jprdonnelly/wellsky-poc
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

init cleanup before push

Browse Source
This commit is contained in:
Justin Donnelly
2020-11-08 10:06:09 -05:00
parent a29e7fb2fe
commit 919853d222
75 changed files with 1 additions and 9143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
*.zip

21
mongodb/.helmignore
View File

@@ -1,21 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

24
mongodb/Chart.yaml
View File

@@ -1,24 +0,0 @@
annotations:
category: Database
apiVersion: v1
appVersion: 4.4.1
description: NoSQL document-oriented database that stores JSON-like documents with
dynamic schemas, simplifying the integration of data in content-driven applications.
engine: gotpl
home: https://github.com/bitnami/charts/tree/master/bitnami/mongodb
icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png
keywords:
- mongodb
- database
- nosql
- cluster
- replicaset
- replication
maintainers:
- email: containers@bitnami.com
name: Bitnami
name: mongodb
sources:
- https://github.com/bitnami/bitnami-docker-mongodb
- https://mongodb.org
version: 9.2.6

565
mongodb/README.md
View File

@@ -1,565 +0,0 @@
# MongoDB
[MongoDB](https://www.mongodb.com/) is a cross-platform document-oriented database. Classified as a NoSQL database, MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas, making the integration of data in certain types of applications easier and faster.
## TL;DR
```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm install my-release bitnami/mongodb
```
## Introduction
This chart bootstraps a [MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This chart has been tested to work with NGINX Ingress, cert-manager, fluentd and Prometheus on top of the [BKPR](https://kubeprod.io/).
## Prerequisites
- Kubernetes 1.12+
- Helm 2.12+ or Helm 3.0-beta3+
- PV provisioner support in the underlying infrastructure
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install my-release bitnami/mongodb
```
The command deploys MongoDB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Architecture
This charts allows you install MongoDB using two different architecture setups: "standalone" or "replicaset". You can use the `architecture` parameter to choose the one to use:
```console
architecture="standalone"
architecture="replicaset"
```
The standalone architecture installs a deployment (or statefulset) with one MongoDB server (it cannot be scaled):
```
┌────────────────┐
│ MongoDB │
| svc │
└───────┬────────┘
┌──────────┐
│ MongoDB │
│ Server │
│ Pod │
└──────────┘
```
The chart supports the replicaset architecture with and without a [MongoDB Arbiter](https://docs.mongodb.com/manual/core/replica-set-arbiter/):
* When the MongoDB Arbiter is enabled, the chart installs two statefulsets: A statefulset with N MongoDB servers (organised with one primary and N-1 secondary nodes), and a statefulset with one MongoDB arbiter node (it cannot be scaled).
```
┌────────────────┐ ┌────────────────┐ ┌────────────────┐ ┌─────────────┐
│ MongoDB 0 │ │ MongoDB 1 │ │ MongoDB N │ │ Arbiter │
| external svc │ | external svc │ | external svc │ | svc │
└───────┬────────┘ └───────┬────────┘ └───────┬────────┘ └──────┬──────┘
│ │ │ │
▼ ▼ ▼ ▼
┌───────────┐ ┌───────────┐ ┌───────────┐ ┌───────────┐
│ MongoDB 0 │ │ MongoDB 1 │ │ MongoDB N │ │ MongoDB │
│ Server │ │ Server │ .... │ Server │ │ Arbiter │
│ Pod │ │ Pod │ │ Pod │ │ Pod │
└───────────┘ └───────────┘ └───────────┘ └───────────┘
primary secondary secondary
```
The PSA model is useful when the third Availability Zone cannot hold a full MongoDB instance. The MongoDB Arbiter as decision maker is lightweight and can run alongside other workloads.
_Note:_ An update takes your MongoDB replicaset offline if the Arbiter is enabled and the number of MongoDB replicas is two. Helm applies updates to the statefulsets for the MongoDB instance _and_ the Arbiter at the same time so you loose two out of three quorum votes.
* Without the Arbiter, the chart deploys a single statefulset with N MongoDB servers (organised with one primary and N-1 secondary nodes)
```
┌────────────────┐ ┌────────────────┐ ┌────────────────┐
│ MongoDB 0 │ │ MongoDB 1 │ │ MongoDB N │
| external svc │ | external svc │ | external svc │
└───────┬────────┘ └───────┬────────┘ └───────┬────────┘
│ │ │
▼ ▼ ▼
┌───────────┐ ┌───────────┐ ┌───────────┐
│ MongoDB 0 │ │ MongoDB 1 │ │ MongoDB N │
│ Server │ │ Server │ .... │ Server │
│ Pod │ │ Pod │ │ Pod │
└───────────┘ └───────────┘ └───────────┘
primary secondary secondary
```
There are no services load balancing requests between MongoDB nodes, instead each node has an associated service to access them individually.
> Note: although the 1st replica is initially assigned the "primary" role, any of the "secondary" nodes can become the "primary" if it is down, or during upgrades. Do not make any assumption about what replica has the "primary" role, instead configure your Mongo client with the list of MongoDB hostnames so it can dynamically choose the node to send requests.
## Parameters
The following tables lists the configurable parameters of the MongoDB chart and their default values per section/component:
### Global parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `global.storageClass` | Global storage class for dynamic provisioning | `nil` |
| `global.namespaceOverride` | Global string to override the release namespace | `nil` |
### Common parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
| `nameOverride` | String to partially override mongodb.fullname | `nil` |
| `fullnameOverride` | String to fully override mongodb.fullname | `nil` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `schedulerName` | Name of the scheduler (other than default) to dispatch pods | `nil` |
| `image.registry` | MongoDB image registry | `docker.io` |
| `image.repository` | MongoDB image name | `bitnami/mongodb` |
| `image.tag` | MongoDB image tag | `{TAG_NAME}` |
| `image.pullPolicy` | MongoDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.debug` | Set to true if you would like to see extra information on logs | `false` |
### MongoDB parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `architecture` | MongoDB architecture (`standalone` or `replicaset`) | `standalone` |
| `useStatefulSet` | Set to true to use a StatefulSet instead of a Deployment (only when `architecture=standalone`) | `false` |
| `auth.enabled` | Enable authentication | `true` |
| `auth.rootPassword` | MongoDB admin password | _random 10 character long alphanumeric string_ |
| `auth.username` | MongoDB custom user (mandatory if `auth.database` is set) | `nil` |
| `auth.password` | MongoDB custom user password | _random 10 character long alphanumeric string_ |
| `auth.database` | MongoDB custom database | `nil` |
| `auth.replicaSetKey` | Key used for authentication in the replicaset (only when `architecture=replicaset`) | _random 10 character long alphanumeric string_ |
| `auth.existingSecret` | Existing secret with MongoDB credentials (keys: `mongodb-password`, `mongodb-root-password`, ` mongodb-replica-set-key`) | `nil` |
| `replicaSetName` | Name of the replica set (only when `architecture=replicaset`) | `rs0` |
| `replicaSetHostnames` | Enable DNS hostnames in the replicaset config (only when `architecture=replicaset`) | `true` |
| `enableIPv6` | Switch to enable/disable IPv6 on MongoDB | `false` |
| `directoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB | `false` |
| `systemLogVerbosity` | MongoDB system log verbosity level | `0` |
| `disableSystemLog` | Switch to enable/disable MongoDB system log | `false` |
| `configuration` | MongoDB configuration file to be used | `{}` |
| `existingConfigmap` | Name of existing ConfigMap with MongoDB configuration | `nil` |
| `initdbScripts` | Dictionary of initdb scripts | `nil` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts | `nil` |
| `command` | Override default container command (useful when using custom images) | `nil` |
| `args` | Override default container args (useful when using custom images) | `nil` |
| `extraFlags` | MongoDB additional command line flags | `[]` |
| `extraEnvVars` | Extra environment variables to add to MongoDB pods | `[]` |
| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `nil` |
| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars (in case of sensitive data) | `nil` |
### MongoDB statefulset parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `replicaCount` | Number of MongoDB nodes (only when `architecture=replicaset`) | `2` |
| `labels` | Annotations to be added to the MongoDB statefulset | `{}` (evaluated as a template) |
| `annotations` | Additional labels to be added to the MongoDB statefulset | `{}` (evaluated as a template) |
| `podManagementPolicy` | Pod management policy for MongoDB | `OrderedReady` |
| `strategyType` | StrategyType for MongoDB statefulset | `RollingUpdate` |
| `podLabels` | MongoDB pod labels | `{}` (evaluated as a template) |
| `podAnnotations` | MongoDB Pod annotations | `{}` (evaluated as a template) |
| `priorityClassName` | Name of the existing priority class to be used by MongoDB pod(s) | `""` |
| `affinity` | Affinity for MongoDB pod(s) assignment | `{}` (evaluated as a template) |
| `nodeSelector` | Node labels for MongoDB pod(s) assignment | `{}` (evaluated as a template) |
| `tolerations` | Tolerations for MongoDB pod(s) assignment | `[]` (evaluated as a template) |
| `podSecurityContext` | MongoDB pod(s)' Security Context | Check `values.yaml` file |
| `containerSecurityContext` | MongoDB containers' Security Context | Check `values.yaml` file |
| `resources.limits` | The resources limits for MongoDB containers | `{}` |
| `resources.requests` | The requested resources for MongoDB containers | `{}` |
| `livenessProbe` | Liveness probe configuration for MongoDB | Check `values.yaml` file |
| `readinessProbe` | Readiness probe configuration for MongoDB | Check `values.yaml` file |
| `customLivenessProbe` | Override default liveness probe for MongoDB containers | `nil` |
| `customReadinessProbe` | Override default readiness probe for MongoDB containers | `nil` |
| `pdb.create` | Enable/disable a Pod Disruption Budget creation for MongoDB pod(s) | `false` |
| `pdb.minAvailable` | Minimum number/percentage of MongoDB pods that should remain scheduled | `1` |
| `pdb.maxUnavailable` | Maximum number/percentage of MongoDB pods that may be made unavailable | `nil` |
| `initContainers` | Add additional init containers for the MongoDB pod(s) | `{}` (evaluated as a template) |
| `sidecars` | Add additional sidecar containers for the MongoDB pod(s) | `{}` (evaluated as a template) |
| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MongoDB container(s) | `{}` |
| `extraVolumes` | Optionally specify extra list of additional volumes to the MongoDB statefulset | `{}` |
### Exposure parameters
| Parameter | Description | Default |
|---------------------------------------------------|----------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `service.type` | Kubernetes Service type | `ClusterIP` |
| `service.port` | MongoDB service port | `27017` |
| `service.portName` | MongoDB service port name | `mongodb` |
| `service.nodePort` | Port to bind to for NodePort and LoadBalancer service types | `""` |
| `service.clusterIP` | MongoDB service cluster IP | `nil` |
| `service.loadBalancerIP` | loadBalancerIP for MongoDB Service | `nil` |
| `service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` |
| `service.annotations` | Service annotations | `{}` (evaluated as a template) |
| `externalAccess.enabled` | Enable Kubernetes external cluster access to MongoDB nodes | `false` |
| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs by querying the K8s API | `false` |
| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry (kubectl) | `docker.io` |
| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image name (kubectl) | `bitnami/kubectl` |
| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (kubectl) | `{TAG_NAME}` |
| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy (kubectl) | `Always` |
| `externalAccess.autoDiscovery.resources.limits` | Init container auto-discovery resource limits | `{}` |
| `externalAccess.autoDiscovery.resources.requests` | Init container auto-discovery resource requests | `{}` |
| `externalAccess.service.type` | Kubernetes Servive type for external access. It can be NodePort or LoadBalancer | `LoadBalancer` |
| `externalAccess.service.port` | MongoDB port used for external access when service type is LoadBalancer | `27017` |
| `externalAccess.service.loadBalancerIPs` | Array of load balancer IPs for MongoDB nodes | `[]` |
| `externalAccess.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` |
