: + FGHX9SlJz: MRMXuk + topologyKey: 4morNsk6TdYi + weight: -971499940 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: zosngP + operator: ʒ蠜¡ȂŧIH闦º弓鳾蠖Ą批9}_ + matchLabels: + "": wEhn + P1O8tGwJ: ZC + matchLabelKeys: + - IN0 + namespaceSelector: + matchLabels: + wMID0: aOr1UxM + topologyKey: krnVB + - labelSelector: + matchExpressions: + - key: mE + operator: 虵xǯ6熋湧ƳʝŅU节擎隆X鏯 + values: + - k + - bcx + - ks + matchLabels: + nYs: Hv5tuwQ + zAVu: G1PF + matchLabelKeys: + - u + - Gi6tJR + - "60" + namespaceSelector: + matchExpressions: + - key: bqRj + operator: ĭ啞&/sFş(墠O1Ÿ( + values: + - fe2dTLTbB + - QLUYqgc + - XBuCBfk27 + - key: exMkm + operator: m輚ɮ凪哇褚 + values: + - EQROy + - XQDPF7uw + - key: MwOO + operator: 鹗u仏兤o*>蒟顨ƽėȰ + values: + - TGv + - VVtqHApm + - 7Mub + matchLabels: + PI: elzxW + Wd1Q: MYEPScu1su + i: uENdc + topologyKey: QlwUBoDWM + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: 14jKCyMC + value: Mb95Ivlchi + valueFrom: + configMapKeyRef: + key: FMRh9 + name: VwME2dRYnb + optional: true + fieldRef: + apiVersion: NlY1uxRPgql + fieldPath: NDrKU5 + resourceFieldRef: + containerName: gPQ1TD3MX + divisor: "0" + resource: r6HOpjj + secretKeyRef: + key: "n" + name: RQLa2rQL7Y + optional: false + - name: LICENSE + valueFrom: + secretKeyRef: + key: xLO4B2BCZUJ + name: BQR2Y + envFrom: [] + image: XB9ke7yB/EwU0pzhz:SmZAnO7 + imagePullPolicy: 垿儣Ƈ#WMƻ + livenessProbe: + failureThreshold: 724782955 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1633166106 + periodSeconds: 2105675880 + successThreshold: 225361138 + timeoutSeconds: -1665363921 + name: console + ports: + - containerPort: 456 + name: http + protocol: TCP + readinessProbe: + failureThreshold: -1128918125 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -116128728 + periodSeconds: -1936485392 + successThreshold: -1735161598 + timeoutSeconds: -1293939870 + resources: + limits: + 0PRJ1bi: "0" + JUjtrq: "0" + WN9h: "0" + requests: + TCeGWCB: "0" + x5O0IxuN: "0" + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - '@晏駚T!UɎȉépg鎘Ȉ' + drop: + - ÚơĊ猴渋ĭ8膔櫔ż択ůĦ抹 + privileged: true + procMount: 偖躪 + readOnlyRootFilesystem: false + runAsGroup: -543916493751029760 + runAsNonRoot: false + runAsUser: 7772713475568768000 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: pqfdKzb + mountPropagation: "" + name: 6btv + subPath: xLjoA + subPathExpr: UseM + - mountPath: EYXxm + mountPropagation: 煊`ś蠶+蓲慅4曌Ƥ4臜.魼簌m缽荈巇 + name: 6ut6g + subPath: 7N + subPathExpr: ypY + - command: + - DlBCuc8xa + - X2hi8Mp + image: 00GQ5 + imagePullPolicy: 賎ʂG}Ƌ煚6ūaĠ腻f + lifecycle: + postStart: + exec: + command: + - mVlE + - cFmlozRTJ + - "" + httpGet: + host: RIzcOYFo + path: eZge9wzJjW + port: ugY08 + scheme: 讣Ɨƶ"ɇǘƓƮ + sleep: + seconds: -5362042555365295000 + preStop: + exec: + command: + - "" + httpGet: + host: hLxRfJhv + path: JA8kOIY + port: tpH1 + scheme: '''k:嘡葊佒ďȏǓɡ毫/视倴ĩ}Ɓ u' + sleep: + seconds: -915316715834475000 + livenessProbe: + exec: {} + failureThreshold: 1628387875 + grpc: + port: -119747124 + service: 3cnWKI + httpGet: + host: 6Wzb9 + path: Af + port: RAzYX + scheme: 嘾Q經f + initialDelaySeconds: 4951530 + periodSeconds: 1309655668 + successThreshold: 918641827 + terminationGracePeriodSeconds: -3073080783253286400 + timeoutSeconds: -1896420637 + name: yML27O + ports: + - containerPort: 509868797 + hostIP: XMFIjyy7MNejY + hostPort: 2083818454 + name: gd + protocol: 槏 R¨ƽT³簑ƤA$<猿.0d + - containerPort: -164866787 + hostIP: eh + hostPort: 1842390272 + name: H7 + protocol: y擫`/洄]ʢÓ7Ā紐ǟ塋 + readinessProbe: + exec: + command: + - 5MrELPMn + - 23x1a + failureThreshold: 1394382122 + grpc: + port: -96138878 + service: DBq + httpGet: + host: 60SrHkgc + path: OwZeja1P + port: 721461548 + scheme: ' `$ħ' + initialDelaySeconds: -2125734502 + periodSeconds: 66441733 + successThreshold: 130216629 + terminationGracePeriodSeconds: -7113768241875088000 + timeoutSeconds: -977567736 + resizePolicy: + - resourceName: 8VNf4C + restartPolicy: Ě} + resources: + limits: + 2TX: "0" + Yd3: "0" + avcFFX: "0" + restartPolicy: Ę<彪6 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - ūW銹fn|óOB¶őǝ:ɛ暙- 嫴 + - 韣噺Ȑ主鋥Ɣ睩熾@Ĥvƈ + - 気ʎɭ愢勈īɔ垆ŀ槌,q儇p顼ǯ歳 + drop: + - EģIJ>筡|n譌ɶd2鍇$X/ȴ偎穾7 + - "赻探ǞiN胂a + name: 79CeZyd + subPath: xMQ + subPathExpr: NvU + - mountPath: smgfnmvP + mountPropagation: ʈ + name: CuKUC + subPath: hZ8KJ3 + subPathExpr: CK4WsX + - mountPath: zm + mountPropagation: 傩骟Ⱥ|尤fŇɓ呣ɘĩŽ + name: wRtUU + readOnly: true + subPath: T1 + subPathExpr: cidBhX8I + workingDir: M0jsi8 + - args: + - rQ7QBmZ4 + - Q32wY3lGUA + - VGeP + command: + - "6" + - 5vVr2Q + - 4YDd + env: + - name: DY1 + value: sge + valueFrom: + configMapKeyRef: + key: O8RUTpJ + name: SCF5ph + optional: true + fieldRef: + apiVersion: NY0hb + fieldPath: ViZ0f + resourceFieldRef: + containerName: "Y" + divisor: "0" + resource: sCX + secretKeyRef: + key: Ma + name: 6s6lc5 + optional: false + - name: m19lk2eiDtcdB7 + value: 0JaB + valueFrom: + configMapKeyRef: + key: VolU + name: jnFjMLIQ19 + optional: true + fieldRef: + apiVersion: "6" + fieldPath: N0wIEnFmQ + resourceFieldRef: + containerName: QwDG86d + divisor: "0" + resource: pda + secretKeyRef: + key: Uc7x1XF + name: efgc + optional: true + - name: 8A + value: 1kUmljHSb + valueFrom: + configMapKeyRef: + key: "" + name: z18yxT + optional: true + fieldRef: + apiVersion: 1qaE + fieldPath: vEzPx + resourceFieldRef: + containerName: GYhSz + divisor: "0" + resource: Ttq + secretKeyRef: + key: aaGRQS + name: C + optional: false + envFrom: + - configMapRef: + name: "0" + optional: false + prefix: 5cqcw + secretRef: + name: O7Gex12 + optional: false + - configMapRef: + name: DHEYwZ + optional: false + prefix: wSbyGx + secretRef: + name: 9nM86dZi + optional: false + image: E + imagePullPolicy: 栧Z + lifecycle: + postStart: + exec: + command: + - 6775E + httpGet: + host: hIoYmpbc + path: qEf + port: rnJpXG69m + scheme: 赙¯6a腚 + sleep: + seconds: 4894208532244896000 + preStop: + exec: + command: + - mHtY + - 0hh1Tr + - "" + httpGet: + host: BuElf + path: fJPDiyG + port: PybmIT + scheme: M*Ķ + sleep: + seconds: 7544543348205058000 + livenessProbe: + exec: + command: + - z7IJ + failureThreshold: -360493877 + grpc: + port: -1395908290 + service: zV1i + httpGet: + host: GLn + port: -279409955 + scheme: ǃU螄骰褃Ʀ诐Ɯ{,ɍb萎Ɲʢ鰪\U + initialDelaySeconds: 1831688310 + periodSeconds: -280461011 + successThreshold: 84363106 + terminationGracePeriodSeconds: 7513815341722355000 + timeoutSeconds: 442815657 + name: pGthpc + readinessProbe: + exec: + command: + - T39QO5 + - "" + - DbSsPel + failureThreshold: -1901163919 + grpc: + port: 1255815597 + service: xeTv + httpGet: + host: bipPJGJ + path: nghEbF + port: uyLPK + scheme: 翁渹牯澖 + initialDelaySeconds: 1295268788 + periodSeconds: 17921235 + successThreshold: -212369586 + terminationGracePeriodSeconds: 1061046207943693700 + timeoutSeconds: -1707711843 + resizePolicy: + - resourceName: RLHi + restartPolicy: 掳?帐(Ǖčĭ纜 + - resourceName: H1Bv + restartPolicy: Ɉ駃愝ɲƁ2*ʍJ蕦ʃĹr}尕5J埉g + - resourceName: f + restartPolicy: ɧ帨y晒ʪäǗ«ǤǞugT埤X澇寿Ù\ + resources: {} + restartPolicy: 7Y熀7rúǬ轘 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - Ǒn%Aʙ]m* + privileged: false + procMount: 鼷R珍沌 + readOnlyRootFilesystem: false + runAsGroup: -287129322294347260 + runAsNonRoot: true + runAsUser: 3942212766283409400 + startupProbe: + exec: + command: + - gN + - zpmlcJ + - DeLJ4s + failureThreshold: 102924404 + grpc: + port: -1304933194 + service: 0iK + httpGet: + host: jbg + path: ZqaSpx8C + port: UPJqfy9dOO + scheme: 韼QY岩沴ì釪儇9ĩN + initialDelaySeconds: -46268668 + periodSeconds: -1126074804 + successThreshold: -2093938118 + terminationGracePeriodSeconds: -3498490773203628500 + timeoutSeconds: -736335366 + terminationMessagePath: "7" + terminationMessagePolicy: 辺OB¯悱楆3Ǫ首傭ɟ鮛ïƇ豙ǁUȵ + tty: true + volumeDevices: + - devicePath: DSh1 + name: 1OMawuQAlZD7 + - devicePath: "Y" + name: liCI2j + volumeMounts: + - mountPath: JPO9Ewk3kgaeuBD + mountPropagation: k釂Żɮ>ɸêW箁B| + name: QGO7HtoR + readOnly: true + subPath: oYudCrOqA + subPathExpr: Z1oG + - mountPath: iH6 + mountPropagation: dP帗俪Ťŷ/6¤þ剛&Ģ趽qi + name: 9Ro4aQU5yby + readOnly: true + subPath: piBl3 + subPathExpr: nfDFn + - mountPath: uU2H4 + mountPropagation: ljQ + name: "" + subPath: rj2 + subPathExpr: E + workingDir: BveK3 + imagePullSecrets: + - name: ygWNP7C0W9 + - name: lo0PU + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + LAqpO: N7lh0C2 + RqG8qj: ltTa5 + X3q: F5c + priorityClassName: F + securityContext: + fsGroup: -8750452531563962000 + fsGroupChangePolicy: RȗɻÎ + runAsGroup: 3754171381447903000 + runAsNonRoot: false + runAsUser: 2565919490422334500 + supplementalGroups: + - 2907772986244332000 + - -4686580881125536000 + - -7134026849524392000 + sysctls: + - name: 8gezWufB + value: 2Jv + - name: 4nhjhT6P + value: 32ZuT + - name: cQk5tljX + value: Aimzt8kirN + serviceAccountName: HMyYp + tolerations: + - effect: aƻƀi + key: 7II7D0fA + operator: 跳<ȴŤƇ梐ȸŷR + tolerationSeconds: -92963183946417040 + value: U + - effect: p鸿xś冣9ɩ揊Ů忁琺ȖP壡o繊堮 + key: 5sC + operator: XɦǨ燖Ż綯逆挤ʦ斝蟏滣ʣ + tolerationSeconds: -6405135249548566000 + value: c2m6hlo + topologySpreadConstraints: + - labelSelector: + matchExpressions: + - key: bsO + operator: Ⱥ8欟慡Ƿţ6氙絿鐘黬聠ç + values: + - hbuLC + - SdAZnchI + - key: b4Pjya + operator: jɀh5湧,Ȳǣ6謉<ɦ + - key: gXEm + operator: ',k涃栏岴g橚甇ȳ0禰餝榖睌ěB縩侾F' + values: + - q9VqX4l + - zoMoc9Vb5 + matchLabels: + B0T: uiIEpLD2 + V: jdhpTcaa + pz: V1dJXS8 + matchLabelKeys: + - yoFhTrxV + - o + maxSkew: -1837539887 + minDomains: 2144009248 + nodeAffinityPolicy: 怓覷環ʤ苷疿ʡB聧!]LJƱĿGť + nodeTaintsPolicy: V~0韾¾Ȣû&嵙纠&ȠVƧ鍌 + topologyKey: GldA + whenUnsatisfiable: Ƀk纩{寍HƋ&庝僟D徼聊 + volumes: + - configMap: + name: Bv0I + name: configs + - name: 00PT1WRWHX + - name: P4 + - name: fn +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: {} + creationTimestamp: null + labels: + 5NU: UG7t + 6NmZI: QxuTdplvdDdc + BYcISWrd5: YZbXA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Bv0I +spec: + ingressClassName: vg + rules: + - host: daRMGxIy7gKoE + http: + paths: + - backend: + service: + name: Bv0I + port: + number: 51 + path: GVhF41Ue + pathType: TeM8 + - backend: + service: + name: Bv0I + port: + number: 51 + path: UontjIzl + pathType: MN + - backend: + service: + name: Bv0I + port: + number: 51 + path: "" + pathType: xN + - host: YCgI + http: + paths: + - backend: + service: + name: Bv0I + port: + number: 51 + path: MPhdfahEcn + pathType: ECPrn + - host: GDOlAVRM + http: + paths: + - backend: + service: + name: Bv0I + port: + number: 51 + path: H5pExfzke + pathType: v8 + tls: + - hosts: + - dQiMWdJ8cYKS + - 35K + - 8Kin + secretName: C + - hosts: + - zPo + - Z7 + secretName: SiZz +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "Bv0I-test-connection" + namespace: "default" + labels: + 5NU: UG7t + 6NmZI: QxuTdplvdDdc + BYcISWrd5: YZbXA + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: ygWNP7C0W9 + - name: lo0PU + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['Bv0I:51'] + restartPolicy: Never + priorityClassName: F +-- testdata/case-036.yaml.golden -- +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + Nv: YHcp9u + RMi5: o4 + ViLr0: zrEw3 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 9mG8n4Wu4 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: AumW +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: EfQbyB + kafka-sasl-aws-msk-iam-secret-key: B + kafka-sasl-password: w + kafka-schema-registry-password: qiltVq + kafka-schemaregistry-tls-ca: kyT4j + kafka-schemaregistry-tls-cert: Tu4varJ + kafka-schemaregistry-tls-key: bmT + kafka-tls-ca: UyskLmDZ + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: hPt + login-github-personal-access-token: vRbRqD0 + login-google-groups-service-account.json: lcc9 + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: A9RDbO6GzTtHYG + login-okta-client-secret: HktzleLAg + login-okta-directory-api-token: qX + redpanda-admin-api-password: 5imX8ztdqjU + redpanda-admin-api-tls-ca: opQQ + redpanda-admin-api-tls-cert: PGcfJC3zH + redpanda-admin-api-tls-key: IhqyTvQn4T +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + Nv: YHcp9u + RMi5: o4 + ViLr0: zrEw3 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 9mG8n4Wu4 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: AumW + namespace: default +spec: + ports: + - name: http + port: 113 + protocol: TCP + targetPort: 414 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9mG8n4Wu4 + type: XHYb2qmrk +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + GvX4jkWw: xAyNk + MdtXxfH: "" + WyrWx: 8QO + creationTimestamp: null + labels: + Nv: YHcp9u + RMi5: o4 + ViLr0: zrEw3 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 9mG8n4Wu4 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: AumW + namespace: default +spec: + replicas: 24 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9mG8n4Wu4 + strategy: + rollingUpdate: {} + type: LJėwǮ甧 + template: + metadata: + annotations: + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + jLE31lUP: LWc + creationTimestamp: null + labels: + 6W: FQvOa + YwkBSNWK: 0qqd + app.kubernetes.io/instance: console + app.kubernetes.io/name: 9mG8n4Wu4 + jP3: iNkD + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: bkwD5 + operator: B砟摫ʟ]估ȽÓĖ頒ʙǯ + - key: 4n + operator: "" + - key: DDWUTPllaee + operator: ǒ@訹Ðđɤ軗ɲǃZ袓6悔ʙ[x] + values: + - bHwxZg + - iPWF3DQz + - yhiFQZ98w6h + weight: -551427274 + - preference: + matchExpressions: + - key: kZ + operator: "" + values: + - BMfDa + - key: l + operator: unɚʀɂ7Ǩ蘕 + values: + - 1vsAjW + - lEGj0 + matchFields: + - key: EYCyU + operator: 袒雬Ǐ蔡|骐pOĆƍbʌʝl + - key: e9QdJHV + operator: Ɏ鼛鏗擌-悝Ű + values: + - DToToJ + - Gq4 + - key: M4b3wwVy + operator: 煛苅=İ哋ońɢ\Głh斳hɷ韙 + values: + - fMIoNrUiyJdi + - tcNEhOds + - N0 + weight: -906035045 + - preference: + matchExpressions: + - key: 05VafuKQo + operator: ƃèĢC篘 + values: + - McUwm + - oMXVW + matchFields: + - key: "" + operator: 9ȮLǟ3V廉\5膏ɩ袴 + values: + - t + - r8d6G + - FevHe + - key: KeJd9X4 + operator: \Y#uɆɫwĉɎ卲S + weight: -773391374 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: PiRY + operator: 週畯嘰Œ铖'ȸ0Į5k,逊 + values: + - Fo9oE + - KLfm4 + - PiZJC + - key: 6HCuuj + operator: Ȋ!ʈh牅HŹ蓓% + values: + - PU34U + - bZ12kwJ4s1 + matchFields: + - key: CCVSIZH + operator: (铴Njʦ釖Ĩ鎅ƒ獞p)唓u¸::2 + values: + - DjvLD + - key: 9gy6tFM + operator: ø + values: + - lPjPu0 + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 2oL + operator: Ì溄祤BNjɎ_ )jðZF + - key: Tl1mGP + operator: r0ȨȵeēP眼饾j + - key: 98uL + operator: "" + matchLabels: + "": H0F + IGfr: 8iR8 + pTjU: 2vy5Ol + matchLabelKeys: + - l2d3an + mismatchLabelKeys: + - gomcuJ + - UMhaBnQUuSH4 + namespaceSelector: + matchExpressions: + - key: CyYjfraf + operator: 鸫ʊűoǪĞ3 + values: + - uPW + - key: vuREiHB + operator: ^ĄçȂ挌 + matchLabels: + tlcI6jz: 87JK + namespaces: + - eUszN + topologyKey: yJ + weight: 1657692208 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 3d3mr + operator: 鿈Ė聭焚歉Ð(币帄Ⱥ + values: + - h + - key: Z5c + operator: ma琓 + values: + - i5Ae6oUo + - EWixIB + - "y" + namespaceSelector: + matchExpressions: + - key: XFYbW + operator: M~ + - key: lWHcsQ + operator: 铿X异~<ÿ缇ī*^ĩ + matchLabels: + s: l6sxM + vFiVA7j: WEOy1jtU + topologyKey: JW85dr45m2G + weight: 444678250 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: bMT + operator: ^)4ɊDZǸDŽ + values: + - CG9Onrt + - key: T + operator: ƞ傏 + values: + - bXs59oj + matchLabels: + 6BRwn: Pdm + Yy: aaoLnp + myN: rwJGrW + mismatchLabelKeys: + - "n" + - c + namespaceSelector: + matchLabels: + 5QMzPp: AP + D: "2" + u: Dca + namespaces: + - 8Af + - NYfxoYf + - R4G + topologyKey: yY + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 2uhHhqog + operator: Ȧ + values: + - YgsgGf + - key: EaR + operator: 愅YVǵ楔¢4Ʋ + values: + - xaEk + - key: NV5iPi5Kw + operator: ' 軕氡#晉Ʀ筜篧e蹶ʀSɟʂÊʕT' + values: + - BY4 + matchLabelKeys: + - 9fTYFH7s + - aK6HB6 + mismatchLabelKeys: + - 13L + namespaceSelector: + matchExpressions: + - key: 3FT + operator: Tğ枕Ōo*a種JU-ɶƠdz鱓fƑS + values: + - 4ISUCT + - po8yM2L + - T5Q0UARu + - key: RhB + operator: "" + values: + - Re7 + - 7id + - 91GFPdrt + - key: ShRTzNRj + operator: ʬ吇Ȭ?搰Ç + values: + - HiGOGJE + - wOi + - HmllR83Dbvoz + namespaces: + - "" + - TBCPW + topologyKey: 0H + weight: 1493754197 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: CESaz + operator: ŢaæX#暁鲸'媩俛5齗aw'ĥ煆W + values: + - "" + - key: YtpoWP + operator: 瀽LƠ' + values: + - uS13z + - ip0h + - o8m9MWnmr92 + matchLabels: + 7o4tt: QX9gjN + KScJOoR95: Dpu + wfAk1b: rH5Z + matchLabelKeys: + - Yh1S1nZ7hm + - Fwx + - 6mhp + mismatchLabelKeys: + - ihvyNa7 + - m8 + - Q + namespaceSelector: + matchLabels: + 2KH67NR4: Vy8qZyy + topologyKey: w0KJ + weight: 1592497187 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + 1UcAh: h + namespaceSelector: + matchExpressions: + - key: yxz + operator: ',酵ýhȿ鲹芫澥 Ǧ_Ź躄_莯ʊ傡硬M' + values: + - Fof + - key: 8KwNEN + operator: 8炮逴8`M鞵ȍȟ蟷盱 + - key: N0 + operator: Ì崌爷矉&佷* JQȴ躀厇退ƿƍ肙 + values: + - kjlwyKc + - DDz + - Yf8Vf5Ar7w7 + topologyKey: n5cRtvXjK + automountServiceAccountToken: false + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: 0iCX + value: UfKNkXj6I + valueFrom: + configMapKeyRef: + key: GGYmdb5PBtUx + name: Zl1rWu9 + optional: true + fieldRef: + apiVersion: 1pKgni + fieldPath: 8Zmv + resourceFieldRef: + containerName: nK + divisor: "0" + resource: Yizp + secretKeyRef: + key: Dxqh + name: td + optional: false + - name: bm + value: K06vl + valueFrom: + configMapKeyRef: + key: dOTjzfwtRPzX + name: YleYOzRS + optional: true + fieldRef: + apiVersion: xl + fieldPath: 6NM2 + resourceFieldRef: + containerName: jreT + divisor: "0" + resource: "" + secretKeyRef: + key: B7 + name: cu + optional: true + - name: F4Vp + value: 9q + valueFrom: + configMapKeyRef: + key: dAPalKT0 + name: UXC7S + optional: false + fieldRef: + apiVersion: bTxwQmS + fieldPath: XW + resourceFieldRef: + containerName: iqnl + divisor: "0" + resource: e9 + secretKeyRef: + key: c1WJ + name: sg2TuPSW + optional: false + - name: KAFKA_SASL_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-sasl-password + name: AumW + - name: KAFKA_PROTOBUF_GIT_BASICAUTH_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-protobuf-git-basicauth-password + name: AumW + - name: KAFKA_SASL_AWSMSKIAM_SECRETKEY + valueFrom: + secretKeyRef: + key: kafka-sasl-aws-msk-iam-secret-key + name: AumW + - name: KAFKA_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-tls-ca + - name: KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-ca + - name: KAFKA_SCHEMAREGISTRY_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_KEYFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-key + - name: KAFKA_SCHEMAREGISTRY_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-schema-registry-password + name: AumW + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: AumW + - name: LOGIN_GOOGLE_DIRECTORY_SERVICEACCOUNTFILEPATH + value: /etc/console/secrets/login-google-groups-service-account.json + - name: LOGIN_GITHUB_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-github-oauth-client-secret + name: AumW + - name: LOGIN_GITHUB_DIRECTORY_PERSONALACCESSTOKEN + valueFrom: + secretKeyRef: + key: login-github-personal-access-token + name: AumW + - name: LOGIN_OKTA_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-okta-client-secret + name: AumW + - name: LOGIN_OKTA_DIRECTORY_APITOKEN + valueFrom: + secretKeyRef: + key: login-okta-directory-api-token + name: AumW + - name: LOGIN_OIDC_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-oidc-client-secret + name: AumW + - name: REDPANDA_ADMINAPI_PASSWORD + valueFrom: + secretKeyRef: + key: redpanda-admin-api-password + name: AumW + - name: REDPANDA_ADMINAPI_TLS_CAFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-ca + - name: REDPANDA_ADMINAPI_TLS_KEYFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-key + - name: REDPANDA_ADMINAPI_TLS_CERTFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-cert + envFrom: + - configMapRef: + name: 3PT + optional: true + prefix: l + secretRef: + name: zakko + optional: false + - configMapRef: + name: RdxlkV + optional: false + prefix: 9Ae4W + secretRef: + name: UiJ + optional: true + - configMapRef: + name: bp + optional: true + prefix: SU + secretRef: + name: fy + optional: true + image: ai/f54I:iO + imagePullPolicy: ǫtŖŮƘ瓧ù¹勍u + livenessProbe: + failureThreshold: 864346345 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1341055636 + periodSeconds: 2055603833 + successThreshold: -175204389 + timeoutSeconds: -589897727 + name: console + ports: + - containerPort: 414 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1075627654 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 333726894 + periodSeconds: 1376975278 + successThreshold: 112483424 + timeoutSeconds: 669945326 + resources: + limits: + 7VHN3: "0" + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - '*·戌ɳKõʚK(懷ë蟅ȣg' + - vOpɔm&ɞ法槪ųf + drop: + - l¤0ɖK樌ŕDĪ箰ɬȓũ梫h揼 + - 躟OBZş互鹫Íʨƶ`ã + privileged: false + procMount: 9®俠ɳ屑ŏO'pe,Q+膿麣 + readOnlyRootFilesystem: false + runAsGroup: -289823929905824060 + runAsNonRoot: true + runAsUser: -4392330066259666400 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: Oly + mountPropagation: ƈįlñ + name: QuM + readOnly: true + subPath: NPJ + subPathExpr: vn + - mountPath: xsiqpcicm + mountPropagation: Ŝȃ燩čƃʤǸ儼 + name: blYv + readOnly: true + subPath: 8f + subPathExpr: I + - mountPath: "" + mountPropagation: 犒k洐ɨ3UʓďȏUm8/x艂" + name: i2 + readOnly: true + subPath: G + subPathExpr: Wo47OrA + - args: + - gfDaDhh + command: + - Eu + envFrom: + - configMapRef: + name: 9LtiYU + optional: false + prefix: dS5JDbtZJ + secretRef: + name: 3X5 + optional: false + - configMapRef: + name: vpOLCCmA + optional: true + prefix: IJpeUVYk3 + secretRef: + name: TaghAr + optional: true + image: Nw59jHFBw + imagePullPolicy: Eźz购綗映ò#ZuS絇溾^飷 + lifecycle: + postStart: + exec: + command: + - N2F2q + - XKeJn + - CfoVd + httpGet: + host: 0u3Kgf + port: PVA8u + scheme: ȧX[噦摼鎥憈ǴńƘŅ + sleep: + seconds: 9185496374723368000 + preStop: + exec: + command: + - lrWSClt + httpGet: + host: uS + path: 51Gzg9s + port: -1680102290 + scheme: 8涒齃ɠĬ諛鰅jyr塸ȷg× + sleep: + seconds: -302278202696680100 + livenessProbe: + exec: + command: + - fmu + - wJR3 + - 60zV6s4327rKb9 + failureThreshold: 2122798666 + grpc: + port: 1914605377 + service: ES + httpGet: + host: 7LAmwy8 + path: o2XAC + port: S5 + scheme: 犘ßħɚÂ剐*鬰ȇxȺ錎 + initialDelaySeconds: 343978803 + periodSeconds: -1725283583 + successThreshold: 1055506692 + terminationGracePeriodSeconds: -737021961431151200 + timeoutSeconds: 1721351711 + name: r + ports: + - containerPort: -341996687 + hostIP: zR + hostPort: -641414216 + name: AGa7X6lnw + protocol: 阧 + - containerPort: -1616018360 + hostIP: 8q + hostPort: -2060443566 + name: B + protocol: 位ŲȟHbfp餪魹| + - containerPort: -321829785 + hostIP: S + hostPort: 850049722 + protocol: ĢŔ=ɦŊ鳺醩hĂ踻鉀 + readinessProbe: + exec: + command: + - VRq0lZK + - nCUDH3Zgc + - f2h2C + failureThreshold: -444080905 + grpc: + port: -1484737838 + service: UL8hSUw + httpGet: + host: 8DDb + path: Z + port: It67aEO18 + scheme: 蹐疒Į浤 + initialDelaySeconds: -1225398553 + periodSeconds: -1497056806 + successThreshold: -1256842388 + terminationGracePeriodSeconds: -3265344141862786600 + timeoutSeconds: 1127947387 + resources: + limits: + "36": "0" + Oaiu: "0" + v: "0" + requests: + F0olO: "0" + tvGpYtd: "0" + restartPolicy: Ě卿ɫȰLZ懁 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - "" + drop: + - Ę螅7O5Ɵ駢Ó宮緂 + privileged: true + procMount: ʤ敠æx漭fƈŸʄ + readOnlyRootFilesystem: true + runAsGroup: -1779689763650766000 + runAsNonRoot: true + runAsUser: -1786517016760367000 + startupProbe: + exec: + command: + - Mcn36l + - "n" + - OMT3J + failureThreshold: 1137002720 + grpc: + port: -2106637755 + service: OYW + httpGet: + path: K + port: STUmUBT + scheme: 貪iɐ巶ɿiɲbɎ;Ŏċ2橺汲ŋ刢g + initialDelaySeconds: -648188998 + periodSeconds: -278768915 + successThreshold: 890955082 + terminationGracePeriodSeconds: 5660177701724483000 + timeoutSeconds: 959596283 + stdin: true + terminationMessagePath: h2a2mAm + terminationMessagePolicy: pjĉ + volumeDevices: + - devicePath: cZ95 + name: wLm + - devicePath: P9RW + name: PjzHR + volumeMounts: + - mountPath: b + mountPropagation: 脣Į + name: bOY + readOnly: true + subPath: mBuB + subPathExpr: 0io + - mountPath: DYp + mountPropagation: 9鹺t"Ĭij(?NB4ɖ鴼B屈桲ȋ噤ǁ + name: O + readOnly: true + subPath: EcI7mF + subPathExpr: HKfaS + - mountPath: NTgHw + mountPropagation: (ńÆ;裉嵀 + name: U6TGXB + subPath: wjpyjQ + subPathExpr: nqq + workingDir: NpjQN3dM + - args: + - m + - fmRfLPl + command: + - okKsRu + env: + - name: y8FxBu + valueFrom: + configMapKeyRef: + key: 1kdTq + name: NGzFHD + optional: false + fieldRef: + apiVersion: WDoDm + fieldPath: HTHz + resourceFieldRef: + containerName: aWk + divisor: "0" + resource: RcTwrpd4PaqW + secretKeyRef: + key: 27uDnW9fM1 + name: diwId6SMC + optional: true + - name: NZ1pEV + value: Xq7fA + valueFrom: + configMapKeyRef: + key: cYo + name: IhK1oKNNr + optional: true + fieldRef: + apiVersion: 0C + fieldPath: "" + resourceFieldRef: + containerName: OywKEud3 + divisor: "0" + resource: E4 + secretKeyRef: + key: gGTl + name: V + optional: false + envFrom: + - configMapRef: + name: fJ + optional: true + prefix: zFUU1PguE + secretRef: + name: S7Jre + optional: false + image: gbZ4mqT + imagePullPolicy: '*罖Ē掙*uĕĥ世û煨o曁ɖ)嬫噩肖Ñ' + lifecycle: + postStart: + exec: + command: + - nxKsxt + - F25ka4x + httpGet: + host: "0" + path: 9k0yMphk + port: GJdG + scheme: 婁箅蝼đ杣Ɗ°VAƭ0ĺ钘1 + sleep: + seconds: 8039264634100238000 + preStop: + exec: + command: + - NuJoJm + - gykEI + - "6" + httpGet: + host: UnkqD3SS + path: BhN + port: 712546393 + scheme: u + sleep: + seconds: 409536667065008450 + livenessProbe: + exec: {} + failureThreshold: 204373937 + grpc: + port: 1803358082 + service: VXsxSeh + httpGet: + host: Ht64jf7Eo + path: u1jjW9Qu + port: 556487018 + scheme: 熖Ű存ŖT磇ɘ外 + initialDelaySeconds: -1152834471 + periodSeconds: -1133396594 + successThreshold: -1385193405 + terminationGracePeriodSeconds: 2915006546098799000 + timeoutSeconds: -1401054296 + name: dfD716 + ports: + - containerPort: 691082006 + hostIP: b + hostPort: 636825973 + name: S5FmEWKv + protocol: g]se墰掀媸晓櫚驟憽hbƥsư° + readinessProbe: + exec: {} + failureThreshold: 152987910 + grpc: + port: 642951905 + service: q2qfom8L + httpGet: + host: GaxyfqlQ + path: Oh0t + port: -766612198 + scheme: UÂ_ + initialDelaySeconds: -1382761032 + periodSeconds: 967018272 + successThreshold: -178373997 + terminationGracePeriodSeconds: 6605400648980209000 + timeoutSeconds: -1404918452 + resources: + limits: + 7cu: "0" + 22n7v: "0" + XsU5mrE: "0" + requests: + kyXuqf: "0" + mBk4P9DWW: "0" + restartPolicy: ʓdT>NȚks_q祈 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ȸŏ脸(Yǃ¯~垇耗A) + - T翱ĥ + drop: + - 商ʏ軒Ƣ厢 + - Ⱥãt\跋þ漙苣ű吡憕鿶0傜om + privileged: false + procMount: Ŷ% + readOnlyRootFilesystem: true + runAsGroup: -1052699124096043900 + runAsNonRoot: false + runAsUser: 3737016357651072500 + startupProbe: + exec: + command: + - jefRNS + failureThreshold: -9144267 + grpc: + port: 642233169 + service: WjvgDkGG + httpGet: + host: 8hzgS0q + path: z + port: -885964296 + scheme: ɸliŵ + initialDelaySeconds: 1014078949 + periodSeconds: 1410148112 + successThreshold: 1164669668 + terminationGracePeriodSeconds: -3385668069040238000 + timeoutSeconds: -1723583731 + stdin: true + terminationMessagePath: zbCh + terminationMessagePolicy: 4攨2õė+軩Ç + tty: true + volumeDevices: + - devicePath: Nx + name: QLHA + - devicePath: 9JAgFLSdSqQ + name: "5" + volumeMounts: + - mountPath: KXG1 + mountPropagation: ȁ捄ɺ絒馢A¥`Èť + name: aghWO + readOnly: true + subPath: el7KEVsV + subPathExpr: tdksniBM + - mountPath: 5nus8 + mountPropagation: N饢杼M7X尅扐ǗÃɱNƞeuĦg儡 + name: TS4kHG + readOnly: true + subPath: i + subPathExpr: ktDaTCGG + - mountPath: CSkt9N0i + mountPropagation: 爕ɐYYȁ<獱椂@椗áʇ憣>\Ɋ筙纉Ë + name: KIKRXUR + readOnly: true + subPath: bWYTiq + subPathExpr: cgxlHqVV + workingDir: F + imagePullSecrets: + - name: bbjdn + - name: VI + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + U3Rfg9: WSTvjvP + hODw: LSv + iwleZ: fD + priorityClassName: gPB + securityContext: + fsGroup: 8205502301244812000 + fsGroupChangePolicy: "" + runAsGroup: -8440674019915816000 + runAsNonRoot: true + runAsUser: 4432310384984167400 + supplementalGroups: + - 7965846110903122000 + - -9174375158887063000 + sysctls: + - name: OkeQ + value: A + - name: 24y + value: fIPA + - name: "" + value: b3 + serviceAccountName: Jg + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: AumW + name: configs + - name: secrets + secret: + secretName: AumW + - name: HUa7xM +-- testdata/case-037.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + BJ: Gq0Rw + FPcPYvmbB7dAZe: Cy7WaeI + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: u2r6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + uEVMkDkYRvnn: zvptNai + name: ItYso + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - 2m: null + VNrY1fwY: null + eaGm2c: null + - Ng0sM: null + Txhv6: null + e2uo: null + roles.yaml: |- + roles: + - Dd: null + H0QLXtA: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + BJ: Gq0Rw + FPcPYvmbB7dAZe: Cy7WaeI + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: u2r6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + uEVMkDkYRvnn: zvptNai + name: ADIhC +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + BJ: Gq0Rw + FPcPYvmbB7dAZe: Cy7WaeI + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: u2r6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + uEVMkDkYRvnn: zvptNai + name: ADIhC + namespace: default +spec: + ports: + - name: http + port: 226 + protocol: TCP + targetPort: 87 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: u2r6 + type: At +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + "8": SeJ + creationTimestamp: null + labels: + BJ: Gq0Rw + FPcPYvmbB7dAZe: Cy7WaeI + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: u2r6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + uEVMkDkYRvnn: zvptNai + name: ADIhC +spec: + ingressClassName: PHr + rules: + - host: PXAcFs520n + http: + paths: + - backend: + service: + name: ADIhC + port: + number: 226 + path: 1uGP0 + pathType: dWpX + - backend: + service: + name: ADIhC + port: + number: 226 + path: hAH + pathType: LjzFf + - backend: + service: + name: ADIhC + port: + number: 226 + path: 7Qy + pathType: vjB + - host: z9QAJ5 + http: + paths: null + - host: "" + http: + paths: + - backend: + service: + name: ADIhC + port: + number: 226 + path: Hc0IpaX + pathType: bc0T + - backend: + service: + name: ADIhC + port: + number: 226 + path: dzn1ldJ5h + pathType: M + tls: null +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "ADIhC-test-connection" + namespace: "default" + labels: + BJ: Gq0Rw + FPcPYvmbB7dAZe: Cy7WaeI + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: u2r6 + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + uEVMkDkYRvnn: zvptNai + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: Yi + - name: 6XnEhUN + - name: oeoW + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['ADIhC:226'] + restartPolicy: Never + priorityClassName: U7wS +-- testdata/case-038.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ld + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: fP77cJ3T + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - zn: null + - WCQKaiaj: null + py: null + roles.yaml: |- + roles: + - {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ld + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: j1dUk8TGy8Np +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ld + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: j1dUk8TGy8Np + namespace: default +spec: + ports: + - name: http + port: 46 + protocol: TCP + targetPort: 43 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: ld + type: uqFB +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "j1dUk8TGy8Np-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ld + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: OlRQO + - name: Hkuk3 + - name: fP + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['j1dUk8TGy8Np:46'] + restartPolicy: Never + priorityClassName: 89gnK9rXyDXui +-- testdata/case-039.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: + PPZDrdmxKV: UBjiSx + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: o2F37Lr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 8s2qVhKEW + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - 6O4d: null + EY: null + oPTMvYGp: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: o2F37Lr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: bbshm +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + 4yhZo: zLVEslN + Amz4VM: QAvK + IPCS: b1R + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: o2F37Lr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: bbshm + namespace: default +spec: + ports: + - name: http + port: 400 + protocol: TCP + targetPort: 329 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: o2F37Lr + type: dPOD9Kzb +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: o2F37Lr + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: bbshm +spec: + ingressClassName: qyKUEOUT4u + rules: + - host: chart-example.local + http: + paths: + - backend: + service: + name: bbshm + port: + number: 400 + path: / + pathType: ImplementationSpecific + tls: + - hosts: + - F7m23 + - "7" + secretName: M +-- testdata/case-040.yaml.golden -- +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + X: zjmrl + "Y": yG0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 6sW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: KchYZFsbB3 +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + X: zjmrl + "Y": yG0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 6sW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: KchYZFsbB3 + namespace: default +spec: + ports: + - name: http + port: 424 + protocol: TCP + targetPort: 17 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6sW + type: oZi +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + X: zjmrl + "Y": yG0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 6sW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: KchYZFsbB3 + namespace: default +spec: + replicas: 291 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6sW + strategy: + rollingUpdate: {} + type: G阏发6s + template: + metadata: + annotations: + checksum/config: 6f40381c972fd418dd311a992b76c4181a57129add8096d427da1c5284bcdd8a + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 6sW + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: 7RRFnuao + operator: 鑿梞e璺瀧敢tȱ + - key: 3qz030r9N4 + operator: 脟óȨq駥Ƽx垤R$L + - key: 4egJ + operator: 敕ƒ洀ņ+Ō轲C丼Ʒij.ƾ蚯ƺ痻3皆咒 + values: + - "" + - J66saNw8 + - xBRUfDKhiA + matchFields: + - key: Kgp4qFm + operator: 桋iz<ïŃǃ襶D齿 + - key: 7F + operator: "" + values: + - iquNT + - aFPIw + - lYMJn4Un3 + weight: -954635927 + - preference: + matchExpressions: + - key: ePHgEs + operator: 撹ł + weight: -2109244754 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: gK + operator: 垭ʮȌ)"彛 + values: + - Vvo + - "" + - key: n0 + operator: 挪VɱȒ + values: + - 595ST + - sHQoTQgQ + - ZyYxnGB + matchFields: + - key: "8" + operator: 餒ơ鋦r)锟壃m汇 + values: + - H8 + - matchExpressions: + - key: nErJm + operator: Ûɟ敀淽 + values: + - sbjW + - 1l + - go + matchFields: + - key: ozzkD4D + operator: Ʌ\h崭蠒ȓ旉蹖楚_掁S5 + values: + - NrN0Id15O + - VrahPz + - YJfhO + - {} + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: qiGNj + operator: jƯȨ穞ɿPȧ + - key: HPRR + operator: ž8ƃKKDz蠽ƚ0ƻ + values: + - NAx + - Pr2F + matchLabels: + LY: ZRjD + matchLabelKeys: + - ikCO + - n25 + - IY0AqNStYm + mismatchLabelKeys: + - uO6G + - EFKfLOM0 + namespaceSelector: + matchExpressions: + - key: frBwUGG + operator: ǧ啯ʖ6džȡ衺Z莋æȘzv + values: + - 68q + - PrId4k5Nk + - 1Izg6c + - key: H5neR + operator: "" + values: + - gf2 + - "" + - key: LTEiVQV + operator: ʅďl$y韙bO儺e籾吕ŃV + values: + - LccIflVn3 + - QX + - kRZLtn + matchLabels: + lccn5: lx6 + topologyKey: AE + - labelSelector: + matchExpressions: + - key: ljGag0 + operator: "" + values: + - 3AlcF9eOiK + - key: XPoIj + operator: ĻĵN稙²x鸴ʊ + - key: "" + operator: m[ɻD«ʯĢĥɖHÃú锺N蓍!f + values: + - cwRFs + - wJtpMgyV1I + matchLabels: + 6gzmw2BW: v1eC + QI6Gl: Ckzyw0v + uRw21: 36kl + mismatchLabelKeys: + - XiX9Mrhv + - Xk2Ri + namespaceSelector: + matchExpressions: + - key: Roq9G + operator: 槓G{? + values: + - YCBJEhS + matchLabels: + 9X5C: TU1y + PG1k: 8j76iX8R + iYq9QLUSh3bk: Mvl2WRQ + namespaces: + - Pp + - z1O9mW5rB + topologyKey: U + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: pqtCgWlk + operator: eŭñZ) + values: + - 6eUrtsX + - GmGeP7 + - pBhe0 + - key: gctw + operator: L?岤紎!蠾黅誽帯÷Ʉ坏q + values: + - G + - "" + - "" + matchLabelKeys: + - IGYc + mismatchLabelKeys: + - C + - XlxD2Y5h + - Eut + namespaceSelector: + matchExpressions: + - key: QNvJq6Uc + operator: Ǔƀ閝遨垛簙UdĢ7ȍ騽¹DŽ + values: + - m4wq + - TmuqVB1 + - key: PTVC + operator: 珙'ɀɒ虃龓楼ƺ譄êǿ + values: + - w + - K + matchLabels: + GQp: tw + namespaces: + - t + topologyKey: I9Ng7D + weight: -278680619 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: IaZiqfV6 + operator: 幋x:Ȗ + values: + - XmaYG80 + - aaEScB + - DxB + matchLabels: + J3Ny9zUJ2DOTKO: eiUL0RR + lt: bqOs + matchLabelKeys: + - XYHp1S + - JKj1 + namespaceSelector: + matchLabels: + WopugltEP1J: eaGpkiS + namespaces: + - H9w9Q + - A8D + topologyKey: pvkKW + weight: 252280673 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: lSi + operator: 襚ǫAŇþ腦W[ĕ嘱ʌſœɃ槏Z岪 + matchLabels: + OzmceOBQ: F2mtk + QcoH: qt3OR6ZcjY + t5Cqg1: 1x9WW8EUyyn + matchLabelKeys: + - 0XGJ + mismatchLabelKeys: + - K6T + namespaceSelector: + matchExpressions: + - key: KoofEA + operator: ' íɀ馩Ȭɫġo娤螗暴Û漷ʦO腔' + values: + - nj + - U + - onkfJ4 + - key: 0aO + operator: Ŷű輖+¶)罩ƌ×螂 + matchLabels: + 2hf: GeFfROs4 + pA23: kqkG + rZ: DH6cT + namespaces: + - yvfsu + - L3Pu + topologyKey: BBBCjZel + weight: 392487334 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + 0hp: sd9 + mwTeR: D3HlJbmoK8 + matchLabelKeys: + - MwDkniC + - "" + mismatchLabelKeys: + - VuQB + namespaceSelector: + matchLabels: + 1x: Pj + D3J: 4gFps + bQU: weT0tI + namespaces: + - y9zrYKWApO + - rq0K3 + - 5XUeP7 + topologyKey: P7V + - labelSelector: + matchExpressions: + - key: Jv + operator: 啽ŃŐø + matchLabelKeys: + - s + namespaceSelector: + matchExpressions: + - key: Fy5Deb + operator: 旉錛!荕Ɂ! + values: + - nbiy + - "" + - 6QORDbd6zn + matchLabels: + bba0KJ: NE1j + nYif5xu0Hy9XW: 0s + qAoT: "46" + namespaces: + - 4JHyx + topologyKey: 7621t + automountServiceAccountToken: false + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: cD + value: JW + valueFrom: + configMapKeyRef: + key: "" + name: 8Ri7OfQ + optional: false + fieldRef: + apiVersion: Qc + fieldPath: 6ZYFg + resourceFieldRef: + containerName: qkUV + divisor: "0" + resource: yEf5zz13U + secretKeyRef: + key: xozuxs + name: z + optional: true + - name: "" + value: gea3 + valueFrom: + configMapKeyRef: + key: hwe3l3k2h + name: QX + optional: true + fieldRef: + apiVersion: kx + fieldPath: m7f + resourceFieldRef: + containerName: 0XEGE + divisor: "0" + resource: y4ce5 + secretKeyRef: + key: hmvX + name: 18Z + optional: true + - name: LICENSE + valueFrom: + secretKeyRef: + key: a7Ph + name: zsHNWVcS9 + envFrom: + - configMapRef: + name: DR3hdrvZIv + optional: true + prefix: kGV4HZ8 + secretRef: + name: tR3Yu1G + optional: true + - configMapRef: + name: 6pMd0VA0 + optional: true + prefix: Csp + secretRef: + name: ceqZBJ7fdqP + optional: true + image: cwfXN2KlU/qYQHJ:RIG + imagePullPolicy: -0Ź桛ɼ訚Ņ;秵ňĝ苒9麡ñà臸ʫ + livenessProbe: + failureThreshold: -1894321442 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1986051838 + periodSeconds: 541607099 + successThreshold: -1968479306 + timeoutSeconds: 1374945691 + name: console + ports: + - containerPort: 17 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 467513555 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -6410364 + periodSeconds: -623380707 + successThreshold: 1641270972 + timeoutSeconds: 1203716236 + resources: + limits: + "1": "0" + MrwIP: "0" + hgaW: "0" + requests: + 1lF: "0" + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 阊 + - DIȜO吽解诎-曅 + drop: + - 贎秨Ůɭ懾Ù盾| + privileged: true + procMount: ʪ勪įOew\Ǡ礓 + readOnlyRootFilesystem: true + runAsGroup: -6230225082797374000 + runAsNonRoot: true + runAsUser: -2569068293811685000 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: d + name: ieSo8V + subPath: "" + - args: + - jlI16Xnnb0 + - x0Z + - Tv6z + command: + - 3MnkZe0L + - OK + - cKvaGI + env: + - name: 7RtgX9 + value: TQH + valueFrom: + configMapKeyRef: + key: "" + name: GE2 + optional: false + fieldRef: + apiVersion: x2H + fieldPath: iVYVzT + resourceFieldRef: + containerName: 3QSG + divisor: "0" + resource: AgMtPE + secretKeyRef: + key: BhGA6 + name: LKemd3Cs9 + optional: false + - name: 9dFxchX + value: huoZj + valueFrom: + configMapKeyRef: + key: skdmo + name: gSEkUx + optional: true + fieldRef: + apiVersion: ymAcwLzaJ00G + fieldPath: de9Q + resourceFieldRef: + containerName: ZgwwQvA + divisor: "0" + resource: OTraA + secretKeyRef: + key: Pe8 + name: 39mCZV7ERv + optional: true + envFrom: + - configMapRef: + name: l + optional: false + prefix: kGdnbCakM + secretRef: + name: JrDM + optional: true + - configMapRef: + name: 0iH67 + optional: true + prefix: 3JVMhcII7 + secretRef: + name: PS1J + optional: true + image: Bx3IW17kjF7 + imagePullPolicy: È8秏糇 + lifecycle: + postStart: + exec: {} + httpGet: + host: EeLx + path: JC + port: 638412697 + scheme: 翔ĩñɁɬj局³喪Eů磘Ʒ唡嬤 + sleep: + seconds: -2739564842418698000 + preStop: + exec: + command: + - zjNyV + - 3i + httpGet: + host: RxhMCXQN + path: Dq + port: -821303664 + scheme: 髒xD>?ǠĆ踃w¬ + sleep: + seconds: 8925361607851383000 + livenessProbe: + exec: {} + failureThreshold: -2015695369 + grpc: + port: 102189788 + service: VG2k6Atq + httpGet: + host: 0dxm + path: Pix7SytH + port: 284583441 + scheme: 畝ǂƬƜ聞|b + initialDelaySeconds: 1150668189 + periodSeconds: 1279412097 + successThreshold: 337444728 + terminationGracePeriodSeconds: -665826210809930800 + timeoutSeconds: -802810999 + name: 1KSo0a + readinessProbe: + exec: + command: + - 3cCL4 + - en + - VN0 + failureThreshold: 448729232 + grpc: + port: -174942651 + service: paUcCUtV8A6 + httpGet: + host: tSEChhvGgDsf + path: Jrr + port: 516172996 + scheme: c{Ƭ臾斡:Ɣ?Í + initialDelaySeconds: -714126900 + periodSeconds: -88316167 + successThreshold: -1820867160 + terminationGracePeriodSeconds: 272130190949654340 + timeoutSeconds: 1803351679 + resources: + limits: + f9GQWFTKPFP: "0" + g5: "0" + requests: + 4A89zLoFG: "0" + SmOBH: "0" + restartPolicy: Ű高ǙG%7BČCaďʥyď + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - H鞕ă鶅镀秀 + - Ŏ昮0yƤɯ斺R妕Je芓BɜCĵ + privileged: false + procMount: ÿʑ鎆乭cŇ陛ǼȠn + readOnlyRootFilesystem: true + runAsGroup: 5591360478943232000 + runAsNonRoot: false + runAsUser: 6381588597473823000 + startupProbe: + exec: + command: + - rV83LKQ + - 87Vc + failureThreshold: -2022114361 + grpc: + port: 1348736621 + service: Gx8f9phR + httpGet: + host: fWnW4CGV + path: yQl0PNEE3g + port: TYi + scheme: 絅xn,ȵ6ʎ癙 + initialDelaySeconds: 205090742 + periodSeconds: -1401542741 + successThreshold: -2130268569 + terminationGracePeriodSeconds: 4104437343850793000 + timeoutSeconds: 604054255 + terminationMessagePath: ec8kHaD + terminationMessagePolicy: 甎i + tty: true + volumeDevices: + - devicePath: NFjF + name: AH + - devicePath: "" + name: u + - devicePath: 0q6A + name: nFe3FY4 + volumeMounts: + - mountPath: ad7JXhGN + mountPropagation: =廄殞+ + name: qVHWCUHp + readOnly: true + subPath: m3RBekA0 + subPathExpr: 7F0F8Ge + workingDir: LmnqIVV + - args: + - 3g94Jb + - "n" + - HxatWli7Qe + env: + - name: yKfn + value: fni0 + valueFrom: + configMapKeyRef: + key: cQjxg02ud + name: DqLUCO + optional: false + fieldRef: + apiVersion: dS + fieldPath: aH + resourceFieldRef: + containerName: BVSH2Bxu + divisor: "0" + resource: ZLW3 + secretKeyRef: + key: J + name: APYyG5qY + optional: false + - name: b4i9WEf + value: Ru + valueFrom: + configMapKeyRef: + key: mzxgZ + name: XgDd + optional: false + fieldRef: + apiVersion: U1l + fieldPath: sG2pcjz + resourceFieldRef: + containerName: Vlc1Ru + divisor: "0" + resource: hZpqB + secretKeyRef: + key: X0W3QpdAhux + name: I3L + optional: true + envFrom: + - configMapRef: + name: DJjN7Phe + optional: true + prefix: 4K2MBzNl + secretRef: + name: s4GF + optional: true + - configMapRef: + name: td0aZ + optional: true + prefix: CYvFW + secretRef: + name: WaBWGCRa8 + optional: true + - configMapRef: + name: ehHs9m + optional: false + prefix: n1x + secretRef: + name: TdUJ + optional: true + image: UNJ6E6 + imagePullPolicy: 砓³绔丬A + lifecycle: + postStart: + exec: + command: + - Qs8Sd + - JGX4Qj + - eCw00uq + httpGet: + host: NNLSd + path: y4tS + port: QzOfwe3a + scheme: º猗ĥɮƅLɘ隮术ƒ赥;,ǝ髳Ĝ7Ĭ嬳 + sleep: + seconds: 1170469124057922000 + preStop: + exec: + command: + - TN62uDLAuIx + - ndI + httpGet: + host: t7H6l2 + port: RHeYpAvJ8 + scheme: KǠɀƴ杔¸Ɉ$毕削peýfv! + sleep: + seconds: -5232306180460338000 + livenessProbe: + exec: {} + failureThreshold: -1900233123 + grpc: + port: -1323381498 + service: wJ + httpGet: + host: pAHsn3 + path: k31zW1 + port: 2elbrK + scheme: 痯秿丌 + initialDelaySeconds: 537756270 + periodSeconds: 1139432456 + successThreshold: -289377675 + terminationGracePeriodSeconds: -709025030374540900 + timeoutSeconds: 254134433 + name: zWs + readinessProbe: + exec: + command: + - x093a + - v1 + - Ef + failureThreshold: 75768089 + grpc: + port: -237977747 + service: "y" + httpGet: + host: EBEth + path: C + port: 790399211 + scheme: ær堹mhʢ + initialDelaySeconds: -157687184 + periodSeconds: 1071897332 + successThreshold: 824432298 + terminationGracePeriodSeconds: -54575953702939670 + timeoutSeconds: -1190752843 + resizePolicy: + - resourceName: R9fM + restartPolicy: ?ʖȒƅƀ逎v鐰wģ籫 + - resourceName: 7C + restartPolicy: óʌF鿯薸k} + - resourceName: Bqy + restartPolicy: E吻X秤} + resources: + limits: + UMJnobyO: "0" + qJmAwr: "0" + requests: + ZktW7e51vRUG: "0" + restartPolicy: '>ŀ鎙莸鼔茷蝼薼Ƽƅ°3貦罌臣洴軟處姼' + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - 儜vƝ¾ + - 輝Ġ$琑+檂 + - 飂 + privileged: false + procMount: ɓĎʙʗG0瑑娄K坢Ö&Ù + readOnlyRootFilesystem: true + runAsGroup: 2234167178876811300 + runAsNonRoot: true + runAsUser: -1191472066985646800 + startupProbe: + exec: + command: + - KGi9U + - D6 + - HZ3aC1 + failureThreshold: -2057203764 + grpc: + port: -1203229903 + service: Xd + httpGet: + host: tTW + path: oWk + port: -1347841801 + scheme: 檸`sȝBULj懄 + initialDelaySeconds: 1386184157 + periodSeconds: 2110004457 + successThreshold: -692279219 + terminationGracePeriodSeconds: -7060466210747559000 + timeoutSeconds: -905577521 + terminationMessagePath: g + terminationMessagePolicy: 頨Ĥ° òȯǤū暓坐ƚă杋鍄 + volumeMounts: + - mountPath: FmQht + mountPropagation: 饌^ǩ朳ųW磀ĥAijƨ+= + name: j5 + subPath: aoEWb7k + subPathExpr: 0ra + workingDir: zmwmt + - command: + - oFEaN2U1 + - HuBj9vk17eCjI + - "" + env: + - name: n3JVvVY + value: U14PEXs + valueFrom: + configMapKeyRef: + key: Ai0Xg3owIe7XlG + name: U4 + optional: false + fieldRef: + apiVersion: ZyO4Jpwkp2hV + fieldPath: roNil + resourceFieldRef: + containerName: gx + divisor: "0" + resource: Z + secretKeyRef: + key: AcP + name: qMy + optional: false + - name: oSWakHA + value: eR + valueFrom: + configMapKeyRef: + key: qsSVOr + name: o + optional: false + fieldRef: + apiVersion: SeP3aPXfjLIcfE + fieldPath: 091i + resourceFieldRef: + containerName: T5hI + divisor: "0" + resource: KxGi43CVGe + secretKeyRef: + key: "" + name: 5uI + optional: true + envFrom: + - configMapRef: + name: MujT + optional: false + prefix: cVRH + secretRef: + name: mpF + optional: true + - configMapRef: + name: MeO3F + optional: false + prefix: w3C4 + secretRef: + name: hnYx + optional: false + - configMapRef: + name: NT5MFmC65 + optional: true + prefix: "7" + secretRef: + name: yl2ze1 + optional: false + image: A8o + imagePullPolicy: ?晐T鴭Xp + lifecycle: + postStart: + exec: + command: + - zaLOG2 + httpGet: + host: kA51kbv + path: LMnFclIJczBo + port: 402299955 + scheme: :踖坯(Iȷ碨劅 + sleep: + seconds: 245674034851902980 + preStop: + exec: + command: + - Tz87qO + httpGet: + host: Xr6sP + path: xxE + port: 1901089000 + scheme: 3媧ş>La芸`Lzuŀɽ坤¦.痻Jǻ + sleep: + seconds: 6906639179439192000 + livenessProbe: + exec: + command: + - yxk0313sz + failureThreshold: 385001414 + grpc: + port: 1589713469 + service: UA + httpGet: + host: ZWfT + path: vTNYug5RZh + port: -192111662 + scheme: e¢dYÜdz + initialDelaySeconds: 1708942834 + periodSeconds: 1356452566 + successThreshold: 1750780088 + terminationGracePeriodSeconds: -1272770054640189000 + timeoutSeconds: 1656218869 + name: FxzTg + ports: + - containerPort: 63673829 + hostIP: 4xjED0VKV0G + hostPort: 2007665826 + name: xbwJ + protocol: ¼vb皪螯ʉwʒR玔È覦劙 + readinessProbe: + exec: + command: + - 0S + - "" + - GkPj + failureThreshold: 1405674719 + grpc: + port: -1659132742 + service: gIFP + httpGet: + host: jYnI3ins7 + path: bIEaFAc1 + port: UHfz + scheme: ʼn + initialDelaySeconds: 1531278754 + periodSeconds: -238235402 + successThreshold: -1690388514 + terminationGracePeriodSeconds: -2788228502880198700 + timeoutSeconds: -567709755 + resizePolicy: + - resourceName: nxpzTS + restartPolicy: ƫŀMs+,ǼƞȒ + - resourceName: 61uCVQ1 + restartPolicy: /澰ɍ½鑀a帷[鞺鏨攬姟壃F$R犬 + resources: + requests: + YfM: "0" + restartPolicy: œ|F彟S崘Ȑ貸1Ũȷ+齳 + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - 鸎dĉç荧 + privileged: true + procMount: "" + readOnlyRootFilesystem: false + runAsGroup: 5795239965908151000 + runAsNonRoot: true + runAsUser: 2409160731771391000 + startupProbe: + exec: + command: + - D6j2Q + failureThreshold: 975103738 + grpc: + port: -2081980063 + service: Nh + httpGet: + host: vdLm3FUXIs + path: jqCqF + port: "" + scheme: Ű"ƆĩNÙ襔冠ʈ + initialDelaySeconds: 524220215 + periodSeconds: 923596095 + successThreshold: 547119693 + terminationGracePeriodSeconds: 7382309226647739000 + timeoutSeconds: -1902082444 + terminationMessagePath: 2i5 + terminationMessagePolicy: 踑ĆĦ荷ýA/ǎ桫 + tty: true + volumeDevices: + - devicePath: KlUUX + name: NWO + - devicePath: W1JLM + name: qNw + - devicePath: BVE + name: c + volumeMounts: + - mountPath: yCztpht + mountPropagation: 巧苄;钽肇謌ʭɿw刄wɰM迵. + name: Mv9 + subPath: RWmlw + subPathExpr: Oy + - mountPath: Gf + mountPropagation: ɩ + name: On78O + readOnly: true + subPath: s7p + subPathExpr: 57aJIvpEm + - mountPath: m + mountPropagation: 崌蠿Ƣ湺 + name: CXSu + subPath: F8oe + subPathExpr: S + imagePullSecrets: + - name: V1 + - name: AyLzRkaGE + - name: 3pZ8 + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + y63G: wNiNvOMv + priorityClassName: 3A + securityContext: + fsGroup: 2302511509023017200 + fsGroupChangePolicy: 闦ñ禢`J鉤 + runAsGroup: -2347956389924857000 + runAsNonRoot: true + runAsUser: 1720952380350228700 + supplementalGroups: + - -621944387099711200 + sysctls: + - name: CvGz + value: "" + - name: dO + value: qwZyE + serviceAccountName: Cj + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchExpressions: + - key: pPoL + operator: ǭȉćŴ讶Y + values: + - "69" + - UC9 + - "7" + - key: 6toZoG + operator: Ġ+kʫȸ颷ʅÓ欽V譵; + values: + - go8adRXrn + - key: S + operator: ĕȻ*Gɝ靿暛_洳瑼Ĩ + matchLabelKeys: + - "" + - V7xIs1 + - eqq + maxSkew: 983843814 + minDomains: 854272231 + nodeAffinityPolicy: '>S篐ö抏茄(6' + nodeTaintsPolicy: e3äTȦ硷B捕萑Ǵ吷Ǿ邂Ǝièø + topologyKey: NoEcMWkg + whenUnsatisfiable: 幗鞲&渶Ÿɪ`鹵N + volumes: + - configMap: + name: KchYZFsbB3 + name: configs + - name: ieSo8V + secret: + defaultMode: 83 + secretName: mD0jl + - name: iPeR + - name: ZgdCb2kUB +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "KchYZFsbB3-test-connection" + namespace: "default" + labels: + X: zjmrl + "Y": yG0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 6sW + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: V1 + - name: AyLzRkaGE + - name: 3pZ8 + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['KchYZFsbB3:424'] + restartPolicy: Never + priorityClassName: 3A +-- testdata/case-041.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: + 5DCBJ96u: 12Himnm + ZQrRxpb: Aa + abcRNo3AHIw: gH1 + creationTimestamp: null + labels: + T1: pMf7C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: x + app.kubernetes.io/version: v2.7.0 + cxAL7zvwvb: tmEjSXwTK6 + helm.sh/chart: console-0.7.29 + name: 0Z71mJNQUx + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + T1: pMf7C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: x + app.kubernetes.io/version: v2.7.0 + cxAL7zvwvb: tmEjSXwTK6 + helm.sh/chart: console-0.7.29 + name: Wq +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: 4uTKbvRNSh + kafka-sasl-aws-msk-iam-secret-key: tfc + kafka-sasl-password: NAMo + kafka-schema-registry-password: 5LUUey + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: i + kafka-tls-ca: Fydyp8 + kafka-tls-cert: R4y + kafka-tls-key: "" + login-github-oauth-client-secret: Y0 + login-github-personal-access-token: xyn + login-google-groups-service-account.json: zFJbYJ + login-google-oauth-client-secret: CsVVc6 + login-jwt-secret: SECRETKEY + login-oidc-client-secret: dsx + login-okta-client-secret: wr9eIA + login-okta-directory-api-token: Dy + redpanda-admin-api-password: O7kPq + redpanda-admin-api-tls-ca: 7ORz + redpanda-admin-api-tls-cert: IT + redpanda-admin-api-tls-key: KR25cT +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - EQY9390E: null + WXyS: null + roles.yaml: |- + roles: + - {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + T1: pMf7C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: x + app.kubernetes.io/version: v2.7.0 + cxAL7zvwvb: tmEjSXwTK6 + helm.sh/chart: console-0.7.29 + name: Wq +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + Sxsz0HWh: z9cj + creationTimestamp: null + labels: + T1: pMf7C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: x + app.kubernetes.io/version: v2.7.0 + cxAL7zvwvb: tmEjSXwTK6 + helm.sh/chart: console-0.7.29 + name: Wq + namespace: default +spec: + ports: + - name: http + port: 359 + protocol: TCP + targetPort: 363 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: x + type: tJUW +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + I4K: K1yz + creationTimestamp: null + labels: + T1: pMf7C + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: x + app.kubernetes.io/version: v2.7.0 + cxAL7zvwvb: tmEjSXwTK6 + helm.sh/chart: console-0.7.29 + name: Wq + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: x + strategy: + rollingUpdate: {} + type: 稫启玩ɡʂ56 龪o + template: + metadata: + annotations: + checksum/config: 2e1f5f5401bac9a6ca8b2205a50f20ebc4a08fcafa78467ca458eb9e8411b634 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: x + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: gRchHJ + operator: g>騿b鈐ʃB¾偡医選ȍ恋 + values: + - I + - Ei + - "" + - key: hyf + operator: 斒ʃǜƆƲ + values: + - QUyyD + - key: Bkmx + operator: ư酰姺醪芄堑 + weight: 751548356 + - preference: + matchExpressions: + - key: oLam + operator: 蟹 + values: + - ouUaVpYnKDUI + - key: vjw6GPYYTKt + operator: 竣iN¸嚿×ɮib + values: + - ZTaqp + - key: d8VuBX6qV + operator: 脼Ȩ + values: + - a8aOe1 + matchFields: + - key: twbeCR + operator: óçøG靼Ɏȸ­乷ɍ + values: + - fJAm6rm + - 2h8IU + - zE9 + weight: 291395585 + - preference: + matchExpressions: + - key: qC6uf99en + operator: 鼢犖龆醑IÐ肣ɚòĺIGʖƟ穿ź' + readOnlyRootFilesystem: true + runAsGroup: -6867300864246943000 + runAsNonRoot: true + runAsUser: 972586500223089800 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: ctE5Qa + name: gcTdF + subPath: "" + - mountPath: n8KpOJZ + name: "4" + subPath: "" + - mountPath: 3Ka7 + name: lBE0nAE + subPath: "" + - mountPath: cIK + mountPropagation: 爂 YLƝ«煘?沀#朚ń鮾+ğÔ + name: orwvhF0 + subPath: ivP1ha4I + subPathExpr: VPCFJYVRHf + - mountPath: s + mountPropagation: m椥扶ȟqÈ倕{峙刷} + name: O35 + subPath: AN + subPathExpr: vm7 + - mountPath: 7P72D19W + mountPropagation: 堂窜B,Ś贃腔Ʈ£顽ąfYR + name: 6Z + readOnly: true + subPath: d7MJ + subPathExpr: LF + - args: + - M5GoLEac + command: + - "" + env: + - name: xn + value: gHloqKCZA0M + valueFrom: + configMapKeyRef: + key: 9EasdvqH1 + name: 3Jm5qlVRdb + optional: false + fieldRef: + apiVersion: IEuh0S + fieldPath: yGW + resourceFieldRef: + containerName: 6ytjPS + divisor: "0" + resource: Z + secretKeyRef: + key: a1KfCCp1 + name: OspUW + optional: false + - name: 1jMB + value: gsvW9h + valueFrom: + configMapKeyRef: + key: lEB1Z + name: sB + optional: true + fieldRef: + fieldPath: zsUJ + resourceFieldRef: + containerName: 11SE1A + divisor: "0" + resource: OFZYobDs5 + secretKeyRef: + key: wwZ + name: 0z + optional: false + envFrom: + - configMapRef: + name: AuPTaMX7 + optional: true + prefix: YNB9WA + secretRef: + name: QyV6 + optional: true + - configMapRef: + name: N5izN44MJ + optional: true + prefix: 103jYU2pj + secretRef: + name: IsJ + optional: true + image: f + imagePullPolicy: ']L7掻钏ĚxǢRʃd×?ŠɓT{' + lifecycle: + postStart: + exec: + command: + - 1Kv + - F2E + - uX1vDFV + httpGet: + host: XQ5sY + path: 5X8E + port: ZEAsx0C5i + scheme: 巇L嶤n蔢ȥ.&h喵趶旃 + sleep: + seconds: 3646722142291548000 + preStop: + exec: + command: + - "98" + httpGet: + host: MWUlhjhJA + path: JM3LkEQY + port: I4x4q + scheme: ʄȀ%ʎ兒餐oc-c + sleep: + seconds: 2358122019278204000 + livenessProbe: + exec: + command: + - dyqr + - 79j + - 6N2YiU + failureThreshold: 1763651267 + grpc: + port: 1387074657 + service: m + httpGet: + host: G + path: 9kp6wlF5 + port: 5zuLtPI + scheme: d輢殣ſē诧Wɹ讏 + initialDelaySeconds: -1520109712 + periodSeconds: -1170771093 + successThreshold: -1383663641 + terminationGracePeriodSeconds: -1296467687071372800 + timeoutSeconds: 1017261975 + name: xf5VXbM9DX + ports: + - containerPort: -1245943187 + hostIP: iVo + hostPort: -1606480480 + protocol: à唿Ň癫俤健ǛƵ虰響 + - containerPort: 1088776251 + hostIP: mN + hostPort: 2006200810 + name: izfW + protocol: 蠣狓j霎緦(Lǫ[ + readinessProbe: + exec: + command: + - w + - ZZzn + failureThreshold: -841549142 + grpc: + port: -1318693763 + service: z3 + httpGet: + host: DK8AT0w + path: TQEPNMTrmL26 + port: -1446467943 + scheme: ś檊:& + initialDelaySeconds: -768827532 + periodSeconds: -2057604270 + successThreshold: -1558550931 + terminationGracePeriodSeconds: 6890017506404353000 + timeoutSeconds: -1558365951 + resizePolicy: + - resourceName: BhJ20rFM28sOexT + restartPolicy: 槟"äÅ緦Xjê荀谆 + resources: + limits: + 3yphxx: "0" + requests: + "71": "0" + qj1cwc9x: "0" + xIH2: "0" + restartPolicy: 兜藄墲皀 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 翇ƒ\Ý琂麌褶犗錀Ć姉溬[I珵巖â迍Õ + - ȖnS¦ºǀʼndz&ü1 + privileged: false + procMount: ǻ\頧ADȜ[ʋɺɗ鬌ʢ栵鏆W剨 + readOnlyRootFilesystem: true + runAsGroup: -8217745538717204000 + runAsNonRoot: false + runAsUser: 8409092840666673000 + startupProbe: + exec: {} + failureThreshold: 514371514 + grpc: + port: 1386630692 + service: 5k9JljF + httpGet: + host: Yxa + path: KKzxL + port: 1749552838 + scheme: ǁ1钥`岺ȱ$ + initialDelaySeconds: 198009978 + periodSeconds: 1269387330 + successThreshold: 150401625 + terminationGracePeriodSeconds: 756942197968954200 + timeoutSeconds: -1507606503 + stdin: true + stdinOnce: true + terminationMessagePath: Yuuqhx + tty: true + workingDir: cNvZ0 + - args: + - EBJwKsy + - 88iT6Xcn + - XcT28aSWj + command: + - KYgqdbR + envFrom: + - configMapRef: + name: N30BWF9jx + optional: true + prefix: b + secretRef: + name: g + optional: true + - configMapRef: + name: vkY + optional: false + prefix: gn67ft + secretRef: + name: 9bmgS + optional: true + image: mhs + imagePullPolicy: agŒJ!Ǽƴ硴ĘBjp¸ǟ鏔ȫv + lifecycle: + postStart: + exec: {} + httpGet: + host: k1oZic + port: kWma + scheme: /A縊$/Ðl脿ʅK\Yû¡DȜ + sleep: + seconds: 4880710696024837000 + preStop: + exec: + command: + - mE1S + httpGet: + host: wmLvZ + path: P8Lw + port: 2130804875 + scheme: Aɷĝ/éȏ圳%)n帣 + sleep: + seconds: 5681554568621785000 + livenessProbe: + exec: + command: + - g + - 1tbHYej2 + failureThreshold: 721918154 + grpc: + port: 977234381 + service: K8 + httpGet: + host: o1a + path: EL + port: 606530945 + scheme: ɬ憋} + initialDelaySeconds: 527377871 + periodSeconds: 1831783866 + successThreshold: -925249104 + terminationGracePeriodSeconds: -5462814855858063000 + timeoutSeconds: 1067001478 + name: Cyr + ports: + - containerPort: -1582092218 + hostIP: HefrxT + hostPort: -1694778841 + name: "5" + protocol: 5訙奆Ņ蘹Ǭ馲ǧõsg + - containerPort: -1709296974 + hostIP: S + hostPort: -12435236 + name: RQIJVqVp + protocol: ı+=Ŷ\褭昊 + readinessProbe: + exec: + command: + - LxHQI2 + failureThreshold: -1670032382 + grpc: + port: 2038020216 + service: uS1pHYQuE + httpGet: + host: dFCk9 + path: 2YYVJoTxFI + port: 1533020718 + scheme: 侅弴噉讀ŲĨ趚ʉB + initialDelaySeconds: 753694711 + periodSeconds: -620933924 + successThreshold: 1935472803 + terminationGracePeriodSeconds: -1414957386950590200 + timeoutSeconds: 1810571120 + resources: + limits: + SwVZL: "0" + m6OD8E: "0" + requests: + bZQK: "0" + h9G0: "0" + hCGxGGtFgSx: "0" + restartPolicy: 毄鶏疡ɍʛ啔l鹯ą9掇悋ƦjþË + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - '*6珛åǪ' + drop: + - qć纣cȈʊ«Ȯ¤u俳糐郭ȉHT5į軌 + - ³R语 + privileged: false + procMount: GɛFȖ黸ȋȤá峠缂蛞·NN + readOnlyRootFilesystem: true + runAsGroup: 2219217566755129900 + runAsNonRoot: false + runAsUser: -6958635490019934000 + startupProbe: + exec: + command: + - VqKEGlA + - h1eQQmyq + failureThreshold: 1344510971 + grpc: + port: 1296412500 + service: 0FZIq + httpGet: + host: Gk + path: J1ncBCi + port: yqdEt689 + scheme: Ƹ陳ƨj>喐蠿鯌ʛB契p + initialDelaySeconds: -879591831 + periodSeconds: 1110714898 + successThreshold: -1301180826 + terminationGracePeriodSeconds: 3872467306429463000 + timeoutSeconds: 674947774 + terminationMessagePath: bm28lY3K2pwh + terminationMessagePolicy: Ȇƍ@¦Ț'±0ž + tty: true + volumeDevices: + - devicePath: o8dr + name: XmhFb + workingDir: 5wQN + - args: + - o0cO9clz7 + - HMSb + - 6uV0c + env: + - name: M3V9WePpx + value: ysO25 + valueFrom: + configMapKeyRef: + key: UqaJg4r + name: RfxtXP + optional: true + fieldRef: + apiVersion: lwe4YmNPx + fieldPath: tQj57vj + resourceFieldRef: + containerName: ZQ + divisor: "0" + resource: T + secretKeyRef: + key: x + name: ny4NEtt3z + optional: false + - name: cc2 + value: L0hw + valueFrom: + configMapKeyRef: + key: 385Ue36 + name: mmjoQw + optional: false + fieldRef: + apiVersion: 6oECJJ + fieldPath: viT + resourceFieldRef: + containerName: gwdJxK + divisor: "0" + resource: ck7 + secretKeyRef: + key: UuNsYAQvXJ0 + name: 1NAqDCU3 + optional: true + envFrom: + - configMapRef: + name: ZFk + optional: true + prefix: bXa4IzYR + secretRef: + name: aAJU + optional: false + image: JPgUP + imagePullPolicy: Q ¶ + lifecycle: + postStart: + exec: + command: + - r1uMNf + - M + - 8G + httpGet: + host: cuhhh + path: lXMriYoe + port: -988033465 + scheme: ',轄kzĒfť' + sleep: + seconds: -8820103652541682000 + preStop: + exec: + command: + - bElmX + httpGet: + host: bCNS + path: A0F + port: "" + scheme: 砘ɁA甜猷14ʣ)ǨƿŊ\ + sleep: + seconds: 821413986956195800 + livenessProbe: + exec: + command: + - M9y + - ay + - sRaY + failureThreshold: 600887441 + grpc: + port: 1597779369 + service: ua8K + httpGet: + host: 0XuF + path: V3 + port: -703127215 + scheme: 舷$趺É螳P阁]嚂驶钋琦袳$ƸO侎 + initialDelaySeconds: -1230549565 + periodSeconds: -335663932 + successThreshold: -1184112514 + terminationGracePeriodSeconds: 9077275487127833000 + timeoutSeconds: 1992088322 + name: pz + readinessProbe: + exec: + command: + - lVaA + - E9DNIWT7reP + - NW1Cc5O2 + failureThreshold: 1119300491 + grpc: + port: 2061347792 + service: fUXdOYJ9On + httpGet: + host: "0" + path: Us3pM3OkquAEW2 + port: -1693856749 + scheme: 鞡|鬟扝}肾~ + initialDelaySeconds: 1307857751 + periodSeconds: 1903760018 + successThreshold: 612917619 + terminationGracePeriodSeconds: -4296518247806248400 + timeoutSeconds: 1025631498 + resizePolicy: + - resourceName: "8" + restartPolicy: ȯy髚ʦ=ǰɮ瓿b:劀ǴáiO3IĮ + - resourceName: 8mFXK1FTs + restartPolicy: ėv|冿瀱Ƥ鐻D[ƼŮ/ + resources: + limits: + TVwPaoBqGL: "0" + juxQS6V3mr: "0" + requests: + igiG: "0" + restartPolicy: 皷ƴȿOvJ郦'欝 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ǐ缠]館ʚƾó|őɤ + - 6 銨dN_ZɻǦ絛顆麓 + - u鹍u鼓练gʘɍK]痰痁鶄Ȼ咶嚅俊ǙǕ + drop: + - 沎闸埲dz + privileged: false + procMount: "" + readOnlyRootFilesystem: false + runAsGroup: -265773045457612130 + runAsNonRoot: true + runAsUser: -6489119899323829000 + startupProbe: + exec: + command: + - 95NULc + - cCLaGfz + failureThreshold: -414102461 + grpc: + port: 339886942 + service: 7hdbpU + httpGet: + host: bN6EBrngIW + path: Luv09 + port: plsGDEJ + scheme: ʔ垃桪抴痺MM温ǹ + initialDelaySeconds: 2135898388 + periodSeconds: 1107416140 + successThreshold: -648919802 + terminationGracePeriodSeconds: 4653203112295128000 + timeoutSeconds: 1294917615 + terminationMessagePath: C + terminationMessagePolicy: 擎:Ȓ + volumeDevices: + - devicePath: TGjb8dLs + name: QN5Dj50Kuoc + - devicePath: aRIfAur + name: wQ47Fq7W3WPNDG + - devicePath: 2Smu + name: 1Q3d5wRJf6 + volumeMounts: + - mountPath: 5Trbk9 + mountPropagation: 秮驇穁 + name: YvM + readOnly: true + subPath: pFKsUV + subPathExpr: mhIjzA + - mountPath: F3lqb + mountPropagation: 窆f + name: NJXDvoxv + subPath: zVGgP + subPathExpr: H + workingDir: IEObw8N + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + JDRn7n: tOGfx + lKq0V88a: uR3S + vXzm2Hny: tURxvlp + priorityClassName: 6ZbHC + securityContext: + fsGroup: 3426922926776119300 + fsGroupChangePolicy: 橣 + runAsGroup: 8316915980597683000 + runAsNonRoot: false + runAsUser: 6270039107728701000 + supplementalGroups: + - -2399342924686736400 + - 620655430084388100 + serviceAccountName: gIkiPRSc53Eb4w + tolerations: + - effect: ć`湇Ȏ2篤螕巴蛬>@ø£鞌q + key: E7p + operator: 畁鼄瓈貔Ĕ釲ĸȚ貺|ǴĄl蔺İɽ糹 + tolerationSeconds: 3092681449541781000 + value: Zmrz8 + topologySpreadConstraints: [] + volumes: + - configMap: + name: eHZ + name: configs + - name: gcTdF + secret: + defaultMode: 210 + secretName: MPU + - name: "4" + secret: + defaultMode: 186 + secretName: s6 + - name: lBE0nAE + secret: + defaultMode: 412 + secretName: RG + - name: "4" + - name: Kry +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + "": vWjW + G: qF + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 84QIe + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: eHZ +spec: + maxReplicas: 165 + metrics: + - resource: + name: cpu + target: + averageUtilization: 42 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 454 + type: Utilization + type: Resource + minReplicas: 187 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: eHZ +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "eHZ-test-connection" + namespace: "default" + labels: + "": vWjW + G: qF + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 84QIe + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['eHZ:190'] + restartPolicy: Never + priorityClassName: 6ZbHC +-- testdata/case-043.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: Gma + namespace: default +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: y0pa6pm83 + namespace: default +spec: + ports: + - name: http + port: 11 + protocol: TCP + targetPort: 465 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: 9TsjJQkJZ +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + GOF: Fk7wcu + J2: ViiBwn6 + WODaheluZ: jCoFdBnr + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: y0pa6pm83 +spec: + ingressClassName: 4Z1r6JSTY + rules: + - host: chart-example.local + http: + paths: + - backend: + service: + name: y0pa6pm83 + port: + number: 11 + path: / + pathType: ImplementationSpecific + tls: + - hosts: + - hAi45 + - N3wGXf + - 2Og0 + secretName: 11BdzGx + - hosts: + - MPqkMom + - mBwetJrK + - PcEKgK + secretName: HtA + - hosts: null + secretName: jRYKg +-- testdata/case-044.