| `externalAccess.service.domain` | Domain or external IP used to configure MongoDB advertised hostname when service type is NodePort | `nil` |
| `externalAccess.service.nodePorts` | Array of node ports used to configure MongoDB advertised hostname when service type is NodePort | `[]` |
| `externalAccess.service.annotations` | Service annotations for external access | `{}`(evaluated as a template) |
### Persistence parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `persistence.enabled` | Enable MongoDB data persistence using PVC | `true` |
| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) | `nil` (evaluated as a template) |
| `persistence.storageClass` | PVC Storage Class for MongoDB data volume | `nil` |
| `persistence.accessMode` | PVC Access Mode for MongoDB data volume | `ReadWriteOnce` |
| `persistence.size` | PVC Storage Request for MongoDB data volume | `8Gi` |
| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mongodb` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `""` |
### RBAC parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| `serviceAccount.create` | Enable creation of ServiceAccount for MongoDB pods | `true` |
| `serviceAccount.name` | Name of the created serviceAccount | Generated using the `mongodb.fullname` template |
| `rbac.create` | Weather to create & use RBAC resources or not | `false` |
### Volume Permissions parameters
| Parameter | Description | Default |
|-------------------------------------------|----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `buster` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` |
| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` |
| `volumePermissions.securityContext` | Security context of the init container | Check `values.yaml` file |
### Arbiter parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
| `arbiter.enabled` | Enable deploying the arbiter | `true` |
| `arbiter.configuration` | Arbiter configuration file to be used | `{}` |
| `arbiter.existingConfigmap` | Name of existing ConfigMap with Arbiter configuration | `nil` |
| `arbiter.command` | Override default container command (useful when using custom images) | `nil` |
| `arbiter.args` | Override default container args (useful when using custom images) | `nil` |
| `arbiter.extraFlags` | Arbiter additional command line flags | `[]` |
| `arbiter.extraEnvVars` | Extra environment variables to add to Arbiter pods | `[]` |
| `arbiter.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `nil` |
| `arbiter.extraEnvVarsSecret` | Name of existing Secret containing extra env vars (in case of sensitive data) | `nil` |
| `arbiter.labels` | Annotations to be added to the Arbiter statefulset | `{}` (evaluated as a template) |
| `arbiter.annotations` | Additional labels to be added to the Arbiter statefulset | `{}` (evaluated as a template) |
| `arbiter.podLabels` | Arbiter pod labels | `{}` (evaluated as a template) |
| `arbiter.podAnnotations` | Arbiter Pod annotations | `{}` (evaluated as a template) |
| `arbiter.priorityClassName` | Name of the existing priority class to be used by Arbiter pod(s) | `""` |
| `arbiter.affinity` | Affinity for Arbiter pod(s) assignment | `{}` (evaluated as a template) |
| `arbiter.nodeSelector` | Node labels for Arbiter pod(s) assignment | `{}` (evaluated as a template) |
| `arbiter.tolerations` | Tolerations for Arbiter pod(s) assignment | `[]` (evaluated as a template) |
| `arbiter.podSecurityContext` | Arbiter pod(s)' Security Context | Check `values.yaml` file |
| `arbiter.containerSecurityContext` | Arbiter containers' Security Context | Check `values.yaml` file |
| `arbiter.resources.limits` | The resources limits for Arbiter containers | `{}` |
| `arbiter.resources.requests` | The requested resources for Arbiter containers | `{}` |
| `arbiter.livenessProbe` | Liveness probe configuration for Arbiter | Check `values.yaml` file |
| `arbiter.readinessProbe` | Readiness probe configuration for Arbiter | Check `values.yaml` file |
| `arbiter.customLivenessProbe` | Override default liveness probe for Arbiter containers | `nil` |
| `arbiter.customReadinessProbe` | Override default readiness probe for Arbiter containers | `nil` |
| `arbiter.pdb.create` | Enable/disable a Pod Disruption Budget creation for Arbiter pod(s) | `false` |
| `arbiter.pdb.minAvailable` | Minimum number/percentage of Arbiter pods that should remain scheduled | `1` |
| `arbiter.pdb.maxUnavailable` | Maximum number/percentage of Arbiter pods that may be made unavailable | `nil` |
| `arbiter.initContainers` | Add additional init containers for the Arbiter pod(s) | `{}` (evaluated as a template) |
| `arbiter.sidecars` | Add additional sidecar containers for the Arbiter pod(s) | `{}` (evaluated as a template) |
| `arbiter.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Arbiter container(s) | `{}` |
| `arbiter.extraVolumes` | Optionally specify extra list of additional volumes to the Arbiter statefulset | `{}` |
### Metrics parameters
| Parameter | Description | Default |
|-------------------------------------------|------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
| `metrics.enabled` | Enable using a sidecar Prometheus exporter | `false` |
| `metrics.image.registry` | MongoDB Prometheus exporter image registry | `docker.io` |
| `metrics.image.repository` | MongoDB Prometheus exporter image name | `bitnami/mongodb-exporter` |
| `metrics.image.tag` | MongoDB Prometheus exporter image tag | `{TAG_NAME}` |
| `metrics.image.pullPolicy` | MongoDB Prometheus exporter image pull policy | `Always` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `metrics.extraFlags` | Additional command line flags | `""` |
| `metrics.extraUri` | Additional URI options of the metrics service | `""` |
| `metrics.service.type` | Type of the Prometheus metrics service | `ClusterIP file` |
| `metrics.service.port` | Port of the Prometheus metrics service | `9216` |
| `metrics.service.annotations` | Annotations for Prometheus metrics service | Check `values.yaml` file |
| `metrics.resources.limits` | The resources limits for Prometheus exporter containers | `{}` |
| `metrics.resources.requests` | The requested resources for Prometheus exporter containers | `{}` |
| `metrics.livenessProbe` | Liveness probe configuration for Prometheus exporter | Check `values.yaml` file |
| `metrics.readinessProbe` | Readiness probe configuration for Prometheus exporter | Check `values.yaml` file |
| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` |
| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `monitoring` |
| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` |
| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `nil` |
| `metrics.serviceMonitor.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | `{}` |
| `metrics.prometheusRule.enabled` | Set this to true to create prometheusRules for Prometheus operator | `false` |
| `metrics.prometheusRule.namespace` | namespace where prometheusRules resource should be created | `monitoring` |
| `metrics.prometheusRule.rules` | Rules to be created, check values for an example. | `[]` |
| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRules will be discovered by Prometheus | `{}` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install my-release \
--set auth.rootPassword=secretpassword,auth.username=my-user,auth.password=my-password,auth.database=my-database \
bitnami/mongodb
```
The above command sets the MongoDB `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install my-release -f values.yaml bitnami/mongodb
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Configuration and installation details
### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/)
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
### Production configuration and horizontal scaling
This chart includes a `values-production.yaml` file where you can find some parameters oriented to production configuration in comparison to the regular `values.yaml`. You can use this file instead of the default one.
- Switch to enable/disable replica set configuration:
```diff
- architecture: standalone
+ architecture: replicaset
```
- Increase the number of MongoDB nodes:
```diff
- replicaCount: 2
+ replicaCount: 4
```
- Enable Pod Disruption Budget:
```diff
- pdb.create: false
+ pdb.create: true
```
- Enable using a sidecar Prometheus exporter:
```diff
- metrics.enabled: false
+ metrics.enabled: true
```
To horizontally scale this chart, you can use the `--replicaCount` flag to modify the number of secondary nodes in your MongoDB replica set.
### Initialize a fresh instance
The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, you can specify them using the `initdbScripts` parameter as dict.
You can also set an external ConfigMap with all the initialization scripts. This is done by setting the `initdbScriptsConfigMap` parameter. Note that this will override the previous option.
The allowed extensions are `.sh`, and `.js`.
### Replicaset: Accessing MongoDB nodes from outside the cluster
In order to access MongoDB nodes from outside the cluster when using a replicaset architecture, a specific service per MongoDB pod will be created. There are two ways of configuring external access:
- Using LoadBalancer services
- Using NodePort services.
#### Using LoadBalancer services
You have two alternatives to use LoadBalancer services:
- Option A) Use random load balancer IPs using an **initContainer** that waits for the IPs to be ready and discover them automatically.
```console
architecture=replicaset
replicaCount=2
externalAccess.enabled=true
externalAccess.service.type=LoadBalancer
externalAccess.service.port=27017
externalAccess.autoDiscovery.enabled=true
serviceAccount.create=true
rbac.create=true
```
> Note: This option requires creating RBAC rules on clusters where RBAC policies are enabled.
- Option B) Manually specify the load balancer IPs:
```console
architecture=replicaset
replicaCount=2
externalAccess.enabled=true
externalAccess.service.type=LoadBalancer
externalAccess.service.port=27017
externalAccess.service.loadBalancerIPs[0]='external-ip-1'
externalAccess.service.loadBalancerIPs[1]='external-ip-2'}
```
> Note: You need to know in advance the load balancer IPs so each MongoDB node advertised hostname is configured with it.
#### Using NodePort services
Manually specify the node ports to use:
```console
architecture=replicaset
replicaCount=2
externalAccess.enabled=true
externalAccess.service.type=NodePort
externalAccess.serivce.nodePorts[0]='node-port-1'
externalAccess.serivce.nodePorts[1]='node-port-2'
```
> Note: You need to know in advance the node ports that will be exposed so each MongoDB node advertised hostname is configured with it.
The pod will try to get the external ip of the node using `curl -s https://ipinfo.io/ip` unless `externalAccess.service.domain` is provided.
### Adding extra environment variables
In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property.
```yaml
extraEnvVars:
- name: LOG_LEVEL
value: error
```
Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` properties.
### Sidecars and Init Containers
If you have a need for additional containers to run within the same pod as MongoDB (e.g. an additional metrics or logging exporter), you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec.
```yaml
sidecars:
- name: your-image-name
image: your-image
imagePullPolicy: Always
ports:
- name: portname
containerPort: 1234
```
Similarly, you can add extra init containers using the `initContainers` parameter.
```yaml
initContainers:
- name: your-image-name
image: your-image
imagePullPolicy: Always
ports:
- name: portname
containerPort: 1234
```
## Persistence
The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image stores the MongoDB data and configurations at the `/bitnami/mongodb` path of the container.
The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning.
### Adjust permissions of persistent volume mountpoint
As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions.
As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. You can enable this initContainer by setting `volumePermissions.enabled` to `true`.
## Upgrading
If authentication is enabled, it's necessary to set the `auth.rootPassword` (also `auth.replicaSetKey` when using a replicaset architecture) when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Credentials' section. Please note down the password, and run the command below to upgrade your chart:
```bash
$ helm upgrade my-release bitnami/mongodb --set auth.rootPassword=[PASSWORD] (--set auth.replicaSetKey=[REPLICASETKEY])
```
> Note: you need to substitute the placeholders [PASSWORD] and [REPLICASETKEY] with the values obtained in the installation notes.
### To 9.0.0
MongoDB container images were updated to `4.4.x` and it can affect compatibility with older versions of MongoDB. Refer to the following guides to upgrade your applications:
- [Standalone](https://docs.mongodb.com/manual/release-notes/4.4-upgrade-standalone/)
- [Replica Set](https://docs.mongodb.com/manual/release-notes/4.4-upgrade-replica-set/)
### To 8.0.0
- Architecture used to configure MongoDB as a replicaset was completely refactored. Now, both primary and secondary nodes are part of the same statefulset.
- Chart labels were adapted to follow the Helm charts best practices.
- This version introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/master/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade.
- Several parameters were renamed or dissapeared in favor of new ones on this major version. These are the most important ones:
- `replicas` is renamed to `replicaCount`.
- Authentication parameters are reorganized under the `auth.*` parameter:
- `usePassword` is renamed to `auth.enabled`.
- `mongodbRootPassword`, `mongodbUsername`, `mongodbPassword`, `mongodbDatabase`, and `replicaSet.key` are now `auth.rootPassword`, `auth.username`, `auth.password`, `auth.database`, and `auth.replicaSetKey` respectively.
- `securityContext.*` is deprecated in favor of `podSecurityContext` and `containerSecurityContext`.
- Parameters prefixed with `mongodb` are renamed removing the prefix. E.g. `mongodbEnableIPv6` is renamed to `enableIPv6`.
- Parameters affecting Arbiter nodes are reorganized under the `arbiter.*` parameter.
Consequences:
- Backwards compatibility is not guaranteed. To upgrade to `8.0.0`, install a new release of the MongoDB chart, and migrate your data by creating a backup of the database, and restoring it on the new release.
### To 7.0.0
From this version, the way of setting the ingress rules has changed. Instead of using `ingress.paths` and `ingress.hosts` as separate objects, you should now define the rules as objects inside the `ingress.hosts` value, for example:
```yaml
ingress:
hosts:
- name: mongodb.local
path: /
```
### To 6.0.0
From this version, `mongodbEnableIPv6` is set to `false` by default in order to work properly in most k8s clusters, if you want to use IPv6 support, you need to set this variable to `true` by adding `--set mongodbEnableIPv6=true` to your `helm` command.
You can find more information in the [`bitnami/mongodb` image README](https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md).
### To 5.0.0
When enabling replicaset configuration, backwards compatibility is not guaranteed unless you modify the labels used on the chart's statefulsets.
Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is `my-release`:
```console
$ kubectl delete statefulset my-release-mongodb-arbiter my-release-mongodb-primary my-release-mongodb-secondary --cascade=false
```

22
mongodb/charts/common/.helmignore
View File

@@ -1,22 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

22
mongodb/charts/common/Chart.yaml
View File

@@ -1,22 +0,0 @@
annotations:
category: Infrastructure
apiVersion: v1
appVersion: 0.8.1
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/master/bitnami/common
icon: https://bitnami.com/downloads/logos/bitnami-mark.png
keywords:
- common
- helper
- template
- function
- bitnami
maintainers:
- email: containers@bitnami.com
name: Bitnami
name: common
sources:
- https://github.com/bitnami/charts
- http://www.bitnami.com/
version: 0.8.1

286
mongodb/charts/common/README.md
View File

@@ -1,286 +0,0 @@
# Bitnami Common Library Chart
A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between bitnami charts.
## TL;DR
```yaml
dependencies:
- name: common
version: 0.x.x
repository: https://charts.bitnami.com/bitnami
```
```bash
$ helm dependency update
```
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "common.names.fullname" . }}
data:
myvalue: "Hello World"
```
## Introduction
This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.
Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications.
## Prerequisites
- Kubernetes 1.12+
- Helm 2.12+ or Helm 3.0-beta3+
## Parameters
The following table lists the helpers available in the library which are scoped in different sections.
### Affinities
| Helper identifier | Description | Expected Input |
|-------------------------------------|-----------------------------------------------------------------|------------------------------------------------------------------|
| `common.affinities.node.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
| `common.affinities.node.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
| `common.affinities.pod.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
| `common.affinities.pod.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
### Capabilities
| Helper identifier | Description | Expected Input |
|------------------------------------------------|-----------------------------------------------------------------|----------------------------|
| `common.capabilities.deployment.apiVersion` | Return the appropriate apiVersion for deployment. | `.` Chart context |
| `common.capabilities.statefulset.apiVersion` | Return the appropriate apiVersion for statefulset. | `.` Chart context |
| `common.capabilities.ingress.apiVersion` | Return the appropriate apiVersion for ingress. | `.` Chart context |
### Errors
| Helper identifier | Description | Expected Input |
|------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------|
| `common.errors.upgrade.passwords.empty` | It will ensure required passwords are given when we are upgrading a chart. If `validationErrors` is not empty it will throw an error and will stop the upgrade action. | `dict "validationErrors" (list $validationError00 $validationError01) "context" $` |
### Images
| Helper identifier | Description | Expected Input |
|--------------------------------|-----------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------|
| `common.images.image` | Return the proper and full image name | `dict "imageRoot" .Values.path.to.the.image "global" $`, see [ImageRoot](#imageroot) for the structure. |
| `common.images.pullSecrets` | Return the proper Docker Image Registry Secret Names | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global` |
### Labels
| Helper identifier | Description | Expected Input |
|--------------------------------|-----------------------------------------------------------------|-----------------------------|
| `common.labels.standard` | Return Kubernetes standard labels | `.` Chart context |
| `common.labels.matchLabels` | Return the proper Docker Image Registry Secret Names | `.` Chart context |
### Names
| Helper identifier | Description | Expected Inpput |
|--------------------------------|-----------------------------------------------------------------|-----------------------------|
| `common.names.name` | Expand the name of the chart or use `.Values.nameOverride` | `.` Chart context |
| `common.names.fullname` | Create a default fully qualified app name. | `.` Chart context |
| `common.names.chart` | Chart name plus version | `.` Chart context |
### Secrets
| Helper identifier | Description | Expected Input |
|--------------------------------|-----------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. |
| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. |
### Storage
| Helper identifier | Description | Expected Input |
|--------------------------------|-----------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|
| `common.affinities.node.soft` | Return a soft nodeAffinity definition | `dict "persistence" .Values.path.to.the.persistence "global" $`, see [Persistence](#persistence) for the structure. |
### TplValues
| Helper identifier | Description | Expected Input |
|--------------------------------|-----------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------|
| `common.tplvalues.render` | Renders a value that contains template | `dict "value" .Values.path.to.the.Value "context" $`, value is the value should rendered as template, context frecuently is the chart context `$` or `.` |
### Utils
| Helper identifier | Description | Expected Input |
|--------------------------------|-----------------------------------------------------------------|------------------------------------------------------------------------|
| `common.utils.fieldToEnvVar` | Build environment variable name given a field. | `dict "field" "my-password"` |
| `common.utils.secret.getvalue` | Print instructions to get a secret value. | `dict "secret" "secret-name" "field" "secret-value-field" "context" $` |
| `common.utils.getValueFromKey` | Gets a value from `.Values` object given its key path | `dict "key" "path.to.key" "context" $` |
### Validations
| Helper identifier | Description | Expected Input |
|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `common.validations.values.single.empty` | Validate a value must not be empty. | `dict "valueKey" "path.to.value" "secret" "secret.name" "field" "my-password" "context" $` secret and field are optional. In case they are given, the helper will generate a how to get instruction. See [ValidateValue](#validatevalue) |
| `common.validations.values.multiple.empty` | Validate a multiple values must not be empty. It returns a shared error for all the values. | `dict "required" (list $validateValueConf00 $validateValueConf01) "context" $`. See [ValidateValue](#validatevalue) |
| `common.validations.values.mariadb.passwords` | This helper will ensure required password for MariaDB are not empty. It returns a shared error for all the values. | `dict "secret" "mariadb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use postgresql chart and the helper. |
| `common.validations.values.postgresql.passwords` | This helper will ensure required password for PostgreSQL are not empty. It returns a shared error for all the values. | `dict "secret" "postgresql-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use postgresql chart and the helper. |
### Warnings
| Helper identifier | Description | Expected Input |
|--------------------------------|-----------------------------------------------------------------|------------------------------------------------------------------|
| `common.warnings.rollingTag` | Warning about using rolling tag. | `ImageRoot` see [ImageRoot](#imageroot) for the structure. |
## Special input schemas
### ImageRoot
```yaml
registry:
type: string
description: Docker registry where the image is located
example: docker.io
repository:
type: string
description: Repository and image name
example: bitnami/nginx
tag:
type: string
description: image tag
example: 1.16.1-debian-10-r63
pullPolicy:
type: string
description: Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
pullSecrets:
type: array
items:
type: string
description: Optionally specify an array of imagePullSecrets.
debug:
type: boolean
description: Set to true if you would like to see extra information on logs
example: false
## An instance would be:
# registry: docker.io
# repository: bitnami/nginx
# tag: 1.16.1-debian-10-r63
# pullPolicy: IfNotPresent
# debug: false
```
### Persistence
```yaml
enabled:
type: boolean
description: Whether enable persistence.
example: true
storageClass:
type: string
description: Ghost data Persistent Volume Storage Class, If set to "-", storageClassName: "" which disables dynamic provisioning.
example: "-"
accessMode:
type: string
description: Access mode for the Persistent Volume Storage.
example: ReadWriteOnce
size:
type: string
description: Size the Persistent Volume Storage.
example: 8Gi
path:
type: string
description: Path to be persisted.
example: /bitnami
## An instance would be:
# enabled: true
# storageClass: "-"
# accessMode: ReadWriteOnce
# size: 8Gi
# path: /bitnami
```
### ExistingSecret
```yaml
name:
type: string
description: Name of the existing secret.
example: mySecret
keyMapping:
description: Mapping between the expected key name and the name of the key in the existing secret.
type: object
## An instance would be:
# name: mySecret
# keyMapping:
# password: myPasswordKey
```
#### Example of use
When we store sensitive data for a deployment in a secret, some times we want to give to users the possiblity of using theirs existing secrets.
```yaml
# templates/secret.yaml
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}
labels:
app: {{ include "common.names.fullname" . }}
type: Opaque
data:
password: {{ .Values.password | b64enc | quote }}
# templates/dpl.yaml
---
...
env:
- name: PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "common.secrets.name" (dict "existingSecret" .Values.existingSecret "context" $) }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "password") }}
...