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + BvJq2xZ: jY6O0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tvDI + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: W9k + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - UiHg9: null + - "": null + mAYLjAybA: null + roles.yaml: |- + roles: + - 0NpG04j: null + UxtPt: null + l5dMdK: null + - J9: null + MzWfEl: null + yNu: null + - "": null + Pv: null + tGJIDyXG: null +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + BvJq2xZ: jY6O0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tvDI + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: resP +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + CRHNsVY: Nl04 + creationTimestamp: null + labels: + BvJq2xZ: jY6O0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tvDI + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: resP + namespace: default +spec: + ports: + - name: http + port: 103 + protocol: TCP + targetPort: 329 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: tvDI + type: "" +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + 4i: zwiMMKf + ZTKUDg2t: qHc7 + fGsx: dIpd + creationTimestamp: null + labels: + BvJq2xZ: jY6O0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tvDI + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: resP + namespace: default +spec: + replicas: 410 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: tvDI + strategy: + rollingUpdate: {} + type: ɬdW5f + template: + metadata: + annotations: + N0F: vSjZxkjW + checksum/config: 8ebe1d816245b967e7ea3109d93ad79599a2b8a33eed8e72fc85166d6ffa7aaf + creationTimestamp: null + labels: + K1uahi: UMygEU2O2 + app.kubernetes.io/instance: console + app.kubernetes.io/name: tvDI + ecdKkB: "1" + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: AFOKvXU + operator: ¸藬 + values: + - vIFxLM + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + ZpWVx: agTJ2kP3DWNYN + matchLabelKeys: + - "4" + mismatchLabelKeys: + - 0qG + namespaceSelector: + matchExpressions: + - key: D8 + operator: d|ɬ曖 + values: + - p3iQYi6Y + - key: c + operator: ǵmV逛鲳鈐譮稹ÚȾČXú + values: + - a + - 3C55L6S7 + - SQaxr + matchLabels: + "5": jC + namespaces: + - oDKjy + - "" + topologyKey: C9jgFk + weight: 1276231314 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: lGp2 + operator: "" + matchLabels: + "": sKP1q2 + 44krG: UrYUSMsisV + unYZqLh67: tMKQ + matchLabelKeys: + - orDt3ZdEA + - LIBJK3 + mismatchLabelKeys: + - bgz2i + - CNqlQJ + namespaceSelector: + matchExpressions: + - key: 35CZTXLY + operator: 掟0笝润ɲDGĪ1Ɋ乧鴹ǥ + values: + - OOB1s + - o4H + - key: f21 + operator: nȿqh + namespaces: + - L0w7 + - DB9 + - T1mom4CrS + topologyKey: OWKJz + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: WaOHp + operator: Ƥ熅ǒe²敹Ņ0ľ(Ȯɩ6ÿ + - key: 0X + operator: be3蚛鷿_鴈y+圚ʀF虹D + values: + - ZIZDTnyfwD + - B4NWO9ffPz + - 1jsu + matchLabelKeys: + - mXhYg + mismatchLabelKeys: + - mp6 + namespaceSelector: + matchExpressions: + - key: xE + operator: ʩ畕 + values: + - uc7IZ + - Hxl1 + - key: Xb41Q + operator: cʓʁ卡嵷韻 + values: + - pA + namespaces: + - edcrY + topologyKey: sP2BdI + - labelSelector: + matchExpressions: + - key: U0 + operator: 卢ʩ + values: + - OBtefl + - yMIZlx + - key: X + operator: Ǔ%é鵔:ß侙鞅 + values: + - s1qg3meB + - e6J6ZH89 + - key: dhFO + operator: ƋŎ頖,é襺枣Ť卩骏ɰ抟篧JɂǛȝȵ + values: + - R9sJoCz + matchLabels: + 2T: 84ZhksfB + matchLabelKeys: + - Yc41 + mismatchLabelKeys: + - zgncb + - pCwXYOK + - hViR + namespaceSelector: + matchExpressions: + - key: 3hWtuB6Y + operator: ʪ+ʜǻ拎奜跁ª4鶒鲒[ʒJi\ʝ)皡 + values: + - s + - key: xGSn + operator: 羥/Br=Z擧Ŀ泀Ą舨cïŕɘʡȽIJ鉽 + values: + - lOZtQ2cI + - Vk6 + - Ri3t + - key: Z6UDhR9VLqSA + operator: 淸c欨pɝo腛ı廓齩鄬檏繑郭>Ö呡 + values: + - s6hp + topologyKey: wZZTf + - labelSelector: {} + matchLabelKeys: + - afDo + mismatchLabelKeys: + - S + namespaceSelector: + matchExpressions: + - key: AWObA + operator: ĝf表OS厅啬児0~L槩华L稙訐\Tȼ + values: + - M39 + matchLabels: + 0D9: u5 + T1: xiLiZn + v6: nSQp5 + topologyKey: mr + automountServiceAccountToken: false + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: Ahlf + value: UEv + valueFrom: + configMapKeyRef: + key: uwaRvb + name: M8Iklu7qx + optional: true + fieldRef: + apiVersion: H + fieldPath: 43xb + resourceFieldRef: + containerName: t8wgC87mO + divisor: "0" + resource: Z + secretKeyRef: + key: "" + name: EQfJ3z7tv + optional: false + - name: xj + value: lwmxmxP + valueFrom: + configMapKeyRef: + key: "" + name: cdBhO + optional: true + fieldRef: + apiVersion: U + fieldPath: Dj1sswKP + resourceFieldRef: + containerName: 1p3yUdrvd + divisor: "0" + resource: 5A + secretKeyRef: + key: DDcgdcu + name: oD38 + optional: true + - name: LICENSE + valueFrom: + secretKeyRef: + key: x8ik3q + name: K7c7oe + envFrom: + - configMapRef: + name: 2ECaB + optional: true + prefix: bao + secretRef: + name: CA5S95 + optional: false + image: UqWwteW0x/TZqk:0fpMB + imagePullPolicy: 讘ɂȴɩF壜î栒p + livenessProbe: + failureThreshold: 1147871047 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -470682176 + periodSeconds: 842863336 + successThreshold: 2078067842 + timeoutSeconds: 1252398573 + name: console + ports: + - containerPort: 329 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1026367217 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -233395254 + periodSeconds: -96619339 + successThreshold: -2083481091 + timeoutSeconds: 1827269276 + resources: + limits: + eYVLCq: "0" + requests: + P: "0" + VsuQcjg: "0" + jwq: "0" + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ɐ毻sǨ斩麀|髦 + - (波F= + - 2鱶ɥǚ蘃齯ʃE桹蹝Ȓ畸蘋桙0 + drop: + - c掁轖e9\Ǟ¦ + - ȽT下Zź%賂蕄3 + - 乯`ŤĊŸ眸ʞ缔Ň妌嵳楕ǐwč*ǩ妩ɴ + privileged: true + procMount: ŃE诩Ŗś僆 + readOnlyRootFilesystem: true + runAsGroup: 6580465723841054000 + runAsNonRoot: true + runAsUser: -56006153890553620 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: v + mountPropagation: ?IJ純ʈxɧʅ + name: 9AiRaE35OlCv + readOnly: true + subPath: 2dv5RZ + subPathExpr: H7f + - mountPath: "4" + mountPropagation: 涾頴tOĜʥ朤 + name: ePEz + readOnly: true + subPath: BY + subPathExpr: w + - mountPath: n5FPgiJmk + mountPropagation: Ǵ棢__@ŗɆ4瞑5ŗ­L/ķ{篦ǯ + name: NryERK9Q + readOnly: true + subPath: tINFMAR5 + subPathExpr: VrBKy + - args: + - CCdc + - xnWsPf + - K9Lp8whZH + envFrom: + - configMapRef: + name: eRd + optional: true + prefix: jF9v + secretRef: + name: QS0dQM4 + optional: false + image: UEbFmY + imagePullPolicy: ɂǖ耒ȯ+Ǎ妸ÄĊ wʠB堯¥ƿɤp + lifecycle: + postStart: + exec: + command: + - 89MtW + - LOaqkcP + - JzjyxNZS + httpGet: + host: "3" + path: V + port: RUOELw + scheme: u*暪÷鰦ʭ,0噱D #干 + sleep: + seconds: 7312334685976475000 + preStop: + exec: + command: + - Cmo91luAq + - DTCwI + - d3Q8xly + httpGet: + host: e + port: -1761554680 + scheme: '|' + sleep: + seconds: -8572473558022234000 + livenessProbe: + exec: + command: + - 1K0Fir + - Ws + - jWym + failureThreshold: 1492079208 + grpc: + port: -1612320137 + service: wk3AYU + httpGet: + host: U + path: yLWf + port: dE + scheme: (魠ʫ倳|岺溻IJħu|æ粅 + initialDelaySeconds: -1551121242 + periodSeconds: 101556636 + successThreshold: -690762638 + terminationGracePeriodSeconds: -7606489989577612000 + timeoutSeconds: -947750725 + name: GKPhj2 + ports: + - containerPort: 690563670 + hostIP: mVXvug29A + hostPort: -1389446008 + name: pcUz3a8NWF + protocol: o& + readinessProbe: + exec: {} + failureThreshold: 816403475 + grpc: + port: 2090385753 + service: pp5W00 + httpGet: + host: sP9DV + path: cpLL + port: TNUIzm + scheme: '!敓GĜƝ塀ȏ@{8嶤ɍ|' + initialDelaySeconds: 911169006 + periodSeconds: 257542772 + successThreshold: 1702435185 + terminationGracePeriodSeconds: -4557510245814657500 + timeoutSeconds: -581799810 + resources: + limits: + 5UdZ91O: "0" + TXdC: "0" + bK0pEj0Mb: "0" + requests: + s8hZFXOGF: "0" + tCP: "0" + restartPolicy: Ǩ轡´@ǂȟ + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 鿞;P粜鬌)Ǭ郑&鑉k!f] + - Ċ + drop: + - ?孡渄:Ơ廔晞!ē8瞅@rDZ_ + - cfdú¯'ƱơÅś祏侪 + privileged: true + procMount: ȝ?A@û2蝓撕%o摤絡) + readOnlyRootFilesystem: true + runAsGroup: -2314751572399379000 + runAsNonRoot: true + runAsUser: 989961539055775400 + startupProbe: + exec: {} + failureThreshold: 971752114 + grpc: + port: -1594677871 + service: O + httpGet: + host: EIXRs + path: EA1CukJtUZ + port: g9g0 + scheme: 遱O靑課淁hɕ怡ņ鲥 + initialDelaySeconds: -1020857297 + periodSeconds: 1332161137 + successThreshold: -1412285197 + terminationGracePeriodSeconds: -7087737322486666000 + timeoutSeconds: 563432789 + stdin: true + terminationMessagePath: S + terminationMessagePolicy: =ɑ_èʊâ錯Ɛ窾O亇_ + tty: true + volumeDevices: + - devicePath: 2EtZS + name: "" + - devicePath: glBRF4 + name: e8K + volumeMounts: + - mountPath: L4U + mountPropagation: '}6ʓ蓱9峖3疖售Ʉ朞' + name: 4oVeDs + subPath: RoA + subPathExpr: b + - mountPath: b3TFcP + mountPropagation: ʘʟ| + name: jg4Ya + subPath: F + subPathExpr: flS + workingDir: VZi6ElPHw + - command: + - 3xxCjTRw + env: + - name: 1n + value: cHl + valueFrom: + configMapKeyRef: + key: "95" + name: gi + optional: true + fieldRef: + apiVersion: sQA8hZeZu + fieldPath: xgpJlFJ2 + resourceFieldRef: + containerName: fLR0HyM + divisor: "0" + resource: Sanx4 + secretKeyRef: + key: XgKm5 + name: gvoS9jB + optional: false + - name: s2cwze + value: hu + valueFrom: + configMapKeyRef: + key: fDoUz3 + name: XKG + optional: true + fieldRef: + apiVersion: q0CUy1W + fieldPath: B3Lkh + resourceFieldRef: + containerName: V1gnkr8hpTmU + divisor: "0" + resource: 7PEJNYX + secretKeyRef: + key: IiBIw + name: kiXa5 + optional: false + envFrom: + - configMapRef: + name: JayMLn + optional: true + prefix: Iyk + secretRef: + name: I8 + optional: true + image: uuJKCAGoiYb + imagePullPolicy: '&mɈ{DC鹪ŘƖ暢C镯VĪɮJ樟' + lifecycle: + postStart: + exec: {} + httpGet: + host: TlUl + path: v9nd + port: Khf + scheme: 雦G'獲ɕ垑Ɠ奚 + sleep: + seconds: 3204757101293724700 + preStop: + exec: + command: + - s8505Cg5U + httpGet: + host: hAMBGK + port: LNxGid + scheme: 9?Ɉ + sleep: + seconds: -7512312074000843000 + livenessProbe: + exec: {} + failureThreshold: -1252597876 + grpc: + port: -544919593 + service: "N" + httpGet: + host: xfP + path: ByIZxFF1w + port: 465839308 + scheme: ôȔʄǽȕ$Ɨ嫸% + initialDelaySeconds: 1827740835 + periodSeconds: 1434348082 + successThreshold: 1145653124 + terminationGracePeriodSeconds: -9056662989967493000 + timeoutSeconds: -741454610 + name: pkN5 + readinessProbe: + exec: + command: + - pmJ6cF + failureThreshold: -182850181 + grpc: + port: -30654612 + service: q + httpGet: + host: Vra + path: tovB7 + port: -934938952 + scheme: Ⱥǵ1茆鯨ț]ų1ơñ澂 + initialDelaySeconds: -1966697414 + periodSeconds: -1866944455 + successThreshold: -259752087 + terminationGracePeriodSeconds: -4535014313385885000 + timeoutSeconds: -1545912021 + resizePolicy: + - resourceName: RxDBqX + restartPolicy: 韌ʮ濅& + - resourceName: spCee + restartPolicy: 腋+桯PɆ誎z4µ&ȁou-囈鵼夵v| + resources: + limits: + rElH: "0" + requests: + "": "0" + restartPolicy: 7GK¦碦ǒ抩Z芍緜 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - NjǗA窇ţ + - 逈%Ǵ7QǚƶƜr + drop: + - 鹭Iv0蠤'Ɵ皝ƨ=¨ + privileged: false + procMount: èįƤ;L虥u籖ʄƎ}橃V炖 + readOnlyRootFilesystem: false + runAsGroup: -1041723617216276900 + runAsNonRoot: false + runAsUser: -3933065726531016000 + startupProbe: + exec: {} + failureThreshold: -983644738 + grpc: + port: 1827183629 + service: X7oC1 + httpGet: + host: vGk + path: ohKaYc + port: l1rVsh9 + initialDelaySeconds: -648569392 + periodSeconds: 873065120 + successThreshold: -612441773 + terminationGracePeriodSeconds: 6808330544454598000 + timeoutSeconds: 1534439066 + terminationMessagePath: VYh + terminationMessagePolicy: 唌Üi+ + volumeDevices: + - devicePath: DGsn + name: Ia + volumeMounts: + - mountPath: "14" + mountPropagation: 渉seǝ蕟厪ë嵎ǥ墮@ + name: "" + readOnly: true + subPath: C1G4VS1 + subPathExpr: eU + workingDir: odPxO + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + 2i: dRi6btw6 + R4: UsW + fFNJXGk: XBkx + priorityClassName: 8KMLup9vb + securityContext: + fsGroup: -3027126285888131000 + fsGroupChangePolicy: 袺芥ŵ罋o郘渢e堫柝dž + runAsGroup: -3172565869747058000 + runAsNonRoot: true + runAsUser: 5739747577453986000 + supplementalGroups: + - -1289730562709624600 + - 2918948066534341000 + - 8836988143915676000 + sysctls: + - name: ZSspAgrV + value: ES11 + serviceAccountName: W9k + tolerations: [] + topologySpreadConstraints: + - labelSelector: + matchLabels: + 435gSB: cXqM + XuT: nA + sKWX6pPX: YyYe + maxSkew: -1347306472 + minDomains: 1890499147 + nodeAffinityPolicy: 扒Ŕ + nodeTaintsPolicy: 諹uɔM_灢ʫ6ªWŢ庿ɛ + topologyKey: 34nlpPe2Tl + whenUnsatisfiable: šĉ鎨嶕鯖Ťȯ蝲萤ɪeCŒ5ő3|押 + volumes: + - configMap: + name: resP + name: configs + - name: Kt6NIoVzEY + - name: O +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "resP-test-connection" + namespace: "default" + labels: + BvJq2xZ: jY6O0 + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tvDI + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['resP:103'] + restartPolicy: Never + priorityClassName: 8KMLup9vb +-- testdata/case-045.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + annotations: + "": zL + EANkzh: rmy + creationTimestamp: null + labels: + M1diW: PVb + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tOoxEiwdVpT + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: nX5G + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + M1diW: PVb + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tOoxEiwdVpT + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9gCm5xz +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: naFpMBw + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: nKEzr + kafka-schema-registry-password: xU + kafka-schemaregistry-tls-ca: pc + kafka-schemaregistry-tls-cert: fF1z9FE + kafka-schemaregistry-tls-key: tx + kafka-tls-ca: bhhbwypQ + kafka-tls-cert: Dw1477 + kafka-tls-key: "" + login-github-oauth-client-secret: 1UD4N + login-github-personal-access-token: LmFkP6BgmLQ + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: m + login-jwt-secret: SECRETKEY + login-oidc-client-secret: cXdjG + login-okta-client-secret: eF90RohF + login-okta-directory-api-token: 1zXLSJEQ + redpanda-admin-api-password: rr4c4 + redpanda-admin-api-tls-ca: Eonnpq + redpanda-admin-api-tls-cert: aPCNgYI + redpanda-admin-api-tls-key: vlrLQ9I9 +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + M1diW: PVb + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tOoxEiwdVpT + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9gCm5xz + namespace: default +spec: + ports: + - name: http + port: 314 + protocol: TCP + targetPort: 398 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: tOoxEiwdVpT + type: C +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + M1diW: PVb + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tOoxEiwdVpT + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9gCm5xz +spec: + maxReplicas: 305 + metrics: + - resource: + name: cpu + target: + averageUtilization: 344 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 186 + type: Utilization + type: Resource + minReplicas: 326 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: 9gCm5xz +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: {} + creationTimestamp: null + labels: + M1diW: PVb + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tOoxEiwdVpT + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 9gCm5xz +spec: + ingressClassName: y6u9o + rules: + - host: V + http: + paths: + - backend: + service: + name: 9gCm5xz + port: + number: 314 + path: VRp3 + pathType: WX + - backend: + service: + name: 9gCm5xz + port: + number: 314 + path: ZXqa + pathType: LXDjotJK + - backend: + service: + name: 9gCm5xz + port: + number: 314 + path: b + pathType: 6l3svu + tls: + - hosts: + - SzMunki + secretName: OT +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "9gCm5xz-test-connection" + namespace: "default" + labels: + M1diW: PVb + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: tOoxEiwdVpT + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: rTO7I + - {} + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['9gCm5xz:314'] + restartPolicy: Never + priorityClassName: Op +-- testdata/case-046.yaml.golden -- +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + "": WcYTY + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + rHtDM6k: ZY6Kw + name: fB6TF +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: BKbdr + kafka-sasl-aws-msk-iam-secret-key: Xs8UvJPyL + kafka-sasl-password: xW3EDKA + kafka-schema-registry-password: Vewx + kafka-schemaregistry-tls-ca: te + kafka-schemaregistry-tls-cert: JxH + kafka-schemaregistry-tls-key: jhxioPhQ + kafka-tls-ca: eP + kafka-tls-cert: H9 + kafka-tls-key: "" + login-github-oauth-client-secret: Q + login-github-personal-access-token: akEcq + login-google-groups-service-account.json: pJ8NQ + login-google-oauth-client-secret: vj6 + login-jwt-secret: SECRETKEY + login-oidc-client-secret: 8SCyi + login-okta-client-secret: Yd + login-okta-directory-api-token: q1rSa + redpanda-admin-api-password: mON + redpanda-admin-api-tls-ca: rNzsp + redpanda-admin-api-tls-cert: UStA + redpanda-admin-api-tls-key: 3E +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + aDeGG7F9S: 5d + creationTimestamp: null + labels: + "": WcYTY + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + rHtDM6k: ZY6Kw + name: fB6TF + namespace: default +spec: + ports: + - name: http + port: 271 + protocol: TCP + targetPort: 481 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: PK7oH1pcU3 +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + A4M6T: IUmZ9 + AHN: gcT00IU6 + S: lzi1Q + creationTimestamp: null + labels: + "": WcYTY + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + rHtDM6k: ZY6Kw + name: fB6TF +spec: + ingressClassName: aU0xOzsFN + rules: + - host: chart-example.local + http: + paths: + - backend: + service: + name: fB6TF + port: + number: 271 + path: / + pathType: ImplementationSpecific + tls: + - hosts: + - PV + secretName: aHG1 + - hosts: + - bX + - Cu + - xuscoJ + secretName: fBCynrlb +-- testdata/case-047.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + DQxrtk8: buiWLPbYq + HHbP: sAY + Y0DKOcTa: D82Nfh + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nEojiMtRc + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: DSw7 + namespace: default +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + 8v2: JbH + 95cxbjjD7C: JBMaJ + VY: yRV7d + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nEojiMtRc + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: YUi5JpG + namespace: default +spec: + ports: + - name: http + port: 168 + protocol: TCP + targetPort: 227 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: nEojiMtRc + type: WAAXkZY +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + Bx5i3M: s + svlaTGpSHD: 7P9k + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nEojiMtRc + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: YUi5JpG + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: nEojiMtRc + strategy: + rollingUpdate: {} + type: żʧȟ + template: + metadata: + annotations: + Mfsd: hmi + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + creationTimestamp: null + labels: + 6dZAs: xJPaLHKS1Y2 + app.kubernetes.io/instance: console + app.kubernetes.io/name: nEojiMtRc + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: {} + weight: 182966451 + - preference: {} + weight: -2028220392 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: [] + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 5a5MXO + operator: kƎǦƙ«嚄ƭr騥邜Fċʐ叧F& + values: + - BRA + - Ywt7JHE + - key: TjE3wFb6 + operator: O`6ƥ縈L:Ckʄ鹟瑧 + values: + - "" + - dxDLfiL + - 0IgsneLlLo + - key: tuBbSOMR + operator: 桛ʫ褛ʒɩWkv濱瘛#Ěi邱CNǖ4孳 + values: + - 9zJ + - 7T3iJAwX + matchLabelKeys: + - ZYcvinlq + - PwQO9 + - M3gb + mismatchLabelKeys: + - e + - K1XrVh + - D1CkR8 + namespaceSelector: + matchExpressions: + - key: uqnyV6k + operator: rĮ'示嶠ĵ攛Ņ + - key: 0ONfMVB + operator: n梷E8ʟ菛晉 + values: + - Q + matchLabels: + IqH8n: pCJ16S + mUE: HyxdirX0F + namespaces: + - gptVP + - L + - 7CmPHtA + topologyKey: XDhewcrvK + weight: 2033587292 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: jcAfZ5VF + operator: 饀re + - key: sj + operator: U姑R° + values: + - p8zbO + - key: 2LmP5 + operator: ŸȢ庾塁BƖ + values: + - NN + matchLabels: + ApvKyKe: kHE9lIIleR + mismatchLabelKeys: + - n3VRcT5qX + - zGNqgUGNX + - hDZ + namespaceSelector: + matchExpressions: + - key: "7" + operator: 砃=G墈赞飍鵝7d + values: + - Uiz9BnY + - key: hd76 + operator: '{緶ɡnW' + values: + - vc1yj10y + - Je + - eg + - key: 06pjmB + operator: =帛胏 + values: + - RQ10 + - Z5WWhGqt + namespaces: + - seMTT1 + topologyKey: E + - labelSelector: + matchLabels: + oplIL: 67Fs0Yu4 + mismatchLabelKeys: + - T1 + namespaceSelector: + matchExpressions: + - key: hOQWYMD + operator: vǑ壞2â飿"Xʝ簮倏c + values: + - "0" + - key: WWGKqAgL + operator: '''OƼŪ祰ǑŗiU嘏ɮ?Ī語' + values: + - yU5IOsL + - koP + namespaces: + - lDs + - xQZsD + - J + topologyKey: j0k4ds + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 9nDdXGQwP + operator: '[痵lǝ,ǶÜÂD' + values: + - th + - u8xZ + - ucr3vqZeG + - key: QWVrK8k + operator: ʀăɼy耯#運+3坽« + values: + - 2lcZKn + - G2IQ + - YbYwv + - key: N4bc7Wn + operator: '%7`iɊȑ槦醒}' + values: + - NiSH90 + - 98iHVkt + - 0r3Yu9i + matchLabelKeys: + - zrV + - Ey + - R + namespaceSelector: + matchExpressions: + - key: gEbVS1wo + operator: z + matchLabels: + 2YURuF: "" + CJTjm6: nOFN + oUtlWUD: 0k14ag + topologyKey: M1yF5YA + weight: 477520510 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: mdjoxbr + operator: V2SŨǰ8嫟淦 + values: + - 3ww0Ei + - 2PjudE + - pmpvETB0n + - key: NFqQGo + operator: 处;Ƕk鎹û絹褡Sy + values: + - V + - key: HuZ + operator: ȓő&ś>S怭ť]E榕 + values: + - sUume + matchLabels: + ef2q: 4ZL0O9b + r8xqG: MJ + matchLabelKeys: + - "" + - "Y" + mismatchLabelKeys: + - djn6fDf + - ukZi8 + namespaceSelector: {} + namespaces: + - dOU1F + - 1ygQdj3xZ3YIf + - wvpeJx + topologyKey: Rq4K6z6 + weight: -1277100698 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: b + operator: "" + values: + - tmuB5 + - 9qE9GM + - oJpaRDn2 + - key: WY + operator: u酘b + values: + - RhO + - Cs2rDIRrPlii + - nG4bqoAkQU + - key: eMae + operator: ǟĕȴnjI覿9¥H艞ɋ + matchLabels: + ToIBbWL: 4k8X + i2qGkWjvF7QJ: pb0sZq + u12o4B4: Ybz + matchLabelKeys: + - HCKtJC7hm + mismatchLabelKeys: + - 21r0Z + - "" + namespaceSelector: + matchLabels: + 2BNgnKr7Ob: 5RffK5NB3ghhfO + bJC: WTOgH + uA: bxdRwsU + topologyKey: 2CsbupZ + - labelSelector: + matchExpressions: + - key: RIP + operator: Oȝ(氧罻 + values: + - 1bx3Fix9 + - key: eqQoi + operator: 68+ʈĘ + values: + - FgfwmYrR + - mznlyr2aLTGF + - GfAoC8M + matchLabels: + FKwNoJ: aJZxa + cEeo8ix: 3dHunLjp5 + ihSd: qG7x + matchLabelKeys: + - F6LQK + mismatchLabelKeys: + - ULcGW + - RYv + - fF + namespaceSelector: + matchExpressions: + - key: Tkp5 + operator: ȴ潺谡Ƣh躈ŮâÿȒũĔ + values: + - fY9NuWB + - O84 + matchLabels: + 09fI: EDSEVi + Dl: 4u38aD4O + vZCciR: neqAXd7k + namespaces: + - ozziI6FZ + - URQlLJF + topologyKey: SeSq4K + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: "" + value: YbKo + valueFrom: + configMapKeyRef: + key: bIruuA + name: x8 + optional: true + fieldRef: + apiVersion: EqX + fieldPath: ZOh + resourceFieldRef: + containerName: IDJTm5lv + divisor: "0" + resource: QDC8v + secretKeyRef: + key: "8" + name: LcSdNiKff4 + optional: false + - name: RZHq9C + value: m + valueFrom: + configMapKeyRef: + key: PZVqf + name: x + optional: true + fieldRef: + apiVersion: xQi + fieldPath: vxeo + resourceFieldRef: + divisor: "0" + resource: l7 + secretKeyRef: + key: i3lK + optional: true + - name: LICENSE + valueFrom: + secretKeyRef: + key: nj + name: rl + envFrom: [] + image: zUsK/lQjo:p + imagePullPolicy: ȕ蚧竔/´苅oC + livenessProbe: + failureThreshold: -1392926461 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1384385388 + periodSeconds: -1660079876 + successThreshold: 680842396 + timeoutSeconds: 213455290 + name: console + ports: + - containerPort: 227 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1689894479 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -1753994274 + periodSeconds: -1189421015 + successThreshold: 1278527365 + timeoutSeconds: -209775227 + resources: + limits: + 8ycM: "0" + requests: + CvglPI: "0" + s5: "0" + uiHB: "0" + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - «Ƙz损 + - ɟE鄱Į惪Y桦ŗɘoȍ蠣4ƪ呀R> + - "" + drop: + - 娤b + privileged: false + procMount: ʍ曏(ƶæ + readOnlyRootFilesystem: true + runAsGroup: -406748533537085800 + runAsNonRoot: false + runAsUser: 3238073083343117300 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: g + name: L8dbWip + subPath: "" + - mountPath: OO0aO6h + mountPropagation: "" + name: kDKM + readOnly: true + subPath: AlRCH + subPathExpr: 7UemLsIe + - mountPath: Z8zdlU + mountPropagation: 醗¡°v:胡 + name: aedAMG + subPath: zo5P1xa + subPathExpr: WmuiME + - mountPath: ufiUx + mountPropagation: '`ʡÔ关Ľ?' + name: PWBh + subPath: 2hslJ + subPathExpr: pUtN3 + - args: + - lW + - lpUVzUh + command: + - 3mEGtoKbEWE2Jw5T + - b1GBFA + env: + - name: hsiWF93 + value: zBco + valueFrom: + configMapKeyRef: + key: 8hvvaoHB + name: "y" + optional: false + fieldRef: + apiVersion: WPT5J + fieldPath: sc + resourceFieldRef: + containerName: 0xbTU4O + divisor: "0" + resource: tPBV2ObG + secretKeyRef: + key: YEKZukl + name: px + optional: false + - name: PM0MyyH3R6R + value: yOzX + valueFrom: + configMapKeyRef: + key: I3pi + name: DC + optional: true + fieldRef: + apiVersion: "25" + fieldPath: "" + resourceFieldRef: + containerName: aZj1E7LU + divisor: "0" + resource: sxs0nE31 + secretKeyRef: + key: Ktb3c4 + name: g98T + optional: true + - name: 6kDq8UgFIS8 + value: L0i4 + valueFrom: + configMapKeyRef: + key: 9WUe9 + name: tZrRUK + optional: false + fieldRef: + apiVersion: GIc + fieldPath: AXTmU + resourceFieldRef: + containerName: E2 + divisor: "0" + resource: a63tq + secretKeyRef: + key: luWp + name: lPdowo + optional: true + envFrom: + - configMapRef: + name: vzVk + optional: true + prefix: DONFyRd + secretRef: + name: 9uct + optional: false + - configMapRef: + name: z5nC9D + optional: true + prefix: 5epUyS1iy5m8 + secretRef: + name: zqRFC + optional: true + - configMapRef: + name: awjfJlZxN + optional: true + prefix: LhArOQgbq1OCR2L + secretRef: + name: mb5axzX5 + optional: true + image: qPLiX + imagePullPolicy: '{Ĩ檽]ĻĹňɋ偌Ȏ.阛魉' + lifecycle: + postStart: + exec: + command: + - yAeOM + - s53um + - 3m + httpGet: + host: GJWsJm + path: iDQ + port: 1781170742 + scheme: 皐ű葺ȝĬ麐&ʉ執dz0娸叹 + sleep: + seconds: -4230531115544534500 + preStop: + exec: + command: + - sIGb5 + httpGet: + host: AbxhPKar + path: 3ZZ5 + port: 88852320 + scheme: 砨Ĝ_筀¤痟氻劊űI俼员z幛F + sleep: + seconds: -4758564920159899000 + livenessProbe: + exec: + command: + - ty6JMTW6vA + failureThreshold: -1459976999 + grpc: + port: -1689493187 + service: ihsDMVYd + httpGet: + host: e9NNlO5d + path: iBo4 + port: 334788778 + scheme: ƿ:ħȠL$ + initialDelaySeconds: 1625633184 + periodSeconds: 1327859251 + successThreshold: 1766792721 + terminationGracePeriodSeconds: -3971501657411371000 + timeoutSeconds: 557348614 + name: U3U + readinessProbe: + exec: + command: + - "Y" + failureThreshold: 391027623 + grpc: + port: -1858356724 + service: hnqm + httpGet: + host: g + path: C48 + port: F + scheme: 苎lɲÁ频×ȊDžȀ9Ď"昽 + initialDelaySeconds: -1404160881 + periodSeconds: 521131323 + successThreshold: 2005094455 + terminationGracePeriodSeconds: -5942417190535485000 + timeoutSeconds: 2118365394 + resources: + limits: + Ms1A: "0" + WkWhM: "0" + requests: + b4kR9nm9BfQZy: "0" + eLg: "0" + huME: "0" + restartPolicy: ľ慔/PpǏ銢9滖ɝ韍I鍌$ʪ辫Uz + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - wą&嘪研Z`ȧȢfʘ*ō + drop: + - ƿ`ĉĎ苦Ǧ蘈NJ她笻Ƞ + - 磨3踦煨1JƸc錚捁 ĊZe)ám \ + privileged: true + procMount: 鋶XJm/覹ɋ¶ȉĒȤ瀶|ƻŒ(咡 + readOnlyRootFilesystem: false + runAsGroup: -8452021579348254000 + runAsNonRoot: true + runAsUser: 5983932912975749000 + startupProbe: + exec: + command: + - sZhTLr + - GK + - kqL9aDDm + failureThreshold: 1004086477 + grpc: + port: 1266077274 + service: l1ji1IW1ic + httpGet: + host: rJI + path: H731Dr + port: 1333462733 + scheme: 项鰚ɽ洍êƳ + initialDelaySeconds: 1806670133 + periodSeconds: 1290098703 + successThreshold: -490255445 + terminationGracePeriodSeconds: -206080146769410300 + timeoutSeconds: 270060590 + terminationMessagePath: P1HCGJEbJiD4 + terminationMessagePolicy: ʇ鞯BC鸼樁÷ǹ楺 + tty: true + volumeDevices: + - devicePath: a4 + name: 0bA + - devicePath: VeRXU9 + name: A0XbFJhG + - devicePath: fdim + name: RJf + workingDir: ZoDFb + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: {} + priorityClassName: 0P6RnoBeb5 + securityContext: + fsGroup: -6567182940167159000 + fsGroupChangePolicy: 6iɰ堂:齐ǪÈ + runAsGroup: -1787219330993537800 + runAsNonRoot: true + runAsUser: -5627543087390805000 + supplementalGroups: + - -3306962996817147400 + - 975882030005456500 + - -5263492609498468000 + sysctls: + - name: YC + value: 7JlDTCP6hs + serviceAccountName: DSw7 + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: YUi5JpG + name: configs + - name: L8dbWip + secret: + defaultMode: 184 + secretName: LF0O +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nEojiMtRc + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: YUi5JpG +spec: + maxReplicas: 122 + metrics: + - resource: + name: cpu + target: + averageUtilization: 218 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 488 + type: Utilization + type: Resource + minReplicas: 449 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: YUi5JpG +-- testdata/case-048.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + 4kU: mkn8 + Ro: NFx1P + Z1p: WE + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: W7q3X + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: sKa + namespace: default +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - FZ5NQS6: null + - 0ToI: null + RTwav: null + mWwdgyM: null + - {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + 4kU: mkn8 + Ro: NFx1P + Z1p: WE + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: W7q3X + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 3um +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + c: DNy + kDPtPpnL: kFmmx + creationTimestamp: null + labels: + 4kU: mkn8 + Ro: NFx1P + Z1p: WE + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: W7q3X + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 3um + namespace: default +spec: + ports: + - name: http + port: 311 + protocol: TCP + targetPort: 29 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: W7q3X + type: l5gj +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + Dgw3Wl: 7aofTp + creationTimestamp: null + labels: + 4kU: mkn8 + Ro: NFx1P + Z1p: WE + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: W7q3X + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 3um + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: W7q3X + strategy: + rollingUpdate: {} + type: 顓ǝSm + template: + metadata: + annotations: + checksum/config: 1f1200550e8f17e44439daf44ec8c9721945fe5e499d9d558666a7a6516a4bd3 + eG: vxInc0 + g: BI6yk + xCtSP: rQ + creationTimestamp: null + labels: + ZEXh: zufy + app.kubernetes.io/instance: console + app.kubernetes.io/name: W7q3X + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: v + operator: ė + values: + - ln + - lU4zX8iz + - t0Xc + - key: s3fpu + operator: ɥ娿ăʄĠ mʓ銈E'袭ĵ + values: + - ljJlhx + - matchExpressions: + - key: qPBvuBghor + operator: 泱诅ʫt + values: + - a05XZwN + - SiAvFWs + - FhW1 + - key: MVFTcW + operator: º囜N赧0索d + values: + - c + - ghZI + - AjB0J + matchFields: + - key: QzMSpLW + operator: :ɉùȪÇzǥC货°ÕV? + - matchExpressions: + - key: pA7a1gYdV + operator: '[ĪtOK' + values: + - 2bE4Bw + - fyMOYi + - key: wshbw7Ix + operator: J槭~撑MS=ÑƎ薽饵a緗 + values: + - 9jt6 + matchFields: + - key: s1 + operator: 犫茬睶ňv + values: + - XhyH + - Ng1r1 + - nqis + - key: mHLiT + operator: ȁ佝L郗s稷tŻ+f舭拳鰵2e{a + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: jdvk + operator: ƶ + values: + - NV + - y4 + - V2XRZS + - key: 9VvAl5 + operator: <坎陸$§¤_ã檠奙Å饉J夗ɓ翩锸辸 + values: + - x26kYkJ + matchLabels: + DziixIJYd: yCXzPc + matchLabelKeys: + - XNuk + - RGLu + mismatchLabelKeys: + - aF3 + - R + - Tnj6SmTq + namespaceSelector: + matchExpressions: + - key: e1XR + operator: Kɞ窏ǿ,鸣ŰcNc + values: + - Yrq + matchLabels: + F2Pe7J: dlwTdhs + lK: nolQ + ys9z: euXWPiaJ3Bv + namespaces: + - tAzvw4OH1G + topologyKey: 6y + weight: -1640008169 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: XbjQvP + operator: V嶙NZ谡筩ǒ抂 + - key: i + operator: ɔŃ旓Ɍ鬺X + values: + - Zvx + - 7HWJ + - e4ucTP + matchLabelKeys: + - 0LSTZ + - ESk2r + mismatchLabelKeys: + - CKhfvR0Sg + namespaceSelector: + matchExpressions: + - key: A0tc + operator: 辛§ʢ垝V矋n握匞~嶯筪溆¸ + values: + - ML + matchLabels: + K1pr: ROFIwZhJYYo + ODc: 48WQ + namespaces: + - Wv7 + - zenLPw + topologyKey: tIVDde5U + weight: 1977587462 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: 3YyUamlR + operator: 橯F + values: + - dHitre + - 90jUjk + - key: NtnSL + operator: 臰sR=坵Ěcñ黪:ɻ寊â9dƎ\V + values: + - qqzycK + - key: ICXJGRFS + operator: $貕^eėǭD鳅ʇ + values: + - txX + - SFrkJ9r + - 3jOnwEW1 + matchLabels: + Uwj1kpV: oUXOYkF + o: ts5wRqjTyCy + matchLabelKeys: + - V2DNNCORe7ZRA + - pglXe4D + - w3881 + mismatchLabelKeys: + - xbi5KtUmR + - eZenitLdd + namespaceSelector: + matchExpressions: + - key: fxd5Y + operator: 頣R熗!A麳Ƚ6r爤暓 + values: + - oe46YF + - rT30v + matchLabels: + 4WA: EH + nRhlLLx1yHy: 5UFrj + namespaces: + - 7j92oP + - 2hf + topologyKey: "" + weight: 92207265 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: wBvol + operator: Ɂüɯ + values: + - eKmyok + - key: B2uj69 + operator: "" + - key: hLrZlh + operator: ȕ嵠味 ɼ_ + mismatchLabelKeys: + - W + namespaceSelector: + matchExpressions: + - key: Qu + operator: 亣i拴ÿ + values: + - OeiUsmYu + - oGXa6Ma + matchLabels: + "": Li + oDV7yR: NP + namespaces: + - PQjQb3LP + topologyKey: Gs1 + - labelSelector: + matchLabels: + "": nF + mismatchLabelKeys: + - YG6aQj + namespaceSelector: + matchExpressions: + - key: HpxPVtw + operator: z畘ŠƽǢ蘟\ɡ忕ɋ蜹5B + values: + - EQ + - RP3fBi + - key: Lv60cZut + operator: 裰ƈ + values: + - I9JbN + - dt + - Cya + - key: 0MGm8N + operator: 遍Ż + matchLabels: + nELvnrAFr: DClM + topologyKey: N57yxG + - labelSelector: + matchExpressions: + - key: "" + operator: KǞ}ɣȿ嚶宗荝«Dž + values: + - CGw32z4JHya + - E + - u5CDtdc + matchLabels: + J5LzcLei: kBwTCGZ + iLpqu: j4bqBNDjAK + jN: jUZ0u + matchLabelKeys: + - lNM + - K3nOO5 + - 9norFQpMiC + namespaceSelector: + matchExpressions: + - key: y4teb + operator: 蚯 + values: + - P + - O0 + - MvxOu + - key: v8w1Ok + operator: 8ƴņŨƊ¹艗胲ƦpYƿ9d脙~Ë + values: + - "4" + - "66" + namespaces: + - OtWsVW + - p + topologyKey: GeF + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: GRLHy + operator: Ä椶 + - key: Z + operator: ė牫ȃ汥Ƈ娍q\桕ɄNǴ + values: + - S1hMkP + - K + - x5coDg + - key: kJzBQ + operator: ʉĻ孺bɧɬʬ柿娤e¯]每) + values: + - DbD1 + - C5dyvNew + matchLabelKeys: + - 8G + - 7cCVU + - lN + mismatchLabelKeys: + - xJ5l + namespaceSelector: + matchExpressions: + - key: U89y + operator: ȓ2浿澰V缐厧钎wň莁願菶ʈ杈 + values: + - 9m6ydjpHu + - CatqpZmUCL + - dJz + - key: SIePbOJc6H + operator: ljR2qɟ$s櫮c雕Ů幔莁沥ʫľƙŝ + values: + - 75tj75r + - XiO + - key: "" + operator: 舄或崙Ĭɐ耼Ī弋禽$ + values: + - HWwXVr4o + - WEkwi8ZNDQ + - f + matchLabels: + fi8w0BX: Z48LRdXmkJ + namespaces: + - Yaw2NnfJ + topologyKey: ElKfd7Eo + weight: 1078166465 + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: rd10f1l + value: GtUE + valueFrom: + configMapKeyRef: + key: C1N + name: bi + optional: true + fieldRef: + apiVersion: 9GWlMsB + fieldPath: l2 + resourceFieldRef: + containerName: 4t + divisor: "0" + resource: eyjvzsf + secretKeyRef: + key: xBMOaej + name: O8AG + optional: false + - name: C + value: fYlde + valueFrom: + configMapKeyRef: + key: 4HvhDAkW + name: 5bgA7leE7 + optional: false + fieldRef: + fieldPath: zY6rf + resourceFieldRef: + containerName: S3 + divisor: "0" + resource: 3sD + secretKeyRef: + key: s43 + name: LpaQ + optional: true + - name: LICENSE + valueFrom: + secretKeyRef: + key: enterprise-license + name: 3VGefRh + envFrom: [] + image: VHbf77MFq/9Gz:Tg + imagePullPolicy: Ƀşb?師Ğ`3H觉趟糯襖 + livenessProbe: + failureThreshold: 279778022 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 1098820524 + periodSeconds: 414174316 + successThreshold: 1178515566 + timeoutSeconds: 873461419 + name: console + ports: + - containerPort: 29 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 37001950 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -396024246 + periodSeconds: -1467409206 + successThreshold: -1328773613 + timeoutSeconds: -1781454259 + resources: + limits: + 8cdWaeK7jVrR: "0" + HYBi6o: "0" + requests: + NOz: "0" + gH: "0" + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - Ɋ闻ǃɗʀd撪 + - 蘑ǪY桼ɮǚɳ爥ňB + drop: + - 乄}ñ0詘蛾牪坣缰ƩǏ薷©瓚`Ʋ虯r + - ǓJğ&ĊƯʝbǠCŪzgì + - ńǜ[ɪ判Uʋ]泘狔 + privileged: false + procMount: 媹:堏_ɟ榧禙Ɲ'瞟 + readOnlyRootFilesystem: false + runAsGroup: 2759228957449300500 + runAsNonRoot: true + runAsUser: -812867783664200800 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: WsSL4vxNxCkXP + name: Mt1 + subPath: "" + - mountPath: M5 + mountPropagation: 稤Bơ觓Ð琋 + name: yQHj49RtdzN + subPath: GdQkAKF + subPathExpr: Gvswh + - mountPath: QRg + mountPropagation: 搚Kƕ欕K貵蠜d旓ĀÝ虩釓 + name: qCEH27RF + readOnly: true + subPath: nHB05RuTZ + subPathExpr: K0yH + - args: + - 3QF + - k1BJBm + command: + - PMW + - j + - V7MAcfomz + env: + - name: rAzI53 + value: WlHlq + valueFrom: + configMapKeyRef: + key: zzIBsb + name: Bh261F + optional: false + fieldRef: + apiVersion: SlA + fieldPath: "6" + resourceFieldRef: + containerName: q0BBEv + divisor: "0" + resource: JE + secretKeyRef: + key: FvrZgBz + name: ZTBeic + optional: false + - name: uPptX + value: i9 + valueFrom: + configMapKeyRef: + key: JeHwi + name: TiQHOG1EsFUgIE + optional: true + fieldRef: + apiVersion: i7dd + fieldPath: Tu + resourceFieldRef: + containerName: ChdvA + divisor: "0" + resource: Eq1V33RTZQSJRJFg3V + secretKeyRef: + key: ojxn54r + name: L + optional: false + - name: Sl9Py25FX + value: e9 + valueFrom: + configMapKeyRef: + key: Zq80J9tyR0opcz + name: gy00dyvHFa + optional: true + fieldRef: + apiVersion: UJLSQy7zL + fieldPath: Xm4sg5H + resourceFieldRef: + containerName: ZmY7Fno6Fcop3 + divisor: "0" + resource: gqZwW + secretKeyRef: + key: v + name: hJDoWtjkfL + optional: true + envFrom: + - configMapRef: + name: RdWA + optional: true + prefix: Dq + secretRef: + name: BOBOO0sLIWw0e + optional: false + - configMapRef: + name: MoMnWNTC + optional: false + prefix: "3" + secretRef: + name: B58Vvj3 + optional: false + image: Vn5V + imagePullPolicy: 筥ǏŤČ癳嶧GĒH挕ÄHɡ + lifecycle: + postStart: + exec: + command: + - hTIx + - lslygl + - lSgx5G2IfU + httpGet: + host: GNVKz7 + path: d0Y + port: Igi + scheme: 莵łEǐ嫖ʒʔvŊ>ry5贛 + sleep: + seconds: -184172880642712450 + preStop: + exec: {} + httpGet: + host: tD1TkKV0ES + path: s6 + port: OpK5riOe96 + scheme: 琊*i#欱E唂ȧ鐄膶詃7 + sleep: + seconds: -4889549574266894000 + livenessProbe: + exec: {} + failureThreshold: 1591130939 + grpc: + port: -540029946 + service: aoAN2Lx03 + httpGet: + host: vWu + path: Lo + port: 1468671948 + scheme: ȯ煐IŢ + initialDelaySeconds: -1879733088 + periodSeconds: 1106663448 + successThreshold: 240850805 + terminationGracePeriodSeconds: -7405296717602936000 + timeoutSeconds: 524743651 + name: AInfx2Rak + readinessProbe: + exec: + command: + - oIA3 + - H + - 96Uj2 + failureThreshold: -1855887857 + grpc: + port: -495541010 + service: X + httpGet: + host: ZplmMg + path: tAAr + port: 1950182935 + scheme: ʂ綽oa;n轮ęB觼Z=G泇跢揌韇锶 + initialDelaySeconds: 1057136331 + periodSeconds: -2025421367 + successThreshold: -812558156 + terminationGracePeriodSeconds: 4314843605692522000 + timeoutSeconds: -1609986779 + resizePolicy: + - resourceName: EvmpG + restartPolicy: 4ɱ + - resourceName: hTB20ObO1 + restartPolicy: ½ŏ伐Q蔏ʝ噙漃袩J]Ɣ蒘岇 + resources: + limits: + KWlx2c: "0" + O: "0" + requests: + ZCJwGBL: "0" + restartPolicy: 1nĔ:蹮>s蹬ÍǺ + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 迠寈搣弝渎İ- + drop: + - 檹Ɩ + - ɧ麧ç2ā兛杧蔙團载^P蚡5缿ʒU襩 + - cLD|ƶ虌Ȗ + privileged: false + procMount: ïƋ圏滜ľ転謀ĤP蹥ȅ|髃蒃Q癎æ + readOnlyRootFilesystem: false + runAsGroup: -4850605470374304000 + runAsNonRoot: false + runAsUser: 7731251064648991000 + startupProbe: + exec: + command: + - LqYoUQy3c4BE + - 5N + - Ug + failureThreshold: -1290004088 + grpc: + port: -1721281251 + service: H2p + httpGet: + host: 02CP5 + path: F609y + port: JjwFH + scheme: 珑 + initialDelaySeconds: -402608647 + periodSeconds: -1520214127 + successThreshold: 209058699 + terminationGracePeriodSeconds: -1900030585542850300 + timeoutSeconds: 1686394545 + terminationMessagePath: qixKzKz + terminationMessagePolicy: Ǥ衚蔁ʙ剠Ǡɭf~ + volumeDevices: + - devicePath: zM1 + name: jmc + - devicePath: IZ + name: PS + - devicePath: kN24U + name: Apu0r1U2 + workingDir: WgB + - args: + - 2Z37 + - 75kO + - TjvjkZTrc8s + command: + - M0NtzJ + env: + - name: 2EH + value: O + valueFrom: + configMapKeyRef: + key: J1ozKsuji + name: glLvAIHP7i + optional: true + fieldRef: + apiVersion: 3gAjGu + fieldPath: sNpuR8m + resourceFieldRef: + containerName: oxx + divisor: "0" + resource: PuKq + secretKeyRef: + key: Iua2L1LoCWMs2 + name: YfKwS8s + optional: true + image: PKNM + imagePullPolicy: ÍĪ0魣Ŋʒ + lifecycle: + postStart: + exec: {} + httpGet: + host: fsZ + path: EGnu + port: 765491661 + scheme: ?ğ叆ɂ&pʠ溶Ǚu + sleep: + seconds: 4688626474961013000 + preStop: + exec: {} + httpGet: + host: TB + path: "6" + port: -50369560 + scheme: ~Ǚɇ>ƃ\7]歉sh羘y4 + sleep: + seconds: -5293607398165582000 + livenessProbe: + exec: + command: + - 1g8dewdj + - lRmD + failureThreshold: -125369558 + grpc: + port: -1490211482 + service: R + httpGet: + host: CSGThzhG + path: 9NBKzoiFzs + port: -272474300 + scheme: ŀ + initialDelaySeconds: -1094670881 + periodSeconds: 1768141210 + successThreshold: -985604418 + terminationGracePeriodSeconds: -1297054466922920700 + timeoutSeconds: -1289231356 + name: KtKv6dg + ports: + - containerPort: -632764671 + hostIP: 8CU + hostPort: 917138107 + name: 1VgOx + protocol: 典ȫ窃ÛǪ3m患 + - containerPort: 739656218 + hostIP: dQQ3 + hostPort: -1348301133 + name: "3" + protocol: '?Ū慾ŘLº桒J:茦扰絥ǗȑĎ:' + readinessProbe: + exec: + command: + - qZ2J + failureThreshold: 293719665 + grpc: + port: 1235836411 + service: ig3 + httpGet: + host: Ws + path: FVnJhZq7I + port: -1075951148 + initialDelaySeconds: 321800409 + periodSeconds: -556535717 + successThreshold: -625124830 + terminationGracePeriodSeconds: -4084380722124342300 + timeoutSeconds: -904900305 + resizePolicy: + - resourceName: GKINnuJx + restartPolicy: Řl©=嬈牍]佧& + resources: + requests: + omO: "0" + uga5: "0" + xnRsp6C: "0" + restartPolicy: ʝdŌİ蒘傥>晑|癶x&ĭmŭƙŵ + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - 約nɤưHĞ4WƳǤȣ糥蠇t + - ¾ʃŔ冻楟?¿揈h嘼œ + drop: + - 7忭譺屩嫕ƞʅ袬/氼Xg养ȸ陣萓 + - 胨`鯵ƪĽ藹 + privileged: true + procMount: Ulƙxȿƌ乜溬噕瀆储铐\纬 + readOnlyRootFilesystem: true + runAsGroup: 4589112012742887000 + runAsNonRoot: true + runAsUser: 3204614620414442500 + startupProbe: + exec: + command: + - TFJ + failureThreshold: -585814509 + grpc: + port: 178002023 + service: lAuHCrE + httpGet: + host: "88" + path: Th + port: In + scheme: 鷵菭g顲Ⱦ穪 + initialDelaySeconds: -1856697198 + periodSeconds: 1469578394 + successThreshold: 160563852 + terminationGracePeriodSeconds: -4442318275257517600 + timeoutSeconds: -16211809 + terminationMessagePath: 513sVbgA + terminationMessagePolicy: 隓Ǽ屼Å7嗟Ʈ麝0{ȦDžĐ! + tty: true + volumeDevices: + - devicePath: ugQAJ + name: Jf + - devicePath: BFfnTD + name: kfF6CZ + volumeMounts: + - mountPath: C3 + mountPropagation: 呍婻厦ǒ絶偂蠛ƺ蠖蕍v貰Ė + name: DQvHajhHx + subPath: aYHGugq + subPathExpr: MSs + workingDir: OE + imagePullSecrets: [] + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + Bm9U: oTYglG6dh + priorityClassName: l4Mowg + securityContext: + fsGroup: -3794452885502571500 + fsGroupChangePolicy: 欲飹Rɦ薕µL<Ĕ + runAsGroup: -3171560656159467000 + runAsNonRoot: true + runAsUser: -4412205905842408400 + supplementalGroups: + - -7215185124091152000 + - 5139656417921063000 + - 600742233156257700 + sysctls: + - name: Te + value: cKzihj + serviceAccountName: sKa + tolerations: + - effect: 嫜ʎ愤wßj硭 + key: JO1 + operator: ȼ¾Pȇ挮ƶȋ'蹑鶚嗵ïG + tolerationSeconds: -6027642013843151000 + value: a3XbyS + topologySpreadConstraints: [] + volumes: + - configMap: + name: 3um + name: configs + - name: Mt1 + secret: + defaultMode: 80 + secretName: ZxXI0Hhv +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + 4kU: mkn8 + Ro: NFx1P + Z1p: WE + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: W7q3X + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: 3um +spec: + maxReplicas: 1 + metrics: + - resource: + name: cpu + target: + averageUtilization: 468 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 256 + type: Utilization + type: Resource + minReplicas: 224 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: 3um +-- testdata/case-049.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: + 5bpPp: ponDVyZ + Ml1: "" + lt: 6VN8BRlJd + creationTimestamp: null + labels: + 0HYkOrz: JCwpSW + 0TgDztQSY: P + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8dJzE + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + ztm: qegfb80 + name: z12W + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + 0HYkOrz: JCwpSW + 0TgDztQSY: P + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8dJzE + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + ztm: qegfb80 + name: 0BIfuN +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: SBJl + kafka-sasl-aws-msk-iam-secret-key: INqD5 + kafka-sasl-password: 78E + kafka-schema-registry-password: YMuFCG7qR + kafka-schemaregistry-tls-ca: 1y5yRb6O2b + kafka-schemaregistry-tls-cert: NuhkhpMV7b + kafka-schemaregistry-tls-key: 9zcrFj + kafka-tls-ca: 0PF + kafka-tls-cert: wArD + kafka-tls-key: "" + login-github-oauth-client-secret: jdPGF7 + login-github-personal-access-token: y6xqv + login-google-groups-service-account.json: xi1j27Lipj8 + login-google-oauth-client-secret: m6FeI + login-jwt-secret: SECRETKEY + login-oidc-client-secret: zbsTootC + login-okta-client-secret: rHSfT + login-okta-directory-api-token: rOXaN + redpanda-admin-api-password: 8c + redpanda-admin-api-tls-ca: CJbHIM + redpanda-admin-api-tls-cert: uO + redpanda-admin-api-tls-key: uhB0L +type: Opaque +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + L: CP + Yf: K4waOjMg + tIYLLgy: d1szIPW6xt + creationTimestamp: null + labels: + 0HYkOrz: JCwpSW + 0TgDztQSY: P + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8dJzE + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + ztm: qegfb80 + name: 0BIfuN + namespace: default +spec: + ports: + - name: http + port: 269 + protocol: TCP + targetPort: 479 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8dJzE + type: IfYfRoHRG +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + BceQMZiOm: E1uakdHPkLNL + creationTimestamp: null + labels: + 0HYkOrz: JCwpSW + 0TgDztQSY: P + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8dJzE + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + ztm: qegfb80 + name: 0BIfuN + namespace: default +spec: + replicas: null + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8dJzE + strategy: + rollingUpdate: {} + type: 擺m鷾DžPĨ + template: + metadata: + annotations: + "": cuRn + checksum/config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b + qBdeU: EQv + creationTimestamp: null + labels: + O2n4u: kpFpu + app.kubernetes.io/instance: console + app.kubernetes.io/name: 8dJzE + g1c: XEOMg + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: L + operator: 域%Ɠ礇!ʘl.ǷŠ该貹&N + values: + - oAk8rvkey + - Fb08GpumY + - key: YJGr + operator: '|4\i事!ų藦x鳜Ǫ' + values: + - 63Yvc + - key: j + operator: ¸瀖čņ!彅搀 + values: + - RnzdW + - Nxs + - unZuno + matchFields: + - key: wLP0QqdHBmd9e + operator: ȑwȼ嶢vC`ȖĜƐ桡牆ēIa,謧ŗ + - key: mdgmMZ + operator: Ō§ȶƔ>#Z骻5S洝岛Ċ啞. + values: + - Fvf6 + - key: GQsV + operator: 涥ȕêȩȋ婍0毙舺糩\DŽŅ饒 + values: + - XccQkxG + weight: -1172839714 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: JpS0BkW + operator: 聣耥ʒ昼|Ȏ)ß瞖a癨櫒缮{v + - key: HLL3gv + operator: 铡ÞC腢z蟒Á + - key: iDGQV8Bjyu5Q + operator: 舢脛歛ƻ68 + values: + - eLCH7Nc + - QQqPUN + - "" + matchFields: + - key: AY2q9fnL + operator: ȏ伌鎩5桀ʁ + values: + - Uac + - K0q + - bY71A + - key: rBwZz + operator: '*ĴȉǼ矼SN]ʛ源' + values: + - 5yMkn + - key: S1C + operator: ÿƙ彋,嘲樦 + values: + - OXH + - vl1 + - uCYaO8Cn + - {} + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: mZ3rAF9 + operator: yŲĺȫ阁笵W®詃Œ + values: + - bhvFz + - key: uiaNXZcXT + operator: "" + - key: AAM + operator: 閸鬼駝洁c奊(Ƅ謍MǍ辰T堍癩)丗 + values: + - "9" + - ESiN3 + matchLabels: + kCSDZtsm5: vVk + oBlyCq: jlh + matchLabelKeys: + - BCZ8FFbh + - A + namespaceSelector: + matchExpressions: + - key: Lsf + operator: L + values: + - a0HB + - C + - key: eoj6ic3 + operator: ż伌oA汄俔ɿ7巪娻% + matchLabels: + Cx: wwPPM + namespaces: + - 9xhG + - JAutZqe4gGeuf + - "" + topologyKey: 1a + weight: 223935020 + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: LtGRhs + operator: 棺ǔ'ɘ砒Æ擑Ɵģ + values: + - GhM4BSJqNOf + matchLabels: + "": 7Ni + matchLabelKeys: + - yxF4 + - 22RoWr + - etRteovEh9 + mismatchLabelKeys: + - 7NOfe + namespaceSelector: + matchExpressions: + - key: 3KCX2 + operator: 臞ʀ¯弄Ɨ橎琜ġ鍳¶ȣ2墛.ɮ濎ɕ磞 + values: + - 5YiE0xEC + - 4spxMd + - vUPA + matchLabels: + YHIq: nS + topologyKey: F4 + weight: 716052627 + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: "9" + operator: ĠƑȥ兾3ŶJ + - key: pPvuyWZ + operator: ;bļo刲+圊}MǏŅ惤ć + values: + - 9pMXT + - Ezwo11 + matchLabels: + 66347W: ccFxZoF9 + X: VrN5kt + mismatchLabelKeys: + - u4LyY1 + - zT + namespaceSelector: + matchExpressions: + - key: qwhutJo + operator: 垴ǞƼ + matchLabels: + OFxMkYx: lhxtM + topologyKey: WN8qbUgigF + weight: -1609734055 + - podAffinityTerm: + labelSelector: {} + matchLabelKeys: + - "" + mismatchLabelKeys: + - XnhP + - "" + - Bk + namespaceSelector: + matchExpressions: + - key: M + operator: Ǽ糨ʡ毺Ɇw + values: + - ntvI + - vs + matchLabels: + "4": 2Y2FBpcbg + namespaces: + - 1S8c + topologyKey: jxiZ4d + weight: 1993833508 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: EpKkdimp + operator: 额ƀ箰L禼aÅ顙)C舉 + - key: e2Zu7Kb + operator: t潱髦pö鵺b澁6銹 + values: + - z9n + - LdMQ + - r + matchLabels: + F: Nc + Qa2h5toVwd: GGxZ3BQ + l: Z6Rh + matchLabelKeys: + - LsCC + - dgmxxZW + mismatchLabelKeys: + - e + - Cb + - e0DAEluN + namespaceSelector: + matchLabels: + oJ56D: 33m + tkP8tO: mIkfyE6E + namespaces: + - VxN + - hbwB9 + - t + topologyKey: qag0unul + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: KAFKA_SASL_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-sasl-password + name: 0BIfuN + - name: KAFKA_PROTOBUF_GIT_BASICAUTH_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-protobuf-git-basicauth-password + name: 0BIfuN + - name: KAFKA_SASL_AWSMSKIAM_SECRETKEY + valueFrom: + secretKeyRef: + key: kafka-sasl-aws-msk-iam-secret-key + name: 0BIfuN + - name: KAFKA_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-tls-ca + - name: KAFKA_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-ca + - name: KAFKA_SCHEMAREGISTRY_TLS_CERTFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-cert + - name: KAFKA_SCHEMAREGISTRY_TLS_KEYFILEPATH + value: /etc/console/secrets/kafka-schemaregistry-tls-key + - name: KAFKA_SCHEMAREGISTRY_PASSWORD + valueFrom: + secretKeyRef: + key: kafka-schema-registry-password + name: 0BIfuN + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: 0BIfuN + - name: LOGIN_GOOGLE_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-google-oauth-client-secret + name: 0BIfuN + - name: LOGIN_GOOGLE_DIRECTORY_SERVICEACCOUNTFILEPATH + value: /etc/console/secrets/login-google-groups-service-account.json + - name: LOGIN_GITHUB_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-github-oauth-client-secret + name: 0BIfuN + - name: LOGIN_GITHUB_DIRECTORY_PERSONALACCESSTOKEN + valueFrom: + secretKeyRef: + key: login-github-personal-access-token + name: 0BIfuN + - name: LOGIN_OKTA_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-okta-client-secret + name: 0BIfuN + - name: LOGIN_OKTA_DIRECTORY_APITOKEN + valueFrom: + secretKeyRef: + key: login-okta-directory-api-token + name: 0BIfuN + - name: LOGIN_OIDC_CLIENTSECRET + valueFrom: + secretKeyRef: + key: login-oidc-client-secret + name: 0BIfuN + - name: REDPANDA_ADMINAPI_PASSWORD + valueFrom: + secretKeyRef: + key: redpanda-admin-api-password + name: 0BIfuN + - name: REDPANDA_ADMINAPI_TLS_CAFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-ca + - name: REDPANDA_ADMINAPI_TLS_KEYFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-key + - name: REDPANDA_ADMINAPI_TLS_CERTFILEPATH + value: /etc/console/secrets/redpanda-admin-api-tls-cert + envFrom: + - configMapRef: + name: GTjM + optional: true + prefix: GSbKp + secretRef: + name: vhsV8Pl5 + optional: true + - configMapRef: + name: cvXs + optional: false + prefix: cBFtb + secretRef: + name: x9N + optional: false + - configMapRef: + name: rDSrOmdL + optional: false + prefix: 0u3 + secretRef: + name: A6PG37zBJfwNR + optional: false + image: RCYS61Exfql/8ZLfmymq:4BSL9iL + imagePullPolicy: õ鴀铑û + livenessProbe: + failureThreshold: -567921134 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -507660572 + periodSeconds: 1912372611 + successThreshold: -232304560 + timeoutSeconds: 582403024 + name: console + ports: + - containerPort: 479 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 1010917423 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: -986314779 + periodSeconds: 1763110639 + successThreshold: 1473932979 + timeoutSeconds: 1291669389 + resources: + limits: + x6: "0" + requests: + eeR: "0" + l: "0" + xppI8xB: "0" + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - 趩燡º嗂{踦 + - CƮ + drop: + - 殟kĔ=ņŧɋ] + privileged: false + procMount: aŻ釯fȠ埱ɺȚ + readOnlyRootFilesystem: true + runAsGroup: 4284419790643993000 + runAsNonRoot: true + runAsUser: -4828746969388386000 + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + - mountPath: AQpWvptFEk7y + name: 99SgdOsZD + subPath: "" + - mountPath: p44 + name: U + subPath: "" + - mountPath: UiI + name: WFd + subPath: "" + - mountPath: De7 + mountPropagation: 1k噟霞ƁĹ + name: 1Z2WnghTc + subPath: Ts5Ful + subPathExpr: YyidD + - mountPath: onM7c3 + mountPropagation: m=Cɬ + name: GC5ZsY07Mr + readOnly: true + subPath: Xt + subPathExpr: r6gZk + - mountPath: 8gPjX7hc + mountPropagation: ƃ柅珚ȭ能 + name: oN + subPath: auYcD + subPathExpr: aheb25w + - args: + - kn0F9 + command: + - M + - Hph3 + - lZfWKF + env: + - name: HBWtNh10A + value: 8guE + valueFrom: + configMapKeyRef: + key: Chnm + name: UlwzEQ + optional: false + fieldRef: + apiVersion: 8pq9 + fieldPath: qpnfP4p + resourceFieldRef: + divisor: "0" + resource: L0tn + secretKeyRef: + key: J + name: gbfgF + optional: true + envFrom: + - configMapRef: + name: n32MM + optional: true + prefix: cp3 + secretRef: + name: Uc + optional: true + - configMapRef: + name: VGBL + optional: true + prefix: NTMU + secretRef: + name: CEg + optional: true + image: zIWYBi7 + imagePullPolicy: 蘂ȱʃ& + lifecycle: + postStart: + exec: + command: + - QpTcv + - MS0T0N + - wiE + httpGet: + host: ZCUJOIH + path: UsXT + port: 8nExSP2u + scheme: 'uŊ6熀: 焆 烷ʫ-Ŗ亾ɣʖ氝"肰' + sleep: + seconds: -2519616411083819500 + preStop: + exec: + command: + - rmQ7 + - GxRXQk + httpGet: + host: UIVpXMrzW + path: 4tHQ + port: 8xLK1VyM + scheme: ƳǃóɃȊ{回żz闓葊G嚥 + sleep: + seconds: 3595323074300269600 + livenessProbe: + exec: {} + failureThreshold: -882825879 + grpc: + port: 503069299 + service: W + httpGet: + host: FilCCd + path: NPZrCEq + port: 6NoPho8wIsxe + scheme: āȹ顺悩錣Xƕ灄ĿG乒 + initialDelaySeconds: 781680731 + periodSeconds: 205458 + successThreshold: 1115648780 + terminationGracePeriodSeconds: 4579765768791485400 + timeoutSeconds: -676867842 + name: 2tf + readinessProbe: + exec: + command: + - edKf + - 0U + - MFr2Oh + failureThreshold: 1812906550 + grpc: + port: -791379232 + service: IAqADBco + httpGet: + host: 55GZ + path: AQC + port: sxTXcp + scheme: ƷMg靚珨嘸ȗʒ鑉Ȝ梒ŗǐkōĕĵ鞍 + initialDelaySeconds: -130429301 + periodSeconds: 876742351 + successThreshold: -1424043483 + terminationGracePeriodSeconds: -1574530902871555300 + timeoutSeconds: 764935409 + resources: + limits: + 9eHi: "0" + rO52puR: "0" + requests: + UF8LV7N: "0" + ao: "0" + cRVsAz8v: "0" + restartPolicy: ɥ]×璳 + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - ɖ膵7&ʞíXĦx-ǰİɾ榩聨ŗ% + - DŽ熲鴼玜覲杷ȆƠ沺伤{拢 + - ɉȋʠRÂo霾噜奩ƻv$Áő + drop: + - ɑ摿愻J«ʘA宜ƹ¶ + - 餫aJ矐sǁ隑z36渢X赼 + - )ǜ鄰挺溒ŒV栜Ù涸JH-_d + privileged: false + procMount: Ito縎 + readOnlyRootFilesystem: false + runAsGroup: 2484782727894659600 + runAsNonRoot: false + runAsUser: -6936271037843915000 + startupProbe: + exec: + command: + - X + failureThreshold: -256045507 + grpc: + port: 376282302 + service: wdQrDn0 + httpGet: + host: teaO6 + path: DBHpGkYdgAJ + port: -1625640156 + scheme: Ʌ + initialDelaySeconds: 673272264 + periodSeconds: -1050905915 + successThreshold: 282500457 + terminationGracePeriodSeconds: 5768805478519710000 + timeoutSeconds: -601307290 + stdinOnce: true + terminationMessagePath: POO + terminationMessagePolicy: '#d鿂Hk閎=ɰ蜐ġOʡ蠁żǖ' + tty: true + workingDir: Z3pdGL + - args: + - a7Tqs + - UuID5t + - gRCnbjyp + env: + - name: ZV1KP + value: WrT0 + valueFrom: + configMapKeyRef: + key: zZzTgax + name: 3z3eoets + optional: true + fieldRef: + apiVersion: 88zo + fieldPath: z0vE72 + resourceFieldRef: + containerName: DF4t + divisor: "0" + resource: hfVfYFW4 + secretKeyRef: + key: I6JwpO5 + name: I88w22gsx3 + optional: true + - name: z8 + value: sgj8UHZ + valueFrom: + configMapKeyRef: + key: Q85vN + name: lYGl4 + optional: true + fieldRef: + apiVersion: oQu7 + fieldPath: TYd + resourceFieldRef: + containerName: "Y" + divisor: "0" + resource: Yx + secretKeyRef: + key: f + name: 0Pjf9YBj + optional: false + envFrom: + - configMapRef: + name: fAH + optional: false + prefix: vjjU + secretRef: + name: 9A8OgEQ9 + optional: false + image: R7L + imagePullPolicy: '}m6铤<豎ŵ,#M狥ʬo' + lifecycle: + postStart: + exec: + command: + - 2E + - gzntg + httpGet: + host: BOoVI + path: ns7ZMdNwQC + port: XF + scheme: ky咊ʅ ʂ娼ȟƐ橽ǿ唔ARɨ罙 + sleep: + seconds: -3978858376823544000 + preStop: + exec: + command: + - Hns + httpGet: + host: Lw8 + path: wdo + port: -239095421 + scheme: ƹ禍OÇ + sleep: + seconds: 3838288160382434000 + livenessProbe: + exec: + command: + - 8E + failureThreshold: -1052479375 + grpc: + port: 82058135 + service: S3UA2HwQaN + httpGet: + host: T0 + path: wYV6 + port: cEf + scheme: 斡1{嘫b葎剜屙唯皎図Ǜ錮ơxȒt駦Ƨ + initialDelaySeconds: -1976610733 + periodSeconds: 436460884 + successThreshold: -949159248 + terminationGracePeriodSeconds: 1786907735670591200 + timeoutSeconds: -2035324376 + name: 0ygO + readinessProbe: + exec: + command: + - "" + - YQ + failureThreshold: 1469514474 + grpc: + port: -1835111333 + service: 5WmTypZfT + httpGet: + host: BDf + path: ZY + port: tyrBXIqhX + scheme: 趬扬鉰昵 + initialDelaySeconds: -683847692 + periodSeconds: -95594828 + successThreshold: -1707399501 + terminationGracePeriodSeconds: 3256417681193515500 + timeoutSeconds: -2088454060 + resources: + limits: + zVX: "0" + restartPolicy: 晄d塮@ʥO%驮ÆgǍô + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ' 吓zǘa畷' + - 鲃ʍ瑘ƴɛjV艑ǔpMK杣Ġ + privileged: true + procMount: zɱÙŭǫäƿ诧聉ń醽Ƥ裩5 + readOnlyRootFilesystem: true + runAsGroup: -2381715627246700500 + runAsNonRoot: false + runAsUser: 6590063474480016000 + startupProbe: + exec: + command: + - "9" + - oRMM2F + - "" + failureThreshold: -1711876939 + grpc: + port: 1138187974 + service: OvdS + httpGet: + host: GZWJ + path: vzJeBCvGMHn7 + port: h9p1Pak + initialDelaySeconds: 447733263 + periodSeconds: 1805541821 + successThreshold: -1114184264 + terminationGracePeriodSeconds: 2730048172651207700 + timeoutSeconds: -1850805595 + terminationMessagePath: GK8 + terminationMessagePolicy: ɾDŽ÷郃ɻ玗璺,4 + volumeDevices: + - devicePath: bLf + name: UVN1o + - devicePath: fIT + name: Qiswb + - devicePath: 9b8i + name: h1 + workingDir: 1IOT + imagePullSecrets: + - name: h5x + initContainers: + - 'error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string + into Go value of type []interface {}' + nodeSelector: + ra78: fJ + priorityClassName: JhGfjGXQ + securityContext: + fsGroup: 6449559755791186000 + fsGroupChangePolicy: 慩梱ʂcƎƱ\火ɘ²ɉ_ + runAsGroup: 841256803887707600 + runAsNonRoot: true + runAsUser: -2824253868920734700 + supplementalGroups: + - 8145086042470337000 + - -5005570809576723000 + serviceAccountName: z12W + tolerations: + - key: ka + tolerationSeconds: 2857628758439265300 + value: Ohni9QGx + topologySpreadConstraints: + - labelSelector: + matchLabels: + 3Ym: o2h5aVp + yR4PPZO: 3X + matchLabelKeys: + - vCKujB + - UqCFKCN + - Xnjfai + maxSkew: -943395897 + minDomains: 1955399000 + nodeAffinityPolicy: 噙撢馥櫱m>Q脕擏w梪 + nodeTaintsPolicy: 蝚溄鑝刉=歱Mr踄 + topologyKey: cHyq + whenUnsatisfiable: Q輒ƗȈʑǯƐ| + - labelSelector: + matchLabels: + E: lyK5b9t + UuSjduy: NcK4 + fty: iP6ai + maxSkew: 1881677866 + minDomains: -561571142 + nodeAffinityPolicy: ȫ寴ī嘌.樥'ǹs + nodeTaintsPolicy: ɇ剀ǨUǜ!俛dz餂~匹呃 + topologyKey: pCHj + whenUnsatisfiable: 尘I:Ƒ匌,騸 + volumes: + - configMap: + name: 0BIfuN + name: configs + - name: secrets + secret: + secretName: 0BIfuN + - name: 99SgdOsZD + secret: + defaultMode: 500 + secretName: B6Fq + - name: U + secret: + defaultMode: 337 + secretName: DddF02 + - name: WFd + secret: + defaultMode: 246 + secretName: tz +--- +# Source: console/templates/hpa.yaml +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + creationTimestamp: null + labels: + 0HYkOrz: JCwpSW + 0TgDztQSY: P + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8dJzE + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + ztm: qegfb80 + name: 0BIfuN +spec: + maxReplicas: 292 + metrics: + - resource: + name: cpu + target: + averageUtilization: 255 + type: Utilization + type: Resource + - resource: + name: memory + target: + averageUtilization: 99 + type: Utilization + type: Resource + minReplicas: 381 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: 0BIfuN +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "0BIfuN-test-connection" + namespace: "default" + labels: + 0HYkOrz: JCwpSW + 0TgDztQSY: P + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: 8dJzE + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + ztm: qegfb80 + annotations: + "helm.sh/hook": test +spec: + imagePullSecrets: + - name: h5x + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['0BIfuN:269'] + restartPolicy: Never + priorityClassName: JhGfjGXQ +-- testdata/console-config-listen-and-target-port.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + server: + listenPort: 3333 +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 4444 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: f57fffad24d8562b91b674515ee68bfe758dbbfe634dcd2bb3497934f70538c9 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 3333 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/console-config-listen-port.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + server: + listenPort: 3333 +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: f57fffad24d8562b91b674515ee68bfe758dbbfe634dcd2bb3497934f70538c9 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 3333 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/console-with-role-bindings.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - metadata: + name: Redpanda POC + roleName: admin + subjects: + - kind: user + name: e2euser + provider: Plain +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: fb8e6e138b819f5ea3ae5c413e14f624501b139f2294e15c4f188ec463049755 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/console-with-roles-and-bindings.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + role-bindings.yaml: |- + roleBindings: + - metadata: + name: Redpanda POC + roleName: admin + subjects: + - kind: user + name: e2euser + provider: Plain + roles.yaml: |- + roles: + - name: my-role + permissions: + - allowedActions: + - '*' + excludes: + - '*' + includes: + - '*' + resource: 1234 +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: a586a304567f15fd4a79d95e15044439368fd8985e42a1a93cdcb6d0b540ed57 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/console-with-roles.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} + roles.yaml: |- + roles: + - name: my-role + permissions: + - allowedActions: + - '*' + excludes: + - '*' + includes: + - '*' + resource: 1234 +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 1afc8dfaddbbe103d0707800bfc71b4cc8f14e12334b3e22484d2b73ef5d57c0 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/custom-tag-no-registry.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: redpandadata/console:my-custom-tag + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/default-values.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/extra-init-containers.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: + - args: + - |- + set -xe + echo "Hello 3!" + command: + - /bin/bash + - -c + image: mintel/docker-alpine-bash-curl-jq:latest + name: test-init-container + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/ingress-templating.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/ingress.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + ingress: test + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +spec: + ingressClassName: null + rules: + - host: '"a-host"' + http: + paths: + - backend: + service: + name: console + port: + number: 8080 + path: / + pathType: Exact + tls: + - hosts: + - '"blah"' + secretName: my-secret +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/no-registry.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: ClusterIP +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/service-nodeport.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 2000 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: NodePort +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 2000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: +-- testdata/service-with-nodeport.yaml.golden -- +--- +# Source: console/templates/serviceaccount.yaml +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +--- +# Source: console/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +stringData: + enterprise-license: "" + kafka-protobuf-git-basicauth-password: "" + kafka-sasl-aws-msk-iam-secret-key: "" + kafka-sasl-password: "" + kafka-schema-registry-password: "" + kafka-schemaregistry-tls-ca: "" + kafka-schemaregistry-tls-cert: "" + kafka-schemaregistry-tls-key: "" + kafka-tls-ca: "" + kafka-tls-cert: "" + kafka-tls-key: "" + login-github-oauth-client-secret: "" + login-github-personal-access-token: "" + login-google-groups-service-account.json: "" + login-google-oauth-client-secret: "" + login-jwt-secret: SECRETKEY + login-oidc-client-secret: "" + login-okta-client-secret: "" + login-okta-directory-api-token: "" + redpanda-admin-api-password: "" + redpanda-admin-api-tls-ca: "" + redpanda-admin-api-tls-cert: "" + redpanda-admin-api-tls-key: "" +type: Opaque +--- +# Source: console/templates/configmap.yaml +apiVersion: v1 +data: + config.yaml: | + # from .Values.console.config + {} +kind: ConfigMap +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console +--- +# Source: console/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + annotations: + hello: world + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + ports: + - name: http + nodePort: 1000 + port: 8080 + protocol: TCP + targetPort: 0 + selector: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + type: NodePort +--- +# Source: console/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + name: console + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + strategy: {} + template: + metadata: + annotations: + checksum/config: 4f717eb67ef3f4c7e8737af0264bfe0922c76494c9ee31f7f52c63a13b02de86 + creationTimestamp: null + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/name: console + spec: + affinity: {} + automountServiceAccountToken: true + containers: + - args: + - --config.filepath=/etc/console/configs/config.yaml + command: null + env: + - name: LOGIN_JWTSECRET + valueFrom: + secretKeyRef: + key: login-jwt-secret + name: console + envFrom: [] + image: docker.redpanda.com/redpandadata/console:v2.7.