# values.yaml
---
name: mySecret
keyMapping:
password: myPasswordKey
```
### ValidateValue
#### NOTES.txt
```console
{{- $validateValueConf00 := (dict "valueKey" "path.to.value00" "secret" "secretName" "field" "password-00") -}}
{{- $validateValueConf01 := (dict "valueKey" "path.to.value01" "secret" "secretName" "field" "password-01") -}}
{{ include "common.validations.values.multiple.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }}
```
If we force those values to be empty we will see some alerts
```console
$ helm install test mychart --set path.to.value00="",path.to.value01=""
'path.to.value00' must not be empty, please add '--set path.to.value00=$PASSWORD_00' to the command. To get the current value:
export PASSWORD_00=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-00}" | base64 --decode)
'path.to.value01' must not be empty, please add '--set path.to.value01=$PASSWORD_01' to the command. To get the current value:
export PASSWORD_01=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-01}" | base64 --decode)
```
## Notable changes
N/A

94
mongodb/charts/common/templates/_affinities.tpl
View File

@@ -1,94 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return a soft nodeAffinity definition
{{ include "common.affinities.nodes.soft" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes.soft" -}}
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
key: {{ .key }}
operator: In
values:
{{- range .values }}
- {{ . }}
{{- end }}
weight: 1
{{- end -}}
{{/*
Return a hard nodeAffinity definition
{{ include "common.affinities.nodes.hard" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes.hard" -}}
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
key: {{ .key }}
operator: In
values:
{{- range .values }}
- {{ . }}
{{- end }}
{{- end -}}
{{/*
Return a nodeAffinity definition
{{ include "common.affinities.nodes" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.nodes" -}}
{{- if eq .type "soft" }}
{{- include "common.affinities.nodes.soft" . -}}
{{- else if eq .type "hard" }}
{{- include "common.affinities.nodes.hard" . -}}
{{- end -}}
{{- end -}}
{{/*
Return a soft podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods.soft" (dict "component" "FOO" "context" $) -}}
*/}}
{{- define "common.affinities.pods.soft" -}}
{{- $component := default "" .component -}}
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 10 }}
{{- if not (empty $component) }}
{{ printf "app.kubernetes.io/component: %s" $component }}
{{- end }}
namespaces:
- {{ .context.Release.Namespace }}
topologyKey: kubernetes.io/hostname
weight: 1
{{- end -}}
{{/*
Return a hard podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods.hard" (dict "component" "FOO" "context" $) -}}
*/}}
{{- define "common.affinities.pods.hard" -}}
{{- $component := default "" .component -}}
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 8 }}
{{- if not (empty $component) }}
{{ printf "app.kubernetes.io/component: %s" $component }}
{{- end }}
namespaces:
- {{ .context.Release.Namespace }}
topologyKey: kubernetes.io/hostname
{{- end -}}
{{/*
Return a podAffinity/podAntiAffinity definition
{{ include "common.affinities.pods" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
*/}}
{{- define "common.affinities.pods" -}}
{{- if eq .type "soft" }}
{{- include "common.affinities.pods.soft" . -}}
{{- else if eq .type "hard" }}
{{- include "common.affinities.pods.hard" . -}}
{{- end -}}
{{- end -}}

33
mongodb/charts/common/templates/_capabilities.tpl
View File

@@ -1,33 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the appropriate apiVersion for deployment.
*/}}
{{- define "common.capabilities.deployment.apiVersion" -}}
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "extensions/v1beta1" -}}
{{- else -}}
{{- print "apps/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for statefulset.
*/}}
{{- define "common.capabilities.statefulset.apiVersion" -}}
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "apps/v1beta1" -}}
{{- else -}}
{{- print "apps/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for ingress.
*/}}
{{- define "common.capabilities.ingress.apiVersion" -}}
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "extensions/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- end -}}
{{- end -}}

20
mongodb/charts/common/templates/_errors.tpl
View File

@@ -1,20 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Through error when upgrading using empty passwords values that must not be empty.
Usage:
{{- $validationError00 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password00" "secret" "secretName" "field" "password-00") -}}
{{- $validationError01 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password01" "secret" "secretName" "field" "password-01") -}}
{{ include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $validationError00 $validationError01) "context" $) }}
Required password params:
- validationErrors - String - Required. List of validation strings to be return, if it is empty it won't throw error.
- context - Context - Required. Parent context.
*/}}
{{- define "common.errors.upgrade.passwords.empty" -}}
{{- $validationErrors := join "" .validationErrors -}}
{{- if and $validationErrors .context.Release.IsUpgrade -}}
{{- $errorString := "\nPASSWORDS ERROR: you must provide your current passwords when upgrade the release%s" -}}
{{- printf $errorString $validationErrors | fail -}}
{{- end -}}
{{- end -}}

43
mongodb/charts/common/templates/_images.tpl
View File

@@ -1,43 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}
{{- $repositoryName := .imageRoot.repository -}}
{{- $tag := .imageRoot.tag | toString -}}
{{- if .global }}
{{- if .global.imageRegistry }}
{{- $registryName = .global.imageRegistry -}}
{{- end -}}
{{- end -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }}
*/}}
{{- define "common.images.pullSecrets" -}}
{{- $pullSecrets := list }}
{{- if .global }}
{{- range .global.imagePullSecrets -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- end -}}
{{- end -}}
{{- range .images -}}
{{- range .pullSecrets -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- end -}}
{{- end -}}
{{- if (not (empty $pullSecrets)) }}
imagePullSecrets:
{{- range $pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- end -}}

18
mongodb/charts/common/templates/_labels.tpl
View File

@@ -1,18 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Kubernetes standard labels
*/}}
{{- define "common.labels.standard" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
helm.sh/chart: {{ include "common.names.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "common.labels.matchLabels" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

32
mongodb/charts/common/templates/_names.tpl
View File

@@ -1,32 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "common.names.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "common.names.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "common.names.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}

49
mongodb/charts/common/templates/_secrets.tpl
View File

@@ -1,49 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Generate secret name.
Usage:
{{ include "common.secrets.name" (dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $) }}
Params:
- existingSecret - ExistingSecret - Optional. The path to the existing secrets in the values.yaml given by the user
to be used istead of the default one. +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret
- defaultNameSuffix - String - Optional. It is used only if we have several secrets in the same deployment.
- context - Dict - Required. The context for the template evaluation.
*/}}
{{- define "common.secrets.name" -}}
{{- $name := (include "common.names.fullname" .context) -}}
{{- if .defaultNameSuffix -}}
{{- $name = printf "%s-%s" $name .defaultNameSuffix | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- with .existingSecret -}}
{{- $name = .name -}}
{{- end -}}
{{- printf "%s" $name -}}
{{- end -}}
{{/*
Generate secret key.
Usage:
{{ include "common.secrets.key" (dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName") }}
Params:
- existingSecret - ExistingSecret - Optional. The path to the existing secrets in the values.yaml given by the user
to be used istead of the default one. +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret
- key - String - Required. Name of the key in the secret.
*/}}
{{- define "common.secrets.key" -}}
{{- $key := .key -}}
{{- if .existingSecret -}}
{{- if .existingSecret.keyMapping -}}
{{- $key = index .existingSecret.keyMapping $.key -}}
{{- end -}}
{{- end -}}
{{- printf "%s" $key -}}
{{- end -}}

23
mongodb/charts/common/templates/_storage.tpl
View File

@@ -1,23 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper Storage Class
{{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }}
*/}}
{{- define "common.storage.class" -}}
{{- $storageClass := .persistence.storageClass -}}
{{- if .global -}}
{{- if .global.storageClass -}}
{{- $storageClass = .global.storageClass -}}
{{- end -}}
{{- end -}}
{{- if $storageClass -}}
{{- if (eq "-" $storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" $storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}

13
mongodb/charts/common/templates/_tplvalues.tpl
View File

@@ -1,13 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Renders a value that contains template.
Usage:
{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "common.tplvalues.render" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}

45
mongodb/charts/common/templates/_utils.tpl
View File

@@ -1,45 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Print instructions to get a secret value.
Usage:
{{ include "common.utils.secret.getvalue" (dict "secret" "secret-name" "field" "secret-value-field" "context" $) }}
*/}}
{{- define "common.utils.secret.getvalue" -}}
{{- $varname := include "common.utils.fieldToEnvVar" . -}}
export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 --decode)
{{- end -}}
{{/*
Build env var name given a field
Usage:
{{ include "common.utils.fieldToEnvVar" dict "field" "my-password" }}
*/}}
{{- define "common.utils.fieldToEnvVar" -}}
{{- $fieldNameSplit := splitList "-" .field -}}
{{- $upperCaseFieldNameSplit := list -}}
{{- range $fieldNameSplit -}}
{{- $upperCaseFieldNameSplit = append $upperCaseFieldNameSplit ( upper . ) -}}
{{- end -}}
{{ join "_" $upperCaseFieldNameSplit }}
{{- end -}}
{{/*
Gets a value from .Values given
Usage:
{{ include "common.utils.getValueFromKey" (dict "key" "path.to.key" "context" $) }}
*/}}
{{- define "common.utils.getValueFromKey" -}}
{{- $splitKey := splitList "." .key -}}
{{- $value := "" -}}
{{- $latestObj := $.context.Values -}}
{{- range $splitKey -}}
{{- if not $latestObj -}}
{{- printf "please review the entire path of '%s' exists in values" $.key | fail -}}
{{- end -}}
{{- $value = ( index $latestObj . ) -}}
{{- $latestObj = $value -}}
{{- end -}}
{{- printf "%v" (default "" $value) -}}
{{- end -}}

278
mongodb/charts/common/templates/_validations.tpl
View File

@@ -1,278 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Validate values must not be empty.
Usage:
{{- $validateValueConf00 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-00") -}}
{{- $validateValueConf01 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-01") -}}
{{ include "common.validations.values.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }}
Validate value params:
- valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password"
- secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret"
- field - String - Optional. Name of the field in the secret data, e.g: "mysql-password"
*/}}
{{- define "common.validations.values.multiple.empty" -}}
{{- range .required -}}
{{- include "common.validations.values.single.empty" (dict "valueKey" .valueKey "secret" .secret "field" .field "context" $.context) -}}
{{- end -}}
{{- end -}}
{{/*
Validate a value must not be empty.
Usage:
{{ include "common.validations.value.empty" (dict "valueKey" "mariadb.password" "secret" "secretName" "field" "my-password" "context" $) }}
Validate value params:
- valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password"
- secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret"
- field - String - Optional. Name of the field in the secret data, e.g: "mysql-password"
*/}}
{{- define "common.validations.values.single.empty" -}}
{{- $value := include "common.utils.getValueFromKey" (dict "key" .valueKey "context" .context) }}
{{- if not $value -}}
{{- $varname := "my-value" -}}
{{- $getCurrentValue := "" -}}
{{- if and .secret .field -}}
{{- $varname = include "common.utils.fieldToEnvVar" . -}}
{{- $getCurrentValue = printf " To get the current value:\n\n %s\n" (include "common.utils.secret.getvalue" .) -}}
{{- end -}}
{{- printf "\n '%s' must not be empty, please add '--set %s=$%s' to the command.%s" .valueKey .valueKey $varname $getCurrentValue -}}
{{- end -}}
{{- end -}}
{{/*
Validate MariaDB required passwords are not empty.
Usage:
{{ include "common.validations.values.mariadb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
Params:
- secret - String - Required. Name of the secret where MariaDB values are stored, e.g: "mysql-passwords-secret"
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.validations.values.mariadb.passwords" -}}
{{- $existingSecret := include "common.mariadb.values.existingSecret" . -}}
{{- $enabled := include "common.mariadb.values.enabled" . -}}
{{- $architecture := include "common.mariadb.values.architecture" . -}}
{{- $authPrefix := include "common.mariadb.values.key.auth" . -}}
{{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}}
{{- $valueKeyUsername := printf "%s.username" $authPrefix -}}
{{- $valueKeyPassword := printf "%s.password" $authPrefix -}}
{{- $valueKeyReplicationPassword := printf "%s.replicationPassword" $authPrefix -}}
{{- if and (not $existingSecret) (eq $enabled "true") -}}
{{- $requiredPasswords := list -}}
{{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mariadb-root-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}}
{{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }}
{{- if not (empty $valueUsername) -}}
{{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mariadb-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPassword -}}
{{- end -}}
{{- if (eq $architecture "replication") -}}
{{- $requiredReplicationPassword := dict "valueKey" $valueKeyReplicationPassword "secret" .secret "field" "mariadb-replication-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredReplicationPassword -}}
{{- end -}}
{{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for existingSecret.
Usage:
{{ include "common.mariadb.values.existingSecret" (dict "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.mariadb.values.existingSecret" -}}
{{- if .subchart -}}
{{- .context.Values.mariadb.existingSecret | quote -}}
{{- else -}}
{{- .context.Values.existingSecret | quote -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for enabled mariadb.
Usage:
{{ include "common.mariadb.values.enabled" (dict "context" $) }}
*/}}
{{- define "common.mariadb.values.enabled" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.mariadb.enabled -}}
{{- else -}}
{{- printf "%v" (not .context.Values.enabled) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for architecture
Usage:
{{ include "common.mariadb.values.architecture" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.mariadb.values.architecture" -}}
{{- if .subchart -}}
{{- .context.Values.mariadb.architecture -}}
{{- else -}}
{{- .context.Values.architecture -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for the key auth
Usage:
{{ include "common.mariadb.values.key.auth" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false
*/}}
{{- define "common.mariadb.values.key.auth" -}}
{{- if .subchart -}}
mariadb.auth
{{- else -}}
auth
{{- end -}}
{{- end -}}
{{/*
Validate PostgreSQL required passwords are not empty.
Usage:
{{ include "common.validations.values.postgresql.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
Params:
- secret - String - Required. Name of the secret where postgresql values are stored, e.g: "mysql-passwords-secret"
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.validations.values.postgresql.passwords" -}}
{{- $existingSecret := include "common.postgresql.values.existingSecret" . -}}
{{- $enabled := include "common.postgresql.values.enabled" . -}}
{{- $valueKeyPostgresqlPassword := include "common.postgresql.values.key.postgressPassword" . -}}
{{- $enabledReplication := include "common.postgresql.values.enabled.replication" . -}}
{{- $valueKeyPostgresqlReplicationEnabled := include "common.postgresql.values.key.replicationPassword" . -}}
{{- if and (not $existingSecret) (eq $enabled "true") -}}
{{- $requiredPasswords := list -}}
{{- $requiredPostgresqlPassword := dict "valueKey" $valueKeyPostgresqlPassword "secret" .secret "field" "postgresql-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlPassword -}}
{{- if (eq $enabledReplication "true") -}}
{{- $requiredPostgresqlReplicationPassword := dict "valueKey" $valueKeyPostgresqlReplicationEnabled "secret" .secret "field" "postgresql-replication-password" -}}
{{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlReplicationPassword -}}
{{- end -}}
{{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to decide whether evaluate global values.
Usage:
{{ include "common.postgresql.values.use.global" (dict "key" "key-of-global" "context" $) }}
Params:
- key - String - Required. Field to be evaluated within global, e.g: "existingSecret"
*/}}
{{- define "common.postgresql.values.use.global" -}}
{{- if .context.Values.global -}}
{{- if .context.Values.global.postgresql -}}
{{- index .context.Values.global.postgresql .key | quote -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for existingSecret.
Usage:
{{ include "common.postgresql.values.existingSecret" (dict "context" $) }}
*/}}
{{- define "common.postgresql.values.existingSecret" -}}
{{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "existingSecret" "context" .context) -}}
{{- if .subchart -}}
{{- default (.context.Values.postgresql.existingSecret | quote) $globalValue -}}
{{- else -}}
{{- default (.context.Values.existingSecret | quote) $globalValue -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for enabled postgresql.
Usage:
{{ include "common.postgresql.values.enabled" (dict "context" $) }}
*/}}
{{- define "common.postgresql.values.enabled" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.postgresql.enabled -}}
{{- else -}}
{{- printf "%v" (not .context.Values.enabled) -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for the key postgressPassword.
Usage:
{{ include "common.postgresql.values.key.postgressPassword" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.postgresql.values.key.postgressPassword" -}}
{{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "postgresqlUsername" "context" .context) -}}
{{- if not $globalValue -}}
{{- if .subchart -}}
postgresql.postgresqlPassword
{{- else -}}
postgresqlPassword
{{- end -}}
{{- else -}}
global.postgresql.postgresqlPassword
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for enabled.replication.
Usage:
{{ include "common.postgresql.values.enabled.replication" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.postgresql.values.enabled.replication" -}}
{{- if .subchart -}}
{{- printf "%v" .context.Values.postgresql.replication.enabled -}}
{{- else -}}
{{- printf "%v" .context.Values.replication.enabled -}}
{{- end -}}
{{- end -}}
{{/*
Auxiliar function to get the right value for the key replication.password.
Usage:
{{ include "common.postgresql.values.key.replicationPassword" (dict "subchart" "true" "context" $) }}
Params:
- subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
*/}}
{{- define "common.postgresql.values.key.replicationPassword" -}}
{{- if .subchart -}}
postgresql.replication.password
{{- else -}}
replication.password
{{- end -}}
{{- end -}}

14
mongodb/charts/common/templates/_warnings.tpl
View File

@@ -1,14 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Warning about using rolling tag.
Usage:
{{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }}
*/}}
{{- define "common.warnings.rollingTag" -}}
{{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }}
WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
{{- end }}
{{- end -}}

3
mongodb/charts/common/values.yaml
View File

@@ -1,3 +0,0 @@
## bitnami/common
## It is required by CI/CD tools and processes.
exampleValue: common-chart

460
mongodb/mongodb-values.yaml
View File

@@ -1,460 +0,0 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
image:
## Bitnami MongoDB registry
##
registry: docker.io
## Bitnami MongoDB image name
##
repository: bitnami/mongodb
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
#tag: 4.2.4-debian-10-r3
tag: 4.2.5-debian-10-r44
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns on Bitnami debugging in minideb-extras-base
## ref: https://github.com/bitnami/minideb-extras-base
debug: false
## String to partially override mongodb.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mongodb.fullname template
##
# fullnameOverride:
## Init containers parameters:
## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/minideb
tag: stretch
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
## Enable authentication
## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
#
usePassword: true
# existingSecret: name-of-existing-secret
## MongoDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run
##
#mongodbRootPassword: password
## MongoDB custom user and database
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run
##
#mongodbUsername: qsefe
#mongodbPassword: qsefe
#mongodbDatabase: qsefe
## Whether enable/disable IPv6 on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6
##
mongodbEnableIPv6: false
## Whether enable/disable DirectoryPerDB on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb
##
mongodbDirectoryPerDB: false
## MongoDB System Log configuration
## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level
##
mongodbSystemLogVerbosity: 0
mongodbDisableSystemLog: true
## MongoDB additional command line flags
##
## Can be used to specify command line flags, for example:
##
## mongodbExtraFlags:
## - "--wiredTigerCacheSizeGB=2"
mongodbExtraFlags: []
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Kubernetes Cluster Domain
clusterDomain: cluster.local
## Kubernetes service type
service:
## Specify an explicit service name.
name: svc-mongo
annotations: {}
type: ClusterIP
# clusterIP: None
port: 27017
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Specify the externalIP value ClusterIP service type.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
# externalIPs: []
## Specify the loadBalancerIP value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
##
# loadBalancerIP:
## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges: []
## Setting up replication
## ref: https://github.com/bitnami/bitnami-docker-mongodb#setting-up-a-replication
#
replicaSet:
## Whether to create a MongoDB replica set for high availability or not
enabled: true
useHostnames: true
## Name of the replica set
##
name: rs0
## Key used for replica set authentication
##
# key: key
## Number of replicas per each node type
##
replicas:
secondary: 1
arbiter: 1
## Pod Disruption Budget
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
pdb:
enabled: true
minAvailable:
secondary: 1
arbiter: 1
# maxUnavailable:
# secondary: 1
# arbiter: 1
# Annotations to be added to the deployment or statefulsets
annotations: {}
# Additional labels to apply to the deployment or statefulsets
labels: {}
# Annotations to be added to MongoDB pods
podAnnotations: {}
# Additional pod labels to apply
podLabels: {}
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# Define separate resources per arbiter, which are less then primary or secondary
# used only when replica set is enabled
resourcesArbiter: {}
# limits:
# cpu: 500m
# memory: 512Mi
# requests:
# cpu: 100m
# memory: 256Mi
## Pod priority
## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
# priorityClassName: ""
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
## Affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
# Define separate affinity for arbiter pod
affinityArbiter: {}
## Tolerations
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
## updateStrategy for MongoDB Primary, Secondary and Arbitrer statefulsets
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
updateStrategy:
type: RollingUpdate
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
##
# existingClaim:
## The path the volume will be mounted at, useful when using different
## MongoDB images.
##
mountPath: /bitnami/mongodb
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
##
subPath: ""
## mongodb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
annotations: {}
## Configure the ingress resource that allows you to access the
## MongoDB installation. Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
## Set to true to enable ingress record generation
enabled: false
## Set this to true in order to add the corresponding annotations for cert-manager
certManager: false
## Ingress annotations done as key:value pairs
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
## The list of hostnames to be covered with this ingress record.
## Most likely this will be just one host, but in the event more hosts are needed, this is an array
hosts:
- name: mongodb.example.com
path: /
## The tls configuration for the ingress
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
#tls:
#- hosts:
# - mongodb.local
# secretName: mongodb.local-tls
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: airflow.local-tls
# key:
# certificate:
## Configure the options for init containers to be run before the main app containers
## are started. All init containers are run sequentially and must exit without errors
## for the next one to be started.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
# extraInitContainers: |
# - name: do-something
# image: busybox
# command: ['do', 'something']
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
# Define custom config map with init scripts
initConfigMap: {}
# name: "init-config-map"
## Entries for the MongoDB config file. For documentation of all options, see:
## http://docs.mongodb.org/manual/reference/configuration-options/
##
configmap:
# # where and how to store data.
# storage:
# dbPath: /bitnami/mongodb/data/db
# journal:
# enabled: true
# directoryPerDB: false
# # where to write logging data.
# systemLog:
# destination: file
# quiet: false
# logAppend: true
# logRotate: reopen
# path: /opt/bitnami/mongodb/logs/mongodb.log
# verbosity: 0
# # network interfaces
# net:
# port: 27017
# unixDomainSocket:
# enabled: true
# pathPrefix: /opt/bitnami/mongodb/tmp
# ipv6: false
# bindIpAll: true
# # replica set options
# #replication:
# #replSetName: replicaset
# #enableMajorityReadConcern: true
# # process management options
# processManagement:
# fork: false
# pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid
# # set parameter options
# setParameter:
# enableLocalhostAuthBypass: true
# # security options
# security:
# authorization: disabled
# #keyFile: /opt/bitnami/mongodb/conf/keyfile
## Prometheus Exporter / Metrics
##
metrics:
enabled: true
image:
registry: docker.io
repository: bitnami/mongodb-exporter
tag: 0.10.0-debian-9-r24
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## String with extra arguments to the metrics exporter
## ref: https://github.com/dcu/mongodb_exporter/blob/master/mongodb_exporter.go
extraArgs: ""
## Metrics exporter resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
# resources: {}
## Metrics exporter liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
enabled: false
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
## Metrics exporter pod Annotation
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9216"
## Prometheus Service Monitor
## ref: https://github.com/coreos/prometheus-operator
## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
serviceMonitor:
## If the operator is installed in your cluster, set to true to create a Service Monitor Entry
enabled: false
## Specify a namespace if needed
# namespace: monitoring
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
additionalLabels: {}
## Specify Metric Relabellings to add to the scrape endpoint
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
# relabellings:
alerting:
## Define individual alerting rules as required
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup
## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
rules: {}
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Prometheus Rules to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
additionalLabels: {}

21
mongodb/mongodb/.helmignore
View File

@@ -1,21 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

21
mongodb/mongodb/Chart.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: v1
appVersion: 4.2.5
description: NoSQL document-oriented database that stores JSON-like documents with
dynamic schemas, simplifying the integration of data in content-driven applications.
engine: gotpl
home: https://mongodb.org
icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png
keywords:
- mongodb
- database
- nosql
- cluster
- replicaset
- replication
maintainers:
- email: containers@bitnami.com
name: Bitnami
name: mongodb
sources:
- https://github.com/bitnami/bitnami-docker-mongodb
version: 7.10.11

318
mongodb/mongodb/README.md
View File

@@ -1,318 +0,0 @@
# MongoDB
[MongoDB](https://www.mongodb.com/) is a cross-platform document-oriented database. Classified as a NoSQL database, MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas, making the integration of data in certain types of applications easier and faster.