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: console + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /admin/health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + runAsNonRoot: true + volumeMounts: + - mountPath: /etc/console/configs + name: configs + readOnly: true + - mountPath: /etc/console/secrets + name: secrets + readOnly: true + imagePullSecrets: [] + initContainers: [] + nodeSelector: {} + priorityClassName: "" + securityContext: + fsGroup: 99 + runAsUser: 99 + serviceAccountName: console + tolerations: [] + topologySpreadConstraints: [] + volumes: + - configMap: + name: console + name: configs + - name: secrets + secret: + secretName: console +--- +# Source: console/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: "console-test-connection" + namespace: "default" + labels: + app.kubernetes.io/instance: console + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: console + app.kubernetes.io/version: v2.7.0 + helm.sh/chart: console-0.7.29 + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['console:8080'] + restartPolicy: Never + priorityClassName: diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases.txtar b/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases.txtar new file mode 100644 index 0000000000..804cca4a6b --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/testdata/template-cases.txtar @@ -0,0 +1,136 @@ +Manually crafted test cases for TestTemplate +-- default-values -- +# Intentionally left blank. (test of default values) + +-- console-with-roles -- +# console.roles specified +console: + roles: + - name: my-role + permissions: + - resource: 1234 + includes: + - "*" + excludes: + - "*" + allowedActions: ["*"] + +-- console-with-role-bindings -- +# console.roleBindings specified +console: + roleBindings: + - roleName: admin + metadata: + name: Redpanda POC + subjects: + - kind: user + provider: Plain + name: "e2euser" + +-- console-with-roles-and-bindings -- +# console.roles and console.roleBindings both specified +console: + roles: + - name: my-role + permissions: + - resource: 1234 + includes: + - "*" + excludes: + - "*" + allowedActions: ["*"] + roleBindings: + - roleName: admin + metadata: + name: Redpanda POC + subjects: + - kind: user + provider: Plain + name: "e2euser" + +-- autoscaling-nulls -- +# Autoscaling w/ explicit nulls +autoscaling: + enabled: true + targetCPUUtilizationPercentage: null + targetMemoryUtilizationPercentage: null + +-- autoscaling-cpu -- +# Autoscaling w/ memory no cpu +autoscaling: + enabled: true + targetCPUUtilizationPercentage: null + targetMemoryUtilizationPercentage: 10 + +-- autoscaling-memory -- +# Autoscaling w/ cpu no memory +autoscaling: + enabled: true + targetCPUUtilizationPercentage: 14 + targetMemoryUtilizationPercentage: null + +-- service-nodeport -- +# Service type NodePort +service: + type: "NodePort" + targetPort: 2000 + +-- service-with-nodeport -- +# Service w/ NodePort +service: + type: "NodePort" + nodePort: 1000 + annotations: + hello: world + +-- ingress-templating -- +ingress: + enabled: true + annotations: + ingress: test + hosts: + - host: '{{ "a-host" | quote }}' + paths: + - path: / + pathType: Exact + tls: + - secretName: my-secret + hosts: + - '{{ "blah" | quote }}' + +-- no-registry -- +image: + registry: "" + +-- custom-tag-no-registry -- +image: + registry: "" + tag: my-custom-tag + +-- console-config-listen-port -- +console: + config: + server: + listenPort: 3333 + +-- console-config-listen-and-target-port -- +service: + targetPort: 4444 +console: + config: + server: + listenPort: 3333 + +-- extra-init-containers -- +# NB: Many of the generated tests have an invalid value for extraInitContainers +# as it's just a string and render an error message. This case showcases what +# valid YAML looks like. +initContainers: + extraInitContainers: |- + - name: {{ "test-init-container" | quote }} + image: "mintel/docker-alpine-bash-curl-jq:latest" + command: [ "/bin/bash", "-c" ] + args: + - | + set -xe + echo "Hello {{ add 1 2 }}!" diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/values.go b/charts/redpanda/redpanda/5.9.4/charts/console/values.go new file mode 100644 index 0000000000..0a855af598 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/values.go @@ -0,0 +1,215 @@ +// +gotohelm:ignore=true +package console + +import ( + _ "embed" + + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + networkingv1 "k8s.io/api/networking/v1" +) + +var ( + //go:embed values.yaml + DefaultValuesYAML []byte + + //go:embed values.schema.json + ValuesSchemaJSON []byte +) + +type Values struct { + ReplicaCount int32 `json:"replicaCount"` + Image Image `json:"image"` + ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets"` + NameOverride string `json:"nameOverride"` + FullnameOverride string `json:"fullnameOverride"` + AutomountServiceAccountToken bool `json:"automountServiceAccountToken"` + ServiceAccount ServiceAccountConfig `json:"serviceAccount"` + CommonLabels map[string]string `json:"commonLabels"` + Annotations map[string]string `json:"annotations"` + PodAnnotations map[string]string `json:"podAnnotations"` + PodLabels map[string]string `json:"podLabels"` + PodSecurityContext corev1.PodSecurityContext `json:"podSecurityContext"` + SecurityContext corev1.SecurityContext `json:"securityContext"` + Service ServiceConfig `json:"service"` + Ingress IngressConfig `json:"ingress"` + Resources corev1.ResourceRequirements `json:"resources"` + Autoscaling AutoScaling `json:"autoscaling"` + NodeSelector map[string]string `json:"nodeSelector"` + Tolerations []corev1.Toleration `json:"tolerations"` + Affinity corev1.Affinity `json:"affinity"` + TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints"` + PriorityClassName string `json:"priorityClassName"` + Console Console `json:"console"` + ExtraEnv []corev1.EnvVar `json:"extraEnv"` + ExtraEnvFrom []corev1.EnvFromSource `json:"extraEnvFrom"` + ExtraVolumes []corev1.Volume `json:"extraVolumes"` + ExtraVolumeMounts []corev1.VolumeMount `json:"extraVolumeMounts"` + ExtraContainers []corev1.Container `json:"extraContainers"` + InitContainers InitContainers `json:"initContainers"` + SecretMounts []SecretMount `json:"secretMounts"` + Secret SecretConfig `json:"secret"` + Enterprise Enterprise `json:"enterprise"` + LivenessProbe corev1.Probe `json:"livenessProbe"` + ReadinessProbe corev1.Probe `json:"readinessProbe"` + ConfigMap Creatable `json:"configmap"` + Deployment DeploymentConfig `json:"deployment"` + Strategy appsv1.DeploymentStrategy `json:"strategy"` + Tests Enableable `json:"tests"` +} + +type DeploymentConfig struct { + Create bool `json:"create"` + Command []string `json:"command,omitempty"` + ExtraArgs []string `json:"extraArgs,omitempty"` +} + +type Enterprise struct { + LicenseSecretRef SecretKeyRef `json:"licenseSecretRef"` +} + +type ServiceAccountConfig struct { + Create bool `json:"create"` + AutomountServiceAccountToken bool `json:"automountServiceAccountToken"` + Annotations map[string]string `json:"annotations"` + Name string `json:"name"` +} + +type ServiceConfig struct { + Type corev1.ServiceType `json:"type"` + Port int32 `json:"port"` + NodePort *int32 `json:"nodePort,omitempty"` + TargetPort *int32 `json:"targetPort"` + Annotations map[string]string `json:"annotations"` +} + +type IngressConfig struct { + Enabled bool `json:"enabled"` + ClassName *string `json:"className"` + Annotations map[string]string `json:"annotations"` + Hosts []IngressHost `json:"hosts"` + TLS []networkingv1.IngressTLS `json:"tls"` +} + +type IngressHost struct { + Host string `json:"host"` + Paths []IngressPath `json:"paths"` +} + +type IngressPath struct { + Path string `json:"path"` + PathType *networkingv1.PathType `json:"pathType"` +} + +type AutoScaling struct { + Enabled bool `json:"enabled"` + MinReplicas int32 `json:"minReplicas"` + MaxReplicas int32 `json:"maxReplicas"` + TargetCPUUtilizationPercentage *int32 `json:"targetCPUUtilizationPercentage"` + TargetMemoryUtilizationPercentage *int32 `json:"targetMemoryUtilizationPercentage,omitempty"` +} + +// TODO the typing of these values are unclear. All of them get marshalled to +// YAML and then run through tpl which gives no indication of what they are +// aside from YAML marshal-able. +type Console struct { + Config map[string]any `json:"config"` + Roles []map[string]any `json:"roles,omitempty"` + RoleBindings []map[string]any `json:"roleBindings,omitempty"` +} + +type InitContainers struct { + ExtraInitContainers *string `json:"extraInitContainers"` // XXX Templated YAML +} + +type SecretConfig struct { + Create bool `json:"create"` + Kafka KafkaSecrets `json:"kafka"` + Login LoginSecrets `json:"login"` + Enterprise EnterpriseSecrets `json:"enterprise"` + Redpanda RedpandaSecrets `json:"redpanda"` +} + +type SecretMount struct { + Name string `json:"name"` + SecretName string `json:"secretName"` + Path string `json:"path"` + SubPath *string `json:"subPath,omitempty"` + DefaultMode *int32 `json:"defaultMode"` +} + +type KafkaSecrets struct { + SASLPassword *string `json:"saslPassword,omitempty"` + AWSMSKIAMSecretKey *string `json:"awsMskIamSecretKey,omitempty"` + TLSCA *string `json:"tlsCa,omitempty"` + TLSCert *string `json:"tlsCert,omitempty"` + TLSKey *string `json:"tlsKey,omitempty"` + TLSPassphrase *string `json:"tlsPassphrase,omitempty"` + SchemaRegistryPassword *string `json:"schemaRegistryPassword,omitempty"` + SchemaRegistryTLSCA *string `json:"schemaRegistryTlsCa,omitempty"` + SchemaRegistryTLSCert *string `json:"schemaRegistryTlsCert,omitempty"` + SchemaRegistryTLSKey *string `json:"schemaRegistryTlsKey,omitempty"` + ProtobufGitBasicAuthPassword *string `json:"protobufGitBasicAuthPassword,omitempty"` +} + +type LoginSecrets struct { + JWTSecret string `json:"jwtSecret"` + Google GoogleLoginSecrets `json:"google"` + Github GithubLoginSecrets `json:"github"` + Okta OktaLoginSecrets `json:"okta"` + OIDC OIDCLoginSecrets `json:"oidc"` +} + +type GoogleLoginSecrets struct { + ClientSecret *string `json:"clientSecret,omitempty"` + GroupsServiceAccount *string `json:"groupsServiceAccount,omitempty"` +} + +type GithubLoginSecrets struct { + ClientSecret *string `json:"clientSecret,omitempty"` + PersonalAccessToken *string `json:"personalAccessToken,omitempty"` +} + +type OktaLoginSecrets struct { + ClientSecret *string `json:"clientSecret,omitempty"` + DirectoryAPIToken *string `json:"directoryApiToken,omitempty"` +} + +type OIDCLoginSecrets struct { + ClientSecret *string `json:"clientSecret,omitempty"` +} + +type EnterpriseSecrets struct { + License *string `json:"License,omitempty"` +} + +type RedpandaSecrets struct { + AdminAPI RedpandaAdminAPISecrets `json:"adminApi"` +} + +type RedpandaAdminAPISecrets struct { + Password *string `json:"password,omitempty"` + TLSCA *string `json:"tlsCa,omitempty"` + TLSCert *string `json:"tlsCert,omitempty"` + TLSKey *string `json:"tlsKey,omitempty"` +} + +type SecretKeyRef struct { + Name string `json:"name"` + Key string `json:"key"` +} + +type Enableable struct { + Enabled bool `json:"enabled"` +} + +type Creatable struct { + Create bool `json:"create"` +} + +type Image struct { + Registry string `json:"registry"` + Repository string `json:"repository"` + PullPolicy corev1.PullPolicy `json:"pullPolicy"` + Tag *string `json:"tag"` +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/values.schema.json b/charts/redpanda/redpanda/5.9.4/charts/console/values.schema.json new file mode 100644 index 0000000000..f4f369e98a --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/values.schema.json @@ -0,0 +1,323 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "required": [ + "image" + ], + "properties": { + "affinity": { + "type": "object" + }, + "autoscaling": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxReplicas": { + "type": "integer" + }, + "minReplicas": { + "type": "integer" + }, + "targetCPUUtilizationPercentage": { + "type": "integer" + } + } + }, + "configmap": { + "type": "object", + "properties": { + "create": { + "type": "boolean" + } + } + }, + "console": { + "type": "object" + }, + "deployment": { + "type": "object", + "properties": { + "create": { + "type": "boolean" + } + } + }, + "extraContainers": { + "type": "array" + }, + "extraEnv": { + "type": "array" + }, + "extraEnvFrom": { + "type": "array" + }, + "extraVolumeMounts": { + "type": "array" + }, + "extraVolumes": { + "type": "array" + }, + "fullnameOverride": { + "type": "string" + }, + "image": { + "type": "object", + "required": [ + "repository" + ], + "properties": { + "pullPolicy": { + "type": "string" + }, + "registry": { + "type": "string" + }, + "repository": { + "type": "string", + "minLength": 1 + }, + "tag": { + "type": "string" + } + } + }, + "imagePullSecrets": { + "type": "array" + }, + "ingress": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "className": { + "type": ["string", "null"] + }, + "enabled": { + "type": "boolean" + }, + "hosts": { + "type": "array", + "items": { + "type": "object", + "properties": { + "host": { + "type": "string" + }, + "paths": { + "type": "array", + "items": { + "type": "object", + "properties": { + "path": { + "type": "string" + }, + "pathType": { + "type": "string" + } + } + } + } + } + } + }, + "tls": { + "type": "array" + } + } + }, + "livenessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer" + }, + "initialDelaySeconds": { + "type": "integer" + }, + "periodSeconds": { + "type": "integer" + }, + "successThreshold": { + "type": "integer" + }, + "timeoutSeconds": { + "type": "integer" + } + } + }, + "nameOverride": { + "type": "string" + }, + "nodeSelector": { + "type": "object" + }, + "annotations": { + "type": "object" + }, + "podAnnotations": { + "type": "object" + }, + "podSecurityContext": { + "type": "object", + "properties": { + "fsGroup": { + "type": "integer" + }, + "runAsUser": { + "type": "integer" + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer" + }, + "initialDelaySeconds": { + "type": "integer" + }, + "periodSeconds": { + "type": "integer" + }, + "successThreshold": { + "type": "integer" + }, + "timeoutSeconds": { + "type": "integer" + } + } + }, + "replicaCount": { + "type": "integer" + }, + "resources": { + "type": "object" + }, + "secret": { + "type": "object", + "properties": { + "create": { + "type": "boolean" + }, + "enterprise": { + "type": "object" + }, + "kafka": { + "type": "object" + }, + "login": { + "type": "object", + "properties": { + "jwtSecret": { + "type": "string" + }, + "github": { + "type": "object" + }, + "google": { + "type": "object" + }, + "oidc": { + "type": "object" + }, + "okta": { + "type": "object" + } + } + }, + "redpanda": { + "type": "object", + "properties": { + "adminApi": { + "type": "object" + } + } + } + } + }, + "secretMounts": { + "type": "array" + }, + "securityContext": { + "type": "object", + "properties": { + "runAsNonRoot": { + "type": "boolean" + } + } + }, + "service": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "port": { + "type": "integer" + }, + "nodePort": { + "type": "integer" + }, + "targetPort": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + }, + "type": { + "type": "string" + } + } + }, + "automountServiceAccountToken": { + "type": "boolean" + }, + "serviceAccount": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "create": { + "type": "boolean" + }, + "automountServiceAccountToken": { + "type": "boolean" + }, + "name": { + "type": "string" + } + } + }, + "tolerations": { + "type": "array" + }, + "initContainers": { + "type": "object", + "properties": { + "extraInitContainers": { + "type": "string" + } + } + }, + "strategy": { + "type": "object" + }, + "tests": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + } + } + } + } +} diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/values.yaml b/charts/redpanda/redpanda/5.9.4/charts/console/values.yaml new file mode 100644 index 0000000000..4825fc4876 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/values.yaml @@ -0,0 +1,279 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for console. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +# -- Redpanda Console Docker image settings. +image: + registry: docker.redpanda.com + # -- Docker repository from which to pull the Redpanda Docker image. + repository: redpandadata/console + # -- The imagePullPolicy. + pullPolicy: IfNotPresent + # -- The Redpanda Console version. + # See DockerHub for: + # [All stable versions](https://hub.docker.com/r/redpandadata/console/tags) + # and [all unstable versions](https://hub.docker.com/r/redpandadata/console-unstable/tags). + # @default -- `Chart.appVersion` + tag: "" + +# -- Pull secrets may be used to provide credentials to image repositories +# See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +imagePullSecrets: [] + +# -- Override `console.name` template. +nameOverride: "" +# -- Override `console.fullname` template. +fullnameOverride: "" + +# -- Automount API credentials for the Service Account into the pod. +automountServiceAccountToken: true + +serviceAccount: + # -- Specifies whether a service account should be created. + create: true + # -- Specifies whether a service account should automount API-Credentials + automountServiceAccountToken: true + # -- Annotations to add to the service account. + annotations: {} + # -- The name of the service account to use. + # If not set and `serviceAccount.create` is `true`, + # a name is generated using the `console.fullname` template + name: "" + +# Common labels to add to all the pods +commonLabels: {} + +# -- Annotations to add to the deployment. +annotations: {} + +podAnnotations: {} + +podLabels: {} + +podSecurityContext: + runAsUser: 99 + fsGroup: 99 + +securityContext: + runAsNonRoot: true + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + # nodePort: 30001 + # -- Override the value in `console.config.server.listenPort` if not `nil` + targetPort: + annotations: {} + +ingress: + enabled: false + className: + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as minikube. If you want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +topologySpreadConstraints: [] + +# -- PriorityClassName given to Pods. +# For details, +# see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). +priorityClassName: "" + +console: + # -- Settings for the `Config.yaml` (required). + # For a reference of configuration settings, + # see the [Redpanda Console documentation](https://docs.redpanda.com/docs/reference/console/config/). + config: {} + # roles: + # roleBindings: + +# -- Additional environment variables for the Redpanda Console Deployment. +extraEnv: [] + # - name: KAFKA_RACKID + # value: "1" + +# -- Additional environment variables for Redpanda Console mapped from Secret or ConfigMap. +extraEnvFrom: [] +# - secretRef: +# name: kowl-config-secret + +# -- Add additional volumes, such as for TLS keys. +extraVolumes: [] +# - name: kafka-certs +# secret: +# secretName: kafka-certs +# - name: config +# configMap: +# name: console-config + +# -- Add additional volume mounts, such as for TLS keys. +extraVolumeMounts: [] +# - name: kafka-certs # Must match the volume name +# mountPath: /etc/kafka/certs +# readOnly: true + +# -- Add additional containers, such as for oauth2-proxy. +extraContainers: [] + +# -- Any initContainers defined should be written here +initContainers: + # -- Additional set of init containers + extraInitContainers: |- +# - name: "test-init-container" +# image: "mintel/docker-alpine-bash-curl-jq:latest" +# command: [ "/bin/bash", "-c" ] +# args: +# - | +# set -xe +# echo "Hello World!" + +# -- SecretMounts is an abstraction to make a Secret available in the container's filesystem. +# Under the hood it creates a volume and a volume mount for the Redpanda Console container. +secretMounts: [] +# - name: kafka-certs +# secretName: kafka-certs +# path: /etc/console/certs +# defaultMode: 0755 + +# -- Create a new Kubernetes Secret for all sensitive configuration inputs. +# Each provided Secret is mounted automatically and made available to the +# Pod. +# If you want to use one or more existing Secrets, +# you can use the `extraEnvFrom` list to mount environment variables from string and secretMounts to mount files such as Certificates from Secrets. +secret: + create: true + + # Secret values in case you want the chart to create a Secret. All Certificates are mounted + # as files and the path to those files are configured through environment variables so + # that Console can automatically pick them up. + # -- Kafka Secrets. + kafka: {} + # saslPassword: + # awsMskIamSecretKey: + # tlsCa: + # tlsCert: + # tlsKey: + # tlsPassphrase: + # schemaRegistryPassword: + # schemaRegistryTlsCa: + # schemaRegistryTlsCert: + # schemaRegistryTlsKey: + # protobufGitBasicAuthPassword + # Enterprise version secrets + # - SSO secrets (Enterprise version). + login: + # Configurable JWT value + jwtSecret: "" + google: {} + # clientSecret: + # groupsServiceAccount: + github: {} + # clientSecret: + # personalAccessToken: + okta: {} + # clientSecret: + # directoryApiToken: + oidc: {} + # clientSecret: + + enterprise: {} + # license: + + redpanda: + adminApi: {} + # password: + # tlsCa: + # tlsCert: + # tlsKey: + +# -- Settings for license key, as an alternative to secret.enterprise when +# a license secret is available +enterprise: + licenseSecretRef: + name: "" + key: "" + +# -- Settings for liveness and readiness probes. +# For details, +# see the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes). +livenessProbe: + # initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + +readinessProbe: + # -- Grant time to test connectivity to upstream services such as Kafka and Schema Registry. + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + +configmap: + create: true +deployment: + create: true + +strategy: {} + +tests: + enabled: true diff --git a/charts/redpanda/redpanda/5.9.4/charts/console/values_partial.gen.go b/charts/redpanda/redpanda/5.9.4/charts/console/values_partial.gen.go new file mode 100644 index 0000000000..723065a25c --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/charts/console/values_partial.gen.go @@ -0,0 +1,206 @@ +//go:build !generate + +// +gotohelm:ignore=true +// +// Code generated by genpartial DO NOT EDIT. +package console + +import ( + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + networkingv1 "k8s.io/api/networking/v1" +) + +type PartialValues struct { + ReplicaCount *int32 "json:\"replicaCount,omitempty\"" + Image *PartialImage "json:\"image,omitempty\"" + ImagePullSecrets []corev1.LocalObjectReference "json:\"imagePullSecrets,omitempty\"" + NameOverride *string "json:\"nameOverride,omitempty\"" + FullnameOverride *string "json:\"fullnameOverride,omitempty\"" + AutomountServiceAccountToken *bool "json:\"automountServiceAccountToken,omitempty\"" + ServiceAccount *PartialServiceAccountConfig "json:\"serviceAccount,omitempty\"" + CommonLabels map[string]string "json:\"commonLabels,omitempty\"" + Annotations map[string]string "json:\"annotations,omitempty\"" + PodAnnotations map[string]string "json:\"podAnnotations,omitempty\"" + PodLabels map[string]string "json:\"podLabels,omitempty\"" + PodSecurityContext *corev1.PodSecurityContext "json:\"podSecurityContext,omitempty\"" + SecurityContext *corev1.SecurityContext "json:\"securityContext,omitempty\"" + Service *PartialServiceConfig "json:\"service,omitempty\"" + Ingress *PartialIngressConfig "json:\"ingress,omitempty\"" + Resources *corev1.ResourceRequirements "json:\"resources,omitempty\"" + Autoscaling *PartialAutoScaling "json:\"autoscaling,omitempty\"" + NodeSelector map[string]string "json:\"nodeSelector,omitempty\"" + Tolerations []corev1.Toleration "json:\"tolerations,omitempty\"" + Affinity *corev1.Affinity "json:\"affinity,omitempty\"" + TopologySpreadConstraints []corev1.TopologySpreadConstraint "json:\"topologySpreadConstraints,omitempty\"" + PriorityClassName *string "json:\"priorityClassName,omitempty\"" + Console *PartialConsole "json:\"console,omitempty\"" + ExtraEnv []corev1.EnvVar "json:\"extraEnv,omitempty\"" + ExtraEnvFrom []corev1.EnvFromSource "json:\"extraEnvFrom,omitempty\"" + ExtraVolumes []corev1.Volume "json:\"extraVolumes,omitempty\"" + ExtraVolumeMounts []corev1.VolumeMount "json:\"extraVolumeMounts,omitempty\"" + ExtraContainers []corev1.Container "json:\"extraContainers,omitempty\"" + InitContainers *PartialInitContainers "json:\"initContainers,omitempty\"" + SecretMounts []PartialSecretMount "json:\"secretMounts,omitempty\"" + Secret *PartialSecretConfig "json:\"secret,omitempty\"" + Enterprise *PartialEnterprise "json:\"enterprise,omitempty\"" + LivenessProbe *corev1.Probe "json:\"livenessProbe,omitempty\"" + ReadinessProbe *corev1.Probe "json:\"readinessProbe,omitempty\"" + ConfigMap *PartialCreatable "json:\"configmap,omitempty\"" + Deployment *PartialDeploymentConfig "json:\"deployment,omitempty\"" + Strategy *appsv1.DeploymentStrategy "json:\"strategy,omitempty\"" + Tests *PartialEnableable "json:\"tests,omitempty\"" +} + +type PartialImage struct { + Registry *string "json:\"registry,omitempty\"" + Repository *string "json:\"repository,omitempty\"" + PullPolicy *corev1.PullPolicy "json:\"pullPolicy,omitempty\"" + Tag *string "json:\"tag,omitempty\"" +} + +type PartialServiceAccountConfig struct { + Create *bool "json:\"create,omitempty\"" + AutomountServiceAccountToken *bool "json:\"automountServiceAccountToken,omitempty\"" + Annotations map[string]string "json:\"annotations,omitempty\"" + Name *string "json:\"name,omitempty\"" +} + +type PartialServiceConfig struct { + Type *corev1.ServiceType "json:\"type,omitempty\"" + Port *int32 "json:\"port,omitempty\"" + NodePort *int32 "json:\"nodePort,omitempty\"" + TargetPort *int32 "json:\"targetPort,omitempty\"" + Annotations map[string]string "json:\"annotations,omitempty\"" +} + +type PartialIngressConfig struct { + Enabled *bool "json:\"enabled,omitempty\"" + ClassName *string "json:\"className,omitempty\"" + Annotations map[string]string "json:\"annotations,omitempty\"" + Hosts []PartialIngressHost "json:\"hosts,omitempty\"" + TLS []networkingv1.IngressTLS "json:\"tls,omitempty\"" +} + +type PartialAutoScaling struct { + Enabled *bool "json:\"enabled,omitempty\"" + MinReplicas *int32 "json:\"minReplicas,omitempty\"" + MaxReplicas *int32 "json:\"maxReplicas,omitempty\"" + TargetCPUUtilizationPercentage *int32 "json:\"targetCPUUtilizationPercentage,omitempty\"" + TargetMemoryUtilizationPercentage *int32 "json:\"targetMemoryUtilizationPercentage,omitempty\"" +} + +type PartialConsole struct { + Config map[string]any "json:\"config,omitempty\"" + Roles []map[string]any "json:\"roles,omitempty\"" + RoleBindings []map[string]any "json:\"roleBindings,omitempty\"" +} + +type PartialInitContainers struct { + ExtraInitContainers *string "json:\"extraInitContainers,omitempty\"" +} + +type PartialSecretConfig struct { + Create *bool "json:\"create,omitempty\"" + Kafka *PartialKafkaSecrets "json:\"kafka,omitempty\"" + Login *PartialLoginSecrets "json:\"login,omitempty\"" + Enterprise *PartialEnterpriseSecrets "json:\"enterprise,omitempty\"" + Redpanda *PartialRedpandaSecrets "json:\"redpanda,omitempty\"" +} + +type PartialEnterprise struct { + LicenseSecretRef *PartialSecretKeyRef "json:\"licenseSecretRef,omitempty\"" +} + +type PartialCreatable struct { + Create *bool "json:\"create,omitempty\"" +} + +type PartialDeploymentConfig struct { + Create *bool "json:\"create,omitempty\"" + Command []string "json:\"command,omitempty\"" + ExtraArgs []string "json:\"extraArgs,omitempty\"" +} + +type PartialEnableable struct { + Enabled *bool "json:\"enabled,omitempty\"" +} + +type PartialSecretMount struct { + Name *string "json:\"name,omitempty\"" + SecretName *string "json:\"secretName,omitempty\"" + Path *string "json:\"path,omitempty\"" + SubPath *string "json:\"subPath,omitempty\"" + DefaultMode *int32 "json:\"defaultMode,omitempty\"" +} + +type PartialKafkaSecrets struct { + SASLPassword *string "json:\"saslPassword,omitempty\"" + AWSMSKIAMSecretKey *string "json:\"awsMskIamSecretKey,omitempty\"" + TLSCA *string "json:\"tlsCa,omitempty\"" + TLSCert *string "json:\"tlsCert,omitempty\"" + TLSKey *string "json:\"tlsKey,omitempty\"" + TLSPassphrase *string "json:\"tlsPassphrase,omitempty\"" + SchemaRegistryPassword *string "json:\"schemaRegistryPassword,omitempty\"" + SchemaRegistryTLSCA *string "json:\"schemaRegistryTlsCa,omitempty\"" + SchemaRegistryTLSCert *string "json:\"schemaRegistryTlsCert,omitempty\"" + SchemaRegistryTLSKey *string "json:\"schemaRegistryTlsKey,omitempty\"" + ProtobufGitBasicAuthPassword *string "json:\"protobufGitBasicAuthPassword,omitempty\"" +} + +type PartialLoginSecrets struct { + JWTSecret *string "json:\"jwtSecret,omitempty\"" + Google *PartialGoogleLoginSecrets "json:\"google,omitempty\"" + Github *PartialGithubLoginSecrets "json:\"github,omitempty\"" + Okta *PartialOktaLoginSecrets "json:\"okta,omitempty\"" + OIDC *PartialOIDCLoginSecrets "json:\"oidc,omitempty\"" +} + +type PartialEnterpriseSecrets struct { + License *string "json:\"License,omitempty\"" +} + +type PartialRedpandaSecrets struct { + AdminAPI *PartialRedpandaAdminAPISecrets "json:\"adminApi,omitempty\"" +} + +type PartialSecretKeyRef struct { + Name *string "json:\"name,omitempty\"" + Key *string "json:\"key,omitempty\"" +} + +type PartialIngressHost struct { + Host *string "json:\"host,omitempty\"" + Paths []PartialIngressPath "json:\"paths,omitempty\"" +} + +type PartialGoogleLoginSecrets struct { + ClientSecret *string "json:\"clientSecret,omitempty\"" + GroupsServiceAccount *string "json:\"groupsServiceAccount,omitempty\"" +} + +type PartialGithubLoginSecrets struct { + ClientSecret *string "json:\"clientSecret,omitempty\"" + PersonalAccessToken *string "json:\"personalAccessToken,omitempty\"" +} + +type PartialOktaLoginSecrets struct { + ClientSecret *string "json:\"clientSecret,omitempty\"" + DirectoryAPIToken *string "json:\"directoryApiToken,omitempty\"" +} + +type PartialOIDCLoginSecrets struct { + ClientSecret *string "json:\"clientSecret,omitempty\"" +} + +type PartialRedpandaAdminAPISecrets struct { + Password *string "json:\"password,omitempty\"" + TLSCA *string "json:\"tlsCa,omitempty\"" + TLSCert *string "json:\"tlsCert,omitempty\"" + TLSKey *string "json:\"tlsKey,omitempty\"" +} + +type PartialIngressPath struct { + Path *string "json:\"path,omitempty\"" + PathType *networkingv1.PathType "json:\"pathType,omitempty\"" +} diff --git a/charts/redpanda/redpanda/5.9.4/templates/NOTES.txt b/charts/redpanda/redpanda/5.9.4/templates/NOTES.txt new file mode 100644 index 0000000000..6992f8e36d --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/NOTES.txt @@ -0,0 +1,26 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- $warnings := (get ((include "redpanda.Warnings" (dict "a" (list .))) | fromJson) "r") }} +{{- range $_, $warning := $warnings }} +{{ $warning }} +{{- end }} + +{{- $notes := (get ((include "redpanda.Notes" (dict "a" (list .))) | fromJson) "r") }} +{{- range $_, $note := $notes }} +{{ $note }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/_cert-issuers.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_cert-issuers.go.tpl new file mode 100644 index 0000000000..ce5bf092a5 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_cert-issuers.go.tpl @@ -0,0 +1,57 @@ +{{- /* Generated from "cert_issuers.go" */ -}} + +{{- define "redpanda.CertIssuers" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "redpanda.certIssuersAndCAs" (dict "a" (list $dot) ))) "r")) ))) "r") -}} +{{- $issuers := $tmp_tuple_1.T1 -}} +{{- $_is_returning = true -}} +{{- (dict "r" $issuers) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RootCAs" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "redpanda.certIssuersAndCAs" (dict "a" (list $dot) ))) "r")) ))) "r") -}} +{{- $cas := $tmp_tuple_2.T2 -}} +{{- $_is_returning = true -}} +{{- (dict "r" $cas) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.certIssuersAndCAs" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $issuers := (coalesce nil) -}} +{{- $certs := (coalesce nil) -}} +{{- if (not (get (fromJson (include "redpanda.TLSEnabled" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $issuers $certs)) | toJson -}} +{{- break -}} +{{- end -}} +{{- range $name, $data := $values.tls.certs -}} +{{- if (or (not (empty $data.secretRef)) (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $data.enabled true) ))) "r"))) -}} +{{- continue -}} +{{- end -}} +{{- if (eq $data.issuerRef (coalesce nil)) -}} +{{- $issuers = (concat (default (list ) $issuers) (list (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "cert-manager.io/v1" "kind" "Issuer" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf `%s-%s-selfsigned-issuer` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $name) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "selfSigned" (mustMergeOverwrite (dict ) (dict )) )) (dict )) )))) -}} +{{- end -}} +{{- $issuers = (concat (default (list ) $issuers) (list (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "cert-manager.io/v1" "kind" "Issuer" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf `%s-%s-root-issuer` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $name) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "ca" (mustMergeOverwrite (dict "secretName" "" ) (dict "secretName" (printf `%s-%s-root-certificate` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $name) )) )) (dict )) )))) -}} +{{- $certs = (concat (default (list ) $certs) (list (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "secretName" "" "issuerRef" (dict "name" "" ) ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "cert-manager.io/v1" "kind" "Certificate" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf `%s-%s-root-certificate` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $name) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict "secretName" "" "issuerRef" (dict "name" "" ) ) (dict "duration" (default "43800h" $data.duration) "isCA" true "commonName" (printf `%s-%s-root-certificate` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $name) "secretName" (printf `%s-%s-root-certificate` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $name) "privateKey" (mustMergeOverwrite (dict ) (dict "algorithm" "ECDSA" "size" (256 | int) )) "issuerRef" (mustMergeOverwrite (dict "name" "" ) (dict "name" (printf `%s-%s-selfsigned-issuer` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $name) "kind" "Issuer" "group" "cert-manager.io" )) )) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $issuers $certs)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_certs.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_certs.go.tpl new file mode 100644 index 0000000000..b8d1160e5a --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_certs.go.tpl @@ -0,0 +1,71 @@ +{{- /* Generated from "certs.go" */ -}} + +{{- define "redpanda.ClientCerts" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (not (get (fromJson (include "redpanda.TLSEnabled" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list )) | toJson -}} +{{- break -}} +{{- end -}} +{{- $values := $dot.Values.AsMap -}} +{{- $fullname := (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") -}} +{{- $service := (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r") -}} +{{- $ns := $dot.Release.Namespace -}} +{{- $domain := (trimSuffix "." $values.clusterDomain) -}} +{{- $certs := (coalesce nil) -}} +{{- range $name, $data := $values.tls.certs -}} +{{- if (or (not (empty $data.secretRef)) (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $data.enabled true) ))) "r"))) -}} +{{- continue -}} +{{- end -}} +{{- $names := (coalesce nil) -}} +{{- if (or (eq $data.issuerRef (coalesce nil)) (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $data.applyInternalDNSNames false) ))) "r")) -}} +{{- $names = (concat (default (list ) $names) (list (printf "%s-cluster.%s.%s.svc.%s" $fullname $service $ns $domain))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "%s-cluster.%s.%s.svc" $fullname $service $ns))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "%s-cluster.%s.%s" $fullname $service $ns))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "*.%s-cluster.%s.%s.svc.%s" $fullname $service $ns $domain))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "*.%s-cluster.%s.%s.svc" $fullname $service $ns))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "*.%s-cluster.%s.%s" $fullname $service $ns))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "%s.%s.svc.%s" $service $ns $domain))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "%s.%s.svc" $service $ns))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "%s.%s" $service $ns))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "*.%s.%s.svc.%s" $service $ns $domain))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "*.%s.%s.svc" $service $ns))) -}} +{{- $names = (concat (default (list ) $names) (list (printf "*.%s.%s" $service $ns))) -}} +{{- end -}} +{{- if (ne $values.external.domain (coalesce nil)) -}} +{{- $names = (concat (default (list ) $names) (list (tpl $values.external.domain $dot))) -}} +{{- $names = (concat (default (list ) $names) (list (tpl (printf "*.%s" $values.external.domain) $dot))) -}} +{{- end -}} +{{- $duration := (default "43800h" $data.duration) -}} +{{- $issuerRef := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $data.issuerRef (mustMergeOverwrite (dict "name" "" ) (dict "kind" "Issuer" "group" "cert-manager.io" "name" (printf "%s-%s-root-issuer" $fullname $name) ))) ))) "r") -}} +{{- $certs = (concat (default (list ) $certs) (list (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "secretName" "" "issuerRef" (dict "name" "" ) ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "cert-manager.io/v1" "kind" "Certificate" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-%s-cert" $fullname $name) "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace )) "spec" (mustMergeOverwrite (dict "secretName" "" "issuerRef" (dict "name" "" ) ) (dict "dnsNames" $names "duration" $duration "isCA" false "issuerRef" $issuerRef "secretName" (printf "%s-%s-cert" $fullname $name) "privateKey" (mustMergeOverwrite (dict ) (dict "algorithm" "ECDSA" "size" (256 | int) )) )) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $name := $values.listeners.kafka.tls.cert -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $values.tls.certs $name (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_1.T2 -}} +{{- $data := $tmp_tuple_1.T1 -}} +{{- if (not $ok) -}} +{{- $_ := (fail (printf "Certificate %q referenced but not defined" $name)) -}} +{{- end -}} +{{- if (or (not (empty $data.secretRef)) (not (get (fromJson (include "redpanda.ClientAuthRequired" (dict "a" (list $dot) ))) "r"))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $certs) | toJson -}} +{{- break -}} +{{- end -}} +{{- $issuerRef := (mustMergeOverwrite (dict "name" "" ) (dict "group" "cert-manager.io" "kind" "Issuer" "name" (printf "%s-%s-root-issuer" $fullname $name) )) -}} +{{- if (ne $data.issuerRef (coalesce nil)) -}} +{{- $issuerRef = $data.issuerRef -}} +{{- $_ := (set $issuerRef "group" "cert-manager.io") -}} +{{- end -}} +{{- $duration := (default "43800h" $data.duration) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $certs) (list (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "secretName" "" "issuerRef" (dict "name" "" ) ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "cert-manager.io/v1" "kind" "Certificate" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-client" $fullname) "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict "secretName" "" "issuerRef" (dict "name" "" ) ) (dict "commonName" (printf "%s-client" $fullname) "duration" $duration "isCA" false "secretName" (printf "%s-client" $fullname) "privateKey" (mustMergeOverwrite (dict ) (dict "algorithm" "ECDSA" "size" (256 | int) )) "issuerRef" $issuerRef )) ))))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_configmap.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_configmap.go.tpl new file mode 100644 index 0000000000..e511390321 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_configmap.go.tpl @@ -0,0 +1,494 @@ +{{- /* Generated from "configmap.tpl.go" */ -}} + +{{- define "redpanda.ConfigMaps" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $cms := (list (get (fromJson (include "redpanda.RedpandaConfigMap" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.RPKProfile" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $cms) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaConfigMap" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "kind" "ConfigMap" "apiVersion" "v1" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "data" (dict "bootstrap.yaml" (get (fromJson (include "redpanda.BootstrapFile" (dict "a" (list $dot) ))) "r") "redpanda.yaml" (get (fromJson (include "redpanda.RedpandaConfigFile" (dict "a" (list $dot true) ))) "r") ) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.BootstrapFile" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $bootstrap := (dict "kafka_enable_authorization" (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r") "enable_sasl" (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r") "enable_rack_awareness" $values.rackAwareness.enabled "storage_min_free_bytes" ((get (fromJson (include "redpanda.Storage.StorageMinFreeBytes" (dict "a" (list $values.storage) ))) "r") | int64) ) -}} +{{- $bootstrap = (merge (dict ) $bootstrap (get (fromJson (include "redpanda.AuditLogging.Translate" (dict "a" (list $values.auditLogging $dot (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r")) ))) "r")) -}} +{{- $bootstrap = (merge (dict ) $bootstrap (get (fromJson (include "redpanda.Logging.Translate" (dict "a" (list $values.logging) ))) "r")) -}} +{{- $bootstrap = (merge (dict ) $bootstrap (get (fromJson (include "redpanda.TunableConfig.Translate" (dict "a" (list $values.config.tunable) ))) "r")) -}} +{{- $bootstrap = (merge (dict ) $bootstrap (get (fromJson (include "redpanda.ClusterConfig.Translate" (dict "a" (list $values.config.cluster) ))) "r")) -}} +{{- $bootstrap = (merge (dict ) $bootstrap (get (fromJson (include "redpanda.Auth.Translate" (dict "a" (list $values.auth (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r")) ))) "r")) -}} +{{- $bootstrap = (merge (dict ) $bootstrap (get (fromJson (include "redpanda.Storage.Translate" (dict "a" (list $values.storage) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (toYaml $bootstrap)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaConfigFile" -}} +{{- $dot := (index .a 0) -}} +{{- $includeSeedServer := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $redpanda := (dict "empty_seed_starts_cluster" false ) -}} +{{- if $includeSeedServer -}} +{{- $_ := (set $redpanda "seed_servers" (get (fromJson (include "redpanda.Listeners.CreateSeedServers" (dict "a" (list $values.listeners ($values.statefulset.replicas | int) (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r")) ))) "r")) -}} +{{- end -}} +{{- $redpanda = (merge (dict ) $redpanda (get (fromJson (include "redpanda.NodeConfig.Translate" (dict "a" (list $values.config.node) ))) "r")) -}} +{{- $_ := (get (fromJson (include "redpanda.configureListeners" (dict "a" (list $redpanda $dot) ))) "r") -}} +{{- $redpandaYaml := (dict "redpanda" $redpanda "schema_registry" (get (fromJson (include "redpanda.schemaRegistry" (dict "a" (list $dot) ))) "r") "schema_registry_client" (get (fromJson (include "redpanda.kafkaClient" (dict "a" (list $dot) ))) "r") "pandaproxy" (get (fromJson (include "redpanda.pandaProxyListener" (dict "a" (list $dot) ))) "r") "pandaproxy_client" (get (fromJson (include "redpanda.kafkaClient" (dict "a" (list $dot) ))) "r") "rpk" (get (fromJson (include "redpanda.rpkNodeConfig" (dict "a" (list $dot) ))) "r") "config_file" "/etc/redpanda/redpanda.yaml" ) -}} +{{- if (and (and (get (fromJson (include "redpanda.RedpandaAtLeast_23_3_0" (dict "a" (list $dot) ))) "r") $values.auditLogging.enabled) (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r")) -}} +{{- $_ := (set $redpandaYaml "audit_log_client" (get (fromJson (include "redpanda.kafkaClient" (dict "a" (list $dot) ))) "r")) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (toYaml $redpandaYaml)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RPKProfile" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.external.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "kind" "ConfigMap" "apiVersion" "v1" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-rpk" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "data" (dict "profile" (toYaml (get (fromJson (include "redpanda.rpkProfile" (dict "a" (list $dot) ))) "r")) ) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.rpkProfile" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $brokerList := (list ) -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) (($values.statefulset.replicas | int)|int) (1|int) -}} +{{- $brokerList = (concat (default (list ) $brokerList) (list (printf "%s:%d" (get (fromJson (include "redpanda.advertisedHost" (dict "a" (list $dot $i) ))) "r") (((get (fromJson (include "redpanda.advertisedKafkaPort" (dict "a" (list $dot $i) ))) "r") | int) | int)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $adminAdvertisedList := (list ) -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) (($values.statefulset.replicas | int)|int) (1|int) -}} +{{- $adminAdvertisedList = (concat (default (list ) $adminAdvertisedList) (list (printf "%s:%d" (get (fromJson (include "redpanda.advertisedHost" (dict "a" (list $dot $i) ))) "r") (((get (fromJson (include "redpanda.advertisedAdminPort" (dict "a" (list $dot $i) ))) "r") | int) | int)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $kafkaTLS := (get (fromJson (include "redpanda.rpkKafkaClientTLSConfiguration" (dict "a" (list $dot) ))) "r") -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $kafkaTLS "ca_file" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_1 := $tmp_tuple_1.T2 -}} +{{- if $ok_1 -}} +{{- $_ := (set $kafkaTLS "ca_file" "ca.crt") -}} +{{- end -}} +{{- $adminTLS := (get (fromJson (include "redpanda.rpkAdminAPIClientTLSConfiguration" (dict "a" (list $dot) ))) "r") -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $adminTLS "ca_file" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_2 := $tmp_tuple_2.T2 -}} +{{- if $ok_2 -}} +{{- $_ := (set $adminTLS "ca_file" "ca.crt") -}} +{{- end -}} +{{- $ka := (dict "brokers" $brokerList "tls" (coalesce nil) ) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $kafkaTLS) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $ka "tls" $kafkaTLS) -}} +{{- end -}} +{{- $aa := (dict "addresses" $adminAdvertisedList "tls" (coalesce nil) ) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $adminTLS) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $aa "tls" $adminTLS) -}} +{{- end -}} +{{- $result := (dict "name" (get (fromJson (include "redpanda.getFirstExternalKafkaListener" (dict "a" (list $dot) ))) "r") "kafka_api" $ka "admin_api" $aa ) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.advertisedKafkaPort" -}} +{{- $dot := (index .a 0) -}} +{{- $i := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $externalKafkaListenerName := (get (fromJson (include "redpanda.getFirstExternalKafkaListener" (dict "a" (list $dot) ))) "r") -}} +{{- $listener := (index $values.listeners.kafka.external $externalKafkaListenerName) -}} +{{- $port := (($values.listeners.kafka.port | int) | int) -}} +{{- if (gt (($listener.port | int) | int) ((1 | int) | int)) -}} +{{- $port = (($listener.port | int) | int) -}} +{{- end -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (1 | int)) -}} +{{- $port = ((index $listener.advertisedPorts $i) | int) -}} +{{- else -}}{{- if (eq ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (1 | int)) -}} +{{- $port = ((index $listener.advertisedPorts (0 | int)) | int) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $port) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.advertisedAdminPort" -}} +{{- $dot := (index .a 0) -}} +{{- $i := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $keys := (keys $values.listeners.admin.external) -}} +{{- $_ := (sortAlpha $keys) -}} +{{- $externalAdminListenerName := (first $keys) -}} +{{- $listener := (index $values.listeners.admin.external (get (fromJson (include "_shims.typeassertion" (dict "a" (list "string" $externalAdminListenerName) ))) "r")) -}} +{{- $port := (($values.listeners.admin.port | int) | int) -}} +{{- if (gt (($listener.port | int) | int) (1 | int)) -}} +{{- $port = (($listener.port | int) | int) -}} +{{- end -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (1 | int)) -}} +{{- $port = ((index $listener.advertisedPorts $i) | int) -}} +{{- else -}}{{- if (eq ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (1 | int)) -}} +{{- $port = ((index $listener.advertisedPorts (0 | int)) | int) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $port) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.advertisedHost" -}} +{{- $dot := (index .a 0) -}} +{{- $i := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $address := (printf "%s-%d" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") ($i | int)) -}} +{{- if (ne (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.external.domain "") ))) "r") "") -}} +{{- $address = (printf "%s.%s" $address (tpl $values.external.domain $dot)) -}} +{{- end -}} +{{- if (le ((get (fromJson (include "_shims.len" (dict "a" (list $values.external.addresses) ))) "r") | int) (0 | int)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $address) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (eq ((get (fromJson (include "_shims.len" (dict "a" (list $values.external.addresses) ))) "r") | int) (1 | int)) -}} +{{- $address = (index $values.external.addresses (0 | int)) -}} +{{- else -}} +{{- $address = (index $values.external.addresses $i) -}} +{{- end -}} +{{- if (ne (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.external.domain "") ))) "r") "") -}} +{{- $address = (printf "%s.%s" $address $values.external.domain) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $address) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.getFirstExternalKafkaListener" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $keys := (keys $values.listeners.kafka.external) -}} +{{- $_ := (sortAlpha $keys) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "_shims.typeassertion" (dict "a" (list "string" (first $keys)) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.BrokerList" -}} +{{- $dot := (index .a 0) -}} +{{- $replicas := (index .a 1) -}} +{{- $port := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $bl := (coalesce nil) -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) ($replicas|int) (1|int) -}} +{{- $bl = (concat (default (list ) $bl) (list (printf "%s-%d.%s:%d" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $i (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r") $port))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $bl) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.rpkNodeConfig" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $brokerList := (get (fromJson (include "redpanda.BrokerList" (dict "a" (list $dot ($values.statefulset.replicas | int) ($values.listeners.kafka.port | int)) ))) "r") -}} +{{- $adminTLS := (coalesce nil) -}} +{{- $tls_3 := (get (fromJson (include "redpanda.rpkAdminAPIClientTLSConfiguration" (dict "a" (list $dot) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $tls_3) ))) "r") | int) (0 | int)) -}} +{{- $adminTLS = $tls_3 -}} +{{- end -}} +{{- $brokerTLS := (coalesce nil) -}} +{{- $tls_4 := (get (fromJson (include "redpanda.rpkKafkaClientTLSConfiguration" (dict "a" (list $dot) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $tls_4) ))) "r") | int) (0 | int)) -}} +{{- $brokerTLS = $tls_4 -}} +{{- end -}} +{{- $result := (dict "overprovisioned" (get (fromJson (include "redpanda.RedpandaResources.GetOverProvisionValue" (dict "a" (list $values.resources) ))) "r") "enable_memory_locking" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.resources.memory.enable_memory_locking false) ))) "r") "additional_start_flags" (get (fromJson (include "redpanda.RedpandaAdditionalStartFlags" (dict "a" (list $dot ((get (fromJson (include "redpanda.RedpandaSMP" (dict "a" (list $dot) ))) "r") | int64)) ))) "r") "kafka_api" (dict "brokers" $brokerList "tls" $brokerTLS ) "admin_api" (dict "addresses" (get (fromJson (include "redpanda.Listeners.AdminList" (dict "a" (list $values.listeners ($values.statefulset.replicas | int) (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r")) ))) "r") "tls" $adminTLS ) ) -}} +{{- $result = (merge (dict ) $result (get (fromJson (include "redpanda.Tuning.Translate" (dict "a" (list $values.tuning) ))) "r")) -}} +{{- $result = (merge (dict ) $result (get (fromJson (include "redpanda.Config.CreateRPKConfiguration" (dict "a" (list $values.config) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.rpkKafkaClientTLSConfiguration" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $tls := $values.listeners.kafka.tls -}} +{{- if (not (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $tls $values.tls) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict )) | toJson -}} +{{- break -}} +{{- end -}} +{{- $result := (dict "ca_file" (get (fromJson (include "redpanda.InternalTLS.ServerCAPath" (dict "a" (list $tls $values.tls) ))) "r") ) -}} +{{- if $tls.requireClientAuth -}} +{{- $_ := (set $result "cert_file" (printf "/etc/tls/certs/%s-client/tls.crt" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r"))) -}} +{{- $_ := (set $result "key_file" (printf "/etc/tls/certs/%s-client/tls.key" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r"))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.rpkAdminAPIClientTLSConfiguration" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $tls := $values.listeners.admin.tls -}} +{{- if (not (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $tls $values.tls) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict )) | toJson -}} +{{- break -}} +{{- end -}} +{{- $result := (dict "ca_file" (get (fromJson (include "redpanda.InternalTLS.ServerCAPath" (dict "a" (list $tls $values.tls) ))) "r") ) -}} +{{- if $tls.requireClientAuth -}} +{{- $_ := (set $result "cert_file" (printf "/etc/tls/certs/%s-client/tls.crt" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r"))) -}} +{{- $_ := (set $result "key_file" (printf "/etc/tls/certs/%s-client/tls.key" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r"))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.kafkaClient" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $brokerList := (list ) -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) (($values.statefulset.replicas | int)|int) (1|int) -}} +{{- $brokerList = (concat (default (list ) $brokerList) (list (dict "address" (printf "%s-%d.%s" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $i (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r")) "port" ($values.listeners.kafka.port | int) ))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $kafkaTLS := $values.listeners.kafka.tls -}} +{{- $brokerTLS := (coalesce nil) -}} +{{- if (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $values.listeners.kafka.tls $values.tls) ))) "r") -}} +{{- $brokerTLS = (dict "enabled" true "require_client_auth" $kafkaTLS.requireClientAuth "truststore_file" (get (fromJson (include "redpanda.InternalTLS.ServerCAPath" (dict "a" (list $kafkaTLS $values.tls) ))) "r") ) -}} +{{- if $kafkaTLS.requireClientAuth -}} +{{- $_ := (set $brokerTLS "cert_file" (printf "/etc/tls/certs/%s-client/tls.crt" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r"))) -}} +{{- $_ := (set $brokerTLS "key_file" (printf "/etc/tls/certs/%s-client/tls.key" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r"))) -}} +{{- end -}} +{{- end -}} +{{- $cfg := (dict "brokers" $brokerList ) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $brokerTLS) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $cfg "broker_tls" $brokerTLS) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $cfg) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.configureListeners" -}} +{{- $redpanda := (index .a 0) -}} +{{- $dot := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_ := (set $redpanda "admin" (get (fromJson (include "redpanda.AdminListeners.Listeners" (dict "a" (list $values.listeners.admin) ))) "r")) -}} +{{- $_ := (set $redpanda "kafka_api" (get (fromJson (include "redpanda.KafkaListeners.Listeners" (dict "a" (list $values.listeners.kafka $values.auth) ))) "r")) -}} +{{- $_ := (set $redpanda "rpc_server" (get (fromJson (include "redpanda.rpcListeners" (dict "a" (list $dot) ))) "r")) -}} +{{- $_ := (set $redpanda "admin_api_tls" (coalesce nil)) -}} +{{- $tls_5 := (get (fromJson (include "redpanda.AdminListeners.ListenersTLS" (dict "a" (list $values.listeners.admin $values.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $tls_5) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $redpanda "admin_api_tls" $tls_5) -}} +{{- end -}} +{{- $_ := (set $redpanda "kafka_api_tls" (coalesce nil)) -}} +{{- $tls_6 := (get (fromJson (include "redpanda.KafkaListeners.ListenersTLS" (dict "a" (list $values.listeners.kafka $values.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $tls_6) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $redpanda "kafka_api_tls" $tls_6) -}} +{{- end -}} +{{- $tls_7 := (get (fromJson (include "redpanda.rpcListenersTLS" (dict "a" (list $dot) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $tls_7) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $redpanda "rpc_server_tls" $tls_7) -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.pandaProxyListener" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $pandaProxy := (dict ) -}} +{{- $_ := (set $pandaProxy "pandaproxy_api" (get (fromJson (include "redpanda.HTTPListeners.Listeners" (dict "a" (list $values.listeners.http (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r")) ))) "r")) -}} +{{- $_ := (set $pandaProxy "pandaproxy_api_tls" (coalesce nil)) -}} +{{- $tls_8 := (get (fromJson (include "redpanda.HTTPListeners.ListenersTLS" (dict "a" (list $values.listeners.http $values.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $tls_8) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $pandaProxy "pandaproxy_api_tls" $tls_8) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $pandaProxy) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.schemaRegistry" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $schemaReg := (dict ) -}} +{{- $_ := (set $schemaReg "schema_registry_api" (get (fromJson (include "redpanda.SchemaRegistryListeners.Listeners" (dict "a" (list $values.listeners.schemaRegistry (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r")) ))) "r")) -}} +{{- $_ := (set $schemaReg "schema_registry_api_tls" (coalesce nil)) -}} +{{- $tls_9 := (get (fromJson (include "redpanda.SchemaRegistryListeners.ListenersTLS" (dict "a" (list $values.listeners.schemaRegistry $values.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $tls_9) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $schemaReg "schema_registry_api_tls" $tls_9) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $schemaReg) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.rpcListenersTLS" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $r := $values.listeners.rpc -}} +{{- if (and (not ((or (or (get (fromJson (include "redpanda.RedpandaAtLeast_22_2_atleast_22_2_10" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.RedpandaAtLeast_22_3_atleast_22_3_13" (dict "a" (list $dot) ))) "r")) (get (fromJson (include "redpanda.RedpandaAtLeast_23_1_2" (dict "a" (list $dot) ))) "r")))) ((or (and (eq $r.tls.enabled (coalesce nil)) $values.tls.enabled) (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $r.tls.enabled false) ))) "r")))) -}} +{{- $_ := (fail (printf "Redpanda version v%s does not support TLS on the RPC port. Please upgrade. See technical service bulletin 2023-01." (trimPrefix "v" (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")))) -}} +{{- end -}} +{{- if (not (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $r.tls $values.tls) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict )) | toJson -}} +{{- break -}} +{{- end -}} +{{- $certName := $r.tls.cert -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict "enabled" true "cert_file" (printf "/etc/tls/certs/%s/tls.crt" $certName) "key_file" (printf "/etc/tls/certs/%s/tls.key" $certName) "require_client_auth" $r.tls.requireClientAuth "truststore_file" (get (fromJson (include "redpanda.InternalTLS.TrustStoreFilePath" (dict "a" (list $r.tls $values.tls) ))) "r") )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.rpcListeners" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict "address" "0.0.0.0" "port" ($values.listeners.rpc.port | int) )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.createInternalListenerTLSCfg" -}} +{{- $tls := (index .a 0) -}} +{{- $internal := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (not (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $internal $tls) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict )) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict "name" "internal" "enabled" true "cert_file" (printf "/etc/tls/certs/%s/tls.crt" $internal.cert) "key_file" (printf "/etc/tls/certs/%s/tls.key" $internal.cert) "require_client_auth" $internal.requireClientAuth "truststore_file" (get (fromJson (include "redpanda.InternalTLS.TrustStoreFilePath" (dict "a" (list $internal $tls) ))) "r") )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.createInternalListenerCfg" -}} +{{- $port := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict "name" "internal" "address" "0.0.0.0" "port" $port )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAdditionalStartFlags" -}} +{{- $dot := (index .a 0) -}} +{{- $smp := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $chartFlags := (dict "smp" (printf "%d" ($smp | int)) "memory" (printf "%dM" (((get (fromJson (include "redpanda.RedpandaMemory" (dict "a" (list $dot) ))) "r") | int64) | int)) "reserve-memory" (printf "%dM" (((get (fromJson (include "redpanda.RedpandaReserveMemory" (dict "a" (list $dot) ))) "r") | int64) | int)) "default-log-level" $values.logging.logLevel ) -}} +{{- if (eq (index $values.config.node "developer_mode") true) -}} +{{- $_ := (unset $chartFlags "reserve-memory") -}} +{{- end -}} +{{- range $flag, $_ := $chartFlags -}} +{{- range $_, $userFlag := $values.statefulset.additionalRedpandaCmdFlags -}} +{{- if (regexMatch (printf "^--%s" $flag) $userFlag) -}} +{{- $_ := (unset $chartFlags $flag) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $keys := (keys $chartFlags) -}} +{{- $_ := (sortAlpha $keys) -}} +{{- $flags := (list ) -}} +{{- range $_, $key := $keys -}} +{{- $flags = (concat (default (list ) $flags) (list (printf "--%s=%s" $key (index $chartFlags $key)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $flags) (default (list ) $values.statefulset.additionalRedpandaCmdFlags))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_console.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_console.go.tpl new file mode 100644 index 0000000000..f8498e9986 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_console.go.tpl @@ -0,0 +1,60 @@ +{{- /* Generated from "console.tpl.go" */ -}} + +{{- define "redpanda.ConsoleConfig" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $schemaURLs := (coalesce nil) -}} +{{- if $values.listeners.schemaRegistry.enabled -}} +{{- $schema := "http" -}} +{{- if (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $values.listeners.schemaRegistry.tls $values.tls) ))) "r") -}} +{{- $schema = "https" -}} +{{- end -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) (($values.statefulset.replicas | int)|int) (1|int) -}} +{{- $schemaURLs = (concat (default (list ) $schemaURLs) (list (printf "%s://%s-%d.%s:%d" $schema (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $i (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r") ($values.listeners.schemaRegistry.port | int)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $schema := "http" -}} +{{- if (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $values.listeners.admin.tls $values.tls) ))) "r") -}} +{{- $schema = "https" -}} +{{- end -}} +{{- $c := (dict "kafka" (dict "brokers" (get (fromJson (include "redpanda.BrokerList" (dict "a" (list $dot ($values.statefulset.replicas | int) ($values.listeners.kafka.port | int)) ))) "r") "sasl" (dict "enabled" (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r") ) "tls" (get (fromJson (include "redpanda.KafkaListeners.ConsolemTLS" (dict "a" (list $values.listeners.kafka $values.tls) ))) "r") "schemaRegistry" (dict "enabled" $values.listeners.schemaRegistry.enabled "urls" $schemaURLs "tls" (get (fromJson (include "redpanda.SchemaRegistryListeners.ConsoleTLS" (dict "a" (list $values.listeners.schemaRegistry $values.tls) ))) "r") ) ) "redpanda" (dict "adminApi" (dict "enabled" true "urls" (list (printf "%s://%s:%d" $schema (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r") ($values.listeners.admin.port | int))) "tls" (get (fromJson (include "redpanda.AdminListeners.ConsoleTLS" (dict "a" (list $values.listeners.admin $values.tls) ))) "r") ) ) ) -}} +{{- if $values.connectors.enabled -}} +{{- $port := (dig "connectors" "connectors" "restPort" (8083 | int) $dot.Values.AsMap) -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.asintegral" (dict "a" (list $port) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_1.T2 -}} +{{- $p := ($tmp_tuple_1.T1 | int) -}} +{{- if (not $ok) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $c) | toJson -}} +{{- break -}} +{{- end -}} +{{- $connectorsURL := (printf "http://%s.%s.svc.%s:%d" (get (fromJson (include "redpanda.ConnectorsFullName" (dict "a" (list $dot) ))) "r") $dot.Release.Namespace (trimSuffix "." $values.clusterDomain) $p) -}} +{{- $_ := (set $c "connect" (mustMergeOverwrite (dict "enabled" false "clusters" (coalesce nil) "connectTimeout" 0 "readTimeout" 0 "requestTimeout" 0 ) (dict "enabled" $values.connectors.enabled "clusters" (list (mustMergeOverwrite (dict "name" "" "url" "" "tls" (dict "enabled" false "caFilepath" "" "certFilepath" "" "keyFilepath" "" "insecureSkipTlsVerify" false ) "username" "" "password" "" "token" "" ) (dict "name" "connectors" "url" $connectorsURL "tls" (mustMergeOverwrite (dict "enabled" false "caFilepath" "" "certFilepath" "" "keyFilepath" "" "insecureSkipTlsVerify" false ) (dict "enabled" false "caFilepath" "" "certFilepath" "" "keyFilepath" "" "insecureSkipTlsVerify" false )) "username" "" "password" "" "token" "" ))) ))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $values.console.console.config $c)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ConnectorsFullName" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (ne (dig "connectors" "connectors" "fullnameOverwrite" "" $dot.Values.AsMap) "") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list $values.connectors.connectors.fullnameOverwrite) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list (printf "%s-connectors" $dot.Release.Name)) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_example-commands.tpl b/charts/redpanda/redpanda/5.9.4/templates/_example-commands.tpl new file mode 100644 index 0000000000..9a5c695e32 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_example-commands.tpl @@ -0,0 +1,58 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + + +{{/* +Any rpk command that's given to the user in NOTES.txt must be defined in this template file +and tested in a test. +*/}} + +{{/* tested in tests/test-kafka-sasl-status.yaml */}} +{{- define "rpk-acl-user-create" -}} +{{- $cmd := (get ((include "redpanda.RpkACLUserCreate" (dict "a" (list .))) | fromJson) "r") }} +{{- $cmd }} +{{- end -}} + +{{/* tested in tests/test-kafka-sasl-status.yaml */}} +{{- define "rpk-acl-create" -}} +{{- $cmd := (get ((include "redpanda.RpkACLCreate" (dict "a" (list .))) | fromJson) "r") }} +{{- $cmd }} +{{- end -}} + +{{/* tested in tests/test-kafka-sasl-status.yaml */}} +{{- define "rpk-cluster-info" -}} +{{- $cmd := (get ((include "redpanda.RpkClusterInfo" (dict "a" (list .))) | fromJson) "r") }} +{{- $cmd }} +{{- end -}} + +{{/* tested in tests/test-kafka-sasl-status.yaml */}} +{{- define "rpk-topic-create" -}} +{{- $cmd := (get ((include "redpanda.RpkTopicCreate" (dict "a" (list .))) | fromJson) "r") }} +{{- $cmd }} +{{- end -}} + +{{/* tested in tests/test-kafka-sasl-status.yaml */}} +{{- define "rpk-topic-describe" -}} +{{- $cmd := (get ((include "redpanda.RpkTopicDescribe" (dict "a" (list .))) | fromJson) "r") }} +{{- $cmd }} +{{- end -}} + +{{/* tested in tests/test-kafka-sasl-status.yaml */}} +{{- define "rpk-topic-delete" -}} +{{- $cmd := (get ((include "redpanda.RpkTopicDelete" (dict "a" (list .))) | fromJson) "r") }} +{{- $cmd }} +{{- end -}} \ No newline at end of file diff --git a/charts/redpanda/redpanda/5.9.4/templates/_helpers.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_helpers.go.tpl new file mode 100644 index 0000000000..c910f646ad --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_helpers.go.tpl @@ -0,0 +1,535 @@ +{{- /* Generated from "helpers.go" */ -}} + +{{- define "redpanda.Chart" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list (replace "+" "_" (printf "%s-%s" $dot.Chart.Name $dot.Chart.Version))) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Name" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "string" (index $dot.Values "nameOverride") "") ))) "r")) ))) "r") -}} +{{- $ok_2 := $tmp_tuple_1.T2 -}} +{{- $override_1 := $tmp_tuple_1.T1 -}} +{{- if (and $ok_2 (ne $override_1 "")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list $override_1) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list $dot.Chart.Name) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Fullname" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "string" (index $dot.Values "fullnameOverride") "") ))) "r")) ))) "r") -}} +{{- $ok_4 := $tmp_tuple_2.T2 -}} +{{- $override_3 := $tmp_tuple_2.T1 -}} +{{- if (and $ok_4 (ne $override_3 "")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list $override_3) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list $dot.Release.Name) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.FullLabels" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $labels := (dict ) -}} +{{- if (ne $values.commonLabels (coalesce nil)) -}} +{{- $labels = $values.commonLabels -}} +{{- end -}} +{{- $defaults := (dict "helm.sh/chart" (get (fromJson (include "redpanda.Chart" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/name" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/instance" $dot.Release.Name "app.kubernetes.io/managed-by" $dot.Release.Service "app.kubernetes.io/component" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") ) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $labels $defaults)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ServiceAccountName" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $serviceAccount := $values.serviceAccount -}} +{{- if (and $serviceAccount.create (ne $serviceAccount.name "")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $serviceAccount.name) | toJson -}} +{{- break -}} +{{- else -}}{{- if $serviceAccount.create -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) | toJson -}} +{{- break -}} +{{- else -}}{{- if (ne $serviceAccount.name "") -}} +{{- $_is_returning = true -}} +{{- (dict "r" $serviceAccount.name) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" "default") | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Tag" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $tag := (toString $values.image.tag) -}} +{{- if (eq $tag "") -}} +{{- $tag = $dot.Chart.AppVersion -}} +{{- end -}} +{{- $pattern := "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" -}} +{{- if (not (regexMatch $pattern $tag)) -}} +{{- $_ := (fail "image.tag must start with a 'v' and be a valid semver") -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $tag) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ServiceName" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (and (ne $values.service (coalesce nil)) (ne $values.service.name (coalesce nil))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.cleanForK8s" (dict "a" (list $values.service.name) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.InternalDomain" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $service := (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r") -}} +{{- $ns := $dot.Release.Namespace -}} +{{- $domain := (trimSuffix "." $values.clusterDomain) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s.%s.svc.%s." $service $ns $domain)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TLSEnabled" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if $values.tls.enabled -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- $listeners := (list "kafka" "admin" "schemaRegistry" "rpc" "http") -}} +{{- range $_, $listener := $listeners -}} +{{- $tlsCert := (dig "listeners" $listener "tls" "cert" false $dot.Values.AsMap) -}} +{{- $tlsEnabled := (dig "listeners" $listener "tls" "enabled" false $dot.Values.AsMap) -}} +{{- if (and (not (empty $tlsEnabled)) (not (empty $tlsCert))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- $external := (dig "listeners" $listener "external" false $dot.Values.AsMap) -}} +{{- if (empty $external) -}} +{{- continue -}} +{{- end -}} +{{- $keys := (keys (get (fromJson (include "_shims.typeassertion" (dict "a" (list (printf "map[%s]%s" "string" "interface {}") $external) ))) "r")) -}} +{{- range $_, $key := $keys -}} +{{- $enabled := (dig "listeners" $listener "external" $key "enabled" false $dot.Values.AsMap) -}} +{{- $tlsCert := (dig "listeners" $listener "external" $key "tls" "cert" false $dot.Values.AsMap) -}} +{{- $tlsEnabled := (dig "listeners" $listener "external" $key "tls" "enabled" false $dot.Values.AsMap) -}} +{{- if (and (and (not (empty $enabled)) (not (empty $tlsCert))) (not (empty $tlsEnabled))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" false) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ClientAuthRequired" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $listeners := (list "kafka" "admin" "schemaRegistry" "rpc" "http") -}} +{{- range $_, $listener := $listeners -}} +{{- $required := (dig "listeners" $listener "tls" "requireClientAuth" false $dot.Values.AsMap) -}} +{{- if (not (empty $required)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" false) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.DefaultMounts" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "config" "mountPath" "/etc/redpanda" )))) (default (list ) (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r")))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.CommonMounts" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $mounts := (list ) -}} +{{- $sasl_5 := $values.auth.sasl -}} +{{- if (and $sasl_5.enabled (ne $sasl_5.secretRef "")) -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "users" "mountPath" "/etc/secrets/users" "readOnly" true )))) -}} +{{- end -}} +{{- if (get (fromJson (include "redpanda.TLSEnabled" (dict "a" (list $dot) ))) "r") -}} +{{- $certNames := (keys $values.tls.certs) -}} +{{- $_ := (sortAlpha $certNames) -}} +{{- range $_, $name := $certNames -}} +{{- $cert := (index $values.tls.certs $name) -}} +{{- if (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $cert.enabled true) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" (printf "redpanda-%s-cert" $name) "mountPath" (printf "/etc/tls/certs/%s" $name) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $adminTLS := $values.listeners.admin.tls -}} +{{- if $adminTLS.requireClientAuth -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "mtls-client" "mountPath" (printf "/etc/tls/certs/%s-client" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) )))) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $mounts) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.DefaultVolumes" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "configMap" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") )) (dict )) )) (dict "name" "config" )))) (default (list ) (get (fromJson (include "redpanda.CommonVolumes" (dict "a" (list $dot) ))) "r")))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.CommonVolumes" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $volumes := (list ) -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (get (fromJson (include "redpanda.TLSEnabled" (dict "a" (list $dot) ))) "r") -}} +{{- $certNames := (keys $values.tls.certs) -}} +{{- $_ := (sortAlpha $certNames) -}} +{{- range $_, $name := $certNames -}} +{{- $cert := (index $values.tls.certs $name) -}} +{{- if (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $cert.enabled true) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" (get (fromJson (include "redpanda.CertSecretName" (dict "a" (list $dot $name $cert) ))) "r") "defaultMode" (0o440 | int) )) )) (dict "name" (printf "redpanda-%s-cert" $name) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $adminTLS := $values.listeners.admin.tls -}} +{{- $cert := (index $values.tls.certs $adminTLS.cert) -}} +{{- if $adminTLS.requireClientAuth -}} +{{- $secretName := (printf "%s-client" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- if (ne $cert.clientSecretRef (coalesce nil)) -}} +{{- $secretName = $cert.clientSecretRef.name -}} +{{- end -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" $secretName "defaultMode" (0o440 | int) )) )) (dict "name" "mtls-client" )))) -}} +{{- end -}} +{{- end -}} +{{- $sasl_6 := $values.auth.sasl -}} +{{- if (and $sasl_6.enabled (ne $sasl_6.secretRef "")) -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" $sasl_6.secretRef )) )) (dict "name" "users" )))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $volumes) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.CertSecretName" -}} +{{- $dot := (index .a 0) -}} +{{- $certName := (index .a 1) -}} +{{- $cert := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $cert.secretRef (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $cert.secretRef.name) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s-%s-cert" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $certName)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.PodSecurityContext" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $sc := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.statefulset.podSecurityContext $values.statefulset.securityContext) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict ) (dict "fsGroup" $sc.fsGroup "fsGroupChangePolicy" $sc.fsGroupChangePolicy ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ContainerSecurityContext" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $sc := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.statefulset.podSecurityContext $values.statefulset.securityContext) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict ) (dict "runAsUser" $sc.runAsUser "runAsGroup" (get (fromJson (include "redpanda.coalesce" (dict "a" (list (list $sc.runAsGroup $sc.fsGroup)) ))) "r") "allowPrivilegeEscalation" (get (fromJson (include "redpanda.coalesce" (dict "a" (list (list $sc.allowPrivilegeEscalation $sc.allowPriviledgeEscalation)) ))) "r") "runAsNonRoot" $sc.runAsNonRoot ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_22_2_0" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=22.2.0-0 || <0.0.1-0") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_22_3_0" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=22.3.0-0 || <0.0.1-0") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_23_1_1" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=23.1.1-0 || <0.0.1-0") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_23_1_2" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=23.1.2-0 || <0.0.1-0") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_22_3_atleast_22_3_13" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=22.3.13-0,<22.4") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_22_2_atleast_22_2_10" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=22.2.10-0,<22.3") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_23_2_1" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=23.2.1-0 || <0.0.1-0") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaAtLeast_23_3_0" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.redpandaAtLeast" (dict "a" (list $dot ">=23.3.0-0 || <0.0.1-0") ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.redpandaAtLeast" -}} +{{- $dot := (index .a 0) -}} +{{- $constraint := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $version := (trimPrefix "v" (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (list (semverCompare $constraint $version) nil)) ))) "r") -}} +{{- $err := $tmp_tuple_3.T2 -}} +{{- $result := $tmp_tuple_3.T1 -}} +{{- if (ne $err (coalesce nil)) -}} +{{- $_ := (fail $err) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.cleanForK8s" -}} +{{- $in := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (trimSuffix "-" (trunc (63 | int) $in))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaSMP" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $coresInMillies := ((get (fromJson (include "_shims.resource_MilliValue" (dict "a" (list $values.resources.cpu.cores) ))) "r") | int64) -}} +{{- if (lt $coresInMillies (1000 | int64)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (1 | int64)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" ((get (fromJson (include "_shims.resource_Value" (dict "a" (list $values.resources.cpu.cores) ))) "r") | int64)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.coalesce" -}} +{{- $values := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- range $_, $v := $values -}} +{{- if (ne $v (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $v) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StrategicMergePatch" -}} +{{- $overrides := (index .a 0) -}} +{{- $original := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $overrides.labels (coalesce nil)) -}} +{{- $_ := (set $original.metadata "labels" (merge (dict ) $overrides.labels (default (dict ) $original.metadata.labels))) -}} +{{- end -}} +{{- if (ne $overrides.annotations (coalesce nil)) -}} +{{- $_ := (set $original.metadata "annotations" (merge (dict ) $overrides.annotations (default (dict ) $original.metadata.annotations))) -}} +{{- end -}} +{{- if (ne $overrides.spec.securityContext (coalesce nil)) -}} +{{- $_ := (set $original.spec "securityContext" (merge (dict ) $overrides.spec.securityContext (default (mustMergeOverwrite (dict ) (dict )) $original.spec.securityContext))) -}} +{{- end -}} +{{- $overrideContainers := (dict ) -}} +{{- range $i, $_ := $overrides.spec.containers -}} +{{- $container := (index $overrides.spec.containers $i) -}} +{{- $_ := (set $overrideContainers (toString $container.name) $container) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $merged := (coalesce nil) -}} +{{- range $_, $container := $original.spec.containers -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $overrideContainers $container.name (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_8 := $tmp_tuple_4.T2 -}} +{{- $override_7 := $tmp_tuple_4.T1 -}} +{{- if $ok_8 -}} +{{- $env := (concat (default (list ) $container.env) (default (list ) $override_7.env)) -}} +{{- $container = (merge (dict ) $override_7 $container) -}} +{{- $_ := (set $container "env" $env) -}} +{{- end -}} +{{- if (eq $container.env (coalesce nil)) -}} +{{- $_ := (set $container "env" (list )) -}} +{{- end -}} +{{- $merged = (concat (default (list ) $merged) (list $container)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $original.spec "containers" $merged) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $original) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_helpers.tpl b/charts/redpanda/redpanda/5.9.4/templates/_helpers.tpl new file mode 100644 index 0000000000..a885f9dcd3 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_helpers.tpl @@ -0,0 +1,368 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{/* +Expand the name of the chart. +*/}} +{{- define "redpanda.name" -}} +{{- get ((include "redpanda.Name" (dict "a" (list .))) | fromJson) "r" }} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "redpanda.fullname" -}} +{{- get ((include "redpanda.Fullname" (dict "a" (list .))) | fromJson) "r" }} +{{- end -}} + +{{/* +Create a default service name +*/}} +{{- define "redpanda.servicename" -}} +{{- get ((include "redpanda.ServiceName" (dict "a" (list .))) | fromJson) "r" }} +{{- end -}} + +{{/* +full helm labels + common labels +*/}} +{{- define "full.labels" -}} +{{- (get ((include "redpanda.FullLabels" (dict "a" (list .))) | fromJson) "r") | toYaml }} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "redpanda.chart" -}} +{{- get ((include "redpanda.Chart" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "redpanda.serviceAccountName" -}} +{{- get ((include "redpanda.ServiceAccountName" (dict "a" (list .))) | fromJson) "r" }} +{{- end }} + +{{/* +Use AppVersion if image.tag is not set +*/}} +{{- define "redpanda.tag" -}} +{{- get ((include "redpanda.Tag" (dict "a" (list .))) | fromJson) "r" }} +{{- end -}} + +{{/* Generate internal fqdn */}} +{{- define "redpanda.internal.domain" -}} +{{- get ((include "redpanda.InternalDomain" (dict "a" (list .))) | fromJson) "r" }} +{{- end -}} + +{{/* ConfigMap variables */}} +{{- define "admin-internal-tls-enabled" -}} +{{- toJson (dict "bool" (get ((include "redpanda.InternalTLS.IsEnabled" (dict "a" (list .Values.listeners.admin.tls .Values.tls))) | fromJson) "r")) -}} +{{- end -}} + +{{- define "kafka-internal-tls-enabled" -}} +{{- $listener := .Values.listeners.kafka -}} +{{- toJson (dict "bool" (and (dig "tls" "enabled" .Values.tls.enabled $listener) (not (empty (dig "tls" "cert" "" $listener))))) -}} +{{- end -}} + +{{- define "kafka-external-tls-cert" -}} +{{- dig "tls" "cert" .Values.listeners.kafka.tls.cert .listener -}} +{{- end -}} + +{{- define "http-internal-tls-enabled" -}} +{{- $listener := .Values.listeners.http -}} +{{- toJson (dict "bool" (and (dig "tls" "enabled" .Values.tls.enabled $listener) (not (empty (dig "tls" "cert" "" $listener))))) -}} +{{- end -}} + +{{- define "schemaRegistry-internal-tls-enabled" -}} +{{- $listener := .Values.listeners.schemaRegistry -}} +{{- toJson (dict "bool" (and (dig "tls" "enabled" .Values.tls.enabled $listener) (not (empty (dig "tls" "cert" "" $listener))))) -}} +{{- end -}} + +{{- define "tls-enabled" -}} +{{- $tlsenabled := get ((include "redpanda.TLSEnabled" (dict "a" (list .))) | fromJson) "r" }} +{{- toJson (dict "bool" $tlsenabled) -}} +{{- end -}} + +{{- define "sasl-enabled" -}} +{{- toJson (dict "bool" (dig "enabled" false .Values.auth.sasl)) -}} +{{- end -}} + +{{- define "admin-api-urls" -}} +{{ printf "${SERVICE_NAME}.%s" (include "redpanda.internal.domain" .) }}:{{.Values.listeners.admin.port }} +{{- end -}} + +{{- define "admin-api-service-url" -}} +{{ include "redpanda.internal.domain" .}}:{{.Values.listeners.admin.port }} +{{- end -}} + +{{- define "sasl-mechanism" -}} +{{- dig "sasl" "mechanism" "SCRAM-SHA-512" .Values.auth -}} +{{- end -}} + +{{- define "fail-on-insecure-sasl-logging" -}} +{{- if (include "sasl-enabled" .|fromJson).bool -}} + {{- $check := list + (include "redpanda-atleast-23-1-1" .|fromJson).bool + (include "redpanda-22-3-atleast-22-3-13" .|fromJson).bool + (include "redpanda-22-2-atleast-22-2-10" .|fromJson).bool + -}} + {{- if not (mustHas true $check) -}} + {{- fail "SASL is enabled and the redpanda version specified leaks secrets to the logs. Please choose a newer version of redpanda." -}} + {{- end -}} +{{- end -}} +{{- end -}} + +{{- define "fail-on-unsupported-helm-version" -}} + {{- $helmVer := (fromYaml (toYaml .Capabilities.HelmVersion)).version -}} + {{- if semverCompare "<3.8.0-0" $helmVer -}} + {{- fail (printf "helm version %s is not supported. Please use helm version v3.8.0 or newer." $helmVer) -}} + {{- end -}} +{{- end -}} + +{{- define "redpanda-atleast-22-2-0" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_22_2_0" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} +{{- define "redpanda-atleast-22-3-0" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_22_3_0" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} +{{- define "redpanda-atleast-23-1-1" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_23_1_1" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} +{{- define "redpanda-atleast-23-1-2" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_23_1_2" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} +{{- define "redpanda-22-3-atleast-22-3-13" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_22_3_atleast_22_3_13" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} +{{- define "redpanda-22-2-atleast-22-2-10" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_22_2_atleast_22_2_10" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} +{{- define "redpanda-atleast-23-2-1" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_23_2_1" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} +{{- define "redpanda-atleast-23-3-0" -}} +{{- toJson (dict "bool" (get ((include "redpanda.RedpandaAtLeast_23_3_0" (dict "a" (list .))) | fromJson) "r")) }} +{{- end -}} + +{{- define "redpanda-22-2-x-without-sasl" -}} +{{- $result := (include "redpanda-atleast-22-3-0" . | fromJson).bool -}} +{{- if or (include "sasl-enabled" . | fromJson).bool .Values.listeners.kafka.authenticationMethod -}} +{{- $result := false -}} +{{- end -}} +{{- toJson (dict "bool" $result) -}} +{{- end -}} + +{{- define "pod-security-context" -}} +{{- get ((include "redpanda.PodSecurityContext" (dict "a" (list .))) | fromJson) "r" | toYaml }} +{{- end -}} + +{{- define "container-security-context" -}} +{{- get ((include "redpanda.ContainerSecurityContext" (dict "a" (list .))) | fromJson) "r" | toYaml }} +{{- end -}} + +{{- define "admin-tls-curl-flags" -}} + {{- $result := "" -}} + {{- if (include "admin-internal-tls-enabled" . | fromJson).bool -}} + {{- $path := (printf "/etc/tls/certs/%s" .Values.listeners.admin.tls.cert) -}} + {{- $result = (printf "--cacert %s/tls.crt" $path) -}} + {{- if .Values.listeners.admin.tls.requireClientAuth -}} + {{- $result = (printf "--cacert %s/ca.crt --cert %s/tls.crt --key %s/tls.key" $path $path $path) -}} + {{- end -}} + {{- end -}} + {{- $result -}} +{{- end -}} + +{{- define "admin-http-protocol" -}} + {{- $result := "http" -}} + {{- if (include "admin-internal-tls-enabled" . | fromJson).bool -}} + {{- $result = "https" -}} + {{- end -}} + {{- $result -}} +{{- end -}} + +{{- /* +advertised-port returns either the only advertised port if only one is specified, +or the port specified for this pod ordinal when there is a full list provided. + +This will return a string int or panic if there is more than one port provided, +but not enough ports for the number of replicas requested. +*/ -}} +{{- define "advertised-port" -}} + {{- $port := dig "port" .listenerVals.port .externalVals -}} + {{- if .externalVals.advertisedPorts -}} + {{- if eq (len .externalVals.advertisedPorts) 1 -}} + {{- $port = mustFirst .externalVals.advertisedPorts -}} + {{- else -}} + {{- $port = index .externalVals.advertisedPorts .replicaIndex -}} + {{- end -}} + {{- end -}} + {{ $port }} +{{- end -}} + +{{- /* +advertised-host returns a json string with the data needed for configuring the advertised listener +*/ -}} +{{- define "advertised-host" -}} + {{- $host := dict "name" .externalName "address" .externalAdvertiseAddress "port" .port -}} + {{- if .values.external.addresses -}} + {{- $address := "" -}} + {{- if gt (len .values.external.addresses) 1 -}} + {{- $address = (index .values.external.addresses .replicaIndex) -}} + {{- else -}} + {{- $address = (index .values.external.addresses 0) -}} + {{- end -}} + {{- if ( .values.external.domain | default "" ) }} + {{- $host = dict "name" .externalName "address" (printf "%s.%s" $address .values.external.domain) "port" .port -}} + {{- else -}} + {{- $host = dict "name" .externalName "address" $address "port" .port -}} + {{- end -}} + {{- end -}} + {{- toJson $host -}} +{{- end -}} + +{{- define "is-licensed" -}} +{{- toJson (dict "bool" (or (not (empty (include "enterprise-license" . ))) (not (empty (include "enterprise-secret" . ))))) -}} +{{- end -}} + +{{- define "seed-server-list" -}} + {{- $brokers := list -}} + {{- range $ordinal := until (.Values.statefulset.replicas | int) -}} + {{- $brokers = append $brokers (printf "%s-%d.%s" + (include "redpanda.fullname" $) + $ordinal + (include "redpanda.internal.domain" $)) + -}} + {{- end -}} + {{- toJson $brokers -}} +{{- end -}} + +{{/* +return license checks deprecated values if current values is empty +*/}} +{{- define "enterprise-license" -}} +{{- if dig "license" dict .Values.enterprise -}} + {{- .Values.enterprise.license -}} +{{- else -}} + {{- .Values.license_key -}} +{{- end -}} +{{- end -}} + +{{/* +return licenseSecretRef checks deprecated values entry if current values empty +*/}} +{{- define "enterprise-secret" -}} +{{- if ( dig "licenseSecretRef" dict .Values.enterprise ) -}} + {{- .Values.enterprise.licenseSecretRef -}} +{{- else if not (empty .Values.license_secret_ref ) -}} + {{- .Values.license_secret_ref -}} +{{- end -}} +{{- end -}} + +{{/* +return licenseSecretRef.name checks deprecated values entry if current values empty +*/}} +{{- define "enterprise-secret-name" -}} +{{- if ( dig "licenseSecretRef" dict .Values.enterprise ) -}} + {{- dig "name" "" .Values.enterprise.licenseSecretRef -}} +{{- else if not (empty .Values.license_secret_ref ) -}} + {{- dig "secret_name" "" .Values.license_secret_ref -}} +{{- end -}} +{{- end -}} + +{{/* +return licenseSecretRef.key checks deprecated values entry if current values empty +*/}} +{{- define "enterprise-secret-key" -}} +{{- if ( dig "licenseSecretRef" dict .Values.enterprise ) -}} + {{- dig "key" "" .Values.enterprise.licenseSecretRef -}} +{{- else if not (empty .Values.license_secret_ref ) -}} + {{- dig "secret_key" "" .Values.license_secret_ref -}} +{{- end -}} +{{- end -}} + +{{/* mounts that are common to all containers */}} +{{- define "common-mounts" -}} +{{- $mounts := get ((include "redpanda.CommonMounts" (dict "a" (list .))) | fromJson) "r" }} +{{- if $mounts -}} +{{- toYaml $mounts -}} +{{- end -}} +{{- end -}} + +{{/* mounts that are common to most containers */}} +{{- define "default-mounts" -}} +{{- $mounts := get ((include "redpanda.DefaultMounts" (dict "a" (list .))) | fromJson) "r" }} +{{- if $mounts -}} +{{- toYaml $mounts -}} +{{- end -}} +{{- end -}} + +{{/* volumes that are common to all pods */}} +{{- define "common-volumes" -}} +{{- $volumes := get ((include "redpanda.CommonVolumes" (dict "a" (list .))) | fromJson) "r" }} +{{- if $volumes -}} +{{- toYaml $volumes -}} +{{- end -}} +{{- end -}} + +{{/* the default set of volumes for most pods, except the sts pod */}} +{{- define "default-volumes" -}} +{{- $volumes := get ((include "redpanda.DefaultVolumes" (dict "a" (list .))) | fromJson) "r" }} +{{- if $volumes -}} +{{- toYaml $volumes -}} +{{- end -}} +{{- end -}} + +{{/* support legacy storage.tieredConfig */}} +{{- define "storage-tiered-config" -}} +{{- $cfg := get ((include "redpanda.StorageTieredConfig" (dict "a" (list .))) | fromJson) "r" }} +{{- if $cfg -}} +{{- toYaml $cfg -}} +{{- end -}} +{{- end -}} + +{{/* + rpk sasl environment variables + + this will return a string with the correct environment variables to use for SASL based on the + version of the redpada container being used +*/}} +{{- define "rpk-sasl-environment-variables" -}} +{{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool -}} +RPK_USER RPK_PASS RPK_SASL_MECHANISM +{{- else -}} +REDPANDA_SASL_USERNAME REDPANDA_SASL_PASSWORD REDPANDA_SASL_MECHANISM +{{- end -}} +{{- end -}} + +{{- define "curl-options" -}} +{{- print " -svm3 --fail --retry \"120\" --retry-max-time \"120\" --retry-all-errors -o - -w \"\\nstatus=%{http_code} %{redirect_url} size=%{size_download} time=%{time_total} content-type=\\\"%{content_type}\\\"\\n\" "}} +{{- end -}} + +{{- define "advertised-address-template" -}} + {{- $prefixTemplate := dig "prefixTemplate" "" .externalListener -}} + {{- if empty $prefixTemplate -}} + {{- $prefixTemplate = dig "prefixTemplate" "" .externalVals -}} + {{- end -}} + {{ quote $prefixTemplate }} +{{- end -}} + +{{/* check if client auth is enabled for any of the listeners */}} +{{- define "client-auth-required" -}} +{{- $requireClientAuth := get ((include "redpanda.ClientAuthRequired" (dict "a" (list .))) | fromJson) "r" }} +{{- toJson (dict "bool" $requireClientAuth) -}} +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/_memory.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_memory.go.tpl new file mode 100644 index 0000000000..9f839e66b2 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_memory.go.tpl @@ -0,0 +1,63 @@ +{{- /* Generated from "memory.go" */ -}} + +{{- define "redpanda.RedpandaReserveMemory" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $rpMem_1 := $values.resources.memory.redpanda -}} +{{- if (and (ne $rpMem_1 (coalesce nil)) (ne $rpMem_1.reserveMemory (coalesce nil))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" ((div ((get (fromJson (include "_shims.resource_Value" (dict "a" (list $rpMem_1.reserveMemory) ))) "r") | int64) ((mul (1024 | int) (1024 | int)))) | int64)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" ((add (((mulf (((get (fromJson (include "redpanda.ContainerMemory" (dict "a" (list $dot) ))) "r") | int64) | float64) 0.002) | float64) | int64) (200 | int64)) | int64)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaMemory" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $memory := ((0 | int64) | int64) -}} +{{- $containerMemory := ((get (fromJson (include "redpanda.ContainerMemory" (dict "a" (list $dot) ))) "r") | int64) -}} +{{- $rpMem_2 := $values.resources.memory.redpanda -}} +{{- if (and (ne $rpMem_2 (coalesce nil)) (ne $rpMem_2.memory (coalesce nil))) -}} +{{- $memory = ((div ((get (fromJson (include "_shims.resource_Value" (dict "a" (list $rpMem_2.memory) ))) "r") | int64) ((mul (1024 | int) (1024 | int)))) | int64) -}} +{{- else -}} +{{- $memory = (((mulf ($containerMemory | float64) 0.8) | float64) | int64) -}} +{{- end -}} +{{- if (eq $memory (0 | int64)) -}} +{{- $_ := (fail "unable to get memory value redpanda-memory") -}} +{{- end -}} +{{- if (lt $memory (256 | int64)) -}} +{{- $_ := (fail (printf "%d is below the minimum value for Redpanda" $memory)) -}} +{{- end -}} +{{- if (gt ((add $memory ((get (fromJson (include "redpanda.RedpandaReserveMemory" (dict "a" (list $dot) ))) "r") | int64)) | int64) $containerMemory) -}} +{{- $_ := (fail (printf "Not enough container memory for Redpanda memory values where Redpanda: %d, reserve: %d, container: %d" $memory ((get (fromJson (include "redpanda.RedpandaReserveMemory" (dict "a" (list $dot) ))) "r") | int64) $containerMemory)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $memory) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ContainerMemory" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (ne $values.resources.memory.container.min (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" ((div ((get (fromJson (include "_shims.resource_Value" (dict "a" (list $values.resources.memory.container.min) ))) "r") | int64) ((mul (1024 | int) (1024 | int)))) | int64)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" ((div ((get (fromJson (include "_shims.resource_Value" (dict "a" (list $values.resources.memory.container.max) ))) "r") | int64) ((mul (1024 | int) (1024 | int)))) | int64)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_notes.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_notes.go.tpl new file mode 100644 index 0000000000..6c1e88a618 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_notes.go.tpl @@ -0,0 +1,167 @@ +{{- /* Generated from "notes.go" */ -}} + +{{- define "redpanda.Warnings" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $warnings := (coalesce nil) -}} +{{- $w_1 := (get (fromJson (include "redpanda.cpuWarning" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $w_1 "") -}} +{{- $warnings = (concat (default (list ) $warnings) (list (printf `**Warning**: %s` $w_1))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $warnings) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.cpuWarning" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $coresInMillis := ((get (fromJson (include "_shims.resource_MilliValue" (dict "a" (list $values.resources.cpu.cores) ))) "r") | int64) -}} +{{- if (lt $coresInMillis (1000 | int64)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%dm is below the minimum recommended CPU value for Redpanda" $coresInMillis)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" "") | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Notes" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $anySASL := (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $values.auth) ))) "r") -}} +{{- $notes := (coalesce nil) -}} +{{- $notes = (concat (default (list ) $notes) (list `` `` `` `` (printf `Congratulations on installing %s!` $dot.Chart.Name) `` `The pods will rollout in a few seconds. To check the status:` `` (printf ` kubectl -n %s rollout status statefulset %s --watch` $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")))) -}} +{{- if (and $values.external.enabled (eq $values.external.type "LoadBalancer")) -}} +{{- $notes = (concat (default (list ) $notes) (list `` `If you are using the load balancer service with a cloud provider, the services will likely have automatically-generated addresses. In this scenario the advertised listeners must be updated in order for external access to work. Run the following command once Redpanda is deployed:` `` (printf ` helm upgrade %s redpanda/redpanda --reuse-values -n %s --set $(kubectl get svc -n %s -o jsonpath='{"external.addresses={"}{ range .items[*]}{.status.loadBalancer.ingress[0].ip }{.status.loadBalancer.ingress[0].hostname}{","}{ end }{"}\n"}')` (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") $dot.Release.Namespace $dot.Release.Namespace))) -}} +{{- end -}} +{{- $profiles := (keys $values.listeners.kafka.external) -}} +{{- $_ := (sortAlpha $profiles) -}} +{{- $profileName := (index $profiles (0 | int)) -}} +{{- $notes = (concat (default (list ) $notes) (list `` `Set up rpk for access to your external listeners:`)) -}} +{{- $profile := (index $values.listeners.kafka.external $profileName) -}} +{{- if (get (fromJson (include "redpanda.TLSEnabled" (dict "a" (list $dot) ))) "r") -}} +{{- $external := "" -}} +{{- if (and (ne $profile.tls (coalesce nil)) (ne $profile.tls.cert (coalesce nil))) -}} +{{- $external = $profile.tls.cert -}} +{{- else -}} +{{- $external = $values.listeners.kafka.tls.cert -}} +{{- end -}} +{{- $notes = (concat (default (list ) $notes) (list (printf ` kubectl get secret -n %s %s-%s-cert -o go-template='{{ index .data "ca.crt" | base64decode }}' > ca.crt` $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $external))) -}} +{{- if (or $values.listeners.kafka.tls.requireClientAuth $values.listeners.admin.tls.requireClientAuth) -}} +{{- $notes = (concat (default (list ) $notes) (list (printf ` kubectl get secret -n %s %s-client -o go-template='{{ index .data "tls.crt" | base64decode }}' > tls.crt` $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) (printf ` kubectl get secret -n %s %s-client -o go-template='{{ index .data "tls.key" | base64decode }}' > tls.key` $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")))) -}} +{{- end -}} +{{- end -}} +{{- $notes = (concat (default (list ) $notes) (list (printf ` rpk profile create --from-profile <(kubectl get configmap -n %s %s-rpk -o go-template='{{ .data.profile }}') %s` $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $profileName) `` `Set up dns to look up the pods on their Kubernetes Nodes. You can use this query to get the list of short-names to IP addresses. Add your external domain to the hostnames and you could test by adding these to your /etc/hosts:` `` (printf ` kubectl get pod -n %s -o custom-columns=node:.status.hostIP,name:.metadata.name --no-headers -l app.kubernetes.io/name=redpanda,app.kubernetes.io/component=redpanda-statefulset` $dot.Release.Namespace))) -}} +{{- if $anySASL -}} +{{- $notes = (concat (default (list ) $notes) (list `` `Set the credentials in the environment:` `` (printf ` kubectl -n %s get secret %s -o go-template="{{ range .data }}{{ . | base64decode }}{{ end }}" | IFS=: read -r %s` $dot.Release.Namespace $values.auth.sasl.secretRef (get (fromJson (include "redpanda.RpkSASLEnvironmentVariables" (dict "a" (list $dot) ))) "r")) (printf ` export %s` (get (fromJson (include "redpanda.RpkSASLEnvironmentVariables" (dict "a" (list $dot) ))) "r")))) -}} +{{- end -}} +{{- $notes = (concat (default (list ) $notes) (list `` `Try some sample commands:`)) -}} +{{- if $anySASL -}} +{{- $notes = (concat (default (list ) $notes) (list `Create a user:` `` (printf ` %s` (get (fromJson (include "redpanda.RpkACLUserCreate" (dict "a" (list $dot) ))) "r")) `` `Give the user permissions:` `` (printf ` %s` (get (fromJson (include "redpanda.RpkACLCreate" (dict "a" (list $dot) ))) "r")))) -}} +{{- end -}} +{{- $notes = (concat (default (list ) $notes) (list `` `Get the api status:` `` (printf ` %s` (get (fromJson (include "redpanda.RpkClusterInfo" (dict "a" (list $dot) ))) "r")) `` `Create a topic` `` (printf ` %s` (get (fromJson (include "redpanda.RpkTopicCreate" (dict "a" (list $dot) ))) "r")) `` `Describe the topic:` `` (printf ` %s` (get (fromJson (include "redpanda.RpkTopicDescribe" (dict "a" (list $dot) ))) "r")) `` `Delete the topic:` `` (printf ` %s` (get (fromJson (include "redpanda.RpkTopicDelete" (dict "a" (list $dot) ))) "r")))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $notes) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RpkACLUserCreate" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf `rpk acl user create myuser --new-password changeme --mechanism %s` (get (fromJson (include "redpanda.SASLMechanism" (dict "a" (list $dot) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SASLMechanism" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (ne $values.auth.sasl (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $values.auth.sasl.mechanism) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" "SCRAM-SHA-512") | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RpkACLCreate" -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" `rpk acl create --allow-principal 'myuser' --allow-host '*' --operation all --topic 'test-topic'`) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RpkClusterInfo" -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" `rpk cluster info`) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RpkTopicCreate" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf `rpk topic create test-topic -p 3 -r %d` (min (3 | int64) (($values.statefulset.replicas | int) | int64)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RpkTopicDescribe" -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" `rpk topic describe test-topic`) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RpkTopicDelete" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" `rpk topic delete test-topic`) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RpkSASLEnvironmentVariables" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (get (fromJson (include "redpanda.RedpandaAtLeast_23_2_1" (dict "a" (list $dot) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" `RPK_USER RPK_PASS RPK_SASL_MECHANISM`) | toJson -}} +{{- break -}} +{{- else -}} +{{- $_is_returning = true -}} +{{- (dict "r" `REDPANDA_SASL_USERNAME REDPANDA_SASL_PASSWORD REDPANDA_SASL_MECHANISM`) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_poddisruptionbudget.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_poddisruptionbudget.go.tpl new file mode 100644 index 0000000000..763b7b0bdf --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_poddisruptionbudget.go.tpl @@ -0,0 +1,21 @@ +{{- /* Generated from "poddisruptionbudget.go" */ -}} + +{{- define "redpanda.PodDisruptionBudget" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $budget := ($values.statefulset.budget.maxUnavailable | int) -}} +{{- $minReplicas := ((div ($values.statefulset.replicas | int) (2 | int)) | int) -}} +{{- if (and (gt $budget (1 | int)) (gt $budget $minReplicas)) -}} +{{- $_ := (fail (printf "statefulset.budget.maxUnavailable is set too high to maintain quorum: %d > %d" $budget $minReplicas)) -}} +{{- end -}} +{{- $maxUnavailable := ($budget | int) -}} +{{- $matchLabels := (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") -}} +{{- $_ := (set $matchLabels "redpanda.com/poddisruptionbudget" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "disruptionsAllowed" 0 "currentHealthy" 0 "desiredHealthy" 0 "expectedPods" 0 ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "policy/v1" "kind" "PodDisruptionBudget" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict ) (dict "selector" (mustMergeOverwrite (dict ) (dict "matchLabels" $matchLabels )) "maxUnavailable" $maxUnavailable )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_post-install-upgrade-job.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_post-install-upgrade-job.go.tpl new file mode 100644 index 0000000000..348724b7db --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_post-install-upgrade-job.go.tpl @@ -0,0 +1,233 @@ +{{- /* Generated from "post_install_upgrade_job.go" */ -}} + +{{- define "redpanda.PostInstallUpgradeJob" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.post_install_job.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $job := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "batch/v1" "kind" "Job" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-configuration" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (merge (dict ) (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") (default (dict ) $values.post_install_job.labels)) "annotations" (merge (dict ) (dict "helm.sh/hook" "post-install,post-upgrade" "helm.sh/hook-delete-policy" "before-hook-creation" "helm.sh/hook-weight" "-5" ) (default (dict ) $values.post_install_job.annotations)) )) "spec" (mustMergeOverwrite (dict "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) ) (dict "template" (get (fromJson (include "redpanda.StrategicMergePatch" (dict "a" (list $values.post_install_job.podTemplate (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "generateName" (printf "%s-post-" $dot.Release.Name) "labels" (merge (dict ) (dict "app.kubernetes.io/name" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/instance" $dot.Release.Name "app.kubernetes.io/component" (printf "%.50s-post-install" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r")) ) (default (dict ) $values.commonLabels)) )) "spec" (mustMergeOverwrite (dict "containers" (coalesce nil) ) (dict "nodeSelector" $values.nodeSelector "affinity" (get (fromJson (include "redpanda.postInstallJobAffinity" (dict "a" (list $dot) ))) "r") "tolerations" (get (fromJson (include "redpanda.tolerations" (dict "a" (list $dot) ))) "r") "restartPolicy" "Never" "securityContext" (get (fromJson (include "redpanda.PodSecurityContext" (dict "a" (list $dot) ))) "r") "imagePullSecrets" (default (coalesce nil) $values.imagePullSecrets) "containers" (list (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "post-install" "image" (printf "%s:%s" $values.image.repository (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) "env" (get (fromJson (include "redpanda.rpkEnvVars" (dict "a" (list $dot (get (fromJson (include "redpanda.PostInstallUpgradeEnvironmentVariables" (dict "a" (list $dot) ))) "r")) ))) "r") "command" (list "bash" "-c") "args" (list ) "resources" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.post_install_job.resources (mustMergeOverwrite (dict ) (dict ))) ))) "r") "securityContext" (merge (dict ) (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.post_install_job.securityContext (mustMergeOverwrite (dict ) (dict ))) ))) "r") (get (fromJson (include "redpanda.ContainerSecurityContext" (dict "a" (list $dot) ))) "r")) "volumeMounts" (get (fromJson (include "redpanda.DefaultMounts" (dict "a" (list $dot) ))) "r") ))) "volumes" (get (fromJson (include "redpanda.DefaultVolumes" (dict "a" (list $dot) ))) "r") "serviceAccountName" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") )) ))) ))) "r") )) )) -}} +{{- $script := (coalesce nil) -}} +{{- $script = (concat (default (list ) $script) (list `set -e`)) -}} +{{- if (get (fromJson (include "redpanda.RedpandaAtLeast_22_2_0" (dict "a" (list $dot) ))) "r") -}} +{{- $script = (concat (default (list ) $script) (list `if [[ -n "$REDPANDA_LICENSE" ]] then` ` rpk cluster license set "$REDPANDA_LICENSE"` `fi`)) -}} +{{- end -}} +{{- $script = (concat (default (list ) $script) (list `` `` `` `` `rpk cluster config export -f /tmp/cfg.yml` `` `` `for KEY in "${!RPK_@}"; do` ` if ! [[ "$KEY" =~ ^(RPK_USER|RPK_PASS|RPK_SASL_MECHANISM)$ ]]; then` ` config="${KEY#*RPK_}"` ` rpk redpanda config set --config /tmp/cfg.yml "${config,,}" "${!KEY}"` ` fi` `done` `` `` `rpk cluster config import -f /tmp/cfg.yml` ``)) -}} +{{- $_ := (set (index $job.spec.template.spec.containers (0 | int)) "args" (concat (default (list ) (index $job.spec.template.spec.containers (0 | int)).args) (list (join "\n" $script)))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $job) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.postInstallJobAffinity" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not (empty $values.post_install_job.affinity)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $values.post_install_job.affinity) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $values.post_install_job.affinity $values.affinity)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.tolerations" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $result := (coalesce nil) -}} +{{- range $_, $t := $values.tolerations -}} +{{- $result = (concat (default (list ) $result) (list (merge (dict ) $t))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.PostInstallUpgradeEnvironmentVariables" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $envars := (list ) -}} +{{- $license_1 := (get (fromJson (include "redpanda.GetLicenseLiteral" (dict "a" (list $dot) ))) "r") -}} +{{- $secretReference_2 := (get (fromJson (include "redpanda.GetLicenseSecretReference" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $license_1 "") -}} +{{- $envars = (concat (default (list ) $envars) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "REDPANDA_LICENSE" "value" $license_1 )))) -}} +{{- else -}}{{- if (ne $secretReference_2 (coalesce nil)) -}} +{{- $envars = (concat (default (list ) $envars) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "REDPANDA_LICENSE" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" $secretReference_2 )) )))) -}} +{{- end -}} +{{- end -}} +{{- if (not (get (fromJson (include "redpanda.Storage.IsTieredStorageEnabled" (dict "a" (list $values.storage) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $envars) | toJson -}} +{{- break -}} +{{- end -}} +{{- $tieredStorageConfig := (get (fromJson (include "redpanda.Storage.GetTieredStorageConfig" (dict "a" (list $values.storage) ))) "r") -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $tieredStorageConfig "cloud_storage_azure_container" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $azureContainerExists := $tmp_tuple_1.T2 -}} +{{- $ac := $tmp_tuple_1.T1 -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $tieredStorageConfig "cloud_storage_azure_storage_account" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $azureStorageAccountExists := $tmp_tuple_2.T2 -}} +{{- $asa := $tmp_tuple_2.T1 -}} +{{- if (and (and (and $azureContainerExists (ne $ac (coalesce nil))) $azureStorageAccountExists) (ne $asa (coalesce nil))) -}} +{{- $envars = (concat (default (list ) $envars) (default (list ) (get (fromJson (include "redpanda.addAzureSharedKey" (dict "a" (list $tieredStorageConfig $values) ))) "r"))) -}} +{{- else -}} +{{- $envars = (concat (default (list ) $envars) (default (list ) (get (fromJson (include "redpanda.addCloudStorageSecretKey" (dict "a" (list $tieredStorageConfig $values) ))) "r"))) -}} +{{- end -}} +{{- $envars = (concat (default (list ) $envars) (default (list ) (get (fromJson (include "redpanda.addCloudStorageAccessKey" (dict "a" (list $tieredStorageConfig $values) ))) "r"))) -}} +{{- range $k, $v := $tieredStorageConfig -}} +{{- if (or (or (eq $k "cloud_storage_access_key") (eq $k "cloud_storage_secret_key")) (eq $k "cloud_storage_azure_shared_key")) -}} +{{- continue -}} +{{- end -}} +{{- if (or (eq $v (coalesce nil)) (empty $v)) -}} +{{- continue -}} +{{- end -}} +{{- if (eq $k "cloud_storage_cache_size") -}} +{{- $envars = (concat (default (list ) $envars) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" (printf "RPK_%s" (upper $k)) "value" (toJson ((get (fromJson (include "_shims.resource_Value" (dict "a" (list $v) ))) "r") | int64)) )))) -}} +{{- continue -}} +{{- end -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "string" $v "") ))) "r")) ))) "r") -}} +{{- $ok_4 := $tmp_tuple_3.T2 -}} +{{- $str_3 := $tmp_tuple_3.T1 -}} +{{- if $ok_4 -}} +{{- $envars = (concat (default (list ) $envars) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" (printf "RPK_%s" (upper $k)) "value" $str_3 )))) -}} +{{- else -}} +{{- $envars = (concat (default (list ) $envars) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" (printf "RPK_%s" (upper $k)) "value" (mustToJson $v) )))) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $envars) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.addCloudStorageAccessKey" -}} +{{- $tieredStorageConfig := (index .a 0) -}} +{{- $values := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $tieredStorageConfig "cloud_storage_access_key" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_6 := $tmp_tuple_4.T2 -}} +{{- $v_5 := $tmp_tuple_4.T1 -}} +{{- $ak_7 := $values.storage.tiered.credentialsSecretRef.accessKey -}} +{{- if (and $ok_6 (ne $v_5 "")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_CLOUD_STORAGE_ACCESS_KEY" "value" (get (fromJson (include "_shims.typeassertion" (dict "a" (list "string" $v_5) ))) "r") )))) | toJson -}} +{{- break -}} +{{- else -}}{{- if (get (fromJson (include "redpanda.SecretRef.IsValid" (dict "a" (list $ak_7) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_CLOUD_STORAGE_ACCESS_KEY" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" $ak_7.name )) (dict "key" $ak_7.key )) )) )))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.addCloudStorageSecretKey" -}} +{{- $tieredStorageConfig := (index .a 0) -}} +{{- $values := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_5 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $tieredStorageConfig "cloud_storage_secret_key" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_9 := $tmp_tuple_5.T2 -}} +{{- $v_8 := $tmp_tuple_5.T1 -}} +{{- $sk_10 := $values.storage.tiered.credentialsSecretRef.secretKey -}} +{{- if (and $ok_9 (ne $v_8 "")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_CLOUD_STORAGE_SECRET_KEY" "value" (get (fromJson (include "_shims.typeassertion" (dict "a" (list "string" $v_8) ))) "r") )))) | toJson -}} +{{- break -}} +{{- else -}}{{- if (get (fromJson (include "redpanda.SecretRef.IsValid" (dict "a" (list $sk_10) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_CLOUD_STORAGE_SECRET_KEY" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" $sk_10.name )) (dict "key" $sk_10.key )) )) )))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.addAzureSharedKey" -}} +{{- $tieredStorageConfig := (index .a 0) -}} +{{- $values := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_6 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $tieredStorageConfig "cloud_storage_azure_shared_key" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_12 := $tmp_tuple_6.T2 -}} +{{- $v_11 := $tmp_tuple_6.T1 -}} +{{- $sk_13 := $values.storage.tiered.credentialsSecretRef.secretKey -}} +{{- if (and $ok_12 (ne $v_11 "")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_CLOUD_STORAGE_AZURE_SHARED_KEY" "value" (get (fromJson (include "_shims.typeassertion" (dict "a" (list "string" $v_11) ))) "r") )))) | toJson -}} +{{- break -}} +{{- else -}}{{- if (get (fromJson (include "redpanda.SecretRef.IsValid" (dict "a" (list $sk_13) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_CLOUD_STORAGE_AZURE_SHARED_KEY" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" $sk_13.name )) (dict "key" $sk_13.key )) )) )))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.GetLicenseLiteral" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (ne $values.enterprise.license "") -}} +{{- $_is_returning = true -}} +{{- (dict "r" $values.enterprise.license) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $values.license_key) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.GetLicenseSecretReference" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not (empty $values.enterprise.licenseSecretRef)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" $values.enterprise.licenseSecretRef.name )) (dict "key" $values.enterprise.licenseSecretRef.key ))) | toJson -}} +{{- break -}} +{{- else -}}{{- if (not (empty $values.license_secret_ref)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" $values.license_secret_ref.secret_name )) (dict "key" $values.license_secret_ref.secret_key ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_secrets.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_secrets.go.tpl new file mode 100644 index 0000000000..65ccf5d71f --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_secrets.go.tpl @@ -0,0 +1,422 @@ +{{- /* Generated from "secrets.go" */ -}} + +{{- define "redpanda.Secrets" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $secrets := (coalesce nil) -}} +{{- $secrets = (concat (default (list ) $secrets) (list (get (fromJson (include "redpanda.SecretSTSLifecycle" (dict "a" (list $dot) ))) "r"))) -}} +{{- $saslUsers_1 := (get (fromJson (include "redpanda.SecretSASLUsers" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $saslUsers_1 (coalesce nil)) -}} +{{- $secrets = (concat (default (list ) $secrets) (list $saslUsers_1)) -}} +{{- end -}} +{{- $configWatcher_2 := (get (fromJson (include "redpanda.SecretConfigWatcher" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $configWatcher_2 (coalesce nil)) -}} +{{- $secrets = (concat (default (list ) $secrets) (list $configWatcher_2)) -}} +{{- end -}} +{{- $secrets = (concat (default (list ) $secrets) (list (get (fromJson (include "redpanda.SecretConfigurator" (dict "a" (list $dot) ))) "r"))) -}} +{{- $fsValidator_3 := (get (fromJson (include "redpanda.SecretFSValidator" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $fsValidator_3 (coalesce nil)) -}} +{{- $secrets = (concat (default (list ) $secrets) (list $fsValidator_3)) -}} +{{- end -}} +{{- $bootstrapUser_4 := (get (fromJson (include "redpanda.SecretBootstrapUser" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $bootstrapUser_4 (coalesce nil)) -}} +{{- $secrets = (concat (default (list ) $secrets) (list $bootstrapUser_4)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $secrets) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SecretSTSLifecycle" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $secret := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Secret" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-sts-lifecycle" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "type" "Opaque" "stringData" (dict ) )) -}} +{{- $adminCurlFlags := (get (fromJson (include "redpanda.adminTLSCurlFlags" (dict "a" (list $dot) ))) "r") -}} +{{- $_ := (set $secret.stringData "common.sh" (join "\n" (list `#!/usr/bin/env bash` `` `# the SERVICE_NAME comes from the metadata.name of the pod, essentially the POD_NAME` (printf `CURL_URL="%s"` (get (fromJson (include "redpanda.adminInternalURL" (dict "a" (list $dot) ))) "r")) `` `# commands used throughout` (printf `CURL_NODE_ID_CMD="curl --silent --fail %s ${CURL_URL}/v1/node_config"` $adminCurlFlags) `` `CURL_MAINTENANCE_DELETE_CMD_PREFIX='curl -X DELETE --silent -o /dev/null -w "%{http_code}"'` `CURL_MAINTENANCE_PUT_CMD_PREFIX='curl -X PUT --silent -o /dev/null -w "%{http_code}"'` (printf `CURL_MAINTENANCE_GET_CMD="curl -X GET --silent %s ${CURL_URL}/v1/maintenance"` $adminCurlFlags)))) -}} +{{- $postStartSh := (list `#!/usr/bin/env bash` `# This code should be similar if not exactly the same as that found in the panda-operator, see` `# https://github.com/redpanda-data/redpanda/blob/e51d5b7f2ef76d5160ca01b8c7a8cf07593d29b6/src/go/k8s/pkg/resources/secret.go` `` `# path below should match the path defined on the statefulset` `source /var/lifecycle/common.sh` `` `postStartHook () {` ` set -x` `` ` touch /tmp/postStartHookStarted` `` ` until NODE_ID=$(${CURL_NODE_ID_CMD} | grep -o '\"node_id\":[^,}]*' | grep -o '[^: ]*$'); do` ` sleep 0.5` ` done` `` ` echo "Clearing maintenance mode on node ${NODE_ID}"` (printf ` CURL_MAINTENANCE_DELETE_CMD="${CURL_MAINTENANCE_DELETE_CMD_PREFIX} %s ${CURL_URL}/v1/brokers/${NODE_ID}/maintenance"` $adminCurlFlags) ` # a 400 here would mean not in maintenance mode` ` until [ "${status:-}" = '"200"' ] || [ "${status:-}" = '"400"' ]; do` ` status=$(${CURL_MAINTENANCE_DELETE_CMD})` ` sleep 0.5` ` done`) -}} +{{- if (and $values.auth.sasl.enabled (ne $values.auth.sasl.secretRef "")) -}} +{{- $postStartSh = (concat (default (list ) $postStartSh) (list ` # Setup and export SASL bootstrap-user` ` IFS=":" read -r USER_NAME PASSWORD MECHANISM < <(grep "" $(find /etc/secrets/users/* -print))` (printf ` MECHANISM=${MECHANISM:-%s}` (dig "auth" "sasl" "mechanism" "SCRAM-SHA-512" $dot.Values.AsMap)) ` rpk acl user create ${USER_NAME} -p {PASSWORD} --mechanism ${MECHANISM} || true`)) -}} +{{- end -}} +{{- $postStartSh = (concat (default (list ) $postStartSh) (list `` ` touch /tmp/postStartHookFinished` `}` `` `postStartHook` `true`)) -}} +{{- $_ := (set $secret.stringData "postStart.sh" (join "\n" $postStartSh)) -}} +{{- $preStopSh := (list `#!/usr/bin/env bash` `# This code should be similar if not exactly the same as that found in the panda-operator, see` `# https://github.com/redpanda-data/redpanda/blob/e51d5b7f2ef76d5160ca01b8c7a8cf07593d29b6/src/go/k8s/pkg/resources/secret.go` `` `touch /tmp/preStopHookStarted` `` `# path below should match the path defined on the statefulset` `source /var/lifecycle/common.sh` `` `set -x` `` `preStopHook () {` ` until NODE_ID=$(${CURL_NODE_ID_CMD} | grep -o '\"node_id\":[^,}]*' | grep -o '[^: ]*$'); do` ` sleep 0.5` ` done` `` ` echo "Setting maintenance mode on node ${NODE_ID}"` (printf ` CURL_MAINTENANCE_PUT_CMD="${CURL_MAINTENANCE_PUT_CMD_PREFIX} %s ${CURL_URL}/v1/brokers/${NODE_ID}/maintenance"` $adminCurlFlags) ` until [ "${status:-}" = '"200"' ]; do` ` status=$(${CURL_MAINTENANCE_PUT_CMD})` ` sleep 0.5` ` done` `` ` until [ "${finished:-}" = "true" ] || [ "${draining:-}" = "false" ]; do` ` res=$(${CURL_MAINTENANCE_GET_CMD})` ` finished=$(echo $res | grep -o '\"finished\":[^,}]*' | grep -o '[^: ]*$')` ` draining=$(echo $res | grep -o '\"draining\":[^,}]*' | grep -o '[^: ]*$')` ` sleep 0.5` ` done` `` ` touch /tmp/preStopHookFinished` `}`) -}} +{{- if (and (gt ($values.statefulset.replicas | int) (2 | int)) (not (get (fromJson (include "_shims.typeassertion" (dict "a" (list "bool" (dig "recovery_mode_enabled" false $values.config.node)) ))) "r"))) -}} +{{- $preStopSh = (concat (default (list ) $preStopSh) (list `preStopHook`)) -}} +{{- else -}} +{{- $preStopSh = (concat (default (list ) $preStopSh) (list `touch /tmp/preStopHookFinished` `echo "Not enough replicas or in recovery mode, cannot put a broker into maintenance mode."`)) -}} +{{- end -}} +{{- $preStopSh = (concat (default (list ) $preStopSh) (list `true`)) -}} +{{- $_ := (set $secret.stringData "preStop.sh" (join "\n" $preStopSh)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $secret) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SecretSASLUsers" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (and (and (ne $values.auth.sasl.secretRef "") $values.auth.sasl.enabled) (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.auth.sasl.users) ))) "r") | int) (0 | int))) -}} +{{- $secret := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Secret" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $values.auth.sasl.secretRef "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "type" "Opaque" "stringData" (dict ) )) -}} +{{- $usersTxt := (list ) -}} +{{- range $_, $user := $values.auth.sasl.users -}} +{{- if (empty $user.mechanism) -}} +{{- $usersTxt = (concat (default (list ) $usersTxt) (list (printf "%s:%s" $user.name $user.password))) -}} +{{- else -}} +{{- $usersTxt = (concat (default (list ) $usersTxt) (list (printf "%s:%s:%s" $user.name $user.password $user.mechanism))) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $secret.stringData "users.txt" (join "\n" $usersTxt)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $secret) | toJson -}} +{{- break -}} +{{- else -}}{{- if (and $values.auth.sasl.enabled (eq $values.auth.sasl.secretRef "")) -}} +{{- $_ := (fail "auth.sasl.secretRef cannot be empty when auth.sasl.enabled=true") -}} +{{- else -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SecretBootstrapUser" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.auth.sasl.enabled) (ne $values.auth.sasl.bootstrapUser.secretKeyRef (coalesce nil))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $secretName := (printf "%s-bootstrap-user" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- if $dot.Release.IsUpgrade -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.lookup" (dict "a" (list "v1" "Secret" $dot.Release.Namespace $secretName) ))) "r")) ))) "r") -}} +{{- $ok_6 := $tmp_tuple_1.T2 -}} +{{- $existing_5 := $tmp_tuple_1.T1 -}} +{{- if $ok_6 -}} +{{- $_is_returning = true -}} +{{- (dict "r" $existing_5) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $password := (randAlphaNum (32 | int)) -}} +{{- $userPassword := $values.auth.sasl.bootstrapUser.password -}} +{{- if (ne $userPassword (coalesce nil)) -}} +{{- $password = $userPassword -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Secret" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $secretName "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "type" "Opaque" "stringData" (dict "password" $password ) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SecretConfigWatcher" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.statefulset.sideCars.configWatcher.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $sasl := $values.auth.sasl -}} +{{- $secret := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Secret" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-config-watcher" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "type" "Opaque" "stringData" (dict ) )) -}} +{{- $saslUserSh := (coalesce nil) -}} +{{- $saslUserSh = (concat (default (list ) $saslUserSh) (list `#!/usr/bin/env bash` `` `trap 'error_handler $? $LINENO' ERR` `` `error_handler() {` ` echo "Error: ($1) occurred at line $2"` `}` `` `set -e` `` `# rpk cluster health can exit non-zero if it's unable to dial brokers. This` `# can happen for many reasons but we never want this script to crash as it` `# would take down yet another broker and make a bad situation worse.` `# Instead, just wait for the command to eventually exit zero.` `echo "Waiting for cluster to be ready"` `until rpk cluster health --watch --exit-when-healthy; do` ` echo "rpk cluster health failed. Waiting 5 seconds before trying again..."` ` sleep 5` `done`)) -}} +{{- if (and $sasl.enabled (ne $sasl.secretRef "")) -}} +{{- $saslUserSh = (concat (default (list ) $saslUserSh) (list `while true; do` ` echo "RUNNING: Monitoring and Updating SASL users"` ` USERS_DIR="/etc/secrets/users"` `` ` new_users_list(){` ` LIST=$1` ` NEW_USER=$2` ` if [[ -n "${LIST}" ]]; then` ` LIST="${NEW_USER},${LIST}"` ` else` ` LIST="${NEW_USER}"` ` fi` `` ` echo "${LIST}"` ` }` `` ` process_users() {` ` USERS_DIR=${1-"/etc/secrets/users"}` ` USERS_FILE=$(find ${USERS_DIR}/* -print)` ` USERS_LIST="kubernetes-controller"` ` READ_LIST_SUCCESS=0` ` # Read line by line, handle a missing EOL at the end of file` ` while read p || [ -n "$p" ] ; do` ` IFS=":" read -r USER_NAME PASSWORD MECHANISM <<< $p` ` # Do not process empty lines` ` if [ -z "$USER_NAME" ]; then` ` continue` ` fi` ` if [[ "${USER_NAME// /}" != "$USER_NAME" ]]; then` ` continue` ` fi` ` echo "Creating user ${USER_NAME}..."` (printf ` MECHANISM=${MECHANISM:-%s}` (dig "auth" "sasl" "mechanism" "SCRAM-SHA-512" $dot.Values.AsMap)) ` creation_result=$(rpk acl user create ${USER_NAME} -p ${PASSWORD} --mechanism ${MECHANISM} 2>&1) && creation_result_exit_code=$? || creation_result_exit_code=$? # On a non-success exit code` ` if [[ $creation_result_exit_code -ne 0 ]]; then` ` # Check if the stderr contains "User already exists"` ` # this error occurs when password has changed` ` if [[ $creation_result == *"User already exists"* ]]; then` ` echo "Update user ${USER_NAME}"` ` # we will try to update by first deleting` ` deletion_result=$(rpk acl user delete ${USER_NAME} 2>&1) && deletion_result_exit_code=$? || deletion_result_exit_code=$?` ` if [[ $deletion_result_exit_code -ne 0 ]]; then` ` echo "deletion of user ${USER_NAME} failed: ${deletion_result}"` ` READ_LIST_SUCCESS=1` ` break` ` fi` ` # Now we update the user` ` update_result=$(rpk acl user create ${USER_NAME} -p ${PASSWORD} --mechanism ${MECHANISM} 2>&1) && update_result_exit_code=$? || update_result_exit_code=$? # On a non-success exit code` ` if [[ $update_result_exit_code -ne 0 ]]; then` ` echo "updating user ${USER_NAME} failed: ${update_result}"` ` READ_LIST_SUCCESS=1` ` break` ` else` ` echo "Updated user ${USER_NAME}..."` ` USERS_LIST=$(new_users_list "${USERS_LIST}" "${USER_NAME}")` ` fi` ` else` ` # Another error occurred, so output the original message and exit code` ` echo "error creating user ${USER_NAME}: ${creation_result}"` ` READ_LIST_SUCCESS=1` ` break` ` fi` ` # On a success, the user was created so output that` ` else` ` echo "Created user ${USER_NAME}..."` ` USERS_LIST=$(new_users_list "${USERS_LIST}" "${USER_NAME}")` ` fi` ` done < $USERS_FILE` `` ` if [[ -n "${USERS_LIST}" && ${READ_LIST_SUCCESS} ]]; then` ` echo "Setting superusers configurations with users [${USERS_LIST}]"` ` superuser_result=$(rpk cluster config set superusers [${USERS_LIST}] 2>&1) && superuser_result_exit_code=$? || superuser_result_exit_code=$?` ` if [[ $superuser_result_exit_code -ne 0 ]]; then` ` echo "Setting superusers configurations failed: ${superuser_result}"` ` else` ` echo "Completed setting superusers configurations"` ` fi` ` fi` ` }` `` ` # before we do anything ensure we have the bootstrap user` ` echo "Ensuring bootstrap user ${RPK_USER}..."` ` creation_result=$(rpk acl user create ${RPK_USER} -p ${RPK_PASS} --mechanism ${RPK_SASL_MECHANISM} 2>&1) && creation_result_exit_code=$? || creation_result_exit_code=$? # On a non-success exit code` ` if [[ $creation_result_exit_code -ne 0 ]]; then` ` if [[ $creation_result == *"User already exists"* ]]; then` ` echo "Bootstrap user already created"` ` else` ` echo "error creating user ${RPK_USER}: ${creation_result}"` ` fi` ` fi` `` ` # first time processing` ` process_users $USERS_DIR` `` ` # subsequent changes detected here` ` # watching delete_self as documented in https://ahmet.im/blog/kubernetes-inotify/` ` USERS_FILE=$(find ${USERS_DIR}/* -print)` ` while RES=$(inotifywait -q -e delete_self ${USERS_FILE}); do` ` process_users $USERS_DIR` ` done` `done`)) -}} +{{- else -}} +{{- $saslUserSh = (concat (default (list ) $saslUserSh) (list `echo "Nothing to do. Sleeping..."` `sleep infinity`)) -}} +{{- end -}} +{{- $_ := (set $secret.stringData "sasl-user.sh" (join "\n" $saslUserSh)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $secret) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SecretFSValidator" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.statefulset.initContainers.fsValidator.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $secret := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Secret" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-fs-validator" (substr 0 (49 | int) (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r"))) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "type" "Opaque" "stringData" (dict ) )) -}} +{{- $_ := (set $secret.stringData "fsValidator.sh" `set -e +EXPECTED_FS_TYPE=$1 + +DATA_DIR="/var/lib/redpanda/data" +TEST_FILE="testfile" + +echo "checking data directory exist..." +if [ ! -d "${DATA_DIR}" ]; then + echo "data directory does not exists, exiting" + exit 1 +fi + +echo "checking filesystem type..." +FS_TYPE=$(df -T $DATA_DIR | tail -n +2 | awk '{print $2}') + +if [ "${FS_TYPE}" != "${EXPECTED_FS_TYPE}" ]; then + echo "file system found to be ${FS_TYPE} when expected ${EXPECTED_FS_TYPE}" + exit 1 +fi + +echo "checking if able to create a test file..." + +touch ${DATA_DIR}/${TEST_FILE} +result=$(touch ${DATA_DIR}/${TEST_FILE} 2> /dev/null; echo $?) +if [ "${result}" != "0" ]; then + echo "could not write testfile, may not have write permission" + exit 1 +fi + +echo "checking if able to delete a test file..." + +result=$(rm ${DATA_DIR}/${TEST_FILE} 2> /dev/null; echo $?) +if [ "${result}" != "0" ]; then + echo "could not delete testfile" + exit 1 +fi + +echo "passed"`) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $secret) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SecretConfigurator" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $secret := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Secret" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%.51s-configurator" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "type" "Opaque" "stringData" (dict ) )) -}} +{{- $configuratorSh := (list ) -}} +{{- $configuratorSh = (concat (default (list ) $configuratorSh) (list `set -xe` `SERVICE_NAME=$1` `KUBERNETES_NODE_NAME=$2` `POD_ORDINAL=${SERVICE_NAME##*-}` "BROKER_INDEX=`expr $POD_ORDINAL + 1`" `` `CONFIG=/etc/redpanda/redpanda.yaml` `` `# Setup config files` `cp /tmp/base-config/redpanda.yaml "${CONFIG}"` `cp /tmp/base-config/bootstrap.yaml /etc/redpanda/.bootstrap.yaml`)) -}} +{{- if (not (get (fromJson (include "redpanda.RedpandaAtLeast_22_3_0" (dict "a" (list $dot) ))) "r")) -}} +{{- $configuratorSh = (concat (default (list ) $configuratorSh) (list `` `# Configure bootstrap` `## Not used for Redpanda v22.3.0+` `rpk --config "${CONFIG}" redpanda config set redpanda.node_id "${POD_ORDINAL}"` `if [ "${POD_ORDINAL}" = "0" ]; then` ` rpk --config "${CONFIG}" redpanda config set redpanda.seed_servers '[]' --format yaml` `fi`)) -}} +{{- end -}} +{{- $kafkaSnippet := (get (fromJson (include "redpanda.secretConfiguratorKafkaConfig" (dict "a" (list $dot) ))) "r") -}} +{{- $configuratorSh = (concat (default (list ) $configuratorSh) (default (list ) $kafkaSnippet)) -}} +{{- $httpSnippet := (get (fromJson (include "redpanda.secretConfiguratorHTTPConfig" (dict "a" (list $dot) ))) "r") -}} +{{- $configuratorSh = (concat (default (list ) $configuratorSh) (default (list ) $httpSnippet)) -}} +{{- if (and (get (fromJson (include "redpanda.RedpandaAtLeast_22_3_0" (dict "a" (list $dot) ))) "r") $values.rackAwareness.enabled) -}} +{{- $configuratorSh = (concat (default (list ) $configuratorSh) (list `` `# Configure Rack Awareness` `set +x` (printf `RACK=$(curl --silent --cacert /run/secrets/kubernetes.io/serviceaccount/ca.crt --fail -H 'Authorization: Bearer '$(cat /run/secrets/kubernetes.io/serviceaccount/token) "https://${KUBERNETES_SERVICE_HOST}:${KUBERNETES_SERVICE_PORT_HTTPS}/api/v1/nodes/${KUBERNETES_NODE_NAME}?pretty=true" | grep %s | grep -v '\"key\":' | sed 's/.*": "\([^"]\+\).*/\1/')` (squote (quote $values.rackAwareness.nodeAnnotation))) `set -x` `rpk --config "$CONFIG" redpanda config set redpanda.rack "${RACK}"`)) -}} +{{- end -}} +{{- $_ := (set $secret.stringData "configurator.sh" (join "\n" $configuratorSh)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $secret) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.secretConfiguratorKafkaConfig" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $internalAdvertiseAddress := (printf "%s.