## TL;DR;
```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm install my-release bitnami/mongodb
```
## Introduction
This chart bootstraps a [MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This chart has been tested to work with NGINX Ingress, cert-manager, fluentd and Prometheus on top of the [BKPR](https://kubeprod.io/).
## Prerequisites
- Kubernetes 1.12+
- Helm 2.11+ or Helm 3.0-beta3+
- PV provisioner support in the underlying infrastructure
- ReadWriteMany volumes for deployment scaling
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install my-release bitnami/mongodb
```
The command deploys MongoDB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Parameters
The following table lists the configurable parameters of the MongoDB chart and their default values.
| Parameter | Description | Default |
|----------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `global.storageClass` | Global storage class for dynamic provisioning | `nil` |
| `image.registry` | MongoDB image registry | `docker.io` |
| `image.repository` | MongoDB Image name | `bitnami/mongodb` |
| `image.tag` | MongoDB Image tag | `{TAG_NAME}` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `nameOverride` | String to partially override mongodb.fullname template with a string (will prepend the release name) | `nil` |
| `fullnameOverride` | String to fully override mongodb.fullname template with a string | `nil` |
| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` |
| `serviceAccount.name` | If serviceAccount.create is enabled, what should the serviceAccount name be - otherwise defaults to the fullname | `nil` |
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `buster` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` |
| `volumePermissions.resources` | Init container resource requests/limit | `nil` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `usePassword` | Enable password authentication | `true` |
| `existingSecret` | Existing secret with MongoDB credentials | `nil` |
| `mongodbRootPassword` | MongoDB admin password | `random alphanumeric string (10)` |
| `mongodbUsername` | MongoDB custom user (mandatory if `mongodbDatabase` is set) | `nil` |
| `mongodbPassword` | MongoDB custom user password | `random alphanumeric string (10)` |
| `mongodbDatabase` | Database to create | `nil` |
| `mongodbEnableIPv6` | Switch to enable/disable IPv6 on MongoDB | `false` |
| `mongodbDirectoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB | `false` |
| `mongodbSystemLogVerbosity` | MongoDB system log verbosity level | `0` |
| `mongodbDisableSystemLog` | Whether to disable MongoDB system log or not | `false` |
| `mongodbExtraFlags` | MongoDB additional command line flags | `[]` |
| `service.name` | Kubernetes service name | `nil` |
| `service.annotations` | Kubernetes service annotations, evaluated as a template | `{}` |
| `service.type` | Kubernetes Service type | `ClusterIP` |
| `service.clusterIP` | Static clusterIP or None for headless services | `nil` |
| `service.port` | MongoDB service port | `27017` |
| `service.nodePort` | Port to bind to for NodePort service type | `nil` |
| `service.loadBalancerIP` | Static IP Address to use for LoadBalancer service type | `nil` |
| `service.externalIPs` | External IP list to use with ClusterIP service type | `[]` |
| `service.loadBalancerSourceRanges` | List of IP ranges allowed access to load balancer (if supported) | `[]` (does not add IP range restrictions to the service) |
| `replicaSet.enabled` | Switch to enable/disable replica set configuration | `false` |
| `replicaSet.name` | Name of the replica set | `rs0` |
| `replicaSet.useHostnames` | Enable DNS hostnames in the replica set config | `true` |
| `replicaSet.key` | Key used for authentication in the replica set | `random alphanumeric string (10)` |
| `replicaSet.replicas.secondary` | Number of secondary nodes in the replica set | `1` |
| `replicaSet.replicas.arbiter` | Number of arbiter nodes in the replica set | `1` |
| `replicaSet.pdb.enabled` | Switch to enable/disable Pod Disruption Budget | `true` |
| `replicaSet.pdb.minAvailable.secondary` | PDB (min available) for the MongoDB Secondary nodes | `1` |
| `replicaSet.pdb.minAvailable.arbiter` | PDB (min available) for the MongoDB Arbiter nodes | `1` |
| `replicaSet.pdb.maxUnavailable.secondary` | PDB (max unavailable) for the MongoDB Secondary nodes | `nil` |
| `replicaSet.pdb.maxUnavailable.arbiter` | PDB (max unavailable) for the MongoDB Arbiter nodes | `nil` |
| `annotations` | Annotations to be added to the deployment or statefulsets | `{}` |
| `labels` | Additional labels for the deployment or statefulsets | `{}` |
| `podAnnotations` | Annotations to be added to pods | `{}` |
| `podLabels` | Additional labels for the pod(s). | `{}` |
| `resources` | Pod resources | `{}` |
| `resourcesArbiter` | Pod resources for arbiter when replica set is enabled | `{}` |
| `priorityClassName` | Pod priority class name | `` |
| `extraEnvVars` | Array containing extra env vars to be added to all pods in the cluster (evaluated as a template) | `nil` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `affinity` | Affinity for pod assignment | `{}` |
| `affinityArbiter` | Affinity for arbiter pod assignment | `{}` |
| `tolerations` | Toleration labels for pod assignment | `{}` |
| `updateStrategy` | Statefulsets update strategy policy | `RollingUpdate` |
| `securityContext.enabled` | Enable security context | `true` |
| `securityContext.fsGroup` | Group ID for the container | `1001` |
| `securityContext.runAsUser` | User ID for the container | `1001` |
| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` |
| `sidecars` | Add additional containers to pod | `[]` |
| `extraVolumes` | Add additional volumes to deployment | `[]` |
| `extraVolumeMounts` | Add additional volumes mounts to pod | `[]` |
| `sidecarsArbiter` | Add additional containers to arbiter pod | `[]` |
| `extraVolumesArbiter` | Add additional volumes to arbiter deployment | `[]` |
| `extraVolumeMountsArbiter` | Add additional volumes mounts to arbiter pod | `[]` |
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mongodb` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `persistence.storageClass` | Storage class of backing PVC | `nil` (uses alpha storage class annotation) |
| `persistence.accessModes` | Use volume as ReadOnly or ReadWrite | `[ReadWriteOnce]` |
| `persistence.size` | Size of data volume | `8Gi` |
| `persistence.annotations` | Persistent Volume annotations | `{}` |
| `persistence.existingClaim` | Name of an existing PVC to use in the primary node (avoids creating one if this is given) | `nil` |
| `useStatefulSet` | Set to true to use StatefulSet instead of Deployment even when replicaSet.enabled=false | `nil` |
| `extraInitContainers` | Additional init containers as a string to be passed to the `tpl` function | `{}` |
| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` |
| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
| `livenessProbe.periodSeconds` | How often to perform the probe | `10` |
| `livenessProbe.timeoutSeconds` | When the probe times out | `5` |
| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` |
| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` |
| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `5` |
| `readinessProbe.periodSeconds` | How often to perform the probe | `10` |
| `readinessProbe.timeoutSeconds` | When the probe times out | `5` |
| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` |
| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
| `initConfigMap.name` | Custom config map with init scripts | `nil` |
| `configmap` | MongoDB configuration file to be used | `nil` |
| `ingress.enabled` | Enable ingress controller resource | `false` |
| `ingress.certManager` | Add annotations for cert-manager | `false` |
| `ingress.annotations` | Ingress annotations | `[]` |
| `ingress.hosts[0].name` | Hostname to your MongoDB installation | `mongodb.local` |
| `ingress.hosts[0].path` | Path within the url structure | `/` |
| `ingress.tls[0].hosts[0]` | TLS hosts | `mongodb.local` |
| `ingress.tls[0].secretName` | TLS Secret (certificates) | `mongodb.local-tls` |
| `ingress.secrets[0].name` | TLS Secret Name | `nil` |
| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` |
| `ingress.secrets[0].key` | TLS Secret Key | `nil` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | MongoDB exporter image registry | `docker.io` |
| `metrics.image.repository` | MongoDB exporter image name | `bitnami/mongodb-exporter` |
| `metrics.image.tag` | MongoDB exporter image tag | `{TAG_NAME}` |
| `metrics.image.pullPolicy` | Image pull policy | `Always` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `metrics.podAnnotations.prometheus.io/scrape` | Additional annotations for Metrics exporter pod | `true` |
| `metrics.podAnnotations.prometheus.io/port` | Additional annotations for Metrics exporter pod | `"9216"` |
| `metrics.extraArgs` | String with extra arguments for the MongoDB Exporter | `` |
| `metrics.resources` | Exporter resource requests/limit | `{}` |
| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` |
| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `nil` |
| `metrics.serviceMonitor.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | `{}` |
| `metrics.serviceMonitor.relabellings` | Specify Metric Relabellings to add to the scrape endpoint | `nil` |
| `metrics.serviceMonitor.alerting.rules` | Define individual alerting rules as required | `{}` |
| `metrics.serviceMonitor.alerting.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | `{}` |
| `metrics.livenessProbe.enabled` | Enable/disable the Liveness Check of Prometheus metrics exporter | `false` |
| `metrics.livenessProbe.initialDelaySeconds` | Initial Delay for Liveness Check of Prometheus metrics exporter | `15` |
| `metrics.livenessProbe.periodSeconds` | How often to perform Liveness Check of Prometheus metrics exporter | `5` |
| `metrics.livenessProbe.timeoutSeconds` | Timeout for Liveness Check of Prometheus metrics exporter | `5` |
| `metrics.livenessProbe.failureThreshold` | Failure Threshold for Liveness Check of Prometheus metrics exporter | `3` |
| `metrics.livenessProbe.successThreshold` | Success Threshold for Liveness Check of Prometheus metrics exporter | `1` |
| `metrics.readinessProbe.enabled` | Enable/disable the Readiness Check of Prometheus metrics exporter | `false` |
| `metrics.readinessProbe.initialDelaySeconds` | Initial Delay for Readiness Check of Prometheus metrics exporter | `5` |
| `metrics.readinessProbe.periodSeconds` | How often to perform Readiness Check of Prometheus metrics exporter | `5` |
| `metrics.readinessProbe.timeoutSeconds` | Timeout for Readiness Check of Prometheus metrics exporter | `1` |
| `metrics.readinessProbe.failureThreshold` | Failure Threshold for Readiness Check of Prometheus metrics exporter | `3` |
| `metrics.readinessProbe.successThreshold` | Success Threshold for Readiness Check of Prometheus metrics exporter | `1` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install my-release \
--set mongodbRootPassword=secretpassword,mongodbUsername=my-user,mongodbPassword=my-password,mongodbDatabase=my-database \
bitnami/mongodb
```
The above command sets the MongoDB `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install my-release -f values.yaml bitnami/mongodb
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Configuration and installation details
### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/)
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
### Production configuration and horizontal scaling
This chart includes a `values-production.yaml` file where you can find some parameters oriented to production configuration in comparison to the regular `values.yaml`. You can use this file instead of the default one.