%s" "${SERVICE_NAME}" (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r")) -}} +{{- $snippet := (coalesce nil) -}} +{{- $listenerName := "kafka" -}} +{{- $listenerAdvertisedName := $listenerName -}} +{{- $redpandaConfigPart := "redpanda" -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `LISTENER=%s` (quote (toJson (dict "name" "internal" "address" $internalAdvertiseAddress "port" ($values.listeners.kafka.port | int) )))) (printf `rpk redpanda config --config "$CONFIG" set %s.advertised_%s_api[0] "$LISTENER"` $redpandaConfigPart $listenerAdvertisedName))) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.listeners.kafka.external) ))) "r") | int) (0 | int)) -}} +{{- $externalCounter := (0 | int) -}} +{{- range $externalName, $externalVals := $values.listeners.kafka.external -}} +{{- $externalCounter = ((add $externalCounter (1 | int)) | int) -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `ADVERTISED_%s_ADDRESSES=()` (upper $listenerName)))) -}} +{{- range $_, $replicaIndex := (until (($values.statefulset.replicas | int) | int)) -}} +{{- $port := ($externalVals.port | int) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $externalVals.advertisedPorts) ))) "r") | int) (0 | int)) -}} +{{- if (eq ((get (fromJson (include "_shims.len" (dict "a" (list $externalVals.advertisedPorts) ))) "r") | int) (1 | int)) -}} +{{- $port = (index $externalVals.advertisedPorts (0 | int)) -}} +{{- else -}} +{{- $port = (index $externalVals.advertisedPorts $replicaIndex) -}} +{{- end -}} +{{- end -}} +{{- $host := (get (fromJson (include "redpanda.advertisedHostJSON" (dict "a" (list $dot $externalName $port $replicaIndex) ))) "r") -}} +{{- $address := (toJson $host) -}} +{{- $prefixTemplate := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $externalVals.prefixTemplate "") ))) "r") -}} +{{- if (eq $prefixTemplate "") -}} +{{- $prefixTemplate = (default "" $values.external.prefixTemplate) -}} +{{- end -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `PREFIX_TEMPLATE=%s` (quote $prefixTemplate)) (printf `ADVERTISED_%s_ADDRESSES+=(%s)` (upper $listenerName) (quote $address)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `rpk redpanda config --config "$CONFIG" set %s.advertised_%s_api[%d] "${ADVERTISED_%s_ADDRESSES[$POD_ORDINAL]}"` $redpandaConfigPart $listenerAdvertisedName $externalCounter (upper $listenerName)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $snippet) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.secretConfiguratorHTTPConfig" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $internalAdvertiseAddress := (printf "%s.%s" "${SERVICE_NAME}" (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r")) -}} +{{- $snippet := (coalesce nil) -}} +{{- $listenerName := "http" -}} +{{- $listenerAdvertisedName := "pandaproxy" -}} +{{- $redpandaConfigPart := "pandaproxy" -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `LISTENER=%s` (quote (toJson (dict "name" "internal" "address" $internalAdvertiseAddress "port" ($values.listeners.http.port | int) )))) (printf `rpk redpanda config --config "$CONFIG" set %s.advertised_%s_api[0] "$LISTENER"` $redpandaConfigPart $listenerAdvertisedName))) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.listeners.http.external) ))) "r") | int) (0 | int)) -}} +{{- $externalCounter := (0 | int) -}} +{{- range $externalName, $externalVals := $values.listeners.http.external -}} +{{- $externalCounter = ((add $externalCounter (1 | int)) | int) -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `ADVERTISED_%s_ADDRESSES=()` (upper $listenerName)))) -}} +{{- range $_, $replicaIndex := (until (($values.statefulset.replicas | int) | int)) -}} +{{- $port := ($externalVals.port | int) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $externalVals.advertisedPorts) ))) "r") | int) (0 | int)) -}} +{{- if (eq ((get (fromJson (include "_shims.len" (dict "a" (list $externalVals.advertisedPorts) ))) "r") | int) (1 | int)) -}} +{{- $port = (index $externalVals.advertisedPorts (0 | int)) -}} +{{- else -}} +{{- $port = (index $externalVals.advertisedPorts $replicaIndex) -}} +{{- end -}} +{{- end -}} +{{- $host := (get (fromJson (include "redpanda.advertisedHostJSON" (dict "a" (list $dot $externalName $port $replicaIndex) ))) "r") -}} +{{- $address := (toJson $host) -}} +{{- $prefixTemplate := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $externalVals.prefixTemplate "") ))) "r") -}} +{{- if (eq $prefixTemplate "") -}} +{{- $prefixTemplate = (default "" $values.external.prefixTemplate) -}} +{{- end -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `PREFIX_TEMPLATE=%s` (quote $prefixTemplate)) (printf `ADVERTISED_%s_ADDRESSES+=(%s)` (upper $listenerName) (quote $address)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $snippet = (concat (default (list ) $snippet) (list `` (printf `rpk redpanda config --config "$CONFIG" set %s.advertised_%s_api[%d] "${ADVERTISED_%s_ADDRESSES[$POD_ORDINAL]}"` $redpandaConfigPart $listenerAdvertisedName $externalCounter (upper $listenerName)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $snippet) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.adminTLSCurlFlags" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $values.listeners.admin.tls $values.tls) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" "") | toJson -}} +{{- break -}} +{{- end -}} +{{- if $values.listeners.admin.tls.requireClientAuth -}} +{{- $path := (printf "/etc/tls/certs/%s-client" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "--cacert %s/ca.crt --cert %s/tls.crt --key %s/tls.key" $path $path $path)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $path := (get (fromJson (include "redpanda.InternalTLS.ServerCAPath" (dict "a" (list $values.listeners.admin.tls $values.tls) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "--cacert %s" $path)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.externalAdvertiseAddress" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $eaa := "${SERVICE_NAME}" -}} +{{- $externalDomainTemplate := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.external.domain "") ))) "r") -}} +{{- $expanded := (tpl $externalDomainTemplate $dot) -}} +{{- if (not (empty $expanded)) -}} +{{- $eaa = (printf "%s.%s" "${SERVICE_NAME}" $expanded) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $eaa) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.advertisedHostJSON" -}} +{{- $dot := (index .a 0) -}} +{{- $externalName := (index .a 1) -}} +{{- $port := (index .a 2) -}} +{{- $replicaIndex := (index .a 3) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $host := (dict "name" $externalName "address" (get (fromJson (include "redpanda.externalAdvertiseAddress" (dict "a" (list $dot) ))) "r") "port" $port ) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.external.addresses) ))) "r") | int) (0 | int)) -}} +{{- $address := "" -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.external.addresses) ))) "r") | int) (1 | int)) -}} +{{- $address = (index $values.external.addresses $replicaIndex) -}} +{{- else -}} +{{- $address = (index $values.external.addresses (0 | int)) -}} +{{- end -}} +{{- $domain_7 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.external.domain "") ))) "r") -}} +{{- if (ne $domain_7 "") -}} +{{- $host = (dict "name" $externalName "address" (printf "%s.%s" $address $domain_7) "port" $port ) -}} +{{- else -}} +{{- $host = (dict "name" $externalName "address" $address "port" $port ) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $host) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.adminInternalHTTPProtocol" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $values.listeners.admin.tls $values.tls) ))) "r") -}} +{{- $_is_returning = true -}} +{{- (dict "r" "https") | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" "http") | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.adminInternalURL" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s://%s.%s.%s.svc.%s:%d" (get (fromJson (include "redpanda.adminInternalHTTPProtocol" (dict "a" (list $dot) ))) "r") `${SERVICE_NAME}` (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r") $dot.Release.Namespace (trimSuffix "." $values.clusterDomain) ($values.listeners.admin.port | int))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_service.internal.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_service.internal.go.tpl new file mode 100644 index 0000000000..9c63aac1cb --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_service.internal.go.tpl @@ -0,0 +1,38 @@ +{{- /* Generated from "service_internal.go" */ -}} + +{{- define "redpanda.MonitoringEnabledLabel" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict "monitoring.redpanda.com/enabled" (printf "%t" $values.monitoring.enabled) )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ServiceInternal" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $ports := (list ) -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" "admin" "protocol" "TCP" "appProtocol" $values.listeners.admin.appProtocol "port" ($values.listeners.admin.port | int) "targetPort" ($values.listeners.admin.port | int) )))) -}} +{{- if $values.listeners.http.enabled -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" "http" "protocol" "TCP" "port" ($values.listeners.http.port | int) "targetPort" ($values.listeners.http.port | int) )))) -}} +{{- end -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" "kafka" "protocol" "TCP" "port" ($values.listeners.kafka.port | int) "targetPort" ($values.listeners.kafka.port | int) )))) -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" "rpc" "protocol" "TCP" "port" ($values.listeners.rpc.port | int) "targetPort" ($values.listeners.rpc.port | int) )))) -}} +{{- if $values.listeners.schemaRegistry.enabled -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" "schemaregistry" "protocol" "TCP" "port" ($values.listeners.schemaRegistry.port | int) "targetPort" ($values.listeners.schemaRegistry.port | int) )))) -}} +{{- end -}} +{{- $annotations := (dict ) -}} +{{- if (ne $values.service (coalesce nil)) -}} +{{- $annotations = $values.service.internal.annotations -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Service" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "labels" (merge (dict ) (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.MonitoringEnabledLabel" (dict "a" (list $dot) ))) "r")) "annotations" $annotations )) "spec" (mustMergeOverwrite (dict ) (dict "type" "ClusterIP" "publishNotReadyAddresses" true "clusterIP" "None" "selector" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") "ports" $ports )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_service.loadbalancer.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_service.loadbalancer.go.tpl new file mode 100644 index 0000000000..dbc7547509 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_service.loadbalancer.go.tpl @@ -0,0 +1,101 @@ +{{- /* Generated from "service.loadbalancer.go" */ -}} + +{{- define "redpanda.LoadBalancerServices" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.external.enabled) (not $values.external.service.enabled)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (ne $values.external.type "LoadBalancer") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $externalDNS := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.external.externalDns (mustMergeOverwrite (dict "enabled" false ) (dict ))) ))) "r") -}} +{{- $labels := (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") -}} +{{- $_ := (set $labels "repdanda.com/type" "loadbalancer") -}} +{{- $selector := (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") -}} +{{- $services := (coalesce nil) -}} +{{- $replicas := ($values.statefulset.replicas | int) -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) (($values.statefulset.replicas | int)|int) (1|int) -}} +{{- $podname := (printf "%s-%d" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") $i) -}} +{{- $annotations := (dict ) -}} +{{- range $k, $v := $values.external.annotations -}} +{{- $_ := (set $annotations $k $v) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- if $externalDNS.enabled -}} +{{- $prefix := $podname -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $values.external.addresses) ))) "r") | int) ($i | int)) -}} +{{- $prefix = (index $values.external.addresses $i) -}} +{{- end -}} +{{- $address := (printf "%s.%s" $prefix (tpl $values.external.domain $dot)) -}} +{{- $_ := (set $annotations "external-dns.alpha.kubernetes.io/hostname" $address) -}} +{{- end -}} +{{- $podSelector := (dict ) -}} +{{- range $k, $v := $selector -}} +{{- $_ := (set $podSelector $k $v) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $podSelector "statefulset.kubernetes.io/pod-name" $podname) -}} +{{- $ports := (coalesce nil) -}} +{{- range $name, $listener := $values.listeners.admin.external -}} +{{- if (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.enabled $values.external.enabled) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $fallbackPorts := (concat (default (list ) $listener.advertisedPorts) (list ($values.listeners.admin.port | int))) -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "admin-%s" $name) "protocol" "TCP" "targetPort" ($listener.port | int) "port" ((get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.nodePort (index $fallbackPorts (0 | int))) ))) "r") | int) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- range $name, $listener := $values.listeners.kafka.external -}} +{{- if (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.enabled $values.external.enabled) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $fallbackPorts := (concat (default (list ) $listener.advertisedPorts) (list ($listener.port | int))) -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "kafka-%s" $name) "protocol" "TCP" "targetPort" ($listener.port | int) "port" ((get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.nodePort (index $fallbackPorts (0 | int))) ))) "r") | int) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- range $name, $listener := $values.listeners.http.external -}} +{{- if (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.enabled $values.external.enabled) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $fallbackPorts := (concat (default (list ) $listener.advertisedPorts) (list ($listener.port | int))) -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "http-%s" $name) "protocol" "TCP" "targetPort" ($listener.port | int) "port" ((get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.nodePort (index $fallbackPorts (0 | int))) ))) "r") | int) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- range $name, $listener := $values.listeners.schemaRegistry.external -}} +{{- if (not (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.enabled $values.external.enabled) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $fallbackPorts := (concat (default (list ) $listener.advertisedPorts) (list ($listener.port | int))) -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "schema-%s" $name) "protocol" "TCP" "targetPort" ($listener.port | int) "port" ((get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $listener.nodePort (index $fallbackPorts (0 | int))) ))) "r") | int) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $svc := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Service" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "lb-%s" $podname) "namespace" $dot.Release.Namespace "labels" $labels "annotations" $annotations )) "spec" (mustMergeOverwrite (dict ) (dict "externalTrafficPolicy" "Local" "loadBalancerSourceRanges" $values.external.sourceRanges "ports" $ports "publishNotReadyAddresses" true "selector" $podSelector "sessionAffinity" "None" "type" "LoadBalancer" )) )) -}} +{{- $services = (concat (default (list ) $services) (list $svc)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $services) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_service.nodeport.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_service.nodeport.go.tpl new file mode 100644 index 0000000000..5bec96af51 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_service.nodeport.go.tpl @@ -0,0 +1,80 @@ +{{- /* Generated from "service.nodeport.go" */ -}} + +{{- define "redpanda.NodePortService" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.external.enabled) (not $values.external.service.enabled)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (ne $values.external.type "NodePort") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $ports := (coalesce nil) -}} +{{- range $name, $listener := $values.listeners.admin.external -}} +{{- if (not (get (fromJson (include "redpanda.AdminExternal.IsEnabled" (dict "a" (list $listener) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $nodePort := ($listener.port | int) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (0 | int)) -}} +{{- $nodePort = (index $listener.advertisedPorts (0 | int)) -}} +{{- end -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "admin-%s" $name) "protocol" "TCP" "port" ($listener.port | int) "nodePort" $nodePort )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- range $name, $listener := $values.listeners.kafka.external -}} +{{- if (not (get (fromJson (include "redpanda.KafkaExternal.IsEnabled" (dict "a" (list $listener) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $nodePort := ($listener.port | int) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (0 | int)) -}} +{{- $nodePort = (index $listener.advertisedPorts (0 | int)) -}} +{{- end -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "kafka-%s" $name) "protocol" "TCP" "port" ($listener.port | int) "nodePort" $nodePort )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- range $name, $listener := $values.listeners.http.external -}} +{{- if (not (get (fromJson (include "redpanda.HTTPExternal.IsEnabled" (dict "a" (list $listener) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $nodePort := ($listener.port | int) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (0 | int)) -}} +{{- $nodePort = (index $listener.advertisedPorts (0 | int)) -}} +{{- end -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "http-%s" $name) "protocol" "TCP" "port" ($listener.port | int) "nodePort" $nodePort )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- range $name, $listener := $values.listeners.schemaRegistry.external -}} +{{- if (not (get (fromJson (include "redpanda.SchemaRegistryExternal.IsEnabled" (dict "a" (list $listener) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $nodePort := ($listener.port | int) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $listener.advertisedPorts) ))) "r") | int) (0 | int)) -}} +{{- $nodePort = (index $listener.advertisedPorts (0 | int)) -}} +{{- end -}} +{{- $ports = (concat (default (list ) $ports) (list (mustMergeOverwrite (dict "port" 0 "targetPort" 0 ) (dict "name" (printf "schema-%s" $name) "protocol" "TCP" "port" ($listener.port | int) "nodePort" $nodePort )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $annotations := $values.external.annotations -}} +{{- if (eq $annotations (coalesce nil)) -}} +{{- $annotations = (dict ) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict ) "status" (dict "loadBalancer" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "Service" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-external" (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $annotations )) "spec" (mustMergeOverwrite (dict ) (dict "externalTrafficPolicy" "Local" "ports" $ports "publishNotReadyAddresses" true "selector" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") "sessionAffinity" "None" "type" "NodePort" )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_serviceaccount.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_serviceaccount.go.tpl new file mode 100644 index 0000000000..9122cbd2a4 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_serviceaccount.go.tpl @@ -0,0 +1,18 @@ +{{- /* Generated from "serviceaccount.go" */ -}} + +{{- define "redpanda.ServiceAccount" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.serviceAccount.create) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "v1" "kind" "ServiceAccount" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_servicemonitor.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_servicemonitor.go.tpl new file mode 100644 index 0000000000..97d3f3325e --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_servicemonitor.go.tpl @@ -0,0 +1,26 @@ +{{- /* Generated from "servicemonitor.go" */ -}} + +{{- define "redpanda.ServiceMonitor" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.monitoring.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $endpoint := (mustMergeOverwrite (dict ) (dict "interval" $values.monitoring.scrapeInterval "path" "/public_metrics" "port" "admin" "enableHttp2" $values.monitoring.enableHttp2 "scheme" "http" )) -}} +{{- if (or (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $values.listeners.admin.tls $values.tls) ))) "r") (ne $values.monitoring.tlsConfig (coalesce nil))) -}} +{{- $_ := (set $endpoint "scheme" "https") -}} +{{- $_ := (set $endpoint "tlsConfig" $values.monitoring.tlsConfig) -}} +{{- if (eq $endpoint.tlsConfig (coalesce nil)) -}} +{{- $_ := (set $endpoint "tlsConfig" (mustMergeOverwrite (dict "ca" (dict ) "cert" (dict ) ) (mustMergeOverwrite (dict "ca" (dict ) "cert" (dict ) ) (dict "insecureSkipVerify" true )) (dict ))) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "endpoints" (coalesce nil) "selector" (dict ) "namespaceSelector" (dict ) ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "monitoring.coreos.com/v1" "kind" "ServiceMonitor" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "labels" (merge (dict ) (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") $values.monitoring.labels) )) "spec" (mustMergeOverwrite (dict "endpoints" (coalesce nil) "selector" (dict ) "namespaceSelector" (dict ) ) (dict "endpoints" (list $endpoint) "selector" (mustMergeOverwrite (dict ) (dict "matchLabels" (dict "monitoring.redpanda.com/enabled" "true" "app.kubernetes.io/name" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/instance" $dot.Release.Name ) )) )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_shims.tpl b/charts/redpanda/redpanda/5.9.4/templates/_shims.tpl new file mode 100644 index 0000000000..e3bb40e415 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_shims.tpl @@ -0,0 +1,289 @@ +{{- /* Generated from "bootstrap.go" */ -}} + +{{- define "_shims.typetest" -}} +{{- $typ := (index .a 0) -}} +{{- $value := (index .a 1) -}} +{{- $zero := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs $typ $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $zero false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.typeassertion" -}} +{{- $typ := (index .a 0) -}} +{{- $value := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (not (typeIs $typ $value)) -}} +{{- $_ := (fail (printf "expected type of %q got: %T" $typ $value)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $value) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.dicttest" -}} +{{- $m := (index .a 0) -}} +{{- $key := (index .a 1) -}} +{{- $zero := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (hasKey $m $key) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (index $m $key) true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $zero false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.compact" -}} +{{- $args := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $out := (dict ) -}} +{{- range $i, $e := $args -}} +{{- $_ := (set $out (printf "T%d" ((add (1 | int) $i) | int)) $e) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $out) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.deref" -}} +{{- $ptr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $ptr (coalesce nil)) -}} +{{- $_ := (fail "nil dereference") -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $ptr) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.len" -}} +{{- $m := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $m (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (0 | int)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (len $m)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.ptr_Deref" -}} +{{- $ptr := (index .a 0) -}} +{{- $def := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $ptr (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $ptr) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $def) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.ptr_Equal" -}} +{{- $a := (index .a 0) -}} +{{- $b := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (and (eq $a (coalesce nil)) (eq $b (coalesce nil))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (eq $a $b)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.lookup" -}} +{{- $apiVersion := (index .a 0) -}} +{{- $kind := (index .a 1) -}} +{{- $namespace := (index .a 2) -}} +{{- $name := (index .a 3) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (lookup $apiVersion $kind $namespace $name) -}} +{{- if (empty $result) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (coalesce nil) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $result true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.asnumeric" -}} +{{- $value := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs "float64" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (typeIs "int64" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (typeIs "int" $value) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (0 | int) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.asintegral" -}} +{{- $value := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (or (typeIs "int64" $value) (typeIs "int" $value)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (and (typeIs "float64" $value) (eq (floor $value) $value)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $value true)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (0 | int) false)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.parseResource" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (typeIs "float64" $repr) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (float64 $repr) 1.0)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (not (typeIs "string" $repr)) -}} +{{- $_ := (fail (printf "invalid Quantity expected string or float64 got: %T (%v)" $repr $repr)) -}} +{{- end -}} +{{- if (not (regexMatch `^[0-9]+(\.[0-9]{0,6})?(k|m|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$` $repr)) -}} +{{- $_ := (fail (printf "invalid Quantity: %q" $repr)) -}} +{{- end -}} +{{- $reprStr := (toString $repr) -}} +{{- $unit := (regexFind "(k|m|M|G|T|P|Ki|Mi|Gi|Ti|Pi)$" $repr) -}} +{{- $numeric := (float64 (substr (0 | int) ((sub ((get (fromJson (include "_shims.len" (dict "a" (list $reprStr) ))) "r") | int) ((get (fromJson (include "_shims.len" (dict "a" (list $unit) ))) "r") | int)) | int) $reprStr)) -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list (dict "" 1.0 "m" 0.001 "k" (1000 | int) "M" (1000000 | int) "G" (1000000000 | int) "T" (1000000000000 | int) "P" (1000000000000000 | int) "Ki" (1024 | int) "Mi" (1048576 | int) "Gi" (1073741824 | int) "Ti" (1099511627776 | int) "Pi" (1125899906842624 | int) ) $unit (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_1.T2 -}} +{{- $scale := ($tmp_tuple_1.T1 | float64) -}} +{{- if (not $ok) -}} +{{- $_ := (fail (printf "unknown unit: %q" $unit)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $numeric $scale)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_MustParse" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_2.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_2.T1 | float64) -}} +{{- $strs := (list "" "m" "k" "M" "G" "T" "P" "Ki" "Mi" "Gi" "Ti" "Pi") -}} +{{- $scales := (list 1.0 0.001 (1000 | int) (1000000 | int) (1000000000 | int) (1000000000000 | int) (1000000000000000 | int) (1024 | int) (1048576 | int) (1073741824 | int) (1099511627776 | int) (1125899906842624 | int)) -}} +{{- $idx := -1 -}} +{{- range $i, $s := $scales -}} +{{- if (eq ($s | float64) ($scale | float64)) -}} +{{- $idx = $i -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- if (eq $idx -1) -}} +{{- $_ := (fail (printf "unknown scale: %v" $scale)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s%s" (toString $numeric) (index $strs $idx))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_Value" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_3.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_3.T1 | float64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (int64 (ceil ((mulf $numeric $scale) | float64)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.resource_MilliValue" -}} +{{- $repr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.parseResource" (dict "a" (list $repr) ))) "r")) ))) "r") -}} +{{- $scale := ($tmp_tuple_4.T2 | float64) -}} +{{- $numeric := ($tmp_tuple_4.T1 | float64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (int64 (ceil ((mulf ((mulf $numeric 1000.0) | float64) $scale) | float64)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.render-manifest" -}} +{{- $tpl := (index . 0) -}} +{{- $dot := (index . 1) -}} +{{- $manifests := (get ((include $tpl (dict "a" (list $dot))) | fromJson) "r") -}} +{{- if not (typeIs "[]interface {}" $manifests) -}} +{{- $manifests = (list $manifests) -}} +{{- end -}} +{{- range $_, $manifest := $manifests -}} +{{- if ne $manifest nil }} +--- +{{toYaml (unset (unset $manifest "status") "creationTimestamp")}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/_statefulset.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_statefulset.go.tpl new file mode 100644 index 0000000000..a084cb9d19 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_statefulset.go.tpl @@ -0,0 +1,711 @@ +{{- /* Generated from "statefulset.go" */ -}} + +{{- define "redpanda.statefulSetRedpandaEnv" -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "SERVICE_NAME" "valueFrom" (mustMergeOverwrite (dict ) (dict "fieldRef" (mustMergeOverwrite (dict "fieldPath" "" ) (dict "fieldPath" "metadata.name" )) )) )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "POD_IP" "valueFrom" (mustMergeOverwrite (dict ) (dict "fieldRef" (mustMergeOverwrite (dict "fieldPath" "" ) (dict "fieldPath" "status.podIP" )) )) )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "HOST_IP" "valueFrom" (mustMergeOverwrite (dict ) (dict "fieldRef" (mustMergeOverwrite (dict "fieldPath" "" ) (dict "fieldPath" "status.hostIP" )) )) )))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSetPodLabelsSelector" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if $dot.Release.IsUpgrade -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.lookup" (dict "a" (list "apps/v1" "StatefulSet" $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) ))) "r")) ))) "r") -}} +{{- $ok_2 := $tmp_tuple_1.T2 -}} +{{- $existing_1 := $tmp_tuple_1.T1 -}} +{{- if (and $ok_2 (gt ((get (fromJson (include "_shims.len" (dict "a" (list $existing_1.spec.selector.matchLabels) ))) "r") | int) (0 | int))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $existing_1.spec.selector.matchLabels) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $values := $dot.Values.AsMap -}} +{{- $additionalSelectorLabels := (dict ) -}} +{{- if (ne $values.statefulset.additionalSelectorLabels (coalesce nil)) -}} +{{- $additionalSelectorLabels = $values.statefulset.additionalSelectorLabels -}} +{{- end -}} +{{- $component := (printf "%s-statefulset" (trimSuffix "-" (trunc (51 | int) (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r")))) -}} +{{- $defaults := (dict "app.kubernetes.io/component" $component "app.kubernetes.io/instance" $dot.Release.Name "app.kubernetes.io/name" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") ) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $additionalSelectorLabels $defaults)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSetPodLabels" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if $dot.Release.IsUpgrade -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.lookup" (dict "a" (list "apps/v1" "StatefulSet" $dot.Release.Namespace (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) ))) "r")) ))) "r") -}} +{{- $ok_4 := $tmp_tuple_2.T2 -}} +{{- $existing_3 := $tmp_tuple_2.T1 -}} +{{- if (and $ok_4 (gt ((get (fromJson (include "_shims.len" (dict "a" (list $existing_3.spec.template.metadata.labels) ))) "r") | int) (0 | int))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $existing_3.spec.template.metadata.labels) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} +{{- $values := $dot.Values.AsMap -}} +{{- $statefulSetLabels := (dict ) -}} +{{- if (ne $values.statefulset.podTemplate.labels (coalesce nil)) -}} +{{- $statefulSetLabels = $values.statefulset.podTemplate.labels -}} +{{- end -}} +{{- $defaults := (dict "redpanda.com/poddisruptionbudget" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") ) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $statefulSetLabels (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") $defaults (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSetPodAnnotations" -}} +{{- $dot := (index .a 0) -}} +{{- $configMapChecksum := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $configMapChecksumAnnotation := (dict "config.redpanda.com/checksum" $configMapChecksum ) -}} +{{- if (ne $values.statefulset.podTemplate.annotations (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $values.statefulset.podTemplate.annotations $configMapChecksumAnnotation)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (merge (dict ) $values.statefulset.annotations $configMapChecksumAnnotation)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSetVolumes" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $fullname := (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") -}} +{{- $volumes := (get (fromJson (include "redpanda.CommonVolumes" (dict "a" (list $dot) ))) "r") -}} +{{- $values := $dot.Values.AsMap -}} +{{- $volumes = (concat (default (list ) $volumes) (default (list ) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" (printf "%.50s-sts-lifecycle" $fullname) "defaultMode" (0o775 | int) )) )) (dict "name" "lifecycle-scripts" )) (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "configMap" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "name" $fullname )) (dict )) )) (dict "name" $fullname )) (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "emptyDir" (mustMergeOverwrite (dict ) (dict )) )) (dict "name" "config" )) (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" (printf "%.51s-configurator" $fullname) "defaultMode" (0o775 | int) )) )) (dict "name" (printf "%.51s-configurator" $fullname) )) (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" (printf "%s-config-watcher" $fullname) "defaultMode" (0o775 | int) )) )) (dict "name" (printf "%s-config-watcher" $fullname) ))))) -}} +{{- if $values.statefulset.initContainers.fsValidator.enabled -}} +{{- $volumes = (concat (default (list ) $volumes) (list (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (dict "secretName" (printf "%.49s-fs-validator" $fullname) "defaultMode" (0o775 | int) )) )) (dict "name" (printf "%.49s-fs-validator" $fullname) )))) -}} +{{- end -}} +{{- $vol_5 := (get (fromJson (include "redpanda.Listeners.TrustStoreVolume" (dict "a" (list $values.listeners $values.tls) ))) "r") -}} +{{- if (ne $vol_5 (coalesce nil)) -}} +{{- $volumes = (concat (default (list ) $volumes) (list $vol_5)) -}} +{{- end -}} +{{- $volumes = (concat (default (list ) $volumes) (default (list ) (get (fromJson (include "redpanda.templateToVolumes" (dict "a" (list $dot $values.statefulset.extraVolumes) ))) "r"))) -}} +{{- $volumes = (concat (default (list ) $volumes) (list (get (fromJson (include "redpanda.statefulSetVolumeDataDir" (dict "a" (list $dot) ))) "r"))) -}} +{{- $v_6 := (get (fromJson (include "redpanda.statefulSetVolumeTieredStorageDir" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $v_6 (coalesce nil)) -}} +{{- $volumes = (concat (default (list ) $volumes) (list $v_6)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $volumes) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetVolumeDataDir" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $datadirSource := (mustMergeOverwrite (dict ) (dict "emptyDir" (mustMergeOverwrite (dict ) (dict )) )) -}} +{{- if $values.storage.persistentVolume.enabled -}} +{{- $datadirSource = (mustMergeOverwrite (dict ) (dict "persistentVolumeClaim" (mustMergeOverwrite (dict "claimName" "" ) (dict "claimName" "datadir" )) )) -}} +{{- else -}}{{- if (ne $values.storage.hostPath "") -}} +{{- $datadirSource = (mustMergeOverwrite (dict ) (dict "hostPath" (mustMergeOverwrite (dict "path" "" ) (dict "path" $values.storage.hostPath )) )) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" ) $datadirSource (dict "name" "datadir" ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetVolumeTieredStorageDir" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not (get (fromJson (include "redpanda.Storage.IsTieredStorageEnabled" (dict "a" (list $values.storage) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $tieredType := (get (fromJson (include "redpanda.Storage.TieredMountType" (dict "a" (list $values.storage) ))) "r") -}} +{{- if (or (eq $tieredType "none") (eq $tieredType "persistentVolume")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (eq $tieredType "hostPath") -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "hostPath" (mustMergeOverwrite (dict "path" "" ) (dict "path" (get (fromJson (include "redpanda.Storage.GetTieredStorageHostPath" (dict "a" (list $values.storage) ))) "r") )) )) (dict "name" "tiered-storage-dir" ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "emptyDir" (mustMergeOverwrite (dict ) (dict "sizeLimit" (get (fromJson (include "redpanda.Storage.CloudStorageCacheSize" (dict "a" (list $values.storage) ))) "r") )) )) (dict "name" "tiered-storage-dir" ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSetVolumeMounts" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $mounts := (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r") -}} +{{- $values := $dot.Values.AsMap -}} +{{- $mounts = (concat (default (list ) $mounts) (default (list ) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "config" "mountPath" "/etc/redpanda" )) (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "mountPath" "/tmp/base-config" )) (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "lifecycle-scripts" "mountPath" "/var/lifecycle" )) (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "datadir" "mountPath" "/var/lib/redpanda/data" ))))) -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list (get (fromJson (include "redpanda.Listeners.TrustStores" (dict "a" (list $values.listeners $values.tls) ))) "r")) ))) "r") | int) (0 | int)) -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "truststores" "mountPath" "/etc/truststores" "readOnly" true )))) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $mounts) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSetInitContainers" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $containers := (coalesce nil) -}} +{{- $c_7 := (get (fromJson (include "redpanda.statefulSetInitContainerTuning" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $c_7 (coalesce nil)) -}} +{{- $containers = (concat (default (list ) $containers) (list $c_7)) -}} +{{- end -}} +{{- $c_8 := (get (fromJson (include "redpanda.statefulSetInitContainerSetDataDirOwnership" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $c_8 (coalesce nil)) -}} +{{- $containers = (concat (default (list ) $containers) (list $c_8)) -}} +{{- end -}} +{{- $c_9 := (get (fromJson (include "redpanda.statefulSetInitContainerFSValidator" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $c_9 (coalesce nil)) -}} +{{- $containers = (concat (default (list ) $containers) (list $c_9)) -}} +{{- end -}} +{{- $c_10 := (get (fromJson (include "redpanda.statefulSetInitContainerSetTieredStorageCacheDirOwnership" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $c_10 (coalesce nil)) -}} +{{- $containers = (concat (default (list ) $containers) (list $c_10)) -}} +{{- end -}} +{{- $containers = (concat (default (list ) $containers) (list (get (fromJson (include "redpanda.statefulSetInitContainerConfigurator" (dict "a" (list $dot) ))) "r"))) -}} +{{- $containers = (concat (default (list ) $containers) (default (list ) (get (fromJson (include "redpanda.templateToContainers" (dict "a" (list $dot $values.statefulset.initContainers.extraInitContainers) ))) "r"))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $containers) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetInitContainerTuning" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.tuning.tune_aio_events) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "tuning" "image" (printf "%s:%s" $values.image.repository (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) "command" (list `/bin/bash` `-c` `rpk redpanda tune all`) "securityContext" (mustMergeOverwrite (dict ) (dict "capabilities" (mustMergeOverwrite (dict ) (dict "add" (list `SYS_RESOURCE`) )) "privileged" true "runAsUser" ((0 | int64) | int64) "runAsGroup" ((0 | int64) | int64) )) "volumeMounts" (concat (default (list ) (concat (default (list ) (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r")) (default (list ) (get (fromJson (include "redpanda.templateToVolumeMounts" (dict "a" (list $dot $values.statefulset.initContainers.tuning.extraVolumeMounts) ))) "r")))) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "mountPath" "/etc/redpanda" )))) "resources" $values.statefulset.initContainers.tuning.resources ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetInitContainerSetDataDirOwnership" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.statefulset.initContainers.setDataDirOwnership.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "redpanda.securityContextUidGid" (dict "a" (list $dot "set-datadir-ownership") ))) "r")) ))) "r") -}} +{{- $gid := ($tmp_tuple_3.T2 | int64) -}} +{{- $uid := ($tmp_tuple_3.T1 | int64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "set-datadir-ownership" "image" (printf "%s:%s" $values.statefulset.initContainerImage.repository $values.statefulset.initContainerImage.tag) "command" (list `/bin/sh` `-c` (printf `chown %d:%d -R /var/lib/redpanda/data` $uid $gid)) "volumeMounts" (concat (default (list ) (concat (default (list ) (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r")) (default (list ) (get (fromJson (include "redpanda.templateToVolumeMounts" (dict "a" (list $dot $values.statefulset.initContainers.setDataDirOwnership.extraVolumeMounts) ))) "r")))) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" `datadir` "mountPath" `/var/lib/redpanda/data` )))) "resources" $values.statefulset.initContainers.setDataDirOwnership.resources ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.securityContextUidGid" -}} +{{- $dot := (index .a 0) -}} +{{- $containerName := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $uid := $values.statefulset.securityContext.runAsUser -}} +{{- if (and (ne $values.statefulset.podSecurityContext (coalesce nil)) (ne $values.statefulset.podSecurityContext.runAsUser (coalesce nil))) -}} +{{- $uid = $values.statefulset.podSecurityContext.runAsUser -}} +{{- end -}} +{{- if (eq $uid (coalesce nil)) -}} +{{- $_ := (fail (printf `%s container requires runAsUser to be specified` $containerName)) -}} +{{- end -}} +{{- $gid := $values.statefulset.securityContext.fsGroup -}} +{{- if (and (ne $values.statefulset.podSecurityContext (coalesce nil)) (ne $values.statefulset.podSecurityContext.fsGroup (coalesce nil))) -}} +{{- $gid = $values.statefulset.podSecurityContext.fsGroup -}} +{{- end -}} +{{- if (eq $gid (coalesce nil)) -}} +{{- $_ := (fail (printf `%s container requires fsGroup to be specified` $containerName)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list $uid $gid)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetInitContainerFSValidator" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.statefulset.initContainers.fsValidator.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "fs-validator" "image" (printf "%s:%s" $values.image.repository (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) "command" (list `/bin/sh`) "args" (list `-c` (printf `trap "exit 0" TERM; exec /etc/secrets/fs-validator/scripts/fsValidator.sh %s & wait $!` $values.statefulset.initContainers.fsValidator.expectedFS)) "securityContext" (get (fromJson (include "redpanda.ContainerSecurityContext" (dict "a" (list $dot) ))) "r") "volumeMounts" (concat (default (list ) (concat (default (list ) (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r")) (default (list ) (get (fromJson (include "redpanda.templateToVolumeMounts" (dict "a" (list $dot $values.statefulset.initContainers.fsValidator.extraVolumeMounts) ))) "r")))) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" (printf `%.49s-fs-validator` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "mountPath" `/etc/secrets/fs-validator/scripts/` )) (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" `datadir` "mountPath" `/var/lib/redpanda/data` )))) "resources" $values.statefulset.initContainers.fsValidator.resources ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetInitContainerSetTieredStorageCacheDirOwnership" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not (get (fromJson (include "redpanda.Storage.IsTieredStorageEnabled" (dict "a" (list $values.storage) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "redpanda.securityContextUidGid" (dict "a" (list $dot "set-tiered-storage-cache-dir-ownership") ))) "r")) ))) "r") -}} +{{- $gid := ($tmp_tuple_4.T2 | int64) -}} +{{- $uid := ($tmp_tuple_4.T1 | int64) -}} +{{- $cacheDir := (get (fromJson (include "redpanda.Storage.TieredCacheDirectory" (dict "a" (list $values.storage $dot) ))) "r") -}} +{{- $mounts := (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r") -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "datadir" "mountPath" "/var/lib/redpanda/data" )))) -}} +{{- if (ne (get (fromJson (include "redpanda.Storage.TieredMountType" (dict "a" (list $values.storage) ))) "r") "none") -}} +{{- $name := "tiered-storage-dir" -}} +{{- if (and (ne $values.storage.persistentVolume (coalesce nil)) (ne $values.storage.persistentVolume.nameOverwrite "")) -}} +{{- $name = $values.storage.persistentVolume.nameOverwrite -}} +{{- end -}} +{{- $mounts = (concat (default (list ) $mounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" $name "mountPath" $cacheDir )))) -}} +{{- end -}} +{{- $mounts = (concat (default (list ) $mounts) (default (list ) (get (fromJson (include "redpanda.templateToVolumeMounts" (dict "a" (list $dot $values.statefulset.initContainers.setTieredStorageCacheDirOwnership.extraVolumeMounts) ))) "r"))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" `set-tiered-storage-cache-dir-ownership` "image" (printf `%s:%s` $values.statefulset.initContainerImage.repository $values.statefulset.initContainerImage.tag) "command" (list `/bin/sh` `-c` (printf `mkdir -p %s; chown %d:%d -R %s` $cacheDir $uid $gid $cacheDir)) "volumeMounts" $mounts "resources" $values.statefulset.initContainers.setTieredStorageCacheDirOwnership.resources ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetInitContainerConfigurator" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" (printf `%.51s-configurator` (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r")) "image" (printf `%s:%s` $values.image.repository (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) "command" (list `/bin/bash` `-c` `trap "exit 0" TERM; exec $CONFIGURATOR_SCRIPT "${SERVICE_NAME}" "${KUBERNETES_NODE_NAME}" & wait $!`) "env" (get (fromJson (include "redpanda.rpkEnvVars" (dict "a" (list $dot (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "CONFIGURATOR_SCRIPT" "value" "/etc/secrets/configurator/scripts/configurator.sh" )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "SERVICE_NAME" "valueFrom" (mustMergeOverwrite (dict ) (dict "fieldRef" (mustMergeOverwrite (dict "fieldPath" "" ) (dict "fieldPath" "metadata.name" )) "resourceFieldRef" (coalesce nil) "configMapKeyRef" (coalesce nil) "secretKeyRef" (coalesce nil) )) )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "KUBERNETES_NODE_NAME" "valueFrom" (mustMergeOverwrite (dict ) (dict "fieldRef" (mustMergeOverwrite (dict "fieldPath" "" ) (dict "fieldPath" "spec.nodeName" )) )) )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "HOST_IP_ADDRESS" "valueFrom" (mustMergeOverwrite (dict ) (dict "fieldRef" (mustMergeOverwrite (dict "fieldPath" "" ) (dict "apiVersion" "v1" "fieldPath" "status.hostIP" )) )) )))) ))) "r") "securityContext" (get (fromJson (include "redpanda.ContainerSecurityContext" (dict "a" (list $dot) ))) "r") "volumeMounts" (concat (default (list ) (concat (default (list ) (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r")) (default (list ) (get (fromJson (include "redpanda.templateToVolumeMounts" (dict "a" (list $dot $values.statefulset.initContainers.configurator.extraVolumeMounts) ))) "r")))) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "config" "mountPath" "/etc/redpanda" )) (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "mountPath" "/tmp/base-config" )) (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" (printf `%.51s-configurator` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "mountPath" "/etc/secrets/configurator/scripts/" )))) "resources" $values.statefulset.initContainers.configurator.resources ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSetContainers" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $containers := (coalesce nil) -}} +{{- $containers = (concat (default (list ) $containers) (list (get (fromJson (include "redpanda.statefulSetContainerRedpanda" (dict "a" (list $dot) ))) "r"))) -}} +{{- $c_11 := (get (fromJson (include "redpanda.statefulSetContainerConfigWatcher" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $c_11 (coalesce nil)) -}} +{{- $containers = (concat (default (list ) $containers) (list $c_11)) -}} +{{- end -}} +{{- $c_12 := (get (fromJson (include "redpanda.statefulSetContainerControllers" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $c_12 (coalesce nil)) -}} +{{- $containers = (concat (default (list ) $containers) (list $c_12)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $containers) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetContainerRedpanda" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $internalAdvertiseAddress := (printf "%s.%s" "$(SERVICE_NAME)" (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r")) -}} +{{- $container := (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") "image" (printf `%s:%s` $values.image.repository (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) "env" (get (fromJson (include "redpanda.bootstrapEnvVars" (dict "a" (list $dot (get (fromJson (include "redpanda.statefulSetRedpandaEnv" (dict "a" (list ) ))) "r")) ))) "r") "lifecycle" (mustMergeOverwrite (dict ) (dict "postStart" (mustMergeOverwrite (dict ) (dict "exec" (mustMergeOverwrite (dict ) (dict "command" (list `/bin/bash` `-c` (join "\n" (list (printf `timeout -v %d bash -x /var/lifecycle/postStart.sh` ((div ($values.statefulset.terminationGracePeriodSeconds | int64) (2 | int64)) | int64)) `true` ``))) )) )) "preStop" (mustMergeOverwrite (dict ) (dict "exec" (mustMergeOverwrite (dict ) (dict "command" (list `/bin/bash` `-c` (join "\n" (list (printf `timeout -v %d bash -x /var/lifecycle/preStop.sh` ((div ($values.statefulset.terminationGracePeriodSeconds | int64) (2 | int64)) | int64)) `true # do not fail and cause the pod to terminate` ``))) )) )) )) "startupProbe" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "exec" (mustMergeOverwrite (dict ) (dict "command" (list `/bin/sh` `-c` (join "\n" (list `set -e` (printf `RESULT=$(curl --silent --fail -k -m 5 %s "%s://%s/v1/status/ready")` (get (fromJson (include "redpanda.adminTLSCurlFlags" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.adminInternalHTTPProtocol" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.adminApiURLs" (dict "a" (list $dot) ))) "r")) `echo $RESULT` `echo $RESULT | grep ready` ``))) )) )) (dict "initialDelaySeconds" ($values.statefulset.startupProbe.initialDelaySeconds | int) "periodSeconds" ($values.statefulset.startupProbe.periodSeconds | int) "failureThreshold" ($values.statefulset.startupProbe.failureThreshold | int) )) "livenessProbe" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "exec" (mustMergeOverwrite (dict ) (dict "command" (list `/bin/sh` `-c` (printf `curl --silent --fail -k -m 5 %s "%s://%s/v1/status/ready"` (get (fromJson (include "redpanda.adminTLSCurlFlags" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.adminInternalHTTPProtocol" (dict "a" (list $dot) ))) "r") (get (fromJson (include "redpanda.adminApiURLs" (dict "a" (list $dot) ))) "r"))) )) )) (dict "initialDelaySeconds" ($values.statefulset.livenessProbe.initialDelaySeconds | int) "periodSeconds" ($values.statefulset.livenessProbe.periodSeconds | int) "failureThreshold" ($values.statefulset.livenessProbe.failureThreshold | int) )) "command" (list `rpk` `redpanda` `start` (printf `--advertise-rpc-addr=%s:%d` $internalAdvertiseAddress ($values.listeners.rpc.port | int))) "volumeMounts" (concat (default (list ) (get (fromJson (include "redpanda.StatefulSetVolumeMounts" (dict "a" (list $dot) ))) "r")) (default (list ) (get (fromJson (include "redpanda.templateToVolumeMounts" (dict "a" (list $dot $values.statefulset.extraVolumeMounts) ))) "r"))) "securityContext" (get (fromJson (include "redpanda.ContainerSecurityContext" (dict "a" (list $dot) ))) "r") "resources" (mustMergeOverwrite (dict ) (dict )) )) -}} +{{- if (not (get (fromJson (include "_shims.typeassertion" (dict "a" (list "bool" (dig `recovery_mode_enabled` false $values.config.node)) ))) "r")) -}} +{{- $_ := (set $container "readinessProbe" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "exec" (mustMergeOverwrite (dict ) (dict "command" (list `/bin/sh` `-c` (join "\n" (list `set -x` `RESULT=$(rpk cluster health)` `echo $RESULT` `echo $RESULT | grep 'Healthy:.*true'` ``))) )) )) (dict "initialDelaySeconds" ($values.statefulset.readinessProbe.initialDelaySeconds | int) "timeoutSeconds" ($values.statefulset.readinessProbe.timeoutSeconds | int) "periodSeconds" ($values.statefulset.readinessProbe.periodSeconds | int) "successThreshold" ($values.statefulset.readinessProbe.successThreshold | int) "failureThreshold" ($values.statefulset.readinessProbe.failureThreshold | int) ))) -}} +{{- end -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" "admin" "containerPort" ($values.listeners.admin.port | int) ))))) -}} +{{- range $externalName, $external := $values.listeners.admin.external -}} +{{- if (get (fromJson (include "redpanda.AdminExternal.IsEnabled" (dict "a" (list $external) ))) "r") -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" (printf "admin-%.8s" (lower $externalName)) "containerPort" ($external.port | int) ))))) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" "http" "containerPort" ($values.listeners.http.port | int) ))))) -}} +{{- range $externalName, $external := $values.listeners.http.external -}} +{{- if (get (fromJson (include "redpanda.HTTPExternal.IsEnabled" (dict "a" (list $external) ))) "r") -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" (printf "http-%.8s" (lower $externalName)) "containerPort" ($external.port | int) ))))) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" "kafka" "containerPort" ($values.listeners.kafka.port | int) ))))) -}} +{{- range $externalName, $external := $values.listeners.kafka.external -}} +{{- if (get (fromJson (include "redpanda.KafkaExternal.IsEnabled" (dict "a" (list $external) ))) "r") -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" (printf "kafka-%.8s" (lower $externalName)) "containerPort" ($external.port | int) ))))) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" "rpc" "containerPort" ($values.listeners.rpc.port | int) ))))) -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" "schemaregistry" "containerPort" ($values.listeners.schemaRegistry.port | int) ))))) -}} +{{- range $externalName, $external := $values.listeners.schemaRegistry.external -}} +{{- if (get (fromJson (include "redpanda.SchemaRegistryExternal.IsEnabled" (dict "a" (list $external) ))) "r") -}} +{{- $_ := (set $container "ports" (concat (default (list ) $container.ports) (list (mustMergeOverwrite (dict "containerPort" 0 ) (dict "name" (printf "schema-%.8s" (lower $externalName)) "containerPort" ($external.port | int) ))))) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- if (and (get (fromJson (include "redpanda.Storage.IsTieredStorageEnabled" (dict "a" (list $values.storage) ))) "r") (ne (get (fromJson (include "redpanda.Storage.TieredMountType" (dict "a" (list $values.storage) ))) "r") "none")) -}} +{{- $name := "tiered-storage-dir" -}} +{{- if (and (ne $values.storage.persistentVolume (coalesce nil)) (ne $values.storage.persistentVolume.nameOverwrite "")) -}} +{{- $name = $values.storage.persistentVolume.nameOverwrite -}} +{{- end -}} +{{- $_ := (set $container "volumeMounts" (concat (default (list ) $container.volumeMounts) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" $name "mountPath" (get (fromJson (include "redpanda.Storage.TieredCacheDirectory" (dict "a" (list $values.storage $dot) ))) "r") ))))) -}} +{{- end -}} +{{- $_ := (set $container.resources "limits" (dict "cpu" $values.resources.cpu.cores "memory" $values.resources.memory.container.max )) -}} +{{- if (ne $values.resources.memory.container.min (coalesce nil)) -}} +{{- $_ := (set $container.resources "requests" (dict "cpu" $values.resources.cpu.cores "memory" $values.resources.memory.container.min )) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $container) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.adminApiURLs" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf `${SERVICE_NAME}.%s:%d` (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r") ($values.listeners.admin.port | int))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetContainerConfigWatcher" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.statefulset.sideCars.configWatcher.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "config-watcher" "image" (printf `%s:%s` $values.image.repository (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) "command" (list `/bin/sh`) "args" (list `-c` `trap "exit 0" TERM; exec /etc/secrets/config-watcher/scripts/sasl-user.sh & wait $!`) "env" (get (fromJson (include "redpanda.rpkEnvVars" (dict "a" (list $dot (coalesce nil)) ))) "r") "resources" $values.statefulset.sideCars.configWatcher.resources "securityContext" $values.statefulset.sideCars.configWatcher.securityContext "volumeMounts" (concat (default (list ) (concat (default (list ) (get (fromJson (include "redpanda.CommonMounts" (dict "a" (list $dot) ))) "r")) (list (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" "config" "mountPath" "/etc/redpanda" )) (mustMergeOverwrite (dict "name" "" "mountPath" "" ) (dict "name" (printf `%s-config-watcher` (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) "mountPath" "/etc/secrets/config-watcher/scripts" ))))) (default (list ) (get (fromJson (include "redpanda.templateToVolumeMounts" (dict "a" (list $dot $values.statefulset.sideCars.configWatcher.extraVolumeMounts) ))) "r"))) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetContainerControllers" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.rbac.enabled) (not $values.statefulset.sideCars.controllers.enabled)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "redpanda-controllers" "image" (printf `%s:%s` $values.statefulset.sideCars.controllers.image.repository $values.statefulset.sideCars.controllers.image.tag) "command" (list `/manager`) "args" (list `--operator-mode=false` (printf `--namespace=%s` $dot.Release.Namespace) (printf `--health-probe-bind-address=%s` $values.statefulset.sideCars.controllers.healthProbeAddress) (printf `--metrics-bind-address=%s` $values.statefulset.sideCars.controllers.metricsAddress) (printf `--additional-controllers=%s` (join "," $values.statefulset.sideCars.controllers.run))) "env" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "REDPANDA_HELM_RELEASE_NAME" "value" $dot.Release.Name ))) "resources" $values.statefulset.sideCars.controllers.resources "securityContext" $values.statefulset.sideCars.controllers.securityContext ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.rpkEnvVars" -}} +{{- $dot := (index .a 0) -}} +{{- $envVars := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (and (ne $values.auth.sasl (coalesce nil)) $values.auth.sasl.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $envVars) (default (list ) (get (fromJson (include "redpanda.BootstrapUser.RpkEnvironment" (dict "a" (list $values.auth.sasl.bootstrapUser (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) ))) "r")))) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $envVars) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.bootstrapEnvVars" -}} +{{- $dot := (index .a 0) -}} +{{- $envVars := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (and (ne $values.auth.sasl (coalesce nil)) $values.auth.sasl.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) $envVars) (default (list ) (get (fromJson (include "redpanda.BootstrapUser.BootstrapEnvironment" (dict "a" (list $values.auth.sasl.bootstrapUser (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) ))) "r")))) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $envVars) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.templateToVolumeMounts" -}} +{{- $dot := (index .a 0) -}} +{{- $template := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (tpl $template $dot) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (fromYamlArray $result)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.templateToVolumes" -}} +{{- $dot := (index .a 0) -}} +{{- $template := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (tpl $template $dot) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (fromYamlArray $result)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.templateToContainers" -}} +{{- $dot := (index .a 0) -}} +{{- $template := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (tpl $template $dot) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (fromYamlArray $result)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StatefulSet" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (and (not (get (fromJson (include "redpanda.RedpandaAtLeast_22_2_0" (dict "a" (list $dot) ))) "r")) (not $values.force)) -}} +{{- $sv := (get (fromJson (include "redpanda.semver" (dict "a" (list $dot) ))) "r") -}} +{{- $_ := (fail (printf "Error: The Redpanda version (%s) is no longer supported \nTo accept this risk, run the upgrade again adding `--force=true`\n" $sv)) -}} +{{- end -}} +{{- $ss := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "selector" (coalesce nil) "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) "serviceName" "" "updateStrategy" (dict ) ) "status" (dict "replicas" 0 "availableReplicas" 0 ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "apps/v1" "kind" "StatefulSet" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") )) "spec" (mustMergeOverwrite (dict "selector" (coalesce nil) "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) "serviceName" "" "updateStrategy" (dict ) ) (dict "selector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") )) "serviceName" (get (fromJson (include "redpanda.ServiceName" (dict "a" (list $dot) ))) "r") "replicas" ($values.statefulset.replicas | int) "updateStrategy" $values.statefulset.updateStrategy "podManagementPolicy" "Parallel" "template" (get (fromJson (include "redpanda.StrategicMergePatch" (dict "a" (list $values.statefulset.podTemplate (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "labels" (get (fromJson (include "redpanda.StatefulSetPodLabels" (dict "a" (list $dot) ))) "r") "annotations" (get (fromJson (include "redpanda.StatefulSetPodAnnotations" (dict "a" (list $dot (get (fromJson (include "redpanda.statefulSetChecksumAnnotation" (dict "a" (list $dot) ))) "r")) ))) "r") )) "spec" (mustMergeOverwrite (dict "containers" (coalesce nil) ) (dict "terminationGracePeriodSeconds" ($values.statefulset.terminationGracePeriodSeconds | int64) "securityContext" (get (fromJson (include "redpanda.PodSecurityContext" (dict "a" (list $dot) ))) "r") "serviceAccountName" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") "imagePullSecrets" (default (coalesce nil) $values.imagePullSecrets) "initContainers" (get (fromJson (include "redpanda.StatefulSetInitContainers" (dict "a" (list $dot) ))) "r") "containers" (get (fromJson (include "redpanda.StatefulSetContainers" (dict "a" (list $dot) ))) "r") "volumes" (get (fromJson (include "redpanda.StatefulSetVolumes" (dict "a" (list $dot) ))) "r") "topologySpreadConstraints" (get (fromJson (include "redpanda.statefulSetTopologySpreadConstraints" (dict "a" (list $dot) ))) "r") "nodeSelector" (get (fromJson (include "redpanda.statefulSetNodeSelectors" (dict "a" (list $dot) ))) "r") "affinity" (get (fromJson (include "redpanda.statefulSetAffinity" (dict "a" (list $dot) ))) "r") "priorityClassName" $values.statefulset.priorityClassName "tolerations" (get (fromJson (include "redpanda.statefulSetTolerations" (dict "a" (list $dot) ))) "r") )) ))) ))) "r") "volumeClaimTemplates" (coalesce nil) )) )) -}} +{{- if (or $values.storage.persistentVolume.enabled ((and (get (fromJson (include "redpanda.Storage.IsTieredStorageEnabled" (dict "a" (list $values.storage) ))) "r") (eq (get (fromJson (include "redpanda.Storage.TieredMountType" (dict "a" (list $values.storage) ))) "r") "persistentVolume")))) -}} +{{- $t_13 := (get (fromJson (include "redpanda.volumeClaimTemplateDatadir" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $t_13 (coalesce nil)) -}} +{{- $_ := (set $ss.spec "volumeClaimTemplates" (concat (default (list ) $ss.spec.volumeClaimTemplates) (list $t_13))) -}} +{{- end -}} +{{- $t_14 := (get (fromJson (include "redpanda.volumeClaimTemplateTieredStorageDir" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $t_14 (coalesce nil)) -}} +{{- $_ := (set $ss.spec "volumeClaimTemplates" (concat (default (list ) $ss.spec.volumeClaimTemplates) (list $t_14))) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $ss) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.semver" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (trimPrefix "v" (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetChecksumAnnotation" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $dependencies := (coalesce nil) -}} +{{- $dependencies = (concat (default (list ) $dependencies) (list (get (fromJson (include "redpanda.RedpandaConfigFile" (dict "a" (list $dot false) ))) "r"))) -}} +{{- if $values.external.enabled -}} +{{- $dependencies = (concat (default (list ) $dependencies) (list (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.external.domain "") ))) "r"))) -}} +{{- if (empty $values.external.addresses) -}} +{{- $dependencies = (concat (default (list ) $dependencies) (list "")) -}} +{{- else -}} +{{- $dependencies = (concat (default (list ) $dependencies) (list $values.external.addresses)) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (sha256sum (toJson $dependencies))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetTolerations" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (default $values.tolerations $values.statefulset.tolerations)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetNodeSelectors" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (default $values.statefulset.nodeSelector $values.nodeSelector)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetAffinity" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $affinity := (mustMergeOverwrite (dict ) (dict )) -}} +{{- if (not (empty $values.statefulset.nodeAffinity)) -}} +{{- $_ := (set $affinity "nodeAffinity" $values.statefulset.nodeAffinity) -}} +{{- else -}}{{- if (not (empty $values.affinity.nodeAffinity)) -}} +{{- $_ := (set $affinity "nodeAffinity" $values.affinity.nodeAffinity) -}} +{{- end -}} +{{- end -}} +{{- if (not (empty $values.statefulset.podAffinity)) -}} +{{- $_ := (set $affinity "podAffinity" $values.statefulset.podAffinity) -}} +{{- else -}}{{- if (not (empty $values.affinity.podAffinity)) -}} +{{- $_ := (set $affinity "podAffinity" $values.affinity.podAffinity) -}} +{{- end -}} +{{- end -}} +{{- if (not (empty $values.statefulset.podAntiAffinity)) -}} +{{- $_ := (set $affinity "podAntiAffinity" (mustMergeOverwrite (dict ) (dict ))) -}} +{{- if (eq $values.statefulset.podAntiAffinity.type "hard") -}} +{{- $_ := (set $affinity.podAntiAffinity "requiredDuringSchedulingIgnoredDuringExecution" (list (mustMergeOverwrite (dict "topologyKey" "" ) (dict "topologyKey" $values.statefulset.podAntiAffinity.topologyKey "labelSelector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") )) )))) -}} +{{- else -}}{{- if (eq $values.statefulset.podAntiAffinity.type "soft") -}} +{{- $_ := (set $affinity.podAntiAffinity "preferredDuringSchedulingIgnoredDuringExecution" (list (mustMergeOverwrite (dict "weight" 0 "podAffinityTerm" (dict "topologyKey" "" ) ) (dict "weight" ($values.statefulset.podAntiAffinity.weight | int) "podAffinityTerm" (mustMergeOverwrite (dict "topologyKey" "" ) (dict "topologyKey" $values.statefulset.podAntiAffinity.topologyKey "labelSelector" (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") )) )) )))) -}} +{{- else -}}{{- if (eq $values.statefulset.podAntiAffinity.type "custom") -}} +{{- $_ := (set $affinity "podAntiAffinity" $values.statefulset.podAntiAffinity.custom) -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- else -}}{{- if (not (empty $values.affinity.podAntiAffinity)) -}} +{{- $_ := (set $affinity "podAntiAffinity" $values.affinity.podAntiAffinity) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $affinity) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.volumeClaimTemplateDatadir" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.storage.persistentVolume.