- Switch to enable/disable replica set configuration:
```diff
- replicaSet.enabled: false
+ replicaSet.enabled: true
```
- Start a side-car prometheus exporter:
```diff
- metrics.enabled: false
+ metrics.enabled: true
```
- Enable/disable the Liveness Check of Prometheus metrics exporter:
```diff
- metrics.livenessProbe.enabled: false
+ metrics.livenessProbe.enabled: true
```
- Enable/disable the Readiness Check of Prometheus metrics exporter:
```diff
- metrics.readinessProbe.enabled: false
+ metrics.readinessProbe.enabled: true
```
To horizontally scale this chart, you can use the `--replicas` flag to modify the number of secondary nodes in your MongoDB replica set.
### Replication
You can start the MongoDB chart in replica set mode with the following parameter: `replicaSet.enabled=true`
Some characteristics of this chart are:
- Each of the participants in the replication has a fixed stateful set so you always know where to find the primary, secondary or arbiter nodes.
- The number of secondary and arbiter nodes can be scaled out independently.
- Easy to move an application from using a standalone MongoDB server to use a replica set.
### Initialize a fresh instance
The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, they must be located inside the chart folder `files/docker-entrypoint-initdb.d` so they can be consumed as a ConfigMap.
Also you can create a custom config map and give it via `initConfigMap`(check options for more details).
The allowed extensions are `.sh`, and `.js`.
## Persistence
The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image stores the MongoDB data and configurations at the `/bitnami/mongodb` path of the container.
The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning.
### Adjust permissions of persistent volume mountpoint
As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it.
By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions.
As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination.
You can enable this initContainer by setting `volumePermissions.enabled` to `true`.
## Upgrading
### To 7.0.0
From this version, the way of setting the ingress rules has changed. Instead of using `ingress.paths` and `ingress.hosts` as separate objects, you should now define the rules as objects inside the `ingress.hosts` value, for example:
```yaml
ingress:
hosts:
- name: mongodb.local
path: /
```
### To 6.0.0
From this version, `mongodbEnableIPv6` is set to `false` by default in order to work properly in most k8s clusters, if you want to use IPv6 support, you need to set this variable to `true` by adding `--set mongodbEnableIPv6=true` to your `helm` command.
You can find more information in the [`bitnami/mongodb` image README](https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md).
### To 5.0.0
When enabling replicaset configuration, backwards compatibility is not guaranteed unless you modify the labels used on the chart's statefulsets.
Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is `my-release`:
```console
$ kubectl delete statefulset my-release-mongodb-arbiter my-release-mongodb-primary my-release-mongodb-secondary --cascade=false
```
## Configure Ingress
MongoDB can exposed externally using an Ingress controller. To do so, it's necessary to:
- Install the MongoDB chart setting the parameter `ingress.enabled=true`.
- Create a ConfigMap to map the external port to use and the internal service/port where to redirect the requests (see https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/exposing-tcp-udp-services.md for more information).
For instance, if you installed the MongoDB chart in the `default` namespace, you can install the [stable/nginx-ingress chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress) setting the "tcp" parameter in the **values.yaml** used to install the chart as shown below:
```yaml
...
tcp:
27017: "default/mongodb:27017"
```

3
mongodb/mongodb/files/docker-entrypoint-initdb.d/README.md
View File

@@ -1,3 +0,0 @@
You can copy here your custom .sh, or .js file so they are executed during the first boot of the image.
More info in the [bitnami-docker-mongodb](https://github.com/bitnami/bitnami-docker-mongodb#initializing-a-new-instance) repository.

75
mongodb/mongodb/templates/NOTES.txt
View File

@@ -1,75 +0,0 @@
{{- if contains .Values.service.type "LoadBalancer" }}
{{- if not .Values.mongodbRootPassword }}
-------------------------------------------------------------------------------
WARNING
By specifying "service.type=LoadBalancer" and not specifying "mongodbRootPassword"
you have most likely exposed the MongoDB service externally without any
authentication mechanism.
For security reasons, we strongly suggest that you switch to "ClusterIP" or
"NodePort". As alternative, you can also specify a valid password on the
"mongodbRootPassword" parameter.
-------------------------------------------------------------------------------
{{- end }}
{{- end }}
** Please be patient while the chart is being deployed **
MongoDB can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster:
{{ template "mongodb.serviceName" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}
{{ if .Values.usePassword -}}
To get the root password run:
export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mongodb.fullname" . }} -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)
{{- end }}
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
{{- if .Values.mongodbPassword }}
To get the password for "{{ .Values.mongodbUsername }}" run:
export MONGODB_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mongodb.fullname" . }} -o jsonpath="{.data.mongodb-password}" | base64 --decode)
{{- end }}
{{- end }}
To connect to your database run the following command:
kubectl run --namespace {{ .Release.Namespace }} {{ template "mongodb.fullname" . }}-client --rm --tty -i --restart='Never' --image {{ template "mongodb.image" . }} --command -- mongo admin --host {{ template "mongodb.serviceName" . }} {{- if .Values.usePassword }} --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD{{- end }}
To connect to your database from outside the cluster execute the following commands:
{{- if contains "NodePort" .Values.service.type }}
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "mongodb.serviceName" . }})
mongo --host $NODE_IP --port $NODE_PORT {{- if .Values.usePassword }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "mongodb.serviceName" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mongodb.serviceName" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
mongo --host $SERVICE_IP --port {{ .Values.service.port }} {{- if .Values.usePassword }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- else if contains "ClusterIP" .Values.service.type }}
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "mongodb.serviceName" . }} {{ .Values.service.port }}:{{ .Values.service.port }} &
mongo --host 127.0.0.1 {{- if .Values.usePassword }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- end }}
{{- include "mongodb.validateValues" . -}}
{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
{{- end }}

265
mongodb/mongodb/templates/_helpers.tpl
View File

@@ -1,265 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mongodb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Renders a value that contains template.
Usage:
{{ include "mongodb.tplValue" ( dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "mongodb.tplValue" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "mongodb.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "mongodb.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name for the admin secret.
*/}}
{{- define "mongodb.adminSecret" -}}
{{- if .Values.auth.existingAdminSecret -}}
{{- .Values.auth.existingAdminSecret -}}
{{- else -}}
{{- template "mongodb.fullname" . -}}-admin
{{- end -}}
{{- end -}}
{{/*
Create the name for the key secret.
*/}}
{{- define "mongodb.keySecret" -}}
{{- if .Values.auth.existingKeySecret -}}
{{- .Values.auth.existingKeySecret -}}
{{- else -}}
{{- template "mongodb.fullname" . -}}-keyfile
{{- end -}}
{{- end -}}
{{/*
Return the proper MongoDB image name
*/}}
{{- define "mongodb.image" -}}
{{- $registryName := .Values.image.registry -}}
{{- $repositoryName := .Values.image.repository -}}
{{- $tag := .Values.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper image name (for the metrics image)
*/}}
{{- define "mongodb.metrics.image" -}}
{{- $registryName := .Values.metrics.image.registry -}}
{{- $repositoryName := .Values.metrics.image.repository -}}
{{- $tag := .Values.metrics.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "mongodb.imagePullSecrets" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
Also, we can not use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.volumePermissions.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.volumePermissions.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "mongodb.volumePermissions.image" -}}
{{- $registryName := .Values.volumePermissions.image.registry -}}
{{- $repositoryName := .Values.volumePermissions.image.repository -}}
{{- $tag := .Values.volumePermissions.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Compile all warnings into a single message, and call fail.
*/}}
{{- define "mongodb.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "mongodb.validateValues.mongodbCustomDatabase" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB - both mongodbUsername and mongodbDatabase are necessary
to create a custom user and database during 1st initialization
*/}}
{{- define "mongodb.validateValues.mongodbCustomDatabase" -}}
{{- if or (and .Values.mongodbUsername (not .Values.mongodbDatabase)) (and (not .Values.mongodbUsername) .Values.mongodbDatabase) }}
mongodb: mongodbUsername, mongodbDatabase
Both mongodbUsername and mongodbDatabase must be provided to create
a custom user and database during 1st initialization.
Please set both of them (--set mongodbUsername="xxxx",mongodbDatabase="yyyy")
{{- end -}}
{{- end -}}
{{/*
Return the proper Storage Class
*/}}
{{- define "mongodb.storageClass" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
*/}}
{{- if .Values.global -}}
{{- if .Values.global.storageClass -}}
{{- if (eq "-" .Values.global.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.global.storageClass -}}
{{- end -}}
{{- else -}}
{{- if .Values.persistence.storageClass -}}
{{- if (eq "-" .Values.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- if .Values.persistence.storageClass -}}
{{- if (eq "-" .Values.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Returns the proper Service name depending if an explicit service name is set
in the values file. If the name is not explicitly set it will take the "mongodb.fullname"
*/}}
{{- define "mongodb.serviceName" -}}
{{- if .Values.service.name -}}
{{ .Values.service.name }}
{{- else -}}
{{ template "mongodb.fullname" .}}
{{- end -}}
{{- end -}}
{{/*
Returns the proper service account name depending if an explicit service account name is set
in the values file. If the name is not set it will default to either mongodb.fullname if serviceAccount.create
is true or default otherwise.