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $pvc := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "resources" (dict ) ) "status" (dict ) ) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" "datadir" "labels" (merge (dict ) (dict `app.kubernetes.io/name` (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") `app.kubernetes.io/instance` $dot.Release.Name `app.kubernetes.io/component` (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") ) $values.storage.persistentVolume.labels $values.commonLabels) "annotations" (default (coalesce nil) $values.storage.persistentVolume.annotations) )) "spec" (mustMergeOverwrite (dict "resources" (dict ) ) (dict "accessModes" (list "ReadWriteOnce") "resources" (mustMergeOverwrite (dict ) (dict "requests" (dict "storage" $values.storage.persistentVolume.size ) )) )) )) -}} +{{- if (not (empty $values.storage.persistentVolume.storageClass)) -}} +{{- if (eq $values.storage.persistentVolume.storageClass "-") -}} +{{- $_ := (set $pvc.spec "storageClassName" "") -}} +{{- else -}} +{{- $_ := (set $pvc.spec "storageClassName" $values.storage.persistentVolume.storageClass) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $pvc) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.volumeClaimTemplateTieredStorageDir" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not (get (fromJson (include "redpanda.Storage.IsTieredStorageEnabled" (dict "a" (list $values.storage) ))) "r")) (ne (get (fromJson (include "redpanda.Storage.TieredMountType" (dict "a" (list $values.storage) ))) "r") "persistentVolume")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $pvc := (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "resources" (dict ) ) "status" (dict ) ) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (default "tiered-storage-dir" $values.storage.persistentVolume.nameOverwrite) "labels" (merge (dict ) (dict `app.kubernetes.io/name` (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") `app.kubernetes.io/instance` $dot.Release.Name `app.kubernetes.io/component` (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") ) (get (fromJson (include "redpanda.Storage.TieredPersistentVolumeLabels" (dict "a" (list $values.storage) ))) "r") $values.commonLabels) "annotations" (default (coalesce nil) (get (fromJson (include "redpanda.Storage.TieredPersistentVolumeAnnotations" (dict "a" (list $values.storage) ))) "r")) )) "spec" (mustMergeOverwrite (dict "resources" (dict ) ) (dict "accessModes" (list "ReadWriteOnce") "resources" (mustMergeOverwrite (dict ) (dict "requests" (dict "storage" (index (get (fromJson (include "redpanda.Storage.GetTieredStorageConfig" (dict "a" (list $values.storage) ))) "r") `cloud_storage_cache_size`) ) )) )) )) -}} +{{- $sc_15 := (get (fromJson (include "redpanda.Storage.TieredPersistentVolumeStorageClass" (dict "a" (list $values.storage) ))) "r") -}} +{{- if (eq $sc_15 "-") -}} +{{- $_ := (set $pvc.spec "storageClassName" "") -}} +{{- else -}}{{- if (not (empty $sc_15)) -}} +{{- $_ := (set $pvc.spec "storageClassName" $sc_15) -}} +{{- end -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $pvc) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.statefulSetTopologySpreadConstraints" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $result := (coalesce nil) -}} +{{- $labelSelector := (mustMergeOverwrite (dict ) (dict "matchLabels" (get (fromJson (include "redpanda.StatefulSetPodLabelsSelector" (dict "a" (list $dot) ))) "r") )) -}} +{{- range $_, $v := $values.statefulset.topologySpreadConstraints -}} +{{- $result = (concat (default (list ) $result) (list (mustMergeOverwrite (dict "maxSkew" 0 "topologyKey" "" "whenUnsatisfiable" "" ) (dict "maxSkew" ($v.maxSkew | int) "topologyKey" $v.topologyKey "whenUnsatisfiable" $v.whenUnsatisfiable "labelSelector" $labelSelector )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.StorageTieredConfig" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.Storage.GetTieredStorageConfig" (dict "a" (list $values.storage) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/_values.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/_values.go.tpl new file mode 100644 index 0000000000..7862512dcb --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/_values.go.tpl @@ -0,0 +1,1313 @@ +{{- /* Generated from "values.go" */ -}} + +{{- define "redpanda.AuditLogging.Translate" -}} +{{- $a := (index .a 0) -}} +{{- $dot := (index .a 1) -}} +{{- $isSASLEnabled := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (dict ) -}} +{{- if (not (get (fromJson (include "redpanda.RedpandaAtLeast_23_3_0" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- $enabled := (and $a.enabled $isSASLEnabled) -}} +{{- $_ := (set $result "audit_enabled" $enabled) -}} +{{- if (not $enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (ne (($a.clientMaxBufferSize | int) | int) (16777216 | int)) -}} +{{- $_ := (set $result "audit_client_max_buffer_size" ($a.clientMaxBufferSize | int)) -}} +{{- end -}} +{{- if (ne (($a.queueDrainIntervalMs | int) | int) (500 | int)) -}} +{{- $_ := (set $result "audit_queue_drain_interval_ms" ($a.queueDrainIntervalMs | int)) -}} +{{- end -}} +{{- if (ne (($a.queueMaxBufferSizePerShard | int) | int) (1048576 | int)) -}} +{{- $_ := (set $result "audit_queue_max_buffer_size_per_shard" ($a.queueMaxBufferSizePerShard | int)) -}} +{{- end -}} +{{- if (ne (($a.partitions | int) | int) (12 | int)) -}} +{{- $_ := (set $result "audit_log_num_partitions" ($a.partitions | int)) -}} +{{- end -}} +{{- if (ne ($a.replicationFactor | int) (0 | int)) -}} +{{- $_ := (set $result "audit_log_replication_factor" ($a.replicationFactor | int)) -}} +{{- end -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $a.enabledEventTypes) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $result "audit_enabled_event_types" $a.enabledEventTypes) -}} +{{- end -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $a.excludedTopics) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $result "audit_excluded_topics" $a.excludedTopics) -}} +{{- end -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $a.excludedPrincipals) ))) "r") | int) (0 | int)) -}} +{{- $_ := (set $result "audit_excluded_principals" $a.excludedPrincipals) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Auth.IsSASLEnabled" -}} +{{- $a := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $a.sasl (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" false) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $a.sasl.enabled) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Auth.Translate" -}} +{{- $a := (index .a 0) -}} +{{- $isSASLEnabled := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (not $isSASLEnabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $users := (list "kubernetes-controller") -}} +{{- range $_, $u := $a.sasl.users -}} +{{- $users = (concat (default (list ) $users) (list $u.name)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict "superusers" $users )) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Logging.Translate" -}} +{{- $l := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (dict ) -}} +{{- $clusterID_1 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.usageStats.clusterId "") ))) "r") -}} +{{- if (ne $clusterID_1 "") -}} +{{- $_ := (set $result "cluster_id" $clusterID_1) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.RedpandaResources.GetOverProvisionValue" -}} +{{- $rr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (lt ((get (fromJson (include "_shims.resource_MilliValue" (dict "a" (list $rr.cpu.cores) ))) "r") | int64) (1000 | int64)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $rr.cpu.overprovisioned false) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.IsTieredStorageEnabled" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $conf := (get (fromJson (include "redpanda.Storage.GetTieredStorageConfig" (dict "a" (list $s) ))) "r") -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $conf "cloud_storage_enabled" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_3.T2 -}} +{{- $b := $tmp_tuple_3.T1 -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and $ok (get (fromJson (include "_shims.typeassertion" (dict "a" (list "bool" $b) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.GetTieredStorageConfig" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $s.tieredConfig) ))) "r") | int) (0 | int)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tieredConfig) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tiered.config) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.GetTieredStorageHostPath" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $hp := $s.tieredStorageHostPath -}} +{{- if (and (empty $hp) (ne $s.tiered (coalesce nil))) -}} +{{- $hp = $s.tiered.hostPath -}} +{{- end -}} +{{- if (empty $hp) -}} +{{- $_ := (fail (printf `storage.tiered.mountType is "%s" but storage.tiered.hostPath is empty` $s.tiered.mountType)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $hp) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.CloudStorageCacheSize" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list (get (fromJson (include "redpanda.Storage.GetTieredStorageConfig" (dict "a" (list $s) ))) "r") `cloud_storage_cache_size` (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_4.T2 -}} +{{- $value := $tmp_tuple_4.T1 -}} +{{- if (not $ok) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $value) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.TieredCacheDirectory" -}} +{{- $s := (index .a 0) -}} +{{- $dot := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $tmp_tuple_5 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "string" (index $values.config.node "cloud_storage_cache_directory") "") ))) "r")) ))) "r") -}} +{{- $ok_3 := $tmp_tuple_5.T2 -}} +{{- $dir_2 := $tmp_tuple_5.T1 -}} +{{- if $ok_3 -}} +{{- $_is_returning = true -}} +{{- (dict "r" $dir_2) | toJson -}} +{{- break -}} +{{- end -}} +{{- $tieredConfig := (get (fromJson (include "redpanda.Storage.GetTieredStorageConfig" (dict "a" (list $values.storage) ))) "r") -}} +{{- $tmp_tuple_6 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "string" (index $tieredConfig "cloud_storage_cache_directory") "") ))) "r")) ))) "r") -}} +{{- $ok_5 := $tmp_tuple_6.T2 -}} +{{- $dir_4 := $tmp_tuple_6.T1 -}} +{{- if $ok_5 -}} +{{- $_is_returning = true -}} +{{- (dict "r" $dir_4) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" "/var/lib/redpanda/data/cloud_storage_cache") | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.TieredMountType" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (and (ne $s.tieredStoragePersistentVolume (coalesce nil)) $s.tieredStoragePersistentVolume.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" "persistentVolume") | toJson -}} +{{- break -}} +{{- end -}} +{{- if (not (empty $s.tieredStorageHostPath)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" "hostPath") | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tiered.mountType) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.TieredPersistentVolumeLabels" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $s.tieredStoragePersistentVolume (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tieredStoragePersistentVolume.labels) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (ne $s.tiered (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tiered.persistentVolume.labels) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_ := (fail `storage.tiered.mountType is "persistentVolume" but storage.tiered.persistentVolume is not configured`) -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.TieredPersistentVolumeAnnotations" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $s.tieredStoragePersistentVolume (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tieredStoragePersistentVolume.annotations) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (ne $s.tiered (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tiered.persistentVolume.annotations) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_ := (fail `storage.tiered.mountType is "persistentVolume" but storage.tiered.persistentVolume is not configured`) -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.TieredPersistentVolumeStorageClass" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $s.tieredStoragePersistentVolume (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tieredStoragePersistentVolume.storageClass) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (ne $s.tiered (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $s.tiered.persistentVolume.storageClass) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_ := (fail `storage.tiered.mountType is "persistentVolume" but storage.tiered.persistentVolume is not configured`) -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.Translate" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (dict ) -}} +{{- if (not (get (fromJson (include "redpanda.Storage.IsTieredStorageEnabled" (dict "a" (list $s) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- $tieredStorageConfig := (get (fromJson (include "redpanda.Storage.GetTieredStorageConfig" (dict "a" (list $s) ))) "r") -}} +{{- range $k, $v := $tieredStorageConfig -}} +{{- if (or (eq $v (coalesce nil)) (empty $v)) -}} +{{- continue -}} +{{- end -}} +{{- if (eq $k "cloud_storage_cache_size") -}} +{{- $_ := (set $result $k (printf "%d" ((get (fromJson (include "_shims.resource_Value" (dict "a" (list $v) ))) "r") | int64))) -}} +{{- continue -}} +{{- end -}} +{{- $tmp_tuple_8 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "string" $v "") ))) "r")) ))) "r") -}} +{{- $ok_7 := $tmp_tuple_8.T2 -}} +{{- $str_6 := $tmp_tuple_8.T1 -}} +{{- $tmp_tuple_9 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "bool" $v false) ))) "r")) ))) "r") -}} +{{- $ok_9 := $tmp_tuple_9.T2 -}} +{{- $b_8 := $tmp_tuple_9.T1 -}} +{{- $tmp_tuple_10 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.asnumeric" (dict "a" (list $v) ))) "r")) ))) "r") -}} +{{- $isFloat_11 := $tmp_tuple_10.T2 -}} +{{- $f_10 := ($tmp_tuple_10.T1 | float64) -}} +{{- if $ok_7 -}} +{{- $_ := (set $result $k $str_6) -}} +{{- else -}}{{- if $ok_9 -}} +{{- $_ := (set $result $k $b_8) -}} +{{- else -}}{{- if $isFloat_11 -}} +{{- $_ := (set $result $k ($f_10 | int)) -}} +{{- else -}} +{{- $_ := (set $result $k (mustToJson $v)) -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Storage.StorageMinFreeBytes" -}} +{{- $s := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (and (ne $s.persistentVolume (coalesce nil)) (not $s.persistentVolume.enabled)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (5368709120 | int)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $minimumFreeBytes := ((mulf (((get (fromJson (include "_shims.resource_Value" (dict "a" (list $s.persistentVolume.size) ))) "r") | int64) | float64) 0.05) | float64) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (min (5368709120 | int) ($minimumFreeBytes | int64))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Tuning.Translate" -}} +{{- $t := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (dict ) -}} +{{- $s := (toJson $t) -}} +{{- $tune := (fromJson $s) -}} +{{- $tmp_tuple_11 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list (printf "map[%s]%s" "string" "interface {}") $tune (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_11.T2 -}} +{{- $m := $tmp_tuple_11.T1 -}} +{{- if (not $ok) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (dict )) | toJson -}} +{{- break -}} +{{- end -}} +{{- range $k, $v := $m -}} +{{- $_ := (set $result $k $v) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Listeners.CreateSeedServers" -}} +{{- $l := (index .a 0) -}} +{{- $replicas := (index .a 1) -}} +{{- $fullname := (index .a 2) -}} +{{- $internalDomain := (index .a 3) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (coalesce nil) -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) ($replicas|int) (1|int) -}} +{{- $result = (concat (default (list ) $result) (list (dict "host" (dict "address" (printf "%s-%d.%s" $fullname $i $internalDomain) "port" ($l.rpc.port | int) ) ))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Listeners.AdminList" -}} +{{- $l := (index .a 0) -}} +{{- $replicas := (index .a 1) -}} +{{- $fullname := (index .a 2) -}} +{{- $internalDomain := (index .a 3) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.ServerList" (dict "a" (list $replicas "" $fullname $internalDomain ($l.admin.port | int)) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ServerList" -}} +{{- $replicas := (index .a 0) -}} +{{- $prefix := (index .a 1) -}} +{{- $fullname := (index .a 2) -}} +{{- $internalDomain := (index .a 3) -}} +{{- $port := (index .a 4) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (coalesce nil) -}} +{{- range $_, $i := untilStep (((0 | int) | int)|int) ($replicas|int) (1|int) -}} +{{- $result = (concat (default (list ) $result) (list (printf "%s%s-%d.%s:%d" $prefix $fullname $i $internalDomain ($port | int)))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Listeners.TrustStoreVolume" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $cmSources := (dict ) -}} +{{- $secretSources := (dict ) -}} +{{- range $_, $ts := (get (fromJson (include "redpanda.Listeners.TrustStores" (dict "a" (list $l $tls) ))) "r") -}} +{{- $projection := (get (fromJson (include "redpanda.TrustStore.VolumeProjection" (dict "a" (list $ts) ))) "r") -}} +{{- if (ne $projection.secret (coalesce nil)) -}} +{{- $_ := (set $secretSources $projection.secret.name (concat (default (list ) (index $secretSources $projection.secret.name)) (default (list ) $projection.secret.items))) -}} +{{- else -}} +{{- $_ := (set $cmSources $projection.configMap.name (concat (default (list ) (index $cmSources $projection.configMap.name)) (default (list ) $projection.configMap.items))) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $sources := (coalesce nil) -}} +{{- range $_, $name := (sortAlpha (keys $cmSources)) -}} +{{- $keys := (index $cmSources $name) -}} +{{- $sources = (concat (default (list ) $sources) (list (mustMergeOverwrite (dict ) (dict "configMap" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "name" $name )) (dict "items" (get (fromJson (include "redpanda.dedupKeyToPaths" (dict "a" (list $keys) ))) "r") )) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- range $_, $name := (sortAlpha (keys $secretSources)) -}} +{{- $keys := (index $secretSources $name) -}} +{{- $sources = (concat (default (list ) $sources) (list (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "name" $name )) (dict "items" (get (fromJson (include "redpanda.dedupKeyToPaths" (dict "a" (list $keys) ))) "r") )) )))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- if (lt ((get (fromJson (include "_shims.len" (dict "a" (list $sources) ))) "r") | int) (1 | int)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "name" "" ) (mustMergeOverwrite (dict ) (dict "projected" (mustMergeOverwrite (dict "sources" (coalesce nil) ) (dict "sources" $sources )) )) (dict "name" "truststores" ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.dedupKeyToPaths" -}} +{{- $items := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $seen := (dict ) -}} +{{- $deduped := (coalesce nil) -}} +{{- range $_, $item := $items -}} +{{- $tmp_tuple_12 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $seen $item.key (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_12 := $tmp_tuple_12.T2 -}} +{{- if $ok_12 -}} +{{- continue -}} +{{- end -}} +{{- $deduped = (concat (default (list ) $deduped) (list $item)) -}} +{{- $_ := (set $seen $item.key true) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $deduped) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Listeners.TrustStores" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tss := (get (fromJson (include "redpanda.KafkaListeners.TrustStores" (dict "a" (list $l.kafka $tls) ))) "r") -}} +{{- $tss = (concat (default (list ) $tss) (default (list ) (get (fromJson (include "redpanda.AdminListeners.TrustStores" (dict "a" (list $l.admin $tls) ))) "r"))) -}} +{{- $tss = (concat (default (list ) $tss) (default (list ) (get (fromJson (include "redpanda.HTTPListeners.TrustStores" (dict "a" (list $l.http $tls) ))) "r"))) -}} +{{- $tss = (concat (default (list ) $tss) (default (list ) (get (fromJson (include "redpanda.SchemaRegistryListeners.TrustStores" (dict "a" (list $l.schemaRegistry $tls) ))) "r"))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $tss) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.Config.CreateRPKConfiguration" -}} +{{- $c := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (dict ) -}} +{{- range $k, $v := $c.rpk -}} +{{- $_ := (set $result $k $v) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TLSCertMap.MustGet" -}} +{{- $m := (index .a 0) -}} +{{- $name := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tmp_tuple_13 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $m $name (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok := $tmp_tuple_13.T2 -}} +{{- $cert := $tmp_tuple_13.T1 -}} +{{- if (not $ok) -}} +{{- $_ := (fail (printf "Certificate %q referenced, but not found in the tls.certs map" $name)) -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $cert) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.BootstrapUser.BootstrapEnvironment" -}} +{{- $b := (index .a 0) -}} +{{- $fullname := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (concat (default (list ) (get (fromJson (include "redpanda.BootstrapUser.RpkEnvironment" (dict "a" (list $b $fullname) ))) "r")) (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RP_BOOTSTRAP_USER" "value" "$(RPK_USER):$(RPK_PASS):$(RPK_SASL_MECHANISM)" ))))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.BootstrapUser.RpkEnvironment" -}} +{{- $b := (index .a 0) -}} +{{- $fullname := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (list (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_PASS" "valueFrom" (mustMergeOverwrite (dict ) (dict "secretKeyRef" (get (fromJson (include "redpanda.BootstrapUser.SecretKeySelector" (dict "a" (list $b $fullname) ))) "r") )) )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_USER" "value" "kubernetes-controller" )) (mustMergeOverwrite (dict "name" "" ) (dict "name" "RPK_SASL_MECHANISM" "value" (get (fromJson (include "redpanda.BootstrapUser.GetMechanism" (dict "a" (list $b) ))) "r") )))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.BootstrapUser.GetMechanism" -}} +{{- $b := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $b.mechanism "") -}} +{{- $_is_returning = true -}} +{{- (dict "r" "SCRAM-SHA-256") | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $b.mechanism) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.BootstrapUser.SecretKeySelector" -}} +{{- $b := (index .a 0) -}} +{{- $fullname := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $b.secretKeyRef (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $b.secretKeyRef) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "key" "" ) (mustMergeOverwrite (dict ) (dict "name" (printf "%s-bootstrap-user" $fullname) )) (dict "key" "password" ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TrustStore.TrustStoreFilePath" -}} +{{- $t := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "%s/%s" "/etc/truststores" (get (fromJson (include "redpanda.TrustStore.RelativePath" (dict "a" (list $t) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TrustStore.RelativePath" -}} +{{- $t := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $t.configMapKeyRef (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "configmaps/%s-%s" $t.configMapKeyRef.name $t.configMapKeyRef.key)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "secrets/%s-%s" $t.secretKeyRef.name $t.secretKeyRef.key)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TrustStore.VolumeProjection" -}} +{{- $t := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $t.configMapKeyRef (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict ) (dict "configMap" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "name" $t.configMapKeyRef.name )) (dict "items" (list (mustMergeOverwrite (dict "key" "" "path" "" ) (dict "key" $t.configMapKeyRef.key "path" (get (fromJson (include "redpanda.TrustStore.RelativePath" (dict "a" (list $t) ))) "r") ))) )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict ) (dict "secret" (mustMergeOverwrite (dict ) (mustMergeOverwrite (dict ) (dict "name" $t.secretKeyRef.name )) (dict "items" (list (mustMergeOverwrite (dict "key" "" "path" "" ) (dict "key" $t.secretKeyRef.key "path" (get (fromJson (include "redpanda.TrustStore.RelativePath" (dict "a" (list $t) ))) "r") ))) )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.InternalTLS.IsEnabled" -}} +{{- $t := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $t.enabled $tls.enabled) ))) "r") (ne $t.cert ""))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.InternalTLS.TrustStoreFilePath" -}} +{{- $t := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $t.trustStore (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.TrustStore.TrustStoreFilePath" (dict "a" (list $t.trustStore) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (get (fromJson (include "redpanda.TLSCertMap.MustGet" (dict "a" (list (deepCopy $tls.certs) $t.cert) ))) "r").caEnabled -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "/etc/tls/certs/%s/ca.crt" $t.cert)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" "/etc/ssl/certs/ca-certificates.crt") | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.InternalTLS.ServerCAPath" -}} +{{- $t := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (get (fromJson (include "redpanda.TLSCertMap.MustGet" (dict "a" (list (deepCopy $tls.certs) $t.cert) ))) "r").caEnabled -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "/etc/tls/certs/%s/ca.crt" $t.cert)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "/etc/tls/certs/%s/tls.crt" $t.cert)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ExternalTLS.GetCert" -}} +{{- $t := (index .a 0) -}} +{{- $i := (index .a 1) -}} +{{- $tls := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.TLSCertMap.MustGet" (dict "a" (list (deepCopy $tls.certs) (get (fromJson (include "redpanda.ExternalTLS.GetCertName" (dict "a" (list $t $i) ))) "r")) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ExternalTLS.GetCertName" -}} +{{- $t := (index .a 0) -}} +{{- $i := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $t.cert $i.cert) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ExternalTLS.TrustStoreFilePath" -}} +{{- $t := (index .a 0) -}} +{{- $i := (index .a 1) -}} +{{- $tls := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (ne $t.trustStore (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (get (fromJson (include "redpanda.TrustStore.TrustStoreFilePath" (dict "a" (list $t.trustStore) ))) "r")) | toJson -}} +{{- break -}} +{{- end -}} +{{- if (get (fromJson (include "redpanda.ExternalTLS.GetCert" (dict "a" (list $t $i $tls) ))) "r").caEnabled -}} +{{- $_is_returning = true -}} +{{- (dict "r" (printf "/etc/tls/certs/%s/ca.crt" (get (fromJson (include "redpanda.ExternalTLS.GetCertName" (dict "a" (list $t $i) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" "/etc/ssl/certs/ca-certificates.crt") | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ExternalTLS.IsEnabled" -}} +{{- $t := (index .a 0) -}} +{{- $i := (index .a 1) -}} +{{- $tls := (index .a 2) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $t (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" false) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (ne (get (fromJson (include "redpanda.ExternalTLS.GetCertName" (dict "a" (list $t $i) ))) "r") "") (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $t.enabled (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $i $tls) ))) "r")) ))) "r"))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.AdminListeners.ConsoleTLS" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $t := (mustMergeOverwrite (dict "enabled" false "caFilepath" "" "certFilepath" "" "keyFilepath" "" "insecureSkipTlsVerify" false ) (dict "enabled" (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $l.tls $tls) ))) "r") )) -}} +{{- if (not $t.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- $adminAPIPrefix := "/mnt/cert/adminapi" -}} +{{- $_ := (set $t "caFilepath" (printf "%s/%s/ca.crt" $adminAPIPrefix $l.tls.cert)) -}} +{{- if (not $l.tls.requireClientAuth) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $t "certFilepath" (printf "%s/%s/tls.crt" $adminAPIPrefix $l.tls.cert)) -}} +{{- $_ := (set $t "keyFilepath" (printf "%s/%s/tls.key" $adminAPIPrefix $l.tls.cert)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.AdminListeners.Listeners" -}} +{{- $l := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $admin := (list (get (fromJson (include "redpanda.createInternalListenerCfg" (dict "a" (list ($l.port | int)) ))) "r")) -}} +{{- range $k, $lis := $l.external -}} +{{- if (not (get (fromJson (include "redpanda.AdminExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $admin = (concat (default (list ) $admin) (list (dict "name" $k "port" ($lis.port | int) "address" "0.0.0.0" ))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $admin) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.AdminListeners.ListenersTLS" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $admin := (list ) -}} +{{- $internal := (get (fromJson (include "redpanda.createInternalListenerTLSCfg" (dict "a" (list $tls $l.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $internal) ))) "r") | int) (0 | int)) -}} +{{- $admin = (concat (default (list ) $admin) (list $internal)) -}} +{{- end -}} +{{- range $k, $lis := $l.external -}} +{{- if (or (not (get (fromJson (include "redpanda.AdminExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) -}} +{{- continue -}} +{{- end -}} +{{- $certName := (get (fromJson (include "redpanda.ExternalTLS.GetCertName" (dict "a" (list $lis.tls $l.tls) ))) "r") -}} +{{- $admin = (concat (default (list ) $admin) (list (dict "name" $k "enabled" true "cert_file" (printf "/etc/tls/certs/%s/tls.crt" $certName) "key_file" (printf "/etc/tls/certs/%s/tls.key" $certName) "require_client_auth" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $lis.tls.requireClientAuth false) ))) "r") "truststore_file" (get (fromJson (include "redpanda.ExternalTLS.TrustStoreFilePath" (dict "a" (list $lis.tls $l.tls $tls) ))) "r") ))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $admin) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.AdminListeners.TrustStores" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tss := (list ) -}} +{{- if (and (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $l.tls $tls) ))) "r") (ne $l.tls.trustStore (coalesce nil))) -}} +{{- $tss = (concat (default (list ) $tss) (list $l.tls.trustStore)) -}} +{{- end -}} +{{- range $_, $key := (sortAlpha (keys $l.external)) -}} +{{- $lis := (index $l.external $key) -}} +{{- if (or (or (not (get (fromJson (include "redpanda.AdminExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) (eq $lis.tls.trustStore (coalesce nil))) -}} +{{- continue -}} +{{- end -}} +{{- $tss = (concat (default (list ) $tss) (list $lis.tls.trustStore)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $tss) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.AdminExternal.IsEnabled" -}} +{{- $l := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.enabled true) ))) "r") (gt ($l.port | int) (0 | int)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.HTTPListeners.Listeners" -}} +{{- $l := (index .a 0) -}} +{{- $saslEnabled := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $internal := (get (fromJson (include "redpanda.createInternalListenerCfg" (dict "a" (list ($l.port | int)) ))) "r") -}} +{{- if $saslEnabled -}} +{{- $_ := (set $internal "authentication_method" "http_basic") -}} +{{- end -}} +{{- $am_13 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.authenticationMethod "") ))) "r") -}} +{{- if (ne $am_13 "") -}} +{{- $_ := (set $internal "authentication_method" $am_13) -}} +{{- end -}} +{{- $result := (list $internal) -}} +{{- range $k, $l := $l.external -}} +{{- if (not (get (fromJson (include "redpanda.HTTPExternal.IsEnabled" (dict "a" (list $l) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $listener := (dict "name" $k "port" ($l.port | int) "address" "0.0.0.0" ) -}} +{{- if $saslEnabled -}} +{{- $_ := (set $listener "authentication_method" "http_basic") -}} +{{- end -}} +{{- $am_14 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.authenticationMethod "") ))) "r") -}} +{{- if (ne $am_14 "") -}} +{{- $_ := (set $listener "authentication_method" $am_14) -}} +{{- end -}} +{{- $result = (concat (default (list ) $result) (list $listener)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.HTTPListeners.ListenersTLS" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $pp := (list ) -}} +{{- $internal := (get (fromJson (include "redpanda.createInternalListenerTLSCfg" (dict "a" (list $tls $l.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $internal) ))) "r") | int) (0 | int)) -}} +{{- $pp = (concat (default (list ) $pp) (list $internal)) -}} +{{- end -}} +{{- range $k, $lis := $l.external -}} +{{- if (or (not (get (fromJson (include "redpanda.HTTPExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) -}} +{{- continue -}} +{{- end -}} +{{- $certName := (get (fromJson (include "redpanda.ExternalTLS.GetCertName" (dict "a" (list $lis.tls $l.tls) ))) "r") -}} +{{- $pp = (concat (default (list ) $pp) (list (dict "name" $k "enabled" true "cert_file" (printf "/etc/tls/certs/%s/tls.crt" $certName) "key_file" (printf "/etc/tls/certs/%s/tls.key" $certName) "require_client_auth" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $lis.tls.requireClientAuth false) ))) "r") "truststore_file" (get (fromJson (include "redpanda.ExternalTLS.TrustStoreFilePath" (dict "a" (list $lis.tls $l.tls $tls) ))) "r") ))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $pp) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.HTTPListeners.TrustStores" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tss := (coalesce nil) -}} +{{- if (and (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $l.tls $tls) ))) "r") (ne $l.tls.trustStore (coalesce nil))) -}} +{{- $tss = (concat (default (list ) $tss) (list $l.tls.trustStore)) -}} +{{- end -}} +{{- range $_, $key := (sortAlpha (keys $l.external)) -}} +{{- $lis := (index $l.external $key) -}} +{{- if (or (or (not (get (fromJson (include "redpanda.HTTPExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) (eq $lis.tls.trustStore (coalesce nil))) -}} +{{- continue -}} +{{- end -}} +{{- $tss = (concat (default (list ) $tss) (list $lis.tls.trustStore)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $tss) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.HTTPExternal.IsEnabled" -}} +{{- $l := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.enabled true) ))) "r") (gt ($l.port | int) (0 | int)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.KafkaListeners.Listeners" -}} +{{- $l := (index .a 0) -}} +{{- $auth := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $internal := (get (fromJson (include "redpanda.createInternalListenerCfg" (dict "a" (list ($l.port | int)) ))) "r") -}} +{{- if (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $auth) ))) "r") -}} +{{- $_ := (set $internal "authentication_method" "sasl") -}} +{{- end -}} +{{- $am_15 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.authenticationMethod "") ))) "r") -}} +{{- if (ne $am_15 "") -}} +{{- $_ := (set $internal "authentication_method" $am_15) -}} +{{- end -}} +{{- $kafka := (list $internal) -}} +{{- range $k, $l := $l.external -}} +{{- if (not (get (fromJson (include "redpanda.KafkaExternal.IsEnabled" (dict "a" (list $l) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $listener := (dict "name" $k "port" ($l.port | int) "address" "0.0.0.0" ) -}} +{{- if (get (fromJson (include "redpanda.Auth.IsSASLEnabled" (dict "a" (list $auth) ))) "r") -}} +{{- $_ := (set $listener "authentication_method" "sasl") -}} +{{- end -}} +{{- $am_16 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.authenticationMethod "") ))) "r") -}} +{{- if (ne $am_16 "") -}} +{{- $_ := (set $listener "authentication_method" $am_16) -}} +{{- end -}} +{{- $kafka = (concat (default (list ) $kafka) (list $listener)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $kafka) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.KafkaListeners.ListenersTLS" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $kafka := (list ) -}} +{{- $internal := (get (fromJson (include "redpanda.createInternalListenerTLSCfg" (dict "a" (list $tls $l.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $internal) ))) "r") | int) (0 | int)) -}} +{{- $kafka = (concat (default (list ) $kafka) (list $internal)) -}} +{{- end -}} +{{- range $k, $lis := $l.external -}} +{{- if (or (not (get (fromJson (include "redpanda.KafkaExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) -}} +{{- continue -}} +{{- end -}} +{{- $certName := (get (fromJson (include "redpanda.ExternalTLS.GetCertName" (dict "a" (list $lis.tls $l.tls) ))) "r") -}} +{{- $kafka = (concat (default (list ) $kafka) (list (dict "name" $k "enabled" true "cert_file" (printf "/etc/tls/certs/%s/tls.crt" $certName) "key_file" (printf "/etc/tls/certs/%s/tls.key" $certName) "require_client_auth" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $lis.tls.requireClientAuth false) ))) "r") "truststore_file" (get (fromJson (include "redpanda.ExternalTLS.TrustStoreFilePath" (dict "a" (list $lis.tls $l.tls $tls) ))) "r") ))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $kafka) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.KafkaListeners.TrustStores" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tss := (coalesce nil) -}} +{{- if (and (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $l.tls $tls) ))) "r") (ne $l.tls.trustStore (coalesce nil))) -}} +{{- $tss = (concat (default (list ) $tss) (list $l.tls.trustStore)) -}} +{{- end -}} +{{- range $_, $key := (sortAlpha (keys $l.external)) -}} +{{- $lis := (index $l.external $key) -}} +{{- if (or (or (not (get (fromJson (include "redpanda.KafkaExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) (eq $lis.tls.trustStore (coalesce nil))) -}} +{{- continue -}} +{{- end -}} +{{- $tss = (concat (default (list ) $tss) (list $lis.tls.trustStore)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $tss) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.KafkaListeners.ConsolemTLS" -}} +{{- $k := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $t := (mustMergeOverwrite (dict "enabled" false "caFilepath" "" "certFilepath" "" "keyFilepath" "" "insecureSkipTlsVerify" false ) (dict "enabled" (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $k.tls $tls) ))) "r") )) -}} +{{- if (not $t.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- $kafkaPathPrefix := "/mnt/cert/kafka" -}} +{{- $_ := (set $t "caFilepath" (printf "%s/%s/ca.crt" $kafkaPathPrefix $k.tls.cert)) -}} +{{- if (not $k.tls.requireClientAuth) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $t "certFilepath" (printf "%s/%s/tls.crt" $kafkaPathPrefix $k.tls.cert)) -}} +{{- $_ := (set $t "keyFilepath" (printf "%s/%s/tls.key" $kafkaPathPrefix $k.tls.cert)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.KafkaExternal.IsEnabled" -}} +{{- $l := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.enabled true) ))) "r") (gt ($l.port | int) (0 | int)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SchemaRegistryListeners.Listeners" -}} +{{- $sr := (index .a 0) -}} +{{- $saslEnabled := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $internal := (get (fromJson (include "redpanda.createInternalListenerCfg" (dict "a" (list ($sr.port | int)) ))) "r") -}} +{{- if $saslEnabled -}} +{{- $_ := (set $internal "authentication_method" "http_basic") -}} +{{- end -}} +{{- $am_17 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $sr.authenticationMethod "") ))) "r") -}} +{{- if (ne $am_17 "") -}} +{{- $_ := (set $internal "authentication_method" $am_17) -}} +{{- end -}} +{{- $result := (list $internal) -}} +{{- range $k, $l := $sr.external -}} +{{- if (not (get (fromJson (include "redpanda.SchemaRegistryExternal.IsEnabled" (dict "a" (list $l) ))) "r")) -}} +{{- continue -}} +{{- end -}} +{{- $listener := (dict "name" $k "port" ($l.port | int) "address" "0.0.0.0" ) -}} +{{- if $saslEnabled -}} +{{- $_ := (set $listener "authentication_method" "http_basic") -}} +{{- end -}} +{{- $am_18 := (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.authenticationMethod "") ))) "r") -}} +{{- if (ne $am_18 "") -}} +{{- $_ := (set $listener "authentication_method" $am_18) -}} +{{- end -}} +{{- $result = (concat (default (list ) $result) (list $listener)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SchemaRegistryListeners.ListenersTLS" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $listeners := (list ) -}} +{{- $internal := (get (fromJson (include "redpanda.createInternalListenerTLSCfg" (dict "a" (list $tls $l.tls) ))) "r") -}} +{{- if (gt ((get (fromJson (include "_shims.len" (dict "a" (list $internal) ))) "r") | int) (0 | int)) -}} +{{- $listeners = (concat (default (list ) $listeners) (list $internal)) -}} +{{- end -}} +{{- range $k, $lis := $l.external -}} +{{- if (or (not (get (fromJson (include "redpanda.SchemaRegistryExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) -}} +{{- continue -}} +{{- end -}} +{{- $certName := (get (fromJson (include "redpanda.ExternalTLS.GetCertName" (dict "a" (list $lis.tls $l.tls) ))) "r") -}} +{{- $listeners = (concat (default (list ) $listeners) (list (dict "name" $k "enabled" true "cert_file" (printf "/etc/tls/certs/%s/tls.crt" $certName) "key_file" (printf "/etc/tls/certs/%s/tls.key" $certName) "require_client_auth" (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $lis.tls.requireClientAuth false) ))) "r") "truststore_file" (get (fromJson (include "redpanda.ExternalTLS.TrustStoreFilePath" (dict "a" (list $lis.tls $l.tls $tls) ))) "r") ))) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $listeners) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SchemaRegistryListeners.TrustStores" -}} +{{- $l := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $tss := (coalesce nil) -}} +{{- if (and (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $l.tls $tls) ))) "r") (ne $l.tls.trustStore (coalesce nil))) -}} +{{- $tss = (concat (default (list ) $tss) (list $l.tls.trustStore)) -}} +{{- end -}} +{{- range $_, $key := (sortAlpha (keys $l.external)) -}} +{{- $lis := (index $l.external $key) -}} +{{- if (or (or (not (get (fromJson (include "redpanda.SchemaRegistryExternal.IsEnabled" (dict "a" (list $lis) ))) "r")) (not (get (fromJson (include "redpanda.ExternalTLS.IsEnabled" (dict "a" (list $lis.tls $l.tls $tls) ))) "r"))) (eq $lis.tls.trustStore (coalesce nil))) -}} +{{- continue -}} +{{- end -}} +{{- $tss = (concat (default (list ) $tss) (list $lis.tls.trustStore)) -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $tss) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SchemaRegistryListeners.ConsoleTLS" -}} +{{- $sr := (index .a 0) -}} +{{- $tls := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $t := (mustMergeOverwrite (dict "enabled" false "caFilepath" "" "certFilepath" "" "keyFilepath" "" "insecureSkipTlsVerify" false ) (dict "enabled" (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $sr.tls $tls) ))) "r") )) -}} +{{- if (not $t.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- $schemaRegistryPrefix := "/mnt/cert/schemaregistry" -}} +{{- $_ := (set $t "caFilepath" (printf "%s/%s/ca.crt" $schemaRegistryPrefix $sr.tls.cert)) -}} +{{- if (not $sr.tls.requireClientAuth) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- $_ := (set $t "certFilepath" (printf "%s/%s/tls.crt" $schemaRegistryPrefix $sr.tls.cert)) -}} +{{- $_ := (set $t "keyFilepath" (printf "%s/%s/tls.key" $schemaRegistryPrefix $sr.tls.cert)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $t) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SchemaRegistryExternal.IsEnabled" -}} +{{- $l := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $l.enabled true) ))) "r") (gt ($l.port | int) (0 | int)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TunableConfig.Translate" -}} +{{- $c := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- if (eq $c (coalesce nil)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $result := (dict ) -}} +{{- range $k, $v := $c -}} +{{- if (not (empty $v)) -}} +{{- $_ := (set $result $k $v) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.NodeConfig.Translate" -}} +{{- $c := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (dict ) -}} +{{- range $k, $v := $c -}} +{{- if (not (empty $v)) -}} +{{- $tmp_tuple_16 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.asnumeric" (dict "a" (list $v) ))) "r")) ))) "r") -}} +{{- $ok_19 := $tmp_tuple_16.T2 -}} +{{- if $ok_19 -}} +{{- $_ := (set $result $k $v) -}} +{{- else -}}{{- if (kindIs "bool" $v) -}} +{{- $_ := (set $result $k $v) -}} +{{- else -}} +{{- $_ := (set $result $k (toYaml $v)) -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ClusterConfig.Translate" -}} +{{- $c := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $result := (dict ) -}} +{{- range $k, $v := $c -}} +{{- $tmp_tuple_17 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "bool" $v false) ))) "r")) ))) "r") -}} +{{- $ok_21 := $tmp_tuple_17.T2 -}} +{{- $b_20 := $tmp_tuple_17.T1 -}} +{{- if $ok_21 -}} +{{- $_ := (set $result $k $b_20) -}} +{{- continue -}} +{{- end -}} +{{- if (not (empty $v)) -}} +{{- $_ := (set $result $k $v) -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $_is_returning = true -}} +{{- (dict "r" $result) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SecretRef.IsValid" -}} +{{- $sr := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (and (ne $sr (coalesce nil)) (not (empty $sr.key))) (not (empty $sr.name)))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TieredStorageCredentials.IsAccessKeyReferenceValid" -}} +{{- $tsc := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (and (ne $tsc.accessKey (coalesce nil)) (ne $tsc.accessKey.name "")) (ne $tsc.accessKey.key ""))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.TieredStorageCredentials.IsSecretKeyReferenceValid" -}} +{{- $tsc := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $_is_returning = true -}} +{{- (dict "r" (and (and (ne $tsc.secretKey (coalesce nil)) (ne $tsc.secretKey.name "")) (ne $tsc.secretKey.key ""))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/cert-issuers.yaml b/charts/redpanda/redpanda/5.9.4/templates/cert-issuers.yaml new file mode 100644 index 0000000000..f5c9667526 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/cert-issuers.yaml @@ -0,0 +1,18 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.CertIssuers" .) -}} +{{- include "_shims.render-manifest" (list "redpanda.RootCAs" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/certs.yaml b/charts/redpanda/redpanda/5.9.4/templates/certs.yaml new file mode 100644 index 0000000000..08437f58ec --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/certs.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.ClientCerts" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/configmap.yaml b/charts/redpanda/redpanda/5.9.4/templates/configmap.yaml new file mode 100644 index 0000000000..8c33ab3378 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/configmap.yaml @@ -0,0 +1,17 @@ +{{- /* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.ConfigMaps" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/connectors/connectors.yaml b/charts/redpanda/redpanda/5.9.4/templates/connectors/connectors.yaml new file mode 100644 index 0000000000..c7dfe6b893 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/connectors/connectors.yaml @@ -0,0 +1,108 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{ if and .Values.connectors.enabled (not .Values.connectors.deployment.create) }} + +{{ $values := .Values }} + +{{/* brokers */}} +{{ $kafkaBrokers := list }} +{{ range (include "seed-server-list" . | mustFromJson) }} + {{ $kafkaBrokers = append $kafkaBrokers (printf "%s:%d" . (int $values.listeners.kafka.port)) }} +{{ end }} + +{{ $connectorsValues := dict + "Values" (dict + "connectors" (dict + "bootstrapServers" (join "," $kafkaBrokers) + "brokerTLS" (dict + "enabled" (include "kafka-internal-tls-enabled" . | fromJson).bool + "ca" (dict + "secretRef" (ternary (printf "%s-default-cert" (include "redpanda.fullname" .)) "" (include "kafka-internal-tls-enabled" . | fromJson).bool) + ) + ) + ) + ) +}} + +{{ $extraVolumes := list }} +{{ $extraVolumeMounts := list }} +{{ $extraEnv := .Values.connectors.deployment.extraEnv }} +{{ $command := list }} +{{ if (include "sasl-enabled" . | fromJson).bool }} + {{ $command = concat $command (list "bash" "-c") }} + {{ $consoleSASLConfig := (printf "set -e; IFS=':' read -r CONNECT_SASL_USERNAME CONNECT_SASL_PASSWORD CONNECT_SASL_MECHANISM < <(grep \"\" $(find /mnt/users/* -print)); CONNECT_SASL_MECHANISM=${CONNECT_SASL_MECHANISM:-%s}; export CONNECT_SASL_USERNAME CONNECT_SASL_PASSWORD CONNECT_SASL_MECHANISM;" ( include "sasl-mechanism" . | lower )) }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " [[ $CONNECT_SASL_MECHANISM == \"SCRAM-SHA-256\" ]] && CONNECT_SASL_MECHANISM=scram-sha-256;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " [[ $CONNECT_SASL_MECHANISM == \"SCRAM-SHA-512\" ]] && CONNECT_SASL_MECHANISM=scram-sha-512;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " export CONNECT_SASL_MECHANISM;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " echo $CONNECT_SASL_PASSWORD > /opt/kafka/connect-password/rc-credentials/password;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " exec /opt/kafka/bin/kafka_connect_run.sh" }} + {{ $command = append $command $consoleSASLConfig }} + + {{ $extraVolumes = concat $extraVolumes .Values.connectors.storage.volume }} + + {{ $extraVolumes = append $extraVolumes (dict + "name" (printf "%s-users" (include "redpanda.fullname" .)) + "secret" (dict + "secretName" .Values.auth.sasl.secretRef + ) + )}} + + {{ $extraVolumeMounts = concat $extraVolumeMounts .Values.connectors.storage.volumeMounts }} + + {{ $extraVolumeMounts = append $extraVolumeMounts (dict + "name" (printf "%s-users" (include "redpanda.fullname" .)) + "mountPath" "/mnt/users" + "readOnly" true + )}} + {{ $extraVolumes = append $extraVolumes (dict + "name" (printf "%s-user-password" ((include "redpanda.fullname" .)) | trunc 49) + "emptyDir" (dict) + )}} + {{ $extraVolumeMounts = append $extraVolumeMounts (dict + "name" (printf "%s-user-password" ((include "redpanda.fullname" .)) | trunc 49) + "mountPath" "/opt/kafka/connect-password/rc-credentials" + )}} + {{ $extraEnv = append $extraEnv (dict + "name" "CONNECT_SASL_PASSWORD_FILE" + "value" "rc-credentials/password" + )}} + {{ $connectorsValues := merge $connectorsValues (dict + "Values" (dict + "storage" (dict + "volumeMounts" $extraVolumeMounts + "volume" $extraVolumes + ) + "auth" (dict + "sasl" (dict + "enabled" .Values.auth.sasl.enabled + ) + ) + "deployment" (dict + "command" $command + "extraEnv" $extraEnv + ) + ) + )}} +{{ end }} + +{{ $connectorsValues := merge $connectorsValues (dict "Values" (dict "deployment" (dict "create" (not .Values.connectors.deployment.create)))) }} +{{ $connectorsValues := merge $connectorsValues (dict "Values" (dict "test" (dict "create" (not .Values.connectors.test.create)))) }} +{{ $helmVars := merge $connectorsValues .Subcharts.connectors }} +{{ include (print .Subcharts.connectors.Template.BasePath "/deployment.yaml") $helmVars }} +--- +{{ include (print .Subcharts.connectors.Template.BasePath "/tests/01-mm2-values.yaml") $helmVars }} +{{ end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/console/configmap-and-deployment.yaml b/charts/redpanda/redpanda/5.9.4/templates/console/configmap-and-deployment.yaml new file mode 100644 index 0000000000..a03229aae2 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/console/configmap-and-deployment.yaml @@ -0,0 +1,234 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{/* Secret */}} +{{ $secretConfig := dict ( dict + "create" $.Values.console.secret.create + ) +}} +{{/* if the console chart has the creation of the secret disabled, create it here instead if needed */}} +{{ if and .Values.console.enabled (not .Values.console.secret.create) }} +{{ $licenseKey := ( include "enterprise-license" . ) }} +# before license changes, this was not printing a secret, so we gather in which case to print +# for now only if we have a license do we print, however, this may be an issue for some +# since if we do include a license we MUST also print all secret items. + {{ if ( not (empty $licenseKey ) ) }} +{{/* License and license are set twice here as a work around to a bug in the post-go console chart. */}} +{{ $secretConfig = ( dict + "create" true + "enterprise" ( dict "license" $licenseKey "License" $licenseKey) + ) +}} + +{{ $config := dict + "Values" (dict + "secret" $secretConfig + )}} + +{{ $secretValues := merge $config .Subcharts.console }} +{{ $wrappedSecretValues := (dict "Chart" .Subcharts.console.Chart "Release" .Release "Values" (dict "AsMap" $secretValues.Values)) }} +--- +{{- include "_shims.render-manifest" (list "console.Secret" $wrappedSecretValues) -}} + {{ end }} +{{ end }} + +{{ $configmap := dict }} +{{/* if the console chart has the creation of the configmap disabled, create it here instead */}} +{{ if and .Values.console.enabled (not .Values.console.configmap.create) }} +{{ $consoleConfigmap := dict "create" true }} + +{{ $consoleConfig := merge .Values.console.config (get ((include "redpanda.ConsoleConfig" (dict "a" (list .))) | fromJson) "r") }} + +{{ $config := dict + "Values" (dict + "console" (dict "config" $consoleConfig) + "configmap" $consoleConfigmap + "secret" $secretConfig + ) +}} + +{{ $configMapValues := merge $config .Subcharts.console }} +--- +{{ $wrappedSecretValues := (dict "Chart" .Subcharts.console.Chart "Release" .Release "Values" (dict "AsMap" $configMapValues.Values)) }} +{{- include "_shims.render-manifest" (list "console.ConfigMap" $wrappedSecretValues) -}} +{{ $configmap = include "_shims.render-manifest" (list "console.ConfigMap" $wrappedSecretValues) }} +{{ end }} + +{{/* Deployment */}} +{{ if and .Values.console.enabled (not .Values.console.deployment.create) }} + +{{ $extraVolumes := list }} +{{ $extraVolumeMounts := list }} +{{ $command := list }} +{{ if (include "sasl-enabled" . | fromJson).bool }} + {{ $command = concat $command (list "sh" "-c") }} + {{ $consoleSASLConfig := (printf "set -e; IFS=':' read -r KAFKA_SASL_USERNAME KAFKA_SASL_PASSWORD KAFKA_SASL_MECHANISM < <(grep \"\" $(find /mnt/users/* -print)); KAFKA_SASL_MECHANISM=${KAFKA_SASL_MECHANISM:-%s}; export KAFKA_SASL_USERNAME KAFKA_SASL_PASSWORD KAFKA_SASL_MECHANISM;" ( include "sasl-mechanism" . )) }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " export KAFKA_SCHEMAREGISTRY_USERNAME=$KAFKA_SASL_USERNAME;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " export KAFKA_SCHEMAREGISTRY_PASSWORD=$KAFKA_SASL_PASSWORD;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " export REDPANDA_ADMINAPI_USERNAME=$KAFKA_SASL_USERNAME;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " export REDPANDA_ADMINAPI_PASSWORD=$KAFKA_SASL_PASSWORD;" }} + {{ $consoleSASLConfig = cat $consoleSASLConfig " /app/console $@" }} + {{ $command = append $command $consoleSASLConfig }} + {{ $command = append $command "--" }} + {{ $extraVolumes = append $extraVolumes (dict + "name" (printf "%s-users" (include "redpanda.fullname" .)) + "secret" (dict + "secretName" .Values.auth.sasl.secretRef + ) + )}} + {{ $extraVolumeMounts = append $extraVolumeMounts (dict + "name" (printf "%s-users" (include "redpanda.fullname" .)) + "mountPath" "/mnt/users" + "readOnly" true + ) }} +{{ end }} + +{{ $kafkaTLS := list }} +{{ if (include "kafka-internal-tls-enabled" . | fromJson).bool }} + {{ $service := .Values.listeners.kafka }} + {{ $cert := get .Values.tls.certs $service.tls.cert }} + {{- $secretName := (printf "%s-%s-cert" (include "redpanda.fullname" .) $service.tls.cert) }} + {{- if $cert.secretRef }} + {{- $secretName = $cert.secretRef.name }} + {{- end }} + {{ if $cert.caEnabled }} + {{ $kafkaTLS = append $kafkaTLS (dict + "name" "KAFKA_TLS_CAFILEPATH" + "value" (printf "/mnt/cert/kafka/%s/ca.crt" $service.tls.cert) + )}} + {{ $extraVolumes = append $extraVolumes (dict + "name" (printf "kafka-%s-cert" $service.tls.cert) + "secret" (dict + "defaultMode" 0420 + "secretName" ( $secretName ) + ))}} + {{ $extraVolumeMounts = append $extraVolumeMounts (dict + "name" (printf "kafka-%s-cert" $service.tls.cert) + "mountPath" (printf "/mnt/cert/kafka/%s" $service.tls.cert) + "readOnly" true + )}} + {{ end }} +{{ end }} + +{{ $schemaRegistryTLS := list }} +{{ if (include "schemaRegistry-internal-tls-enabled" . | fromJson).bool }} + {{ $service := .Values.listeners.schemaRegistry }} + {{ $cert := get .Values.tls.certs $service.tls.cert }} + {{- $secretName := (printf "%s-%s-cert" (include "redpanda.fullname" .) $service.tls.cert) }} + {{- if $cert.secretRef }} + {{- $secretName = $cert.secretRef.name }} + {{- end }} + {{ if $cert.caEnabled }} + {{ $schemaRegistryTLS = append $schemaRegistryTLS (dict + "name" "KAFKA_SCHEMAREGISTRY_TLS_CAFILEPATH" + "value" (printf "/mnt/cert/schemaregistry/%s/ca.crt" $service.tls.cert) + )}} + {{ $extraVolumes = append $extraVolumes (dict + "name" (printf "schemaregistry-%s-cert" $service.tls.cert) + "secret" (dict + "defaultMode" 0420 + "secretName" ( $secretName ) + ))}} + {{ $extraVolumeMounts = append $extraVolumeMounts (dict + "name" (printf "schemaregistry-%s-cert" $service.tls.cert) + "mountPath" (printf "/mnt/cert/schemaregistry/%s" $service.tls.cert) + "readOnly" true + )}} + {{ end }} +{{ end }} + +{{ $adminAPI := list }} +{{ if (include "admin-internal-tls-enabled" . | fromJson).bool }} + {{ $service := .Values.listeners.admin }} + {{ $cert := get .Values.tls.certs $service.tls.cert }} + {{- $secretName := (printf "%s-%s-cert" (include "redpanda.fullname" .) $service.tls.cert) }} + {{- if $cert.secretRef }} + {{- $secretName = $cert.secretRef.name }} + {{- end }} + {{ if $cert.caEnabled }} + {{ $extraVolumes = append $extraVolumes (dict + "name" (printf "adminapi-%s-cert" $service.tls.cert) + "secret" (dict + "defaultMode" 0420 + "secretName" ( $secretName ) + ))}} + {{ $extraVolumeMounts = append $extraVolumeMounts (dict + "name" (printf "adminapi-%s-cert" $service.tls.cert) + "mountPath" (printf "/mnt/cert/adminapi/%s" $service.tls.cert) + "readOnly" true + )}} + {{ end }} +{{ end }} + +{{ $enterprise := dict }} +{{ if ( include "enterprise-secret" .) }} + {{ $enterprise = dict + "licenseSecretRef" ( dict + "name" ( include "enterprise-secret-name" . ) + "key" ( include "enterprise-secret-key" . ) + ) + }} +{{ end }} + +{{ $extraEnv := concat $kafkaTLS $schemaRegistryTLS $adminAPI .Values.console.extraEnv }} +{{ $extraVolumes = concat $extraVolumes .Values.console.extraVolumes }} +{{ $extraVolumeMounts = concat $extraVolumeMounts .Values.console.extraVolumeMounts }} +{{ $consoleValues := dict + "Values" (dict + "extraVolumes" $extraVolumes + "extraVolumeMounts" $extraVolumeMounts + "extraEnv" $extraEnv + "secret" $secretConfig + "enterprise" $enterprise + "image" $.Values.console.image + "autoscaling" .Values.console.autoscaling + "replicaCount" .Values.console.replicaCount + "strategy" .Values.console.strategy + "podAnnotations" .Values.console.podAnnotations + "podLabels" .Values.console.podLabels + "imagePullSecrets" .Values.console.imagePullSecrets + "podSecurityContext" .Values.console.podSecurityContext + "secretMounts" .Values.console.secretMounts + "initContainers" .Values.console.initContainers + "extraArgs" .Values.console.extraArgs + "securityContext" .Values.console.securityContext + "livenessProbe" .Values.console.livenessProbe + "readinessProbe" .Values.console.readinessProbe + "resources" .Values.console.resources + "extraContainers" .Values.console.extraContainers + "nodeSelector" .Values.console.nodeSelector + "affinity" .Values.console.affinity + "topologySpreadConstraints" .Values.console.topologySpreadConstraints + "priorityClassName" .Values.console.priorityClassName + "tolerations" .Values.console.tolerations +)}} + +{{ if not (empty $command) }} + {{ $consoleValues := merge $consoleValues (dict "Values" (dict "deployment" (dict "command" $command))) }} +{{ end }} +{{ $consoleValues := merge $consoleValues (dict "Values" (dict "deployment" (dict "create" (not .Values.console.deployment.create)))) }} + +{{ if and .Values.console.enabled (not .Values.console.configmap.create) }} +{{ $consoleValues := merge $consoleValues (dict "Values" (dict "podAnnotations" (dict "checksum-redpanda-chart/config" ( $configmap | toYaml | sha256sum )))) }} +{{ end }} + +{{ $deploymentValues := merge $consoleValues .Subcharts.console }} +{{ $wrappedDeploymentValues := (dict "Chart" .Subcharts.console.Chart "Release" .Release "Values" (dict "AsMap" $deploymentValues.Values)) }} + +--- +{{- include "_shims.render-manifest" (list "console.Deployment" $wrappedDeploymentValues) -}} +{{ end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/poddisruptionbudget.yaml b/charts/redpanda/redpanda/5.9.4/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000000..28688dd27d --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/poddisruptionbudget.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.PodDisruptionBudget" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/post-install-upgrade-job.yaml b/charts/redpanda/redpanda/5.9.4/templates/post-install-upgrade-job.yaml new file mode 100644 index 0000000000..106872e05f --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/post-install-upgrade-job.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.PostInstallUpgradeJob" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/post-upgrade.yaml b/charts/redpanda/redpanda/5.9.4/templates/post-upgrade.yaml new file mode 100644 index 0000000000..e4775a7d0c --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/post-upgrade.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.PostUpgrade" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/post_upgrade_job.yaml b/charts/redpanda/redpanda/5.9.4/templates/post_upgrade_job.yaml new file mode 100644 index 0000000000..6a95bb94e6 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/post_upgrade_job.yaml @@ -0,0 +1,87 @@ +{{- /* Generated from "post_upgrade_job.go" */ -}} + +{{- define "redpanda.PostUpgrade" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (not $values.post_upgrade_job.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $labels := (default (dict ) $values.post_upgrade_job.labels) -}} +{{- $annotations := (default (dict ) $values.post_upgrade_job.annotations) -}} +{{- $annotations = (merge (dict ) (dict "helm.sh/hook" "post-upgrade" "helm.sh/hook-delete-policy" "before-hook-creation" "helm.sh/hook-weight" "-10" ) $annotations) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) ) "status" (dict ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "batch/v1" "kind" "Job" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (printf "%s-post-upgrade" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r")) "namespace" $dot.Release.Namespace "labels" (merge (dict ) (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") $labels) "annotations" $annotations )) "spec" (mustMergeOverwrite (dict "template" (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) ) (dict "backoffLimit" $values.post_upgrade_job.backoffLimit "template" (get (fromJson (include "redpanda.StrategicMergePatch" (dict "a" (list $values.post_upgrade_job.podTemplate (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "spec" (dict "containers" (coalesce nil) ) ) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $dot.Release.Name "labels" (merge (dict ) (dict "app.kubernetes.io/name" (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r") "app.kubernetes.io/instance" $dot.Release.Name "app.kubernetes.io/component" (printf "%s-post-upgrade" (trunc (50 | int) (get (fromJson (include "redpanda.Name" (dict "a" (list $dot) ))) "r"))) ) $values.commonLabels) )) "spec" (mustMergeOverwrite (dict "containers" (coalesce nil) ) (dict "nodeSelector" $values.nodeSelector "affinity" (merge (dict ) $values.post_upgrade_job.affinity $values.affinity) "tolerations" $values.tolerations "restartPolicy" "Never" "securityContext" (get (fromJson (include "redpanda.PodSecurityContext" (dict "a" (list $dot) ))) "r") "serviceAccountName" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") "imagePullSecrets" (default (coalesce nil) $values.imagePullSecrets) "containers" (list (mustMergeOverwrite (dict "name" "" "resources" (dict ) ) (dict "name" "post-upgrade" "image" (printf "%s:%s" $values.image.repository (get (fromJson (include "redpanda.Tag" (dict "a" (list $dot) ))) "r")) "command" (list "/bin/bash" "-c") "args" (list (get (fromJson (include "redpanda.PostUpgradeJobScript" (dict "a" (list $dot) ))) "r")) "env" (get (fromJson (include "redpanda.rpkEnvVars" (dict "a" (list $dot $values.post_upgrade_job.extraEnv) ))) "r") "envFrom" $values.post_upgrade_job.extraEnvFrom "securityContext" (merge (dict ) (get (fromJson (include "_shims.ptr_Deref" (dict "a" (list $values.post_upgrade_job.securityContext (mustMergeOverwrite (dict ) (dict ))) ))) "r") (get (fromJson (include "redpanda.ContainerSecurityContext" (dict "a" (list $dot) ))) "r")) "resources" $values.post_upgrade_job.resources "volumeMounts" (get (fromJson (include "redpanda.DefaultMounts" (dict "a" (list $dot) ))) "r") ))) "volumes" (get (fromJson (include "redpanda.DefaultVolumes" (dict "a" (list $dot) ))) "r") )) ))) ))) "r") )) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.PostUpgradeJobScript" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $script := (list `set -e` ``) -}} +{{- range $key, $value := $values.config.cluster -}} +{{- $tmp_tuple_1 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.asintegral" (dict "a" (list $value) ))) "r")) ))) "r") -}} +{{- $isInt64 := $tmp_tuple_1.T2 -}} +{{- $asInt64 := ($tmp_tuple_1.T1 | int64) -}} +{{- $tmp_tuple_2 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "bool" $value false) ))) "r")) ))) "r") -}} +{{- $ok_2 := $tmp_tuple_2.T2 -}} +{{- $asBool_1 := $tmp_tuple_2.T1 -}} +{{- $tmp_tuple_3 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list "string" $value "") ))) "r")) ))) "r") -}} +{{- $ok_4 := $tmp_tuple_3.T2 -}} +{{- $asStr_3 := $tmp_tuple_3.T1 -}} +{{- $tmp_tuple_4 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.typetest" (dict "a" (list (printf "[]%s" "interface {}") $value (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_6 := $tmp_tuple_4.T2 -}} +{{- $asSlice_5 := $tmp_tuple_4.T1 -}} +{{- if (and $ok_2 $asBool_1) -}} +{{- $script = (concat (default (list ) $script) (list (printf "rpk cluster config set %s %t" $key $asBool_1))) -}} +{{- else -}}{{- if (and $ok_4 (ne $asStr_3 "")) -}} +{{- $script = (concat (default (list ) $script) (list (printf "rpk cluster config set %s %s" $key $asStr_3))) -}} +{{- else -}}{{- if (and $isInt64 (gt $asInt64 (0 | int64))) -}} +{{- $script = (concat (default (list ) $script) (list (printf "rpk cluster config set %s %d" $key $asInt64))) -}} +{{- else -}}{{- if (and $ok_6 (gt ((get (fromJson (include "_shims.len" (dict "a" (list $asSlice_5) ))) "r") | int) (0 | int))) -}} +{{- $script = (concat (default (list ) $script) (list (printf `rpk cluster config set %s "[ %s ]"` $key (join "," $asSlice_5)))) -}} +{{- else -}}{{- if (not (empty $value)) -}} +{{- $script = (concat (default (list ) $script) (list (printf "rpk cluster config set %s %v" $key $value))) -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- if $_is_returning -}} +{{- break -}} +{{- end -}} +{{- $tmp_tuple_5 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $values.config.cluster "default_topic_replications" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_7 := $tmp_tuple_5.T2 -}} +{{- if (and (not $ok_7) (ge ($values.statefulset.replicas | int) (3 | int))) -}} +{{- $script = (concat (default (list ) $script) (list "rpk cluster config set default_topic_replications 3")) -}} +{{- end -}} +{{- $tmp_tuple_6 := (get (fromJson (include "_shims.compact" (dict "a" (list (get (fromJson (include "_shims.dicttest" (dict "a" (list $values.config.cluster "storage_min_free_bytes" (coalesce nil)) ))) "r")) ))) "r") -}} +{{- $ok_8 := $tmp_tuple_6.T2 -}} +{{- if (not $ok_8) -}} +{{- $script = (concat (default (list ) $script) (list (printf "rpk cluster config set storage_min_free_bytes %d" ((get (fromJson (include "redpanda.Storage.StorageMinFreeBytes" (dict "a" (list $values.storage) ))) "r") | int64)))) -}} +{{- end -}} +{{- if (get (fromJson (include "redpanda.RedpandaAtLeast_23_2_1" (dict "a" (list $dot) ))) "r") -}} +{{- $service := $values.listeners.admin -}} +{{- $caCert := "" -}} +{{- $scheme := "http" -}} +{{- if (get (fromJson (include "redpanda.InternalTLS.IsEnabled" (dict "a" (list $service.tls $values.tls) ))) "r") -}} +{{- $scheme = "https" -}} +{{- $caCert = (printf "--cacert %q" (get (fromJson (include "redpanda.InternalTLS.ServerCAPath" (dict "a" (list $service.tls $values.tls) ))) "r")) -}} +{{- end -}} +{{- $url := (printf "%s://%s:%d/v1/debug/restart_service?service=schema-registry" $scheme (get (fromJson (include "redpanda.InternalDomain" (dict "a" (list $dot) ))) "r") (($service.port | int) | int64)) -}} +{{- $script = (concat (default (list ) $script) (list `if [ -d "/etc/secrets/users/" ]; then` ` IFS=":" read -r USER_NAME PASSWORD MECHANISM < <(grep "" $(find /etc/secrets/users/* -print))` ` curl -svm3 --fail --retry "120" --retry-max-time "120" --retry-all-errors --ssl-reqd \` (printf ` %s \` $caCert) ` -X PUT -u ${USER_NAME}:${PASSWORD} \` (printf ` %s || true` $url) `fi`)) -}} +{{- end -}} +{{- $script = (concat (default (list ) $script) (list "")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (join "\n" $script)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/rbac.go.tpl b/charts/redpanda/redpanda/5.9.4/templates/rbac.go.tpl new file mode 100644 index 0000000000..38fe5363f8 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/rbac.go.tpl @@ -0,0 +1,116 @@ +{{- /* Generated from "rbac.go" */ -}} + +{{- define "redpanda.ClusterRoles" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $crs := (coalesce nil) -}} +{{- $cr_1 := (get (fromJson (include "redpanda.SidecarControllersClusterRole" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $cr_1 (coalesce nil)) -}} +{{- $crs = (concat (default (list ) $crs) (list $cr_1)) -}} +{{- end -}} +{{- if (not $values.rbac.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $crs) | toJson -}} +{{- break -}} +{{- end -}} +{{- $rpkBundleName := (printf "%s-rpk-bundle" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $crs = (concat (default (list ) $crs) (default (list ) (list (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "rules" (coalesce nil) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "ClusterRole" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "rules" (list (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "") "resources" (list "nodes") "verbs" (list "get" "list") ))) )) (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "rules" (coalesce nil) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "ClusterRole" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $rpkBundleName "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "rules" (list (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "") "resources" (list "configmaps" "endpoints" "events" "limitranges" "persistentvolumeclaims" "pods" "pods/log" "replicationcontrollers" "resourcequotas" "serviceaccounts" "services") "verbs" (list "get" "list") ))) ))))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $crs) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.ClusterRoleBindings" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- $crbs := (coalesce nil) -}} +{{- $crb_2 := (get (fromJson (include "redpanda.SidecarControllersClusterRoleBinding" (dict "a" (list $dot) ))) "r") -}} +{{- if (ne $crb_2 (coalesce nil)) -}} +{{- $crbs = (concat (default (list ) $crbs) (list $crb_2)) -}} +{{- end -}} +{{- if (not $values.rbac.enabled) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $crbs) | toJson -}} +{{- break -}} +{{- end -}} +{{- $rpkBundleName := (printf "%s-rpk-bundle" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $crbs = (concat (default (list ) $crbs) (default (list ) (list (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "roleRef" (dict "apiGroup" "" "kind" "" "name" "" ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "ClusterRoleBinding" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "roleRef" (mustMergeOverwrite (dict "apiGroup" "" "kind" "" "name" "" ) (dict "apiGroup" "rbac.authorization.k8s.io" "kind" "ClusterRole" "name" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r") )) "subjects" (list (mustMergeOverwrite (dict "kind" "" "name" "" ) (dict "kind" "ServiceAccount" "name" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace ))) )) (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "roleRef" (dict "apiGroup" "" "kind" "" "name" "" ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "ClusterRoleBinding" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $rpkBundleName "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "roleRef" (mustMergeOverwrite (dict "apiGroup" "" "kind" "" "name" "" ) (dict "apiGroup" "rbac.authorization.k8s.io" "kind" "ClusterRole" "name" $rpkBundleName )) "subjects" (list (mustMergeOverwrite (dict "kind" "" "name" "" ) (dict "kind" "ServiceAccount" "name" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace ))) ))))) -}} +{{- $_is_returning = true -}} +{{- (dict "r" $crbs) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SidecarControllersClusterRole" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.statefulset.sideCars.controllers.enabled) (not $values.statefulset.sideCars.controllers.createRBAC)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $sidecarControllerName := (printf "%s-sidecar-controllers" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "rules" (coalesce nil) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "ClusterRole" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $sidecarControllerName "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "rules" (list (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "") "resources" (list "nodes") "verbs" (list "get" "list" "watch") )) (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "") "resources" (list "persistentvolumes") "verbs" (list "delete" "get" "list" "patch" "update" "watch") ))) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SidecarControllersClusterRoleBinding" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.statefulset.sideCars.controllers.enabled) (not $values.statefulset.sideCars.controllers.createRBAC)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $sidecarControllerName := (printf "%s-sidecar-controllers" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "roleRef" (dict "apiGroup" "" "kind" "" "name" "" ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "ClusterRoleBinding" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $sidecarControllerName "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "roleRef" (mustMergeOverwrite (dict "apiGroup" "" "kind" "" "name" "" ) (dict "apiGroup" "rbac.authorization.k8s.io" "kind" "ClusterRole" "name" $sidecarControllerName )) "subjects" (list (mustMergeOverwrite (dict "kind" "" "name" "" ) (dict "kind" "ServiceAccount" "name" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace ))) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SidecarControllersRole" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.statefulset.sideCars.controllers.enabled) (not $values.statefulset.sideCars.controllers.createRBAC)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $sidecarControllerName := (printf "%s-sidecar-controllers" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "rules" (coalesce nil) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "Role" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $sidecarControllerName "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "rules" (list (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "apps") "resources" (list "statefulsets/status") "verbs" (list "patch" "update") )) (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "") "resources" (list "secrets" "pods") "verbs" (list "get" "list" "watch") )) (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "apps") "resources" (list "statefulsets") "verbs" (list "get" "patch" "update" "list" "watch") )) (mustMergeOverwrite (dict "verbs" (coalesce nil) ) (dict "apiGroups" (list "") "resources" (list "persistentvolumeclaims") "verbs" (list "delete" "get" "list" "patch" "update" "watch") ))) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "redpanda.SidecarControllersRoleBinding" -}} +{{- $dot := (index .a 0) -}} +{{- range $_ := (list 1) -}} +{{- $_is_returning := false -}} +{{- $values := $dot.Values.AsMap -}} +{{- if (or (not $values.statefulset.sideCars.controllers.enabled) (not $values.statefulset.sideCars.controllers.createRBAC)) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (coalesce nil)) | toJson -}} +{{- break -}} +{{- end -}} +{{- $sidecarControllerName := (printf "%s-sidecar-controllers" (get (fromJson (include "redpanda.Fullname" (dict "a" (list $dot) ))) "r")) -}} +{{- $_is_returning = true -}} +{{- (dict "r" (mustMergeOverwrite (dict "metadata" (dict "creationTimestamp" (coalesce nil) ) "roleRef" (dict "apiGroup" "" "kind" "" "name" "" ) ) (mustMergeOverwrite (dict ) (dict "apiVersion" "rbac.authorization.k8s.io/v1" "kind" "RoleBinding" )) (dict "metadata" (mustMergeOverwrite (dict "creationTimestamp" (coalesce nil) ) (dict "name" $sidecarControllerName "namespace" $dot.Release.Namespace "labels" (get (fromJson (include "redpanda.FullLabels" (dict "a" (list $dot) ))) "r") "annotations" $values.serviceAccount.annotations )) "roleRef" (mustMergeOverwrite (dict "apiGroup" "" "kind" "" "name" "" ) (dict "apiGroup" "rbac.authorization.k8s.io" "kind" "Role" "name" $sidecarControllerName )) "subjects" (list (mustMergeOverwrite (dict "kind" "" "name" "" ) (dict "kind" "ServiceAccount" "name" (get (fromJson (include "redpanda.ServiceAccountName" (dict "a" (list $dot) ))) "r") "namespace" $dot.Release.Namespace ))) ))) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/5.9.4/templates/rbac.yaml b/charts/redpanda/redpanda/5.9.4/templates/rbac.yaml new file mode 100644 index 0000000000..d746dda30b --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/rbac.yaml @@ -0,0 +1,20 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.ClusterRoles" .) -}} +{{- include "_shims.render-manifest" (list "redpanda.ClusterRoleBindings" .) -}} +{{- include "_shims.render-manifest" (list "redpanda.SidecarControllersRole" .) -}} +{{- include "_shims.render-manifest" (list "redpanda.SidecarControllersRoleBinding" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/secrets.yaml b/charts/redpanda/redpanda/5.9.4/templates/secrets.yaml new file mode 100644 index 0000000000..7fa8524d21 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/secrets.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.Secrets" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/service.internal.yaml b/charts/redpanda/redpanda/5.9.4/templates/service.internal.yaml new file mode 100644 index 0000000000..572550b7ad --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/service.internal.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.ServiceInternal" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/service.loadbalancer.yaml b/charts/redpanda/redpanda/5.9.4/templates/service.loadbalancer.yaml new file mode 100644 index 0000000000..12a8562a0f --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/service.loadbalancer.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.LoadBalancerServices" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/service.nodeport.yaml b/charts/redpanda/redpanda/5.9.4/templates/service.nodeport.yaml new file mode 100644 index 0000000000..da82c9e706 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/service.nodeport.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.NodePortService" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/serviceaccount.yaml b/charts/redpanda/redpanda/5.9.4/templates/serviceaccount.yaml new file mode 100644 index 0000000000..5e62c0ec68 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/serviceaccount.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- include "_shims.render-manifest" (list "redpanda.ServiceAccount" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/servicemonitor.yaml b/charts/redpanda/redpanda/5.9.4/templates/servicemonitor.yaml new file mode 100644 index 0000000000..cafedbf91d --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/servicemonitor.yaml @@ -0,0 +1,17 @@ +{{/* + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */}} +{{- include "_shims.render-manifest" (list "redpanda.ServiceMonitor" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/statefulset.yaml b/charts/redpanda/redpanda/5.9.4/templates/statefulset.yaml new file mode 100644 index 0000000000..d231e4b771 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/statefulset.yaml @@ -0,0 +1,21 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- include "fail-on-unsupported-helm-version" . -}} +{{- include "fail-on-insecure-sasl-logging" . -}} + +{{- include "_shims.render-manifest" (list "redpanda.StatefulSet" .) -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-api-status.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-api-status.yaml new file mode 100644 index 0000000000..330a2c4a4d --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-api-status.yaml @@ -0,0 +1,52 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (not (or (include "tls-enabled" . | fromJson).bool (include "sasl-enabled" . | fromJson).bool)) -}} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-api-status" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + until rpk cluster info \ + --brokers {{ include "redpanda.fullname" . }}-0.{{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.kafka.port }} + do sleep 2 + done + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-auditLogging.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-auditLogging.yaml new file mode 100644 index 0000000000..fea34776fc --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-auditLogging.yaml @@ -0,0 +1,86 @@ +{{/* + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/}} +{{/* + This feature is gated by having a license, and it must have sasl enabled, we assume these conditions are met + as part of setting auditLogging being enabled. +*/}} +{{- if and .Values.tests.enabled .Values.auditLogging.enabled (include "redpanda-atleast-23-3-0" . | fromJson).bool }} +{{- $sasl := .Values.auth.sasl }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-audit-logging" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: { { - toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + set -xe + old_setting=${-//[^x]/} + audit_topic_name="_redpanda.audit_log" + expected_partitions={{ .Values.auditLogging.partitions }} + + # sasl configurations + set +x + IFS=":" read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + if [[ -n "$old_setting" ]]; then set -x; fi + + # now run the to determine if we have the right results + # should describe topic without error + rpk topic describe ${audit_topic_name} + # should get the expected values + result=$(rpk topic list | grep ${audit_topic_name}) + name=$(echo $result | awk '{print $1}') + partitions=$(echo $result | awk '{print $2}') + if [ "${name}" != "${audit_topic_name}" ]; then + echo "expected topic name does not match" + exit 1 + fi + if [ ${partitions} != ${expected_partitions} ]; then + echo "expected partition size did not match" + exit 1 + fi + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + resources: +{{- toYaml .Values.statefulset.resources | nindent 12 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-connector-via-console.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-connector-via-console.yaml new file mode 100644 index 0000000000..c50958e54a --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-connector-via-console.yaml @@ -0,0 +1,165 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled .Values.connectors.enabled .Values.console.enabled }} +{{- $sasl := .Values.auth.sasl }} +{{- $values := .Values }} +{{ $consoleValues := dict "Values" .Values.console "Release" .Release "Chart" .Subcharts.console.Chart }} +{{ $connectorsVars := dict "Values" .Values.connectors "Release" .Release "Chart" .Subcharts.connectors.Chart }} +{{/* brokers */}} +{{- $kafkaBrokers := list }} +{{- range (include "seed-server-list" . | mustFromJson) }} + {{- $kafkaBrokers = append $kafkaBrokers (printf "%s:%s" . ($values.listeners.kafka.port | toString)) }} +{{- end }} +{{- $brokersString := join "," $kafkaBrokers}} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . | trunc 54 }}-test-connectors-via-console + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + test-name: test-connectors-via-console + annotations: + test-name: test-connectors-via-console + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + env: + - name: TLS_ENABLED + value: {{ (include "kafka-internal-tls-enabled" . | fromJson).bool | quote }} + command: + - /bin/bash + - -c + - | + set -xe + + trap connectorsState ERR + + connectorsState () { + echo check connectors expand status + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors?expand=status + echo check connectors expand info + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors?expand=info + echo check connector configuration + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors/$CONNECTOR_NAME + echo check connector topics + curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ .Values.connectors.connectors.restPort }}/connectors/$CONNECTOR_NAME/topics + } + + {{- if .Values.auth.sasl.enabled }} + set -e + set +x + + echo "SASL enabled: reading credentials from $(find /etc/secrets/users/* -print)" + IFS=":" read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + RPK_USER="${REDPANDA_SASL_USERNAME}" + RPK_PASS="${REDPANDA_SASL_PASSWORD}" + RPK_SASL_MECHANISM="${REDPANDA_SASL_MECHANISM}" + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + + JAAS_CONFIG_SOURCE="\"source.cluster.sasl.jaas.config\": \"org.apache.kafka.common.security.scram.ScramLoginModule required username=\\\\"\"${RPK_USER}\\\\"\" password=\\\\"\"${RPK_PASS}\\\\"\";\"," + JAAS_CONFIG_TARGET="\"target.cluster.sasl.jaas.config\": \"org.apache.kafka.common.security.scram.ScramLoginModule required username=\\\\"\"${RPK_USER}\\\\"\" password=\\\\"\"${RPK_PASS}\\\\"\";\"," + set -x + set +e + {{- end }} + + {{- $testTopic := printf "test-topic-%s" (randNumeric 3) }} + rpk topic create {{ $testTopic }} + rpk topic list + echo "Test message!" | rpk topic produce {{ $testTopic }} + + SECURITY_PROTOCOL=PLAINTEXT + if [[ -n "$RPK_SASL_MECHANISM" && $TLS_ENABLED == "true" ]]; then + SECURITY_PROTOCOL="SASL_SSL" + elif [[ -n "$RPK_SASL_MECHANISM" ]]; then + SECURITY_PROTOCOL="SASL_PLAINTEXT" + elif [[ $TLS_ENABLED == "true" ]]; then + SECURITY_PROTOCOL="SSL" + fi + + CONNECTOR_NAME=mm2-$RANDOM + cat << 'EOF' > /tmp/mm2-conf.json + { + "connectorName": "CONNECTOR_NAME", + "config": { + "connector.class": "org.apache.kafka.connect.mirror.MirrorSourceConnector", + "topics": "{{ $testTopic }}", + "replication.factor": "1", + "tasks.max": "1", + "source.cluster.bootstrap.servers": {{ $brokersString | quote }}, + "target.cluster.bootstrap.servers": {{ $brokersString | quote }}, + "target.cluster.alias": "test-only-redpanda", + "source.cluster.alias": "source", + "key.converter": "org.apache.kafka.connect.converters.ByteArrayConverter", + "value.converter": "org.apache.kafka.connect.converters.ByteArrayConverter", + "source->target.enabled": "true", + "target->source.enabled": "false", + "sync.topic.configs.interval.seconds": "5", + "sync.topics.configs.enabled": "true", + "source.cluster.ssl.truststore.type": "PEM", + "target.cluster.ssl.truststore.type": "PEM", + "source.cluster.ssl.truststore.location": "/opt/kafka/connect-certs/ca/ca.crt", + "target.cluster.ssl.truststore.location": "/opt/kafka/connect-certs/ca/ca.crt", + JAAS_CONFIG_SOURCE + JAAS_CONFIG_TARGET + "source.cluster.security.protocol": "SECURITY_PROTOCOL", + "target.cluster.security.protocol": "SECURITY_PROTOCOL", + "source.cluster.sasl.mechanism": "SASL_MECHANISM", + "target.cluster.sasl.mechanism": "SASL_MECHANISM" + } + } + EOF + + sed -i "s/CONNECTOR_NAME/$CONNECTOR_NAME/g" /tmp/mm2-conf.json + sed -i "s/SASL_MECHANISM/$RPK_SASL_MECHANISM/g" /tmp/mm2-conf.json + sed -i "s/SECURITY_PROTOCOL/$SECURITY_PROTOCOL/g" /tmp/mm2-conf.json + set +x + sed -i "s/JAAS_CONFIG_SOURCE/$JAAS_CONFIG_SOURCE/g" /tmp/mm2-conf.json + sed -i "s/JAAS_CONFIG_TARGET/$JAAS_CONFIG_TARGET/g" /tmp/mm2-conf.json + set -x + + URL=http://{{ include "console.fullname" $consoleValues }}:{{ include "console.containerPort" $consoleValues }}/api/kafka-connect/clusters/connectors/connectors + {{/* outputting to /dev/null because the output contains the user password */}} + echo "Creating mm2 connector" + curl {{ template "curl-options" . }} -H 'Content-Type: application/json' "${URL}" -d @/tmp/mm2-conf.json + + rpk topic consume source.{{ $testTopic }} -n 1 + + echo "Destroying mm2 connector" + curl {{ template "curl-options" . }} -X DELETE "${URL}/${CONNECTOR_NAME}" + + rpk topic list + rpk topic delete {{ $testTopic }} source.{{ $testTopic }} mm2-offset-syncs.test-only-redpanda.internal + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-console.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-console.yaml new file mode 100644 index 0000000000..aeef1117ac --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-console.yaml @@ -0,0 +1,49 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled .Values.console.enabled -}} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-console" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + curl {{ template "curl-options" . }} http://{{ include "redpanda.fullname" . }}-console.{{ .Release.Namespace }}.svc:{{ (get (fromJson (include "console.ContainerPort" (dict "a" (list (dict "Values" (dict "AsMap" .Values.console)) )))) "r" ) }}/api/cluster + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-internal-external-tls-secrets.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-internal-external-tls-secrets.yaml new file mode 100644 index 0000000000..53d75bb1ba --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-internal-external-tls-secrets.yaml @@ -0,0 +1,122 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (include "tls-enabled" . | fromJson).bool ( eq .Values.external.type "NodePort" ) }} + {{- $values := .Values }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-internal-externals-cert-secrets + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - bash + - -c + - | + set -x + + retry() { + local retries="$1" + local command="$2" + + # Run the command, and save the exit code + bash -c $command + local exit_code=$? + + # If the exit code is non-zero (i.e. command failed), and we have not + # reached the maximum number of retries, run the command again + if [[ $exit_code -ne 0 && $retries -gt 0 ]]; then + retry $(($retries - 1)) "$command" + else + # Return the exit code from the command + return $exit_code + fi + } + + {{- range $name, $cert := $values.tls.certs }} + {{- if $cert.secretRef }} + echo testing cert: {{ $name | quote }} + + {{- if eq $cert.secretRef.name "internal-tls-secret" }} + echo "---> testing internal tls" + retry 5 'openssl s_client -verify_return_error -prexit + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key + -connect {{ include "admin-api-urls" $ }}' + {{- end }} + + {{- if eq $cert.secretRef.name "external-tls-secret" }} + echo "---> testing external tls" + + {{- if eq $values.listeners.kafka.external.default.tls.cert $name }} + echo "-----> testing external tls: kafka api" + {{- $port := ( first $values.listeners.kafka.external.default.advertisedPorts ) }} + retry 5 'openssl s_client -verify_return_error -prexit + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key + -connect {{ $values.external.domain }}:{{ $port }}' + {{- end }} + + {{- if and (eq $values.listeners.schemaRegistry.external.default.tls.cert $name) (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }} + echo "-----> testing external tls: schema registry" + {{- $port := ( first $values.listeners.schemaRegistry.external.default.advertisedPorts ) }} + retry 5 'openssl s_client -verify_return_error -prexit + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key + -connect {{ $values.external.domain }}:{{ $port }}' + {{- end }} + + {{- if and (eq $values.listeners.http.external.default.tls.cert $name) (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }} + echo "-----> testing external tls: http api" + {{- $port := ( first $values.listeners.http.external.default.advertisedPorts ) }} + retry 5 'openssl s_client -verify_return_error -prexit + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key + -connect {{ $values.external.domain }}:{{ $port }}' + {{- end }} + + {{- end }} + echo "----" + + {{- end }} + {{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-internal-tls-status.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-internal-tls-status.yaml new file mode 100644 index 0000000000..dcfc02cbdc --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-internal-tls-status.yaml @@ -0,0 +1,62 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (include "kafka-internal-tls-enabled" . | fromJson).bool (not (include "sasl-enabled" . | fromJson).bool) -}} + {{- $service := .Values.listeners.kafka -}} + {{- $cert := get .Values.tls.certs $service.tls.cert -}} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-kafka-internal-tls-status + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + until rpk cluster info \ + --brokers {{ include "redpanda.fullname" .}}-0.{{ include "redpanda.internal.domain" . }}:{{ $service.port }} \ + --tls-enabled \ + {{- if $cert.caEnabled }} + --tls-truststore /etc/tls/certs/{{ $service.tls.cert }}/ca.crt + {{- else }} + {{- /* This is a required field so we use the default in the redpanda debian container */}} + --tls-truststore /etc/ssl/certs/ca-certificates.crt + {{- end }} + do sleep 2 + done + resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-nodelete.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-nodelete.yaml new file mode 100644 index 0000000000..9b5fe4237e --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-nodelete.yaml @@ -0,0 +1,100 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (dig "kafka_nodelete_topics" "[]" $.Values.config.cluster) }} +{{- $noDeleteTopics := .Values.config.cluster.kafka_nodelete_topics }} +{{- $sasl := .Values.auth.sasl }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-kafka-nodelete + namespace: {{ .Release.Namespace | quote }} + labels: +{{- with include "full.labels" . }} + {{- . | nindent 4 }} +{{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} +{{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + env: + - name: REDPANDA_BROKERS + value: "{{ include "redpanda.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain | trimSuffix "." }}:{{ .Values.listeners.kafka.port }}" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + set -e +{{- $cloudStorageFlags := "" }} +{{- if (include "storage-tiered-config" .|fromJson).cloud_storage_enabled }} + {{- $cloudStorageFlags = "-c retention.bytes=80 -c segment.bytes=40 -c redpanda.remote.read=true -c redpanda.remote.write=true"}} +{{- end }} +{{- if .Values.auth.sasl.enabled }} + old_setting=${-//[^x]/} + set +x + IFS=":" read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + if [[ -n "$old_setting" ]]; then set -x; fi +{{- end }} + + exists=$(rpk topic list | grep my_sample_topic | awk '{print $1}') + if [[ "$exists" != "my_sample_topic" ]]; then + until rpk topic create my_sample_topic {{ $cloudStorageFlags }} + do sleep 2 + done + fi + + {{- range $i := until 100 }} + echo "Pandas are awesome!" | rpk topic produce my_sample_topic + {{- end }} + sleep 2 + rpk topic consume my_sample_topic -n 1 | grep "Pandas are awesome!" + + # now check if we can delete the topic (we should not) + rpk topic delete my_sample_topic + + {{- if has "my_sample_topic" $noDeleteTopics }} + result=$(rpk topic list | grep my_sample_topic | awk '{print $1}') + if [[ "$result" != "my_sample_topic" ]]; then + echo "topic should not have been deleted" + exit 1 + fi + {{- end }} + + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-produce-consume.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-produce-consume.yaml new file mode 100644 index 0000000000..d8f0ee7518 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-produce-consume.yaml @@ -0,0 +1,83 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if .Values.tests.enabled }} +{{- $sasl := .Values.auth.sasl }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-kafka-produce-consume + namespace: {{ .Release.Namespace | quote }} + labels: +{{- with include "full.labels" . }} + {{- . | nindent 4 }} +{{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} +{{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + env: + - name: REDPANDA_BROKERS + value: "{{ include "redpanda.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain | trimSuffix "." }}:{{ .Values.listeners.kafka.port }}" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + set -e +{{- $cloudStorageFlags := "" }} +{{- if (include "storage-tiered-config" .|fromJson).cloud_storage_enabled }} + {{- $cloudStorageFlags = "-c retention.bytes=80 -c segment.bytes=40 -c redpanda.remote.read=true -c redpanda.remote.write=true"}} +{{- end }} +{{- if .Values.auth.sasl.enabled }} + old_setting=${-//[^x]/} + set +x + IFS=":" read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + if [[ -n "$old_setting" ]]; then set -x; fi +{{- end }} + until rpk topic create produce.consume.test.$POD_NAME {{ $cloudStorageFlags }} + do sleep 2 + done + {{- range $i := until 100 }} + echo "Pandas are awesome!" | rpk topic produce produce.consume.test.$POD_NAME + {{- end }} + sleep 2 + rpk topic consume produce.consume.test.$POD_NAME -n 1 | grep "Pandas are awesome!" + rpk topic delete produce.consume.test.$POD_NAME + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-sasl-status.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-sasl-status.yaml new file mode 100644 index 0000000000..0519c44bba --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-kafka-sasl-status.yaml @@ -0,0 +1,79 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (include "sasl-enabled" . | fromJson).bool }} +{{- $sasl := .Values.auth.sasl }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-kafka-sasl-status" + namespace: {{ .Release.Namespace | quote }} + labels: +{{- with include "full.labels" . }} + {{- . | nindent 4 }} +{{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + set -xe + +{{- if .Values.auth.sasl.enabled }} + old_setting=${-//[^x]/} + set +x + IFS=":" read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + if [[ -n "$old_setting" ]]; then set -x; fi +{{- end }} + + until rpk acl user delete myuser + do sleep 2 + done + sleep 3 + + {{ include "rpk-cluster-info" $ }} + {{ include "rpk-acl-user-create" $ }} + {{ include "rpk-acl-create" $ }} + sleep 3 + {{ include "rpk-topic-create" $ }} + {{ include "rpk-topic-describe" $ }} + {{ include "rpk-topic-delete" $ }} + rpk acl user delete myuser + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + resources: +{{- toYaml .Values.statefulset.resources | nindent 12 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-license-with-console.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-license-with-console.yaml new file mode 100644 index 0000000000..1edf7a3507 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-license-with-console.yaml @@ -0,0 +1,61 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (include "is-licensed" . | fromJson).bool .Values.console.enabled }} +{{- $consolePort := (get (fromJson (include "console.ContainerPort" (dict "a" (list (dict "Values" (dict "AsMap" .Values.console)) )))) "r" ) }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-license-with-console" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: + runAsUser: 65535 + runAsGroup: 65535 + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: mintel/docker-alpine-bash-curl-jq:latest + command: [ "/bin/bash", "-c" ] + args: + - | + echo "testing that we do NOT have an open source license" + set -xe + + max_iteration=10 + curl -vm3 --fail --retry "120" --retry-max-time "120" http://{{ include "redpanda.fullname" . }}-console.{{ .Release.Namespace }}.svc:{{$consolePort}}/api/cluster/overview | jq . + type=$(curl -svm3 --fail --retry "120" --retry-max-time "120" http://{{ include "redpanda.fullname" . }}-console.{{ .Release.Namespace }}.svc:{{$consolePort}}/api/cluster/overview | jq -r .console.license.type) + while [[ $max_iteration -gt 0 && ("$type" == "open_source" || "$type" == "") ]]; do + max_iteration=$(( max_iteration - 1 )) + type=$(curl -svm3 --fail --retry "120" --retry-max-time "120" http://{{ include "redpanda.fullname" . }}-console.{{ .Release.Namespace }}.svc:{{$consolePort}}/api/cluster/overview | jq -r .console.license.type) + done + if [[ "$type" == "open_source" || "$type" == "" ]]; then + curl -svm3 --fail --retry "120" --retry-max-time "120" http://{{ include "redpanda.fullname" . }}-console.{{ .Release.Namespace }}.svc:{{$consolePort}}/api/cluster/overview | jq . + exit 1 + fi + set +x + echo "license test passed." +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-lifecycle-scripts.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-lifecycle-scripts.yaml new file mode 100644 index 0000000000..5c72e1d9fb --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-lifecycle-scripts.yaml @@ -0,0 +1,66 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if .Values.tests.enabled }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-lifecycle" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + env: + - name: SERVICE_NAME + value: {{ include "redpanda.fullname" . }}-0 + command: + - /bin/timeout + - "{{ mul .Values.statefulset.terminationGracePeriodSeconds 2 }}" + - bash + - -xec + - | + /bin/timeout -v {{ div .Values.statefulset.terminationGracePeriodSeconds 2 }} bash -x /var/lifecycle/preStop.sh + ls -l /tmp/preStop* + test -f /tmp/preStopHookStarted + test -f /tmp/preStopHookFinished + + /bin/timeout -v {{ div .Values.statefulset.terminationGracePeriodSeconds 2 }} bash -x /var/lifecycle/postStart.sh + ls -l /tmp/postStart* + test -f /tmp/postStartHookStarted + test -f /tmp/postStartHookFinished + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + - name: lifecycle-scripts + mountPath: /var/lifecycle + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} + - name: lifecycle-scripts + secret: + secretName: {{ (include "redpanda.fullname" . | trunc 50 ) }}-sts-lifecycle + defaultMode: 0o775 + {{- end }} \ No newline at end of file diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-loadbalancer-tls.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-loadbalancer-tls.yaml new file mode 100644 index 0000000000..4db3523d2b --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-loadbalancer-tls.yaml @@ -0,0 +1,173 @@ +{{/* + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */}} +{{- if and .Values.tests.enabled .Values.tls.enabled ( eq .Values.external.type "LoadBalancer" ) -}} + {{- $values := .Values }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-loadbalancer-tls + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + serviceAccountName: test-loadbalancer-tls-redpanda + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: mintel/docker-alpine-bash-curl-jq:latest + command: + - bash + - -c + - | + set -x + export APISERVER=https://kubernetes.default.svc + export SERVICEACCOUNT=/var/run/secrets/kubernetes.io/serviceaccount + export NAMESPACE=$(cat ${SERVICEACCOUNT}/namespace) + export TOKEN=$(cat ${SERVICEACCOUNT}/token) + export CACERT=${SERVICEACCOUNT}/ca.crt + + ip_list="" + + replicas={{ .Values.statefulset.replicas }} + if [ "${replicas}" -lt "1" ]; then + echo "replicas cannot be less than 1" + exit 1 + fi + + range=$(expr $replicas - 1) + ordinal_list=$(seq 0 $range) + + set -e + + for i in $ordinal_list + do + POD_DESC=$(curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" \ + -X GET ${APISERVER}/api/v1/namespaces/{{ .Release.Namespace }}/services/lb-{{ template "redpanda.fullname" . }}-$i) + ip=$(echo $POD_DESC | jq -r .status.loadBalancer.ingress[0].ip ) + ip_list="$ip $ip_list" + done + + echo test will be run against $ip_list + echo testing LoadBalancer connectivity + + {{- range $name, $cert := $values.tls.certs }} + {{- if $cert.secretRef }} + {{- if eq $cert.secretRef.name "external-tls-secret" }} + echo "---> testing external tls" + + {{- if eq $values.listeners.kafka.external.default.tls.cert $name }} + echo "-----> testing external tls: kafka api" + {{- $port := ( first $values.listeners.kafka.external.default.advertisedPorts ) }} + + for ip in $ip_list + do + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled -}} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end -}} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key -connect $ip:{{ $port }} + done + {{- end }} + + {{- if (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }} + {{- if eq $values.listeners.schemaRegistry.external.default.tls.cert $name }} + echo "-----> testing external tls: schema registry" + {{- $port := ( first $values.listeners.schemaRegistry.external.default.advertisedPorts ) }} + for ip in $ip_list + do + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled -}} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end -}} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key -connect $ip:{{ $port }} + done + {{- end }} + + {{- if eq $values.listeners.http.external.default.tls.cert $name }} + echo "-----> testing external tls: http api" + {{- $port := ( first $values.listeners.http.external.default.advertisedPorts ) }} + for ip in $ip_list + do + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled -}} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end -}} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key -connect $ip:{{ $port }} + done + {{- end }} + {{- end }} + + {{- end }} + {{- end }} + {{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: test-loadbalancer-tls-redpanda + annotations: + helm.sh/hook-weight: "-100" + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: test-loadbalancer-tls-redpanda + annotations: + helm.sh/hook-weight: "-100" + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: test-loadbalancer-tls-redpanda +subjects: + - kind: ServiceAccount + name: test-loadbalancer-tls-redpanda + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: test-loadbalancer-tls-redpanda + annotations: + helm.sh/hook-weight: "-100" + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation +rules: + - apiGroups: + - "" + resources: + - pods + - services + verbs: + - get + +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-nodeport-tls.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-nodeport-tls.yaml new file mode 100644 index 0000000000..4310eaf3a9 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-nodeport-tls.yaml @@ -0,0 +1,173 @@ +{{/* + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */}} +{{- if and .Values.tests.enabled .Values.tls.enabled ( eq .Values.external.type "NodePort" ) -}} + {{- $values := .Values }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-nodeport-tls + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation +spec: + serviceAccountName: test-nodeport-tls-redpanda-no-a-test + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: mintel/docker-alpine-bash-curl-jq:latest + command: + - bash + - -c + - | + set -x + export APISERVER=https://kubernetes.default.svc + export SERVICEACCOUNT=/var/run/secrets/kubernetes.io/serviceaccount + export NAMESPACE=$(cat ${SERVICEACCOUNT}/namespace) + export TOKEN=$(cat ${SERVICEACCOUNT}/token) + export CACERT=${SERVICEACCOUNT}/ca.crt + + ip_list="" + + replicas={{ .Values.statefulset.replicas }} + if [ "${replicas}" -lt "1" ]; then + echo "replicas cannot be less than 1" + exit 1 + fi + + range=$(expr $replicas - 1) + ordinal_list=$(seq 0 $range) + + set -e + + for i in $ordinal_list + do + POD_DESC=$(curl --cacert ${CACERT} --header "Authorization: Bearer ${TOKEN}" \ + -X GET ${APISERVER}/api/v1/namespaces/{{ .Release.Namespace }}/pods/{{ template "redpanda.fullname" . }}-$i) + ip=$(echo $POD_DESC | jq -r .status.hostIP ) + ip_list="$ip $ip_list" + done + + echo test will be run against $ip_list + echo testing NodePort connectivity + {{- range $name, $cert := $values.tls.certs }} + {{- if $cert.secretRef }} + {{- if eq $cert.secretRef.name "external-tls-secret" }} + echo "---> testing external tls" + + {{- if eq $values.listeners.kafka.external.default.tls.cert $name }} + echo "-----> testing external tls: kafka api" + {{- $port := ( first $values.listeners.kafka.external.default.advertisedPorts ) }} + for ip in $ip_list + do + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key \ + -connect ${ip}:{{ $port }} + done + {{- end }} + + {{- if (include "redpanda-22-2-x-without-sasl" $ | fromJson).bool }} + {{- if eq $values.listeners.schemaRegistry.external.default.tls.cert $name }} + echo "-----> testing external tls: schema registry" + {{- $port := ( first $values.listeners.schemaRegistry.external.default.advertisedPorts ) }} + for ip in $ip_list + do + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key \ + -connect ${ip}:{{ $port }} + done + {{- end }} + + {{- if eq $values.listeners.http.external.default.tls.cert $name }} + echo "-----> testing external tls: http api" + {{- $port := ( first $values.listeners.http.external.default.advertisedPorts ) }} + for ip in $ip_list + do + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key \ + -connect ${ip}:{{ $port }} + done + {{- end }} + {{- end }} + + {{- end }} + {{- end }} + {{- end }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: test-nodeport-tls-redpanda-no-a-test + annotations: + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation + helm.sh/hook-weight: "-100" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: test-nodeport-tls-redpanda-no-a-test + annotations: + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation + helm.sh/hook-weight: "-100" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: test-nodeport-tls-redpanda-no-a-test +subjects: + - kind: ServiceAccount + name: test-nodeport-tls-redpanda-no-a-test + namespace: {{ .Release.Namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: test-nodeport-tls-redpanda-no-a-test + annotations: + helm.sh/hook: test + helm.sh/hook-delete-policy: before-hook-creation + helm.sh/hook-weight: "-100" +rules: + - apiGroups: + - "" + resources: + - pods + - services + verbs: + - get +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-pandaproxy-internal-tls-status.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-pandaproxy-internal-tls-status.yaml new file mode 100644 index 0000000000..4cb6aaa0f6 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-pandaproxy-internal-tls-status.yaml @@ -0,0 +1,81 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (include "http-internal-tls-enabled" . | fromJson).bool .Values.listeners.http.enabled (include "redpanda-22-2-x-without-sasl" . | fromJson).bool -}} + {{- $service := .Values.listeners.http -}} + {{- $cert := get .Values.tls.certs $service.tls.cert -}} + {{- $sasl := .Values.auth.sasl }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-pandaproxy-internal-tls-status + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: [ "/bin/bash", "-c" ] + args: + - | + {{- if .Values.auth.sasl.enabled }} + old_setting=${-//[^x]/} + set +x + IFS=":" read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + RPK_USER="${RPK_USER:-${REDPANDA_SASL_USERNAME}}" + RPK_PASS="${RPK_PASS:-${REDPANDA_SASL_PASSWORD}}" + if [[ -n "$old_setting" ]]; then set -x; fi + {{- end }} + + curl -svm3 --fail --retry "120" --retry-max-time "120" --retry-all-errors --ssl-reqd \ + {{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }} + -u ${RPK_USER}:${RPK_PASS} \ + {{- end }} + {{- if $cert.caEnabled }} + --cacert /etc/tls/certs/{{ $service.tls.cert }}/ca.crt \ + {{- end }} + https://{{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.http.port }}/brokers + + curl -svm3 --fail --retry "120" --retry-max-time "120" --retry-all-errors --ssl-reqd \ + {{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }} + -u ${RPK_USER}:${RPK_PASS} \ + {{- end }} + {{- if $cert.caEnabled }} + --cacert /etc/tls/certs/{{ $service.tls.cert }}/ca.crt \ + {{- end }} + https://{{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.http.port }}/topics + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end -}} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-pandaproxy-status.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-pandaproxy-status.yaml new file mode 100644 index 0000000000..4f5ee6bb71 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-pandaproxy-status.yaml @@ -0,0 +1,72 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if and .Values.tests.enabled (not (include "http-internal-tls-enabled" . | fromJson).bool) .Values.listeners.http.enabled (include "redpanda-22-2-x-without-sasl" . | fromJson).bool -}} + {{- $sasl := .Values.auth.sasl }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-pandaproxy-status" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: [ "/bin/bash", "-c" ] + args: + - | + {{- if .Values.auth.sasl.enabled }} + old_setting=${-//[^x]/} + set +x + IFS=: read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + RPK_USER="${RPK_USER:-${REDPANDA_SASL_USERNAME}}" + RPK_PASS="${RPK_PASS:-${REDPANDA_SASL_PASSWORD}}" + if [[ -n "$old_setting" ]]; then set -x; fi + {{- end }} + + curl {{ template "curl-options" . }} \ + {{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }} + -u ${RPK_USER}:${RPK_PASS} \ + {{- end }} + http://{{ include "redpanda.servicename" . }}:{{ .Values.listeners.http.port }}/brokers + + curl {{ template "curl-options" . }} \ + {{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }} + -u ${RPK_USER}:${RPK_PASS} \ + {{- end }} + http://{{ include "redpanda.servicename" . }}:{{ .Values.listeners.http.port }}/topics + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-prometheus-targets.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-prometheus-targets.yaml new file mode 100644 index 0000000000..81f83a34e2 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-prometheus-targets.yaml @@ -0,0 +1,84 @@ +{{/* + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */}} + +{{- if and .Values.tests.enabled .Values.monitoring.enabled }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-prometheus-targets" + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: registry.gitlab.com/gitlab-ci-utils/curl-jq:latest + command: [ "/bin/bash", "-c" ] + args: + - | + set -xe + + HEALTHY=$( curl {{ template "curl-options" . }} http://prometheus-operated.prometheus.svc.cluster.local:9090/-/healthy) + if [ $HEALTHY != 200 ]; then + echo "prometheus is not healthy, exiting" + exit 1 + fi + + echo "prometheus is healthy, checking if ready..." + + READY=$( curl {{ template "curl-options" . }} http://prometheus-operated.prometheus.svc.cluster.local:9090/-/ready) + if [ $READY != 200 ]; then + echo "prometheus is not ready, exiting" + exit 1 + fi + + echo "prometheus is ready, requesting target information..." + + + curl_prometheus() { + + # Run the command, and save the exit code + # from: https://prometheus.io/docs/prometheus/latest/querying/api/ + local RESULT=$( curl {{ template "curl-options" . }} http://prometheus-operated.prometheus.svc.cluster.local:9090/api/v1/targets?scrapePool=serviceMonitor/{{ .Release.Namespace }}/{{ include "redpanda.fullname" . }}/0 | jq '.data.activeTargets[].health | select(. == "up")' | wc -l ) + + echo $RESULT + } + for d in $(seq 1 30); do + RESULT=$(curl_prometheus) + if [ $RESULT == {{ .Values.statefulset.replicas }} ]; then + break + fi + sleep 15 + done + + set +x + if [ $RESULT != {{ .Values.statefulset.replicas }} ]; then + curl --fail http://prometheus-operated.prometheus.svc.cluster.local:9090/api/v1/targets?scrapePool=serviceMonitor/{{ .Release.Namespace }}/{{ include "redpanda.fullname" . }}/0 | jq . + echo "the number of targets unexpected; got ${RESULT} targets 'up', but was expecting {{ .Values.statefulset.replicas }}" + exit 1 + fi +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-rack-awareness.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-rack-awareness.yaml new file mode 100644 index 0000000000..82a31937f5 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-rack-awareness.yaml @@ -0,0 +1,61 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if .Values.tests.enabled }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-rack-awareness + namespace: {{ .Release.Namespace | quote }} +{{- with include "full.labels" . }} + labels: {{- . | nindent 4 }} +{{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} +{{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} +{{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - /bin/bash + - -c + - | + set -e +{{- if and .Values.rackAwareness.enabled (include "redpanda-atleast-22-3-0" . | fromJson).bool }} + curl {{ template "curl-options" . }} \ + {{- if (include "tls-enabled" . | fromJson).bool }} + {{- if (dig "default" "caEnabled" false .Values.tls.certs) }} + --cacert "/etc/tls/certs/default/ca.crt" \ + {{- end }} + https://{{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.admin.port }}/v1/node_config | grep '"rack":"rack[1-4]"' + {{- else }} + http://{{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.admin.port }}/v1/node_config | grep '"rack":"rack[1-4]"' + {{- end }} +{{- end }} + + rpk redpanda admin config print --host {{ include "redpanda.internal.domain" . }}:{{ .Values.listeners.admin.port }} | grep '"enable_rack_awareness": {{ .Values.rackAwareness.enabled }}' + + rpk cluster config get enable_rack_awareness + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-rpk-debug-bundle.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-rpk-debug-bundle.yaml new file mode 100644 index 0000000000..3230f08817 --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-rpk-debug-bundle.yaml @@ -0,0 +1,104 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{/* + +This test currently fails because of a bug where when multiple containers exist +The api returns an error. We should be requesting logs from each container. + + +{{- if and .Values.tests.enabled .Values.rbac.enabled (include "redpanda-atleast-23-1-1" .|fromJson).bool -}} + {{- $sasl := .Values.auth.sasl }} + {{- $useSaslSecret := and $sasl.enabled (not (empty $sasl.secretRef )) }} + + +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-rpk-debug-bundle + namespace: {{ .Release.Namespace | quote }} + labels: +{{- with include "full.labels" . }} + {{- . | nindent 4 }} +{{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + statefulset.kubernetes.io/pod-name: {{ include "redpanda.fullname" . }}-0 + topologyKey: kubernetes.io/hostname + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + initContainers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository}}:{{ template "redpanda.tag" . }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + - name: shared-data + mountPath: /usr/share/redpanda/test + - name: datadir + mountPath: /var/lib/redpanda/data + command: + - /bin/bash + - -c + - | + set -e + {{- if .Values.auth.sasl.enabled }} + old_setting=${-//[^x]/} + set +x + IFS=: read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + if [[ -n "$old_setting" ]]; then set -x; fi + {{- end }} + rpk debug bundle -o /usr/share/redpanda/test/debug-test.zip -n {{ .Release.Namespace }} + containers: + - name: {{ template "redpanda.name" . }}-tester + image: busybox:latest + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + - name: shared-data + mountPath: /test + command: + - /bin/ash + - -c + - | + set -e + unzip /test/debug-test.zip -d /tmp/bundle + + test -f /tmp/bundle/logs/{{ .Release.Namespace }}-0.txt + test -f /tmp/bundle/logs/{{ .Release.Namespace }}-1.txt + test -f /tmp/bundle/logs/{{ .Release.Namespace }}-2.txt + + test -d /tmp/bundle/controller + + test -f /tmp/bundle/k8s/pods.json + test -f /tmp/bundle/k8s/configmaps.json + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end -}} +*/}} \ No newline at end of file diff --git a/charts/redpanda/redpanda/5.9.4/templates/tests/test-sasl-updated.yaml b/charts/redpanda/redpanda/5.9.4/templates/tests/test-sasl-updated.yaml new file mode 100644 index 0000000000..5f61be552e --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/templates/tests/test-sasl-updated.yaml @@ -0,0 +1,71 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.tests.enabled (include "sasl-enabled" . | fromJson).bool (eq .Values.auth.sasl.secretRef "some-users") -}} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "redpanda.fullname" . }}-test-update-sasl-users" + namespace: {{ .Release.Namespace | quote }} + labels: +{{- with include "full.labels" . }} + {{- . | nindent 4 }} +{{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: {{ include "pod-security-context" . | nindent 4 }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - /usr/bin/timeout + - "120" + - bash + - -c + - | + set -e + IFS=: read -r {{ include "rpk-sasl-environment-variables" . }} < <(grep "" $(find /etc/secrets/users/* -print)) + {{- if (include "redpanda-atleast-23-2-1" . | fromJson).bool }} + RPK_SASL_MECHANISM=${RPK_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- else }} + REDPANDA_SASL_MECHANISM=${REDPANDA_SASL_MECHANISM:-{{ .Values.auth.sasl.mechanism | upper }}} + {{- end }} + export {{ include "rpk-sasl-environment-variables" . }} + + set -x + + # check that the users list did update + ready_result_exit_code=1 + while [[ ${ready_result_exit_code} -ne 0 ]]; do + ready_result=$(rpk acl user list | grep anotheranotherme 2>&1) && ready_result_exit_code=$? + sleep 2 + done + + # check that sasl is not broken + {{ include "rpk-cluster-info" $ }} + volumeMounts: {{ include "default-mounts" . | nindent 8 }} + resources: +{{- toYaml .Values.statefulset.resources | nindent 12 }} + securityContext: {{ include "container-security-context" . | nindent 8 }} + volumes: {{ include "default-volumes" . | nindent 4 }} +{{- end }} diff --git a/charts/redpanda/redpanda/5.9.4/values.schema.json b/charts/redpanda/redpanda/5.9.4/values.schema.json new file mode 100644 index 0000000000..28a6708aec --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/values.schema.json @@ -0,0 +1,5854 @@ +{ + "$id": "https://github.com/redpanda-data/helm-charts/charts/redpanda/values", + "$schema": "https://json-schema.org/draft/2020-12/schema", + "description": "DO NOT EDIT!. This file was generated by ./cmd/genschema/genschema.go", + "properties": { + "affinity": { + "properties": { + "nodeAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "preference": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "oneOf": [ + { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "podAntiAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "auditLogging": { + "properties": { + "clientMaxBufferSize": { + "type": "integer" + }, + "enabled": { + "type": "boolean" + }, + "enabledEventTypes": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "excludedPrincipals": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "excludedTopics": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "listener": { + "type": "string" + }, + "partitions": { + "type": "integer" + }, + "queueDrainIntervalMs": { + "type": "integer" + }, + "queueMaxBufferSizePerShard": { + "type": "integer" + }, + "replicationFactor": { + "oneOf": [ + { + "type": "integer" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "auth": { + "properties": { + "sasl": { + "properties": { + "bootstrapUser": { + "properties": { + "mechanism": { + "pattern": "^(SCRAM-SHA-512|SCRAM-SHA-256)$", + "type": "string" + }, + "password": { + "type": "string" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "mechanism": { + "type": "string" + }, + "secretRef": { + "type": "string" + }, + "users": { + "oneOf": [ + { + "items": { + "properties": { + "mechanism": { + "pattern": "^(SCRAM-SHA-512|SCRAM-SHA-256)$", + "type": "string" + }, + "name": { + "type": "string" + }, + "password": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "required": [ + "enabled" + ], + "type": "object" + } + }, + "required": [ + "sasl" + ], + "type": "object" + }, + "clusterDomain": { + "type": "string" + }, + "commonLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "config": { + "properties": { + "cluster": { + "type": "object" + }, + "node": { + "type": "object" + }, + "pandaproxy_client": { + "properties": { + "consumer_heartbeat_interval_ms": { + "type": "integer" + }, + "consumer_rebalance_timeout_ms": { + "type": "integer" + }, + "consumer_request_max_bytes": { + "type": "integer" + }, + "consumer_request_timeout_ms": { + "type": "integer" + }, + "consumer_session_timeout_ms": { + "type": "integer" + }, + "produce_batch_delay_ms": { + "type": "integer" + }, + "produce_batch_record_count": { + "type": "integer" + }, + "produce_batch_size_bytes": { + "type": "integer" + }, + "retries": { + "type": "integer" + }, + "retry_base_backoff_ms": { + "type": "integer" + } + }, + "type": "object" + }, + "rpk": { + "type": "object" + }, + "schema_registry_client": { + "properties": { + "consumer_heartbeat_interval_ms": { + "type": "integer" + }, + "consumer_rebalance_timeout_ms": { + "type": "integer" + }, + "consumer_request_max_bytes": { + "type": "integer" + }, + "consumer_request_timeout_ms": { + "type": "integer" + }, + "consumer_session_timeout_ms": { + "type": "integer" + }, + "produce_batch_delay_ms": { + "type": "integer" + }, + "produce_batch_record_count": { + "type": "integer" + }, + "produce_batch_size_bytes": { + "type": "integer" + }, + "retries": { + "type": "integer" + }, + "retry_base_backoff_ms": { + "type": "integer" + } + }, + "type": "object" + }, + "tunable": { + "additionalProperties": true, + "properties": { + "group_initial_rebalance_delay": { + "type": "integer" + }, + "log_retention_ms": { + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "cluster", + "node", + "tunable" + ], + "type": "object" + }, + "connectors": { + "properties": { + "connectors": { + "properties": { + "fullnameOverwrite": { + "type": "string" + }, + "restPort": { + "type": "integer" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "console": { + "properties": { + "console": { + "properties": { + "config": { + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "enterprise": { + "properties": { + "license": { + "type": "string" + }, + "licenseSecretRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "external": { + "properties": { + "addresses": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "domain": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "externalDns": { + "properties": { + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "prefixTemplate": { + "type": "string" + }, + "service": { + "properties": { + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "sourceRanges": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "type": { + "pattern": "^(LoadBalancer|NodePort)$", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "force": { + "type": "boolean" + }, + "fullnameOverride": { + "type": "string" + }, + "image": { + "description": "Values used to define the container image to be used for Redpanda", + "properties": { + "pullPolicy": { + "description": "The Kubernetes Pod image pull policy.", + "pattern": "^(Always|Never|IfNotPresent)$", + "type": "string" + }, + "repository": { + "default": "docker.redpanda.com/redpandadata/redpanda", + "description": "container image repository", + "type": "string" + }, + "tag": { + "default": "Chart.appVersion", + "description": "The container image tag. Use the Redpanda release version. Must be a valid semver prefixed with a 'v'.", + "pattern": "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$|^$", + "type": "string" + } + }, + "required": [ + "repository", + "pullPolicy" + ], + "type": "object" + }, + "imagePullSecrets": { + "oneOf": [ + { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "license_key": { + "deprecated": true, + "pattern": "^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\\.(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$|^$", + "type": "string" + }, + "license_secret_ref": { + "deprecated": true, + "properties": { + "secret_key": { + "type": "string" + }, + "secret_name": { + "type": "string" + } + }, + "type": "object" + }, + "listeners": { + "properties": { + "admin": { + "properties": { + "appProtocol": { + "type": "string" + }, + "external": { + "minProperties": 1, + "patternProperties": { + "^[A-Za-z_][A-Za-z0-9_]*$": { + "properties": { + "advertisedPorts": { + "items": { + "type": "integer" + }, + "minItems": 1, + "type": "array" + }, + "enabled": { + "type": "boolean" + }, + "nodePort": { + "type": "integer" + }, + "port": { + "type": "integer" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "port": { + "type": "integer" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "cert", + "requireClientAuth" + ], + "type": "object" + } + }, + "required": [ + "port", + "tls" + ], + "type": "object" + }, + "http": { + "properties": { + "authenticationMethod": { + "oneOf": [ + { + "enum": [ + "none", + "http_basic" + ], + "type": "string" + }, + { + "type": "null" + } + ] + }, + "enabled": { + "type": "boolean" + }, + "external": { + "minProperties": 1, + "patternProperties": { + "^[A-Za-z_][A-Za-z0-9_]*$": { + "properties": { + "advertisedPorts": { + "items": { + "type": "integer" + }, + "minItems": 1, + "type": "array" + }, + "authenticationMethod": { + "oneOf": [ + { + "enum": [ + "none", + "http_basic" + ], + "type": "string" + }, + { + "type": "null" + } + ] + }, + "enabled": { + "type": "boolean" + }, + "nodePort": { + "type": "integer" + }, + "port": { + "type": "integer" + }, + "prefixTemplate": { + "type": "string" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "kafkaEndpoint": { + "pattern": "^[A-Za-z_-][A-Za-z0-9_-]*$", + "type": "string" + }, + "port": { + "type": "integer" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "cert", + "requireClientAuth" + ], + "type": "object" + } + }, + "required": [ + "enabled", + "tls", + "kafkaEndpoint", + "port" + ], + "type": "object" + }, + "kafka": { + "properties": { + "authenticationMethod": { + "oneOf": [ + { + "enum": [ + "sasl", + "none", + "mtls_identity" + ], + "type": "string" + }, + { + "type": "null" + } + ] + }, + "external": { + "minProperties": 1, + "patternProperties": { + "^[A-Za-z_][A-Za-z0-9_]*$": { + "properties": { + "advertisedPorts": { + "items": { + "type": "integer" + }, + "minItems": 1, + "type": "array" + }, + "authenticationMethod": { + "oneOf": [ + { + "enum": [ + "sasl", + "none", + "mtls_identity" + ], + "type": "string" + }, + { + "type": "null" + } + ] + }, + "enabled": { + "type": "boolean" + }, + "nodePort": { + "type": "integer" + }, + "port": { + "type": "integer" + }, + "prefixTemplate": { + "type": "string" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "port": { + "type": "integer" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "cert", + "requireClientAuth" + ], + "type": "object" + } + }, + "required": [ + "tls", + "port" + ], + "type": "object" + }, + "rpc": { + "properties": { + "port": { + "type": "integer" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "cert", + "requireClientAuth" + ], + "type": "object" + } + }, + "required": [ + "port", + "tls" + ], + "type": "object" + }, + "schemaRegistry": { + "properties": { + "authenticationMethod": { + "oneOf": [ + { + "enum": [ + "none", + "http_basic" + ], + "type": "string" + }, + { + "type": "null" + } + ] + }, + "enabled": { + "type": "boolean" + }, + "external": { + "minProperties": 1, + "patternProperties": { + "^[A-Za-z_][A-Za-z0-9_]*$": { + "properties": { + "advertisedPorts": { + "items": { + "type": "integer" + }, + "minItems": 1, + "type": "array" + }, + "authenticationMethod": { + "oneOf": [ + { + "enum": [ + "none", + "http_basic" + ], + "type": "string" + }, + { + "type": "null" + } + ] + }, + "enabled": { + "type": "boolean" + }, + "nodePort": { + "type": "integer" + }, + "port": { + "type": "integer" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "kafkaEndpoint": { + "pattern": "^[A-Za-z_-][A-Za-z0-9_-]*$", + "type": "string" + }, + "port": { + "type": "integer" + }, + "tls": { + "properties": { + "cert": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "requireClientAuth": { + "type": "boolean" + }, + "trustStore": { + "maxProperties": 1, + "minProperties": 1, + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "cert", + "requireClientAuth" + ], + "type": "object" + } + }, + "required": [ + "enabled", + "kafkaEndpoint", + "port", + "tls" + ], + "type": "object" + } + }, + "required": [ + "admin", + "http", + "kafka", + "schemaRegistry", + "rpc" + ], + "type": "object" + }, + "logging": { + "properties": { + "logLevel": { + "pattern": "^(error|warn|info|debug|trace)$", + "type": "string" + }, + "usageStats": { + "properties": { + "clusterId": { + "type": "string" + }, + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled" + ], + "type": "object" + } + }, + "required": [ + "logLevel", + "usageStats" + ], + "type": "object" + }, + "monitoring": { + "properties": { + "enableHttp2": { + "type": "boolean" + }, + "enabled": { + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "scrapeInterval": { + "type": "string" + }, + "tlsConfig": { + "properties": { + "ca": { + "properties": { + "configMap": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secret": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "caFile": { + "type": "string" + }, + "cert": { + "properties": { + "configMap": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "secret": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "certFile": { + "type": "string" + }, + "insecureSkipVerify": { + "type": "boolean" + }, + "keyFile": { + "type": "string" + }, + "keySecret": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "serverName": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "enabled", + "scrapeInterval" + ], + "type": "object" + }, + "nameOverride": { + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "post_install_job": { + "properties": { + "affinity": { + "properties": { + "nodeAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "preference": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "oneOf": [ + { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "podAntiAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "podTemplate": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "spec": { + "properties": { + "containers": { + "oneOf": [ + { + "items": { + "properties": { + "env": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "type": "object" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "resource": { + "type": "string" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "name": { + "enum": [ + "redpanda", + "post-install", + "post-upgrade" + ], + "type": "string" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "items": { + "type": "string" + }, + "type": "array" + }, + "drop": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name", + "env" + ], + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "securityContext": { + "properties": { + "fsGroup": { + "type": "integer" + }, + "fsGroupChangePolicy": { + "enum": [ + "OnRootMismatch", + "Always" + ], + "type": "string" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "supplementalGroups": { + "oneOf": [ + { + "items": { + "type": "integer" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "sysctls": { + "oneOf": [ + { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "containers" + ], + "type": "object" + } + }, + "required": [ + "labels", + "annotations", + "spec" + ], + "type": "object" + }, + "resources": { + "properties": { + "claims": { + "oneOf": [ + { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "limits": { + "additionalProperties": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "drop": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "post_upgrade_job": { + "properties": { + "affinity": { + "properties": { + "nodeAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "preference": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "oneOf": [ + { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "podAntiAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "oneOf": [ + { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + } + }, + "type": "object" + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "backoffLimit": { + "type": "integer" + }, + "enabled": { + "type": "boolean" + }, + "extraEnv": { + "oneOf": [ + { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "type": "object" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "resource": { + "type": "string" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "extraEnvFrom": { + "oneOf": [ + { + "items": { + "properties": { + "configMapRef": { + "properties": { + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "type": "string" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "podTemplate": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "spec": { + "properties": { + "containers": { + "oneOf": [ + { + "items": { + "properties": { + "env": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "type": "object" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "resource": { + "type": "string" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "name": { + "enum": [ + "redpanda", + "post-install", + "post-upgrade" + ], + "type": "string" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "items": { + "type": "string" + }, + "type": "array" + }, + "drop": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name", + "env" + ], + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "securityContext": { + "properties": { + "fsGroup": { + "type": "integer" + }, + "fsGroupChangePolicy": { + "enum": [ + "OnRootMismatch", + "Always" + ], + "type": "string" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "supplementalGroups": { + "oneOf": [ + { + "items": { + "type": "integer" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "sysctls": { + "oneOf": [ + { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "containers" + ], + "type": "object" + } + }, + "required": [ + "labels", + "annotations", + "spec" + ], + "type": "object" + }, + "resources": { + "properties": { + "claims": { + "oneOf": [ + { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "limits": { + "additionalProperties": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "drop": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "rackAwareness": { + "properties": { + "enabled": { + "type": "boolean" + }, + "nodeAnnotation": { + "type": "string" + } + }, + "required": [ + "enabled", + "nodeAnnotation" + ], + "type": "object" + }, + "rbac": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled", + "annotations" + ], + "type": "object" + }, + "resources": { + "properties": { + "cpu": { + "properties": { + "cores": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "overprovisioned": { + "type": "boolean" + } + }, + "required": [ + "cores" + ], + "type": "object" + }, + "memory": { + "properties": { + "container": { + "properties": { + "max": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "min": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + } + }, + "required": [ + "max" + ], + "type": "object" + }, + "enable_memory_locking": { + "type": "boolean" + }, + "redpanda": { + "properties": { + "memory": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "reserveMemory": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + } + }, + "type": "object" + } + }, + "required": [ + "container" + ], + "type": "object" + } + }, + "required": [ + "cpu", + "memory" + ], + "type": "object" + }, + "service": { + "properties": { + "internal": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "name": { + "type": "string" + } + }, + "type": "object" + }, + "serviceAccount": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "create": { + "type": "boolean" + }, + "name": { + "type": "string" + } + }, + "required": [ + "create", + "name", + "annotations" + ], + "type": "object" + }, + "statefulset": { + "properties": { + "additionalRedpandaCmdFlags": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "additionalSelectorLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "budget": { + "properties": { + "maxUnavailable": { + "type": "integer" + } + }, + "required": [ + "maxUnavailable" + ], + "type": "object" + }, + "extraVolumeMounts": { + "type": "string" + }, + "extraVolumes": { + "type": "string" + }, + "initContainerImage": { + "properties": { + "repository": { + "type": "string" + }, + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "initContainers": { + "properties": { + "configurator": { + "properties": { + "extraVolumeMounts": { + "type": "string" + }, + "resources": { + "type": "object" + } + }, + "type": "object" + }, + "extraInitContainers": { + "type": "string" + }, + "fsValidator": { + "properties": { + "enabled": { + "type": "boolean" + }, + "expectedFS": { + "type": "string" + }, + "extraVolumeMounts": { + "type": "string" + }, + "resources": { + "type": "object" + } + }, + "type": "object" + }, + "setDataDirOwnership": { + "properties": { + "enabled": { + "type": "boolean" + }, + "extraVolumeMounts": { + "type": "string" + }, + "resources": { + "type": "object" + } + }, + "type": "object" + }, + "setTieredStorageCacheDirOwnership": { + "properties": { + "extraVolumeMounts": { + "type": "string" + }, + "resources": { + "type": "object" + } + }, + "type": "object" + }, + "tuning": { + "properties": { + "extraVolumeMounts": { + "type": "string" + }, + "resources": { + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "properties": { + "failureThreshold": { + "type": "integer" + }, + "initialDelaySeconds": { + "type": "integer" + }, + "periodSeconds": { + "type": "integer" + } + }, + "required": [ + "initialDelaySeconds", + "failureThreshold", + "periodSeconds" + ], + "type": "object" + }, + "nodeAffinity": { + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "podAffinity": { + "type": "object" + }, + "podAntiAffinity": { + "properties": { + "custom": { + "type": "object" + }, + "topologyKey": { + "type": "string" + }, + "type": { + "pattern": "^(hard|soft|custom)$", + "type": "string" + }, + "weight": { + "type": "integer" + } + }, + "required": [ + "topologyKey", + "type", + "weight" + ], + "type": "object" + }, + "podSecurityContext": { + "deprecated": true, + "properties": { + "allowPriviledgeEscalation": { + "type": "boolean" + }, + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "fsGroup": { + "type": "integer" + }, + "fsGroupChangePolicy": { + "enum": [ + "OnRootMismatch", + "Always" + ], + "type": "string" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + } + }, + "type": "object" + }, + "podTemplate": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "spec": { + "properties": { + "containers": { + "oneOf": [ + { + "items": { + "properties": { + "env": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "type": "object" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "resource": { + "type": "string" + } + }, + "type": "object" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "name": { + "enum": [ + "redpanda", + "post-install", + "post-upgrade" + ], + "type": "string" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "items": { + "type": "string" + }, + "type": "array" + }, + "drop": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name", + "env" + ], + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "securityContext": { + "properties": { + "fsGroup": { + "type": "integer" + }, + "fsGroupChangePolicy": { + "enum": [ + "OnRootMismatch", + "Always" + ], + "type": "string" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "supplementalGroups": { + "oneOf": [ + { + "items": { + "type": "integer" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "sysctls": { + "oneOf": [ + { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "containers" + ], + "type": "object" + } + }, + "required": [ + "labels", + "annotations", + "spec" + ], + "type": "object" + }, + "priorityClassName": { + "type": "string" + }, + "readinessProbe": { + "properties": { + "failureThreshold": { + "type": "integer" + }, + "initialDelaySeconds": { + "type": "integer" + }, + "periodSeconds": { + "type": "integer" + }, + "successThreshold": { + "type": "integer" + }, + "timeoutSeconds": { + "type": "integer" + } + }, + "required": [ + "initialDelaySeconds", + "failureThreshold", + "periodSeconds" + ], + "type": "object" + }, + "replicas": { + "type": "integer" + }, + "securityContext": { + "deprecated": true, + "properties": { + "allowPriviledgeEscalation": { + "type": "boolean" + }, + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "fsGroup": { + "type": "integer" + }, + "fsGroupChangePolicy": { + "enum": [ + "OnRootMismatch", + "Always" + ], + "type": "string" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + } + }, + "type": "object" + }, + "sideCars": { + "properties": { + "configWatcher": { + "properties": { + "enabled": { + "type": "boolean" + }, + "extraVolumeMounts": { + "type": "string" + }, + "resources": { + "type": "object" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "drop": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "controllers": { + "properties": { + "createRBAC": { + "type": "boolean" + }, + "enabled": { + "type": "boolean" + }, + "healthProbeAddress": { + "type": "string" + }, + "image": { + "properties": { + "repository": { + "default": "docker.redpanda.com/redpandadata/redpanda-operator", + "type": "string" + }, + "tag": { + "default": "Chart.appVersion", + "pattern": "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$|^$", + "type": "string" + } + }, + "required": [ + "tag", + "repository" + ], + "type": "object" + }, + "metricsAddress": { + "type": "string" + }, + "resources": true, + "run": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "drop": { + "oneOf": [ + { + "items": { + "type": "string" + }, + "type": "array" + }, + { + "type": "null" + } + ] + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "properties": { + "failureThreshold": { + "type": "integer" + }, + "initialDelaySeconds": { + "type": "integer" + }, + "periodSeconds": { + "type": "integer" + } + }, + "required": [ + "initialDelaySeconds", + "failureThreshold", + "periodSeconds" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "type": "integer" + }, + "tolerations": { + "oneOf": [ + { + "items": { + "properties": { + "effect": { + "type": "string" + }, + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "tolerationSeconds": { + "type": "integer" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "topologySpreadConstraints": { + "oneOf": [ + { + "items": { + "properties": { + "maxSkew": { + "type": "integer" + }, + "topologyKey": { + "type": "string" + }, + "whenUnsatisfiable": { + "pattern": "^(ScheduleAnyway|DoNotSchedule)$", + "type": "string" + } + }, + "type": "object" + }, + "minItems": 1, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "updateStrategy": { + "properties": { + "type": { + "pattern": "^(RollingUpdate|OnDelete)$", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "required": [ + "additionalSelectorLabels", + "replicas", + "updateStrategy", + "podTemplate", + "budget", + "startupProbe", + "livenessProbe", + "readinessProbe", + "podAffinity", + "podAntiAffinity", + "nodeSelector", + "priorityClassName", + "topologySpreadConstraints", + "tolerations", + "securityContext", + "sideCars" + ], + "type": "object" + }, + "storage": { + "properties": { + "hostPath": { + "type": "string" + }, + "persistentVolume": { + "deprecated": true, + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "nameOverwrite": { + "type": "string" + }, + "size": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "storageClass": { + "type": "string" + } + }, + "required": [ + "annotations", + "enabled", + "labels", + "size", + "storageClass" + ], + "type": "object" + }, + "tiered": { + "properties": { + "config": { + "properties": { + "cloud_storage_access_key": { + "type": "string" + }, + "cloud_storage_api_endpoint": { + "type": "string" + }, + "cloud_storage_api_endpoint_port": { + "type": "integer" + }, + "cloud_storage_azure_adls_endpoint": { + "type": "string" + }, + "cloud_storage_azure_adls_port": { + "type": "integer" + }, + "cloud_storage_bucket": { + "type": "string" + }, + "cloud_storage_cache_check_interval": { + "type": "integer" + }, + "cloud_storage_cache_directory": { + "type": "string" + }, + "cloud_storage_cache_size": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "cloud_storage_credentials_source": { + "pattern": "^(config_file|aws_instance_metadata|sts|gcp_instance_metadata)$", + "type": "string" + }, + "cloud_storage_disable_tls": { + "type": "boolean" + }, + "cloud_storage_enable_remote_read": { + "type": "boolean" + }, + "cloud_storage_enable_remote_write": { + "type": "boolean" + }, + "cloud_storage_enabled": { + "type": "boolean" + }, + "cloud_storage_initial_backoff_ms": { + "type": "integer" + }, + "cloud_storage_manifest_upload_timeout_ms": { + "type": "integer" + }, + "cloud_storage_max_connection_idle_time_ms": { + "type": "integer" + }, + "cloud_storage_max_connections": { + "type": "integer" + }, + "cloud_storage_reconciliation_interval_ms": { + "type": "integer" + }, + "cloud_storage_region": { + "type": "string" + }, + "cloud_storage_secret_key": { + "type": "string" + }, + "cloud_storage_segment_max_upload_interval_sec": { + "type": "integer" + }, + "cloud_storage_segment_upload_timeout_ms": { + "type": "integer" + }, + "cloud_storage_trust_file": { + "type": "string" + }, + "cloud_storage_upload_ctrl_d_coeff": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_max_shares": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_min_shares": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_p_coeff": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_update_interval_ms": { + "type": "integer" + } + }, + "required": [ + "cloud_storage_enabled" + ], + "type": "object" + }, + "credentialsSecretRef": { + "properties": { + "accessKey": { + "properties": { + "configurationKey": { + "type": "string" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "type": "object" + }, + "configurationKey": { + "deprecated": true, + "type": "string" + }, + "key": { + "deprecated": true, + "type": "string" + }, + "name": { + "deprecated": true, + "type": "string" + }, + "secretKey": { + "properties": { + "configurationKey": { + "type": "string" + }, + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "hostPath": { + "type": "string" + }, + "mountType": { + "pattern": "^(none|hostPath|emptyDir|persistentVolume)$", + "type": "string" + }, + "persistentVolume": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "nameOverwrite": { + "type": "string" + }, + "size": { + "type": "string" + }, + "storageClass": { + "type": "string" + } + }, + "required": [ + "annotations", + "labels", + "storageClass" + ], + "type": "object" + } + }, + "required": [ + "mountType" + ], + "type": "object" + }, + "tieredConfig": { + "deprecated": true, + "properties": { + "cloud_storage_access_key": { + "type": "string" + }, + "cloud_storage_api_endpoint": { + "type": "string" + }, + "cloud_storage_api_endpoint_port": { + "type": "integer" + }, + "cloud_storage_azure_adls_endpoint": { + "type": "string" + }, + "cloud_storage_azure_adls_port": { + "type": "integer" + }, + "cloud_storage_bucket": { + "type": "string" + }, + "cloud_storage_cache_check_interval": { + "type": "integer" + }, + "cloud_storage_cache_directory": { + "type": "string" + }, + "cloud_storage_cache_size": { + "oneOf": [ + { + "type": "integer" + }, + { + "pattern": "^[0-9]+(\\.[0-9]){0,1}(m|k|M|G|T|P|Ki|Mi|Gi|Ti|Pi)?$", + "type": "string" + } + ] + }, + "cloud_storage_credentials_source": { + "pattern": "^(config_file|aws_instance_metadata|sts|gcp_instance_metadata)$", + "type": "string" + }, + "cloud_storage_disable_tls": { + "type": "boolean" + }, + "cloud_storage_enable_remote_read": { + "type": "boolean" + }, + "cloud_storage_enable_remote_write": { + "type": "boolean" + }, + "cloud_storage_enabled": { + "type": "boolean" + }, + "cloud_storage_initial_backoff_ms": { + "type": "integer" + }, + "cloud_storage_manifest_upload_timeout_ms": { + "type": "integer" + }, + "cloud_storage_max_connection_idle_time_ms": { + "type": "integer" + }, + "cloud_storage_max_connections": { + "type": "integer" + }, + "cloud_storage_reconciliation_interval_ms": { + "type": "integer" + }, + "cloud_storage_region": { + "type": "string" + }, + "cloud_storage_secret_key": { + "type": "string" + }, + "cloud_storage_segment_max_upload_interval_sec": { + "type": "integer" + }, + "cloud_storage_segment_upload_timeout_ms": { + "type": "integer" + }, + "cloud_storage_trust_file": { + "type": "string" + }, + "cloud_storage_upload_ctrl_d_coeff": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_max_shares": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_min_shares": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_p_coeff": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_update_interval_ms": { + "type": "integer" + } + }, + "type": "object" + }, + "tieredStorageHostPath": { + "deprecated": true, + "type": "string" + }, + "tieredStoragePersistentVolume": { + "deprecated": true, + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "storageClass": { + "type": "string" + } + }, + "required": [ + "annotations", + "enabled", + "labels", + "storageClass" + ], + "type": "object" + } + }, + "required": [ + "hostPath", + "tiered", + "persistentVolume" + ], + "type": "object" + }, + "tests": { + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "tls": { + "properties": { + "certs": { + "minProperties": 1, + "patternProperties": { + "^[A-Za-z_][A-Za-z0-9_]*$": { + "properties": { + "applyInternalDNSNames": { + "type": "boolean" + }, + "caEnabled": { + "type": "boolean" + }, + "clientSecretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + }, + "duration": { + "pattern": ".*[smh]$", + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "issuerRef": { + "properties": { + "group": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "type": "object" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "caEnabled" + ], + "type": "object" + } + }, + "type": "object" + }, + "enabled": { + "type": "boolean" + } + }, + "required": [ + "enabled", + "certs" + ], + "type": "object" + }, + "tolerations": { + "oneOf": [ + { + "items": { + "properties": { + "effect": { + "type": "string" + }, + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "tolerationSeconds": { + "type": "integer" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + { + "type": "null" + } + ] + }, + "tuning": { + "properties": { + "ballast_file_path": { + "type": "string" + }, + "ballast_file_size": { + "type": "string" + }, + "tune_aio_events": { + "type": "boolean" + }, + "tune_ballast_file": { + "type": "boolean" + }, + "tune_clocksource": { + "type": "boolean" + }, + "well_known_io": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "affinity", + "image" + ], + "type": "object" +} diff --git a/charts/redpanda/redpanda/5.9.4/values.yaml b/charts/redpanda/redpanda/5.9.4/values.yaml new file mode 100644 index 0000000000..7a30a2387a --- /dev/null +++ b/charts/redpanda/redpanda/5.9.4/values.yaml @@ -0,0 +1,1174 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This file contains values for variables referenced from yaml files in the templates directory. +# +# For further information on Helm templating see the documentation at: +# https://helm.sh/docs/chart_template_guide/values_files/ + +# +# >>> This chart requires Helm version 3.6.0 or greater <<< +# + +# Common settings +# +# -- Override `redpanda.name` template. +nameOverride: "" +# -- Override `redpanda.fullname` template. +fullnameOverride: "" +# -- Default Kubernetes cluster domain. +clusterDomain: cluster.local +# -- Additional labels to add to all Kubernetes objects. +# For example, `my.k8s.service: redpanda`. +commonLabels: {} +# -- Node selection constraints for scheduling Pods, can override this for StatefulSets. +# For details, +# see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector). +nodeSelector: {} +# -- Affinity constraints for scheduling Pods, can override this for StatefulSets and Jobs. +# For details, +# see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity). +affinity: {} +# -- Taints to be tolerated by Pods, can override this for StatefulSets. +# For details, +# see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). +tolerations: [] + +# -- Redpanda Docker image settings. +image: + # -- Docker repository from which to pull the Redpanda Docker image. + repository: docker.redpanda.com/redpandadata/redpanda + # -- The Redpanda version. + # See DockerHub for: + # [All stable versions](https://hub.docker.com/r/redpandadata/redpanda/tags) + # and [all unstable versions](https://hub.docker.com/r/redpandadata/redpanda-unstable/tags). + # @default -- `Chart.appVersion`. + tag: "" + # -- The imagePullPolicy. + # If `image.tag` is 'latest', the default is `Always`. + pullPolicy: IfNotPresent + +# -- Redpanda Service settings. +# service: +# -- set service.name to override the default service name +# name: redpanda +# -- internal Service +# internal: +# -- add annotations to the internal Service +# annotations: {} +# +# -- eg. for a bare metal install using external-dns +# annotations: +# "external-dns.alpha.kubernetes.io/hostname": redpanda.domain.dom +# "external-dns.alpha.kubernetes.io/endpoints-type": HostIP + +# -- Pull secrets may be used to provide credentials to image repositories +# See the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). +imagePullSecrets: [] + +# -- DEPRECATED Enterprise license key (optional). +# For details, +# see the [License documentation](https://docs.redpanda.com/docs/get-started/licenses/?platform=kubernetes#redpanda-enterprise-edition). +license_key: "" +# -- DEPRECATED Secret name and secret key where the license key is stored. +license_secret_ref: {} + # secret_name: my-secret + # secret_key: key-where-license-is-stored + +# -- Audit logging for a redpanda cluster, must have enabled sasl and have one kafka listener supporting sasl authentication +# for audit logging to work. Note this feature is only available for redpanda versions >= v23.3.0. +auditLogging: + # -- Enable or disable audit logging, for production clusters we suggest you enable, + # however, this will only work if you also enable sasl and a listener with sasl enabled. + enabled: false + # -- Kafka listener name, note that it must have `authenticationMethod` set to `sasl`. + # For external listeners, use the external listener name, such as `default`. + listener: internal + # -- Integer value defining the number of partitions used by a newly created audit topic. + partitions: 12 + # -- Event types that should be captured by audit logs, default is [`admin`, `authenticate`, `management`]. + enabledEventTypes: + # -- List of topics to exclude from auditing, default is null. + excludedTopics: + # -- List of principals to exclude from auditing, default is null. + excludedPrincipals: + # -- Defines the number of bytes (in bytes) allocated by the internal audit client for audit messages. + clientMaxBufferSize: 16777216 + # -- In ms, frequency in which per shard audit logs are batched to client for write to audit log. + queueDrainIntervalMs: 500 + # -- Defines the maximum amount of memory used (in bytes) by the audit buffer in each shard. + queueMaxBufferSizePerShard: 1048576 + # -- Defines the replication factor for a newly created audit log topic. This configuration applies + # only to the audit log topic and may be different from the cluster or other topic configurations. + # This cannot be altered for existing audit log topics. Setting this value is optional. If a value is not provided, + # Redpanda will use the `internal_topic_replication_factor cluster` config value. Default is `null` + replicationFactor: + +# -- Enterprise (optional) +# For details, +# see the [License documentation](https://docs.redpanda.com/docs/get-started/licenses/?platform=kubernetes#redpanda-enterprise-edition). +enterprise: + # -- license (optional). + license: "" + # -- Secret name and key where the license key is stored. + licenseSecretRef: {} + # name: my-secret + # key: key-where-license-is-stored + +# -- Rack Awareness settings. +# For details, +# see the [Rack Awareness documentation](https://docs.redpanda.com/docs/manage/kubernetes/kubernetes-rack-awareness/). +rackAwareness: + # -- When running in multiple racks or availability zones, use a Kubernetes Node + # annotation value as the Redpanda rack value. + # Enabling this requires running with a service account with "get" Node permissions. + # To have the Helm chart configure these permissions, + # set `serviceAccount.create=true` and `rbac.enabled=true`. + enabled: false + # -- The common well-known annotation to use as the rack ID. + # Override this only if you use a custom Node annotation. + nodeAnnotation: topology.kubernetes.io/zone + +# +# -- Redpanda Console settings. +# For a reference of configuration settings, +# see the [Redpanda Console documentation](https://docs.redpanda.com/docs/reference/console/config/). +console: + enabled: true + configmap: + create: false + secret: + create: false + deployment: + create: false + config: {} + +# +# -- Redpanda Managed Connectors settings +# For a reference of configuration settings, +# see the [Redpanda Connectors documentation](https://docs.redpanda.com/docs/deploy/deployment-option/cloud/managed-connectors/). +connectors: + enabled: false + deployment: + create: false + test: + create: false + +# -- Authentication settings. +# For details, +# see the [SASL documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/). +auth: + sasl: + # -- Enable SASL authentication. + # If you enable SASL authentication, you must provide a Secret in `auth.sasl.secretRef`. + enabled: false + # -- The authentication mechanism to use for the superuser. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. + mechanism: SCRAM-SHA-512 + # -- A Secret that contains your superuser credentials. + # For details, + # see the [SASL documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/sasl-kubernetes/#use-secrets). + secretRef: "redpanda-users" + # -- Optional list of superusers. + # These superusers will be created in the Secret whose name is defined in `auth.sasl.secretRef`. + # If this list is empty, + # the Secret in `auth.sasl.secretRef` must already exist in the cluster before you deploy the chart. + # Uncomment the sample list if you wish to try adding sample sasl users or override to use your own. + users: [] + # - name: admin + # password: change-me + # mechanism: SCRAM-SHA-512 + # -- Details about how to create the bootstrap user for the cluster. + # The secretKeyRef is optionally specified. If it is specified, the + # chart will use a password written to that secret when creating the + # "kubernetes-controller" bootstrap user. If it is unspecified, then + # the secret will be generated and stored in the secret + # "releasename"-bootstrap-user, with the key "password". + bootstrapUser: + # -- The authentication mechanism to use for the bootstrap user. Options are `SCRAM-SHA-256` and `SCRAM-SHA-512`. + mechanism: SCRAM-SHA-256 + # secretKeyRef: + # name: my-password + # key: my-key + +# -- TLS settings. +# For details, see the [TLS documentation](https://docs.redpanda.com/docs/manage/kubernetes/security/kubernetes-tls/). +tls: + # -- Enable TLS globally for all listeners. + # Each listener must include a Certificate name in its `.tls` object. + # To allow you to enable TLS for individual listeners, + # Certificates in `auth.tls.certs` are always loaded, even if `tls.enabled` is `false`. + # See `listeners..tls.enabled`. + enabled: true + # -- List all Certificates here, + # then you can reference a specific Certificate's name + # in each listener's `listeners..tls.cert` setting. + certs: + # -- This key is the Certificate name. + # To apply the Certificate to a specific listener, + # reference the Certificate's name in `listeners..tls.cert`. + default: + # -- To use a custom pre-installed Issuer, + # add its name and kind to the `issuerRef` object. + # issuerRef: + # name: redpanda-default-root-issuer + # kind: Issuer # Can be Issuer or ClusterIssuer + # -- To use a secret with custom tls files, + # secretRef: + # name: my-tls-secret + # -- Indicates whether or not the Secret holding this certificate + # includes a `ca.crt` key. When `true`, chart managed clients, such as + # rpk, will use `ca.crt` for certificate verification and listeners with + # `require_client_auth` and no explicit `truststore` will use `ca.crt` as + # their `truststore_file` for verification of client certificates. When + # `false`, chart managed clients will use `tls.crt` for certificate + # verification and listeners with `require_client_auth` and no explicit + # `truststore` will use the container's CA certificates. + caEnabled: true + # duration: 43800h + # if you wish to have Kubernetes internal dns names (IE the headless service of the redpanda StatefulSet) included in `dnsNames` of the certificate even, when supplying an issuer. + # applyInternalDNSNames: false + # -- Example external tls configuration + # uncomment and set the right key to the listeners that require them + # also enable the tls setting for those listeners. + external: + # -- To use a custom pre-installed Issuer, + # add its name and kind to the `issuerRef` object. + # issuerRef: + # name: redpanda-default-root-issuer + # kind: Issuer # Can be Issuer or ClusterIssuer + # -- To use a secret with custom tls files, + # secretRef: + # name: my-tls-secret + # -- Indicates whether or not the Secret holding this certificate + # includes a `ca.crt` key. When `true`, chart managed clients, such as + # rpk, will use `ca.crt` for certificate verification and listeners with + # `require_client_auth` and no explicit `truststore` will use `ca.crt` as + # their `truststore_file` for verification of client certificates. When + # `false`, chart managed clients will use `tls.crt` for certificate + # verification and listeners with `require_client_auth` and no explicit + # `truststore` will use the container's CA certificates. + caEnabled: true + # duration: 43800h + # if you wish to for apply internal dns names to the certificate even when supplying an issuer + # applyInternalDNSNames: false + +# -- External access settings. +# For details, +# see the [Networking and Connectivity documentation](https://docs.redpanda.com/docs/manage/kubernetes/networking/networking-and-connectivity/). +external: + # -- Service allows you to manage the creation of an external kubernetes service object + service: + # -- Enabled if set to false will not create the external service type + # You can still set your cluster with external access but not create the supporting service (NodePort/LoadBalander). + # Set this to false if you rather manage your own service. + enabled: true + # -- Enable external access for each Service. + # You can toggle external access for each listener in + # `listeners..external..enabled`. + enabled: true + # -- External access type. Only `NodePort` and `LoadBalancer` are supported. + # If undefined, then advertised listeners will be configured in Redpanda, + # but the helm chart will not create a Service. + # You must create a Service manually. + # Warning: If you use LoadBalancers, you will likely experience higher latency and increased packet loss. + # NodePort is recommended in cases where latency is a priority. + type: NodePort + # Optional source range for external access. Only applicable when external.type is LoadBalancer + # sourceRanges: [] + # -- Optional domain advertised to external clients + # If specified, then it will be appended to the `external.addresses` values as each broker's advertised address + # domain: local + # Optional list of addresses that the Redpanda brokers advertise. + # Provide one entry for each broker in order of StatefulSet replicas. + # The number of brokers is defined in statefulset.replicas. + # The values can be IP addresses or DNS names. + # If external.domain is set, the domain is appended to these values. + # There is an option to define a single external address for all brokers and leverage + # prefixTemplate as it will be calculated during initContainer execution. + # addresses: + # - redpanda-0 + # - redpanda-1 + # - redpanda-2 + # + # annotations: + # For example: + # cloud.google.com/load-balancer-type: "Internal" + # service.beta.kubernetes.io/aws-load-balancer-type: nlb + # If you enable externalDns, each LoadBalancer service instance + # will be annotated with external-dns hostname + # matching external.addresses + external.domain + # externalDns: + # enabled: true + # prefixTemplate: "" + +# -- Log-level settings. +logging: + # -- Log level + # Valid values (from least to most verbose) are: `warn`, `info`, `debug`, and `trace`. + logLevel: info + # -- Send usage statistics back to Redpanda Data. + # For details, + # see the [stats reporting documentation](https://docs.redpanda.com/docs/cluster-administration/monitoring/#stats-reporting). + usageStats: + # Enable the `rpk.enable_usage_stats` property. + enabled: true + # Your cluster ID (optional) + # clusterId: your-helm-cluster + +# -- Monitoring. +# This will create a ServiceMonitor that can be used by Prometheus-Operator or VictoriaMetrics-Operator to scrape the metrics. +monitoring: + enabled: false + scrapeInterval: 30s + labels: {} + # Enables http2 for scraping metrics for prometheus. Used when Istio's mTLS is enabled and using tlsConfig. + # enableHttp2: true + # tlsConfig: + # caFile: /etc/prom-certs/root-cert.pem + # certFile: /etc/prom-certs/cert-chain.pem + # insecureSkipVerify: true + # keyFile: /etc/prom-certs/key.pem + +# -- Pod resource management. +# This section simplifies resource allocation +# by providing a single location where resources are defined. +# Helm sets these resource values within the `statefulset.yaml` and `configmap.yaml` templates. +# +# The default values are for a development environment. +# Production-level values and other considerations are documented, +# where those values are different from the default. +# For details, +# see the [Pod resources documentation](https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/). +resources: + # + # -- CPU resources. + # For details, + # see the [Pod resources documentation](https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/#configure-cpu-resources). + cpu: + # -- Redpanda makes use of a thread per core model. + # For details, see this [blog](https://redpanda.com/blog/tpc-buffers). + # For this reason, Redpanda should only be given full cores. + # + # Note: You can increase cores, but decreasing cores is not currently supported. + # See the [GitHub issue](https://github.com/redpanda-data/redpanda/issues/350). + # + # This setting is equivalent to `--smp`, `resources.requests.cpu`, and `resources.limits.cpu`. + # For production, use `4` or greater. + # + # To maximize efficiency, use the `static` CPU manager policy by specifying an even integer for + # CPU resource requests and limits. This policy gives the Pods running Redpanda brokers + # access to exclusive CPUs on the node. See + # https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy. + cores: 1 + # + # -- Overprovisioned means Redpanda won't assume it has all of the provisioned CPU. + # This should be true unless the container has CPU affinity. + # Equivalent to: `--idle-poll-time-us 0 --thread-affinity 0 --poll-aio 0` + # + # If the value of full cores in `resources.cpu.cores` is less than `1`, this + # setting is set to `true`. + # overprovisioned: false + # + # -- Memory resources + # For details, + # see the [Pod resources documentation](https://docs.redpanda.com/docs/manage/kubernetes/manage-resources/#configure-memory-resources). + memory: + # -- Enables memory locking. + # For production, set to `true`. + # enable_memory_locking: false + # + # It is recommended to have at least 2Gi of memory per core for the Redpanda binary. + # This memory is taken from the total memory given to each container. + # The Helm chart allocates 80% of the container's memory to Redpanda, leaving the rest for + # the Seastar subsystem (reserveMemory) and other container processes. + # So at least 2.5Gi per core is recommended in order to ensure Redpanda has a full 2Gi. + # + # These values affect `--memory` and `--reserve-memory` flags passed to Redpanda and the memory + # requests/limits in the StatefulSet. + # Valid suffixes: k, M, G, T, P, Ki, Mi, Gi, Ti, Pi + # To create `Guaranteed` Pod QoS for Redpanda brokers, provide both container max and min values for the container. + # For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # * Every container in the Pod must have a memory limit and a memory request. + # * For every container in the Pod, the memory limit must equal the memory request. + # + container: + # Minimum memory count for each Redpanda broker. + # If omitted, the `min` value is equal to the `max` value (requested resources defaults to limits). + # This setting is equivalent to `resources.requests.memory`. + # For production, use 10Gi or greater. + # min: 2.5Gi + # + # -- Maximum memory count for each Redpanda broker. + # Equivalent to `resources.limits.memory`. + # For production, use `10Gi` or greater. + max: 2.5Gi + # + # This optional `redpanda` object allows you to specify the memory size for both the Redpanda + # process and the underlying reserved memory used by Seastar. + # This section is omitted by default, and memory sizes are calculated automatically + # based on container memory. + # Uncommenting this section and setting memory and reserveMemory values will disable + # automatic calculation. + # + # If you are setting the following values manually, keep in mind the following guidelines. + # Getting this wrong may lead to performance issues, instability, and loss of data: + # The amount of memory to allocate to a container is determined by the sum of three values: + # 1. Redpanda (at least 2Gi per core, ~80% of the container's total memory) + # 2. Seastar subsystem (200Mi * 0.2% of the container's total memory, 200Mi < x < 1Gi) + # 3. Other container processes (whatever small amount remains) + # redpanda: + # Memory for the Redpanda process. + # This must be lower than the container's memory (resources.memory.container.min if provided, otherwise + # resources.memory.container.max). + # Equivalent to --memory. + # For production, use 8Gi or greater. + # memory: 2Gi + # + # Memory reserved for the Seastar subsystem. + # Any value above 1Gi will provide diminishing performance benefits. + # Equivalent to --reserve-memory. + # For production, use 1Gi. + # reserveMemory: 200Mi + +# -- Persistence settings. +# For details, see the [storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/configure-storage/). +storage: + # -- Absolute path on the host to store Redpanda's data. + # If unspecified, then an `emptyDir` volume is used. + # If specified but `persistentVolume.enabled` is true, `storage.hostPath` has no effect. + hostPath: "" + # -- If `persistentVolume.enabled` is true, a PersistentVolumeClaim is created and + # used to store Redpanda's data. Otherwise, `storage.hostPath` is used. + persistentVolume: + enabled: true + size: 20Gi + # -- To disable dynamic provisioning, set to `-`. + # If undefined or empty (default), then no storageClassName spec is set, + # and the default dynamic provisioner is chosen (gp2 on AWS, standard on + # GKE, AWS & OpenStack). + storageClass: "" + # -- Additional labels to apply to the created PersistentVolumeClaims. + labels: {} + # -- Additional annotations to apply to the created PersistentVolumeClaims. + annotations: {} + # -- Option to change volume claim template name for tiered storage persistent volume + # if tiered.mountType is set to `persistentVolume` + nameOverwrite: "" + # + # Settings for the Tiered Storage cache. + # For details, + # see the [Tiered Storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/#caching). + + tiered: + # mountType can be one of: + # - none: does not mount a volume. Tiered storage will use the data directory. + # - hostPath: will allow you to chose a path on the Node the pod is running on + # - emptyDir: will mount a fresh empty directory every time the pod starts + # - persistentVolume: creates and mounts a PersistentVolumeClaim + mountType: emptyDir + + # For the maximum size of the disk cache, see `tieredConfig.cloud_storage_cache_size`. + # + # -- Absolute path on the host to store Redpanda's Tiered Storage cache. + hostPath: "" + # PersistentVolumeClaim to be created for the Tiered Storage cache and + # used to store data retrieved from cloud storage, such as S3). + persistentVolume: + # -- To disable dynamic provisioning, set to "-". + # If undefined or empty (default), then no storageClassName spec is set, + # and the default dynamic provisioner is chosen (gp2 on AWS, standard on + # GKE, AWS & OpenStack). + storageClass: "" + # -- Additional labels to apply to the created PersistentVolumeClaims. + labels: {} + # -- Additional annotations to apply to the created PersistentVolumeClaims. + annotations: {} + + # credentialsSecretRef can be used to set `cloud_storage_secret_key` and/or `cloud_storage_access_key` from + # referenced Kubernetes Secret + credentialsSecretRef: + accessKey: + # https://docs.redpanda.com/current/reference/object-storage-properties/#cloud_storage_access_key + configurationKey: cloud_storage_access_key + # name: + # key: + secretKey: + # https://docs.redpanda.com/current/reference/object-storage-properties/#cloud_storage_secret_key + # or + # https://docs.redpanda.com/current/reference/object-storage-properties/#cloud_storage_azure_shared_key + configurationKey: cloud_storage_secret_key + # name: + # key + # -- DEPRECATED `configurationKey`, `name` and `key`. Please use `accessKey` and `secretKey` + # configurationKey: cloud_storage_secret_key + # name: + # key: + # + # -- Tiered Storage settings + # Requires `enterprise.licenseKey` or `enterprised.licenseSecretRef` + # For details, see the [Tiered Storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/). + # For a list of properties, see [Object Storage Properties](https://docs.redpanda.com/current/reference/properties/object-storage-properties/). + config: + # -- Global flag that enables Tiered Storage if a license key is provided. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enabled). + cloud_storage_enabled: false + # -- Cluster level default remote write configuration for new topics. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enable_remote_write). + cloud_storage_enable_remote_write: true + # -- Cluster level default remote read configuration for new topics. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_enable_remote_read). + cloud_storage_enable_remote_read: true + # -- Maximum size of the disk cache used by Tiered Storage. + # Default is 20 GiB. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/object-storage-properties/#cloud_storage_cache_size). + cloud_storage_cache_size: 5368709120 + +post_install_job: + enabled: true + # Resource requests and limits for the post-install batch job + # resources: + # requests: + # cpu: 1 + # memory: 512Mi + # limits: + # cpu: 2 + # memory: 1024Mi + # labels: {} + # annotations: {} + affinity: {} + + podTemplate: + # -- Additional labels to apply to the Pods of this Job. + labels: {} + # -- Additional annotations to apply to the Pods of this Job. + annotations: {} + # -- A subset of Kubernetes' PodSpec type that will be merged into the + # final PodSpec. See [Merge Semantics](#merging-semantics) for details. + spec: + securityContext: {} + containers: + - name: post-install + securityContext: {} + env: [] + +post_upgrade_job: + enabled: true + # Resource requests and limits for the post-upgrade batch job + # resources: + # requests: + # cpu: 1 + # memory: 512Mi + # limits: + # cpu: 2 + # memory: 1024Mi + # labels: {} + # annotations: {} + # Additional environment variables for the Post Upgrade Job + # extraEnv: + # - name: AWS_SECRET_ACCESS_KEY + # valueFrom: + # secretKeyRef: + # name: my-secret + # key: redpanda-aws-secret-access-key + # Additional environment variables for the Post Upgrade Job mapped from Secret or ConfigMap + # extraEnvFrom: + # - secretRef: + # name: redpanda-aws-secrets + # DEPRECATED. Please use podTemplate.securityContext + # You can set the security context as nessesary for the post-upgrade job as follows + # securityContext: + # allowPrivilegeEscalation: false + # runAsNonRoot: true + affinity: {} + # When helm upgrade is performed the post-upgrade job is scheduled before Statefulset successfully finish + # its rollout. User can extend Job default backoff limit of `6`. + # backoffLimit: + + podTemplate: + # -- Additional labels to apply to the Pods of this Job. + labels: {} + # -- Additional annotations to apply to the Pods of this Job. + annotations: {} + # -- A subset of Kubernetes' PodSpec type that will be merged into the + # final PodSpec. See [Merge Semantics](#merging-semantics) for details. + spec: + securityContext: {} + containers: + - name: post-upgrade + securityContext: {} + env: [] + +statefulset: + # -- Number of Redpanda brokers (Redpanda Data recommends setting this to the number of worker nodes in the cluster) + replicas: 3 + updateStrategy: + type: RollingUpdate + budget: + maxUnavailable: 1 + # -- DEPRECATED Please use statefulset.podTemplate.annotations. + # Annotations are used only for `Statefulset.spec.template.metadata.annotations`. The StatefulSet does not have + # any dedicated annotation. + annotations: {} + # -- Additional labels to be added to statefulset label selector. + # For example, `my.k8s.service: redpanda`. + additionalSelectorLabels: {} + podTemplate: + # -- Additional labels to apply to the Pods of the StatefulSet. + labels: {} + # -- Additional annotations to apply to the Pods of the StatefulSet. + annotations: {} + # -- A subset of Kubernetes' PodSpec type that will be merged into the + # final PodSpec. See [Merge Semantics](#merging-semantics) for details. + spec: + securityContext: {} + containers: + - name: redpanda + securityContext: {} + env: [] + # -- Adjust the period for your probes to meet your needs. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). + startupProbe: + initialDelaySeconds: 1 + failureThreshold: 120 + periodSeconds: 10 + livenessProbe: + initialDelaySeconds: 10 + failureThreshold: 3 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 1 + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + # + # StatefulSet resources: + # Resources are set through the top-level resources section above. + # It is recommended to set resource values in that section rather than here, as this will guarantee + # memory is allocated across containers, Redpanda, and the Seastar subsystem correctly. + # This automatic memory allocation is in place because Repanda and the Seastar subsystem require flags + # at startup that set the amount of memory available to each process. + # Kubernetes (mainly statefulset), Redpanda, and Seastar memory values are tightly coupled. + # Adding a resource section here will be ignored. + # + # -- Inter-Pod Affinity rules for scheduling Pods of this StatefulSet. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). + podAffinity: {} + # -- Anti-affinity rules for scheduling Pods of this StatefulSet. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity). + # You may either edit the default settings for anti-affinity rules, + # or specify new anti-affinity rules to use instead of the defaults. + podAntiAffinity: + # -- The topologyKey to be used. + # Can be used to spread across different nodes, AZs, regions etc. + topologyKey: kubernetes.io/hostname + # -- Valid anti-affinity types are `soft`, `hard`, or `custom`. + # Use `custom` if you want to supply your own anti-affinity rules in the `podAntiAffinity.custom` object. + type: hard + # -- Weight for `soft` anti-affinity rules. + # Does not apply to other anti-affinity types. + weight: 100 + # -- Change `podAntiAffinity.type` to `custom` and provide your own podAntiAffinity rules here. + custom: {} + # -- Node selection constraints for scheduling Pods of this StatefulSet. + # These constraints override the global `nodeSelector` value. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector). + nodeSelector: {} + # -- PriorityClassName given to Pods of this StatefulSet. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). + priorityClassName: "" + # -- Taints to be tolerated by Pods of this StatefulSet. + # These tolerations override the global tolerations value. + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). + tolerations: [] + # For details, + # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/). + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: ScheduleAnyway + # -- DEPRECATED: Prefer to use podTemplate.spec.securityContext or podTemplate.spec.containers[0].securityContext. + securityContext: + fsGroup: 101 + runAsUser: 101 + fsGroupChangePolicy: OnRootMismatch + sideCars: + configWatcher: + enabled: true + # -- To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # * Every container in the Pod must have a memory limit and a memory request. + # * For every container in the Pod, the memory limit must equal the memory request. + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + # + # To maximize efficiency, use the `static` CPU manager policy by specifying an even integer for + # CPU resource requests and limits. This policy gives the Pods running Redpanda brokers + # access to exclusive CPUs on the node. For details, see + # https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy + resources: {} + securityContext: {} + extraVolumeMounts: |- + # Configure extra controllers to run as sidecars inside the Pods running Redpanda brokers. + # Available controllers: + # - Decommission Controller: The Decommission Controller ensures smooth scaling down operations. + # This controller is responsible for monitoring changes in the number of StatefulSet replicas and orchestrating + # the decommissioning of brokers when necessary. It also sets the reclaim policy for the decommissioned + # broker's PersistentVolume to `Retain` and deletes the corresponding PersistentVolumeClaim. + # - Node-PVC Controller: The Node-PVC Controller handles the PVCs of deleted brokers. + # By setting the PV Retain policy to retain, it facilitates the rescheduling of brokers to new, healthy nodes when + # an existing node is removed. + controllers: + image: + tag: v2.1.10-23.2.18 + repository: docker.redpanda.com/redpandadata/redpanda-operator + # You must also enable RBAC, `rbac.enabled=true`, to deploy this sidecar + enabled: false + # -- To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + # + # To maximize efficiency, use the `static` CPU manager policy by specifying an even integer for + # CPU resource requests and limits. This policy gives the Pods running Redpanda brokers + # access to exclusive CPUs on the node. For details, see + # https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy + resources: {} + securityContext: {} + healthProbeAddress: ":8085" + metricsAddress: ":9082" + run: + - all + createRBAC: true + initContainers: + fsValidator: + enabled: false + expectedFS: xfs + # -- To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + resources: {} + extraVolumeMounts: |- + tuning: + # -- To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + resources: {} + extraVolumeMounts: |- + setDataDirOwnership: + # -- In environments where root is not allowed, you cannot change the ownership of files and directories. + # Enable `setDataDirOwnership` when using default minikube cluster configuration. + enabled: false + # -- To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + resources: {} + extraVolumeMounts: |- + setTieredStorageCacheDirOwnership: + # -- To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + resources: {} + extraVolumeMounts: |- + configurator: + # -- To create `Guaranteed` Pods for Redpanda brokers, provide both requests and limits for CPU and memory. For details, see + # https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed + # * Every container in the Pod must have a CPU limit and a CPU request. + # * For every container in the Pod, the CPU limit must equal the CPU request. + resources: {} + extraVolumeMounts: |- + ## Additional init containers + extraInitContainers: |- +# - name: "test-init-container" +# image: "mintel/docker-alpine-bash-curl-jq:latest" +# command: [ "/bin/bash", "-c" ] +# args: +# - | +# set -xe +# echo "Hello World!" + initContainerImage: + repository: busybox + tag: latest + # -- Additional flags to pass to redpanda, + additionalRedpandaCmdFlags: [] +# - --unsafe-bypass-fsync + # -- Termination grace period in seconds is time required to execute preStop hook + # which puts particular Redpanda Pod (process/container) into maintenance mode. + # Before settle down on particular value please put Redpanda under load and perform + # rolling upgrade or rolling restart. That value needs to accommodate two processes: + # * preStop hook needs to put Redpanda into maintenance mode + # * after preStop hook Redpanda needs to handle gracefully SIGTERM signal + # + # Both processes are executed sequentially where preStop hook has hard deadline in the + # middle of terminationGracePeriodSeconds. + # + # REF: + # https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution + # https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination + terminationGracePeriodSeconds: 90 + ## Additional Volumes that you mount + extraVolumes: |- + ## Additional Volume mounts for redpanda container + extraVolumeMounts: |- + +# -- Service account management. +serviceAccount: + # -- Specifies whether a service account should be created. + create: false + # -- Annotations to add to the service account. + annotations: {} + # -- The name of the service account to use. + # If not set and `serviceAccount.create` is `true`, + # a name is generated using the `redpanda.fullname` template. + name: "" + +# -- Role Based Access Control. +rbac: + # -- Enable for features that need extra privileges. + # If you use the Redpanda Operator, + # you must deploy it with the `--set rbac.createRPKBundleCRs=true` flag + # to give it the required ClusterRoles. + enabled: false + # -- Annotations to add to the `rbac` resources. + annotations: {} + +# -- Redpanda tuning settings. +# Each is set to their default values in Redpanda. +tuning: + # -- Increase the maximum number of outstanding asynchronous IO operations if the + # current value is below a certain threshold. This allows Redpanda to make as many + # simultaneous IO requests as possible, increasing throughput. + # + # When this option is enabled, Helm creates a privileged container. If your security profile does not allow this, you can disable this container by setting `tune_aio_events` to `false`. + # For more details, see the [tuning documentation](https://docs.redpanda.com/docs/deploy/deployment-option/self-hosted/kubernetes/kubernetes-tune-workers/). + tune_aio_events: true + # + # Syncs NTP + # tune_clocksource: false + # + # Creates a "ballast" file so that, if a Redpanda node runs out of space, + # you can delete the ballast file to allow the node to resume operations and then + # delete a topic or records to reduce the space used by Redpanda. + # tune_ballast_file: false + # + # The path where the ballast file will be created. + # ballast_file_path: "/var/lib/redpanda/data/ballast" + # + # The ballast file size. + # ballast_file_size: "1GiB" + # + # (Optional) The vendor, VM type and storage device type that redpanda will run on, in + # the format ::. This hints to rpk which configuration values it + # should use for the redpanda IO scheduler. + # Some valid values are "gcp:c2-standard-16:nvme", "aws:i3.xlarge:default" + # well_known_io: "" + # + # The following tuning parameters must be false in container environments and will be ignored: + # tune_network + # tune_disk_scheduler + # tune_disk_nomerges + # tune_disk_irq + # tune_fstrim + # tune_cpu + # tune_swappiness + # tune_transparent_hugepages + # tune_coredump + + +# -- Listener settings. +# +# Override global settings configured above for individual +# listeners. +# For details, +# see the [listeners documentation](https://docs.redpanda.com/docs/manage/kubernetes/networking/configure-listeners/). +listeners: + # -- Admin API listener (only one). + admin: + # -- The port for both internal and external connections to the Admin API. + port: 9644 + # -- Optional instrumentation hint - https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol + # appProtocol: + # -- Optional external access settings. + external: + # -- Name of the external listener. + default: + port: 9645 + # Override the global `external.enabled` for only this listener. + # enabled: true + # -- The port advertised to this listener's external clients. + # List one port if you want to use the same port for each broker (would be the case when using NodePort service). + # Otherwise, list the port you want to use for each broker in order of StatefulSet replicas. + # If undefined, `listeners.admin.port` is used. + tls: + # enabled: true + cert: external + advertisedPorts: + - 31644 + # -- Optional TLS section (required if global TLS is enabled) + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + # -- Name of the Certificate used for TLS (must match a Certificate name that is registered in tls.certs). + cert: default + # -- If true, the truststore file for this listener is included in the ConfigMap. + requireClientAuth: false + # -- Kafka API listeners. + kafka: + # -- The port for internal client connections. + port: 9093 + # default is "sasl" + authenticationMethod: + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + cert: default + requireClientAuth: false + external: + default: + # enabled: true + # -- The port used for external client connections. + port: 9094 + # prefixTemplate: "" + # -- If undefined, `listeners.kafka.external.default.port` is used. + advertisedPorts: + - 31092 + tls: + # enabled: true + cert: external + # default is "sasl" + authenticationMethod: + # -- RPC listener (this is never externally accessible). + rpc: + port: 33145 + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + cert: default + requireClientAuth: false + # -- Schema registry listeners. + schemaRegistry: + enabled: true + port: 8081 + kafkaEndpoint: default + # default is "http_basic" + authenticationMethod: + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + cert: default + requireClientAuth: false + external: + default: + # enabled: true + port: 8084 + advertisedPorts: + - 30081 + tls: + # enabled: true + cert: external + requireClientAuth: false + # default is "http_basic" + authenticationMethod: + # -- HTTP API listeners (aka PandaProxy). + http: + enabled: true + port: 8082 + kafkaEndpoint: default + # default is "http_basic" + authenticationMethod: + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + cert: default + requireClientAuth: false + external: + default: + # enabled: true + port: 8083 + # prefixTemplate: "" + advertisedPorts: + - 30082 + tls: + # enabled: true + cert: external + requireClientAuth: false + # default is "http_basic" + authenticationMethod: + +# Expert Config +# Here be dragons! +# +# -- This section contains various settings supported by Redpanda that may not work +# correctly in a Kubernetes cluster. Changing these settings comes with some risk. +# +# Use these settings to customize various Redpanda configurations that are not covered in other sections. +# These values have no impact on the configuration or behavior of the Kubernetes objects deployed by Helm, +# and therefore should not be modified for the purpose of configuring those objects. +# Instead, these settings get passed directly to the Redpanda binary at startup. +# For descriptions of these properties, +# see the [configuration documentation](https://docs.redpanda.com/docs/cluster-administration/configuration/). +config: + rpk: {} + # additional_start_flags: # List of flags to pass to rpk, e.g., ` "--idle-poll-time-us=0"` + # -- [Cluster Configuration Properties](https://docs.redpanda.com/current/reference/properties/cluster-properties/) + cluster: {} + + # -- Tunable cluster properties. + # Deprecated: all settings here may be specified via `config.cluster`. + tunable: + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#log_segment_size_min). + log_segment_size_min: 16777216 # 16 mb + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#log_segment_size_max). + log_segment_size_max: 268435456 # 256 mb + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#compacted_log_segment_size). + compacted_log_segment_size: 67108864 # 64 mb + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#max_compacted_log_segment_size). + max_compacted_log_segment_size: 536870912 # 512 mb + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#kafka_connection_rate_limit). + kafka_connection_rate_limit: 1000 + + # -- [Broker (node) Configuration Properties](https://docs.redpanda.com/docs/reference/broker-properties/). + node: + # -- Crash loop limit + # A limit on the number of consecutive times a broker can crash within one hour before its crash-tracking logic is reset. + # This limit prevents a broker from getting stuck in an infinite cycle of crashes. + # User can disable this crash loop limit check by the following action: + # + # * One hour elapses since the last crash + # * The node configuration file, redpanda.yaml, is updated via config.cluster or config.node or config.tunable objects + # * The startup_log file in the node’s data_directory is manually deleted + # + # Default to 5 + # REF: https://docs.redpanda.com/current/reference/broker-properties/#crash_loop_limit + crash_loop_limit: 5 + + # Reference schema registry client https://docs.redpanda.com/current/reference/node-configuration-sample/ + schema_registry_client: {} + # # Number of times to retry a request to a broker + # # Default: 5 + # retries: 5 + # + # # Delay (in milliseconds) for initial retry backoff + # # Default: 100ms + # retry_base_backoff_ms: 100 + # + # # Number of records to batch before sending to broker + # # Default: 1000 + # produce_batch_record_count: 1000 + # + # # Number of bytes to batch before sending to broker + # # Defautl 1MiB + # produce_batch_size_bytes: 1048576 + # + # # Delay (in milliseconds) to wait before sending batch + # # Default: 100ms + # produce_batch_delay_ms: 100 + # + # # Interval (in milliseconds) for consumer request timeout + # # Default: 100ms + # consumer_request_timeout_ms: 100 + # + # # Max bytes to fetch per request + # # Default: 1MiB + # consumer_request_max_bytes: 1048576 + # + # # Timeout (in milliseconds) for consumer session + # # Default: 10s + # consumer_session_timeout_ms: 10000 + # + # # Timeout (in milliseconds) for consumer rebalance + # # Default: 2s + # consumer_rebalance_timeout_ms: 2000 + # + # # Interval (in milliseconds) for consumer heartbeats + # # Default: 500ms + # consumer_heartbeat_interval_ms: 500 + + # Reference panda proxy client https://docs.redpanda.com/current/reference/node-configuration-sample/ + pandaproxy_client: {} + # # Number of times to retry a request to a broker + # # Default: 5 + # retries: 5 + # + # # Delay (in milliseconds) for initial retry backoff + # # Default: 100ms + # retry_base_backoff_ms: 100 + # + # # Number of records to batch before sending to broker + # # Default: 1000 + # produce_batch_record_count: 1000 + # + # # Number of bytes to batch before sending to broker + # # Defautl 1MiB + # produce_batch_size_bytes: 1048576 + # + # # Delay (in milliseconds) to wait before sending batch + # # Default: 100ms + # produce_batch_delay_ms: 100 + # + # # Interval (in milliseconds) for consumer request timeout + # # Default: 100ms + # consumer_request_timeout_ms: 100 + # + # # Max bytes to fetch per request + # # Default: 1MiB + # consumer_request_max_bytes: 1048576 + # + # # Timeout (in milliseconds) for consumer session + # # Default: 10s + # consumer_session_timeout_ms: 10000 + # + # # Timeout (in milliseconds) for consumer rebalance + # # Default: 2s + # consumer_rebalance_timeout_ms: 2000 + # + # # Interval (in milliseconds) for consumer heartbeats + # # Default: 500ms + # consumer_heartbeat_interval_ms: 500 + + # Invalid properties + # Any of these properties will be ignored. These otherwise valid properties are not allowed + # to be used in this section since they impact deploying Redpanda in Kubernetes. + # Make use of the above sections to modify these values instead (see comments below). + # admin: "127.0.0.1:9644" # Address and port of admin server: use listeners.admin + # admin_api_tls: validate_many # TLS configuration for admin HTTP server: use listeners.admin.tls + # advertised_kafka_api: None # Address of Kafka API published to the clients + # advertised_pandaproxy_api: None # Rest API address and port to publish to client + # advertised_rpc_api: None # Address of RPC endpoint published to other cluster members + # enable_admin_api: true # Enable the admin API + # enable_sasl: false # Enable SASL authentication for Kafka connections + # kafka_api: "127.0.0.1:9092" # Address and port of an interface to listen for Kafka API requests + # kafka_api_tls: None # TLS configuration for Kafka API endpoint + # pandaproxy_api: "0.0.0.0:8082" # Rest API listen address and port + # pandaproxy_api_tls: validate_many # TLS configuration for Pandaproxy api + # rpc_server: "127.0.0.1:33145" # IP address and port for RPC server + # rpc_server_tls: validate # TLS configuration for RPC server + # superusers: None # List of superuser usernames + +tests: + enabled: true diff --git a/index.yaml b/index.yaml index 4baf3fdeba..3962b4d771 100644 --- a/index.yaml +++ b/index.yaml @@ -7080,10 +7080,27 @@ entries: catalog.cattle.io/featured: "1" catalog.cattle.io/release-name: cost-analyzer apiVersion: v2 + appVersion: 2.4.0 + created: "2024-09-18T00:52:01.450646596Z" + description: Kubecost Helm chart - monitor your cloud costs! + digest: ea7ba0634be2e44b617850741ba0edb2b5a18799e3bdad7e5a743715974ce2d8 + icon: file://assets/icons/cost-analyzer.png + name: cost-analyzer + urls: + - assets/kubecost/cost-analyzer-2.4.0.tgz + version: 2.4.0 + - annotations: + artifacthub.io/links: | + - name: Homepage + url: https://www.kubecost.com + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kubecost + catalog.cattle.io/release-name: cost-analyzer + apiVersion: v2 appVersion: 2.3.5 created: "2024-08-29T00:50:32.926270101Z" description: Kubecost Helm chart - monitor your cloud costs! - digest: 82661dfa56a8c1ba09e4e3cdc7eec9d1d3f40e0f3be780462bb4dd0eb9abff9d + digest: 6e1efb7f3cdc182b4b67d0e45bf63343076d7eb81776bcfc1abc77a77bc96bce icon: file://assets/icons/cost-analyzer.png name: cost-analyzer urls: @@ -32584,6 +32601,50 @@ entries: - assets/quobyte/quobyte-cluster-0.1.8.tgz version: 0.1.8 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v24.2.4 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.10.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v24.2.4 + created: "2024-09-18T00:52:03.106878759Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + - condition: connectors.enabled + name: connectors + repository: file://./charts/connectors + version: '>=0.1.2 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: ae237ad619baed02a2c7a0d4b6c4f46d19df2d4f3d908e136d266b9e3d01f5dc + icon: file://assets/icons/redpanda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-5.9.4.tgz + version: 5.9.4 - annotations: artifacthub.io/images: | - name: redpanda @@ -42489,4 +42550,4 @@ entries: urls: - assets/netfoundry/ziti-host-1.5.1.tgz version: 1.5.1 -generated: "2024-09-17T00:42:16.129150033Z" +generated: "2024-09-18T00:51:58.441754554Z"