*/}}
{{- define "mongodb.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "mongodb.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

14
mongodb/mongodb/templates/configmap.yaml
View File

@@ -1,14 +0,0 @@
{{- if .Values.configmap }}
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb.fullname" . }}
data:
mongodb.conf: |-
{{ toYaml .Values.configmap | indent 4 }}
{{- end }}

305
mongodb/mongodb/templates/deployment-standalone.yaml
View File

@@ -1,305 +0,0 @@
{{- if not .Values.replicaSet.enabled }}
apiVersion: apps/v1
kind: {{ if .Values.useStatefulSet }}{{ "StatefulSet" }}{{- else }}{{ "Deployment" }}{{- end }}
metadata:
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- with .Values.labels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- with .Values.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if .Values.useStatefulSet }}
serviceName: {{ template "mongodb.serviceName" . }}
updateStrategy:
{{- else }}
strategy:
{{- end }}
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: "{{ .Release.Name }}"
template:
metadata:
labels:
app: {{ template "mongodb.name" . }}
release: "{{ .Release.Name }}"
chart: {{ template "mongodb.chart" . }}
{{- if .Values.podLabels }}
{{ toYaml .Values.podLabels | indent 8 }}
{{- end }}
{{- if or .Values.podAnnotations .Values.metrics.enabled }}
annotations:
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
{{- if .Values.metrics.enabled }}
{{ toYaml .Values.metrics.podAnnotations | indent 8 }}
{{- end }}
{{- end }}
spec:
serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end -}}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
initContainers:
{{- if .Values.extraInitContainers }}
{{ tpl .Values.extraInitContainers . | indent 8}}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ template "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"]
securityContext:
runAsUser: 0
resources: {{ toYaml .Values.volumePermissions.resources | nindent 12 }}
volumeMounts:
- name: data
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
containers:
- name: {{ template "mongodb.fullname" . }}
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
{{- if .Values.usePassword }}
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-password
{{- end }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
{{- end }}
{{- if .Values.mongodbUsername }}
- name: MONGODB_USERNAME
value: {{ .Values.mongodbUsername | quote }}
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbDatabase }}
- name: MONGODB_DATABASE
value: {{ .Values.mongodbDatabase | quote }}
{{- end }}
- name: MONGODB_ENABLE_IPV6
{{- if .Values.mongodbEnableIPv6 }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ .Values.mongodbExtraFlags | join " " | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 12 }}
{{- end }}
ports:
- name: mongodb
containerPort: 27017
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
volumeMounts:
- name: data
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") (.Values.initConfigMap) }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if .Values.configmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
subPath: mongodb.conf
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.usePassword }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ]
{{- else }}
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ]
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
resources:
{{ toYaml .Values.metrics.resources | indent 12 }}
{{- end }}
{{- if .Values.sidecars }}
{{ toYaml .Values.sidecars | indent 6 }}
{{- end }}
volumes:
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }}
- name: custom-init-scripts
configMap:
name: {{ template "mongodb.fullname" . }}-init-scripts
{{- end }}
{{- if (.Values.initConfigMap) }}
- name: custom-init-scripts
configMap:
name: {{ .Values.initConfigMap.name }}
{{- end }}
- name: data
{{- if not .Values.useStatefulSet }}
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
{{- else }}
emptyDir: {}
{{- end -}}
{{- end -}}
{{- if .Values.configmap }}
- name: config
configMap:
name: {{ template "mongodb.fullname" . }}
{{- end }}
{{- if .Values.extraVolumes }}
{{ toYaml .Values.extraVolumes | indent 8}}
{{- end }}
{{- if .Values.useStatefulSet }}
{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: data
annotations:
{{- range $key, $value := .Values.persistence.annotations }}
{{ $key }}: "{{ $value }}"
{{- end }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "mongodb.storageClass" . }}
{{- else }}
- name: data
emptyDir: {}
{{- end }}
{{- end }}
{{- end -}}

33
mongodb/mongodb/templates/ingress.yaml
View File

@@ -1,33 +0,0 @@
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
{{- if .Values.ingress.certManager }}
kubernetes.io/tls-acme: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .name }}
http:
paths:
- path: {{ default "/" .path }}
backend:
serviceName: {{ template "mongodb.serviceName" $ }}
servicePort: mongodb
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
{{- end }}
{{- end }}

13
mongodb/mongodb/templates/initialization-configmap.yaml
View File

@@ -1,13 +0,0 @@
{{ if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mongodb.fullname" . }}-init-scripts
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
data:
{{ tpl (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]").AsConfig . | indent 2 }}
{{ end }}

27
mongodb/mongodb/templates/poddisruptionbudget-arbiter-rs.yaml
View File

@@ -1,27 +0,0 @@
{{- if and .Values.replicaSet.enabled .Values.replicaSet.pdb.enabled }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb.fullname" . }}-arbiter
spec:
{{- if .Values.replicaSet.pdb.minAvailable }}
{{- if .Values.replicaSet.pdb.minAvailable.arbiter }}
minAvailable: {{ .Values.replicaSet.pdb.minAvailable.arbiter }}
{{- end }}
{{- end }}
{{- if .Values.replicaSet.pdb.maxUnavailable }}
{{- if .Values.replicaSet.pdb.maxUnavailable.arbiter }}
maxUnavailable: {{ .Values.replicaSet.pdb.maxUnavailable.arbiter }}
{{- end }}
{{- end }}
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: arbiter
{{- end }}

27
mongodb/mongodb/templates/poddisruptionbudget-secondary-rs.yaml
View File

@@ -1,27 +0,0 @@
{{- if and .Values.replicaSet.enabled .Values.replicaSet.pdb.enabled }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb.fullname" . }}-secondary
spec:
{{- if .Values.replicaSet.pdb.minAvailable }}
{{- if .Values.replicaSet.pdb.minAvailable.secondary }}
minAvailable: {{ .Values.replicaSet.pdb.minAvailable.secondary }}
{{- end }}
{{- end }}
{{- if .Values.replicaSet.pdb.maxUnavailable }}
{{- if .Values.replicaSet.pdb.maxUnavailable.secondary }}
maxUnavailable: {{ .Values.replicaSet.pdb.maxUnavailable.secondary }}
{{- end }}
{{- end }}
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: secondary
{{- end }}

17
mongodb/mongodb/templates/prometheus-alerting-rule.yaml
View File

@@ -1,17 +0,0 @@
{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled .Values.metrics.serviceMonitor.alerting.rules }}
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- if .Values.metrics.serviceMonitor.alerting.additionalLabels }}
{{ toYaml .Values.metrics.serviceMonitor.alerting.additionalLabels | indent 4 }}
{{- end }}
spec:
groups:
{{ toYaml .Values.metrics.serviceMonitor.alerting.rules | indent 4 }}
{{- end }}

35
mongodb/mongodb/templates/prometheus-service-monitor.yaml
View File

@@ -1,35 +0,0 @@
{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ template "mongodb.fullname" . }}
{{- if .Values.metrics.serviceMonitor.namespace }}
namespace: {{ .Values.metrics.serviceMonitor.namespace }}
{{- end }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- if .Values.metrics.serviceMonitor.additionalLabels }}
{{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }}
{{- end }}
spec:
endpoints:
- interval: 30s
port: metrics
{{- if .Values.metrics.serviceMonitor.relabellings }}
metricRelabelings:
{{ toYaml .Values.metrics.serviceMonitor.relabellings | indent 4 }}
{{- end }}
jobLabel: {{ template "mongodb.fullname" . }}
namespaceSelector:
matchNames:
- "{{ $.Release.Namespace }}"
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- end }}

20
mongodb/mongodb/templates/pvc-standalone.yaml
View File

@@ -1,20 +0,0 @@
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (not .Values.replicaSet.enabled) (not .Values.useStatefulSet) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb.fullname" . }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "mongodb.storageClass" . }}
{{- end }}

32
mongodb/mongodb/templates/secrets.yaml
View File

@@ -1,32 +0,0 @@
{{ if and .Values.usePassword (not .Values.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
type: Opaque
data:
{{- if .Values.mongodbRootPassword }}
mongodb-root-password: {{ .Values.mongodbRootPassword | b64enc | quote }}
{{- else }}
mongodb-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
{{- if .Values.mongodbPassword }}
mongodb-password: {{ .Values.mongodbPassword | b64enc | quote }}
{{- else }}
mongodb-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
{{- if .Values.replicaSet.enabled }}
{{- if .Values.replicaSet.key }}
mongodb-replica-set-key: {{ .Values.replicaSet.key | b64enc | quote }}
{{- else }}
mongodb-replica-set-key: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}

13
mongodb/mongodb/templates/serviceaccount.yml
View File

@@ -1,13 +0,0 @@
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "mongodb.serviceAccountName" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
secrets:
- name: {{ template "mongodb.fullname" . }}
{{- end }}

191
mongodb/mongodb/templates/statefulset-arbiter-rs.yaml
View File

@@ -1,191 +0,0 @@
{{- if .Values.replicaSet.enabled }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ template "mongodb.fullname" . }}-arbiter
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- with .Values.labels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- with .Values.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: arbiter
serviceName: {{ template "mongodb.fullname" . }}-headless
replicas: {{ .Values.replicaSet.replicas.arbiter }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: {{ .Release.Name }}
component: arbiter
{{- if .Values.podLabels }}
{{ toYaml .Values.podLabels | indent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
{{- if .Values.affinityArbiter }}
affinity:
{{ toYaml .Values.affinityArbiter | indent 8 }}
{{- end -}}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
{{- if .Values.extraInitContainers }}
initContainers:
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
containers:
- name: {{ template "mongodb.name" . }}-arbiter
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
ports:
- containerPort: {{ .Values.service.port }}
name: mongodb
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MONGODB_REPLICA_SET_MODE
value: "arbiter"
- name: MONGODB_PRIMARY_HOST
value: {{ template "mongodb.serviceName" . }}
- name: MONGODB_REPLICA_SET_NAME
value: {{ .Values.replicaSet.name | quote }}
{{- if .Values.replicaSet.useHostnames }}
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MONGODB_POD_NAME).{{ template "mongodb.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
{{- end }}
{{- if .Values.usePassword }}
- name: MONGODB_PRIMARY_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
- name: MONGODB_REPLICA_SET_KEY
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-replica-set-key
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: MONGODB_ENABLE_IPV6
{{- if .Values.mongodbEnableIPv6 }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ .Values.mongodbExtraFlags | join " " | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 10 }}
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
tcpSocket:
port: mongodb
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
tcpSocket:
port: mongodb
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
volumeMounts:
{{- if .Values.configmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
subPath: mongodb.conf
{{- end }}
resources:
{{ toYaml .Values.resourcesArbiter | indent 12 }}
{{- if .Values.extraVolumeMountsArbiter }}
volumeMounts:
{{ toYaml .Values.extraVolumeMountsArbiter | indent 12}}
{{- end }}
{{- if .Values.sidecarsArbiter }}
{{ toYaml .Values.sidecarsArbiter | indent 8 }}
{{- end }}
volumes:
{{- if .Values.configmap }}
- name: config
configMap:
name: {{ template "mongodb.fullname" . }}
{{- end }}
{{- if .Values.extraVolumesArbiter }}
{{ toYaml .Values.extraVolumesArbiter | indent 8 }}
{{- end }}
{{- end }}

317
mongodb/mongodb/templates/statefulset-primary-rs.yaml
View File

@@ -1,317 +0,0 @@
{{- if .Values.replicaSet.enabled }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ template "mongodb.fullname" . }}-primary
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- with .Values.labels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- with .Values.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
serviceName: {{ template "mongodb.fullname" . }}-headless
replicas: 1
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: primary
template:
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: {{ .Release.Name }}
component: primary
{{- if .Values.podLabels }}
{{ toYaml .Values.podLabels | indent 8 }}
{{- end }}
{{- if or .Values.podAnnotations .Values.metrics.enabled }}
annotations:
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
{{- if .Values.metrics.enabled }}
{{ toYaml .Values.metrics.podAnnotations | indent 8 }}
{{- end }}
{{- end }}
spec:
serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end -}}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
initContainers:
{{- if .Values.extraInitContainers }}
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ template "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"]
securityContext:
runAsUser: 0
resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
containers:
- name: {{ template "mongodb.name" . }}-primary
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
ports:
- containerPort: {{ .Values.service.port }}
name: mongodb
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MONGODB_REPLICA_SET_MODE
value: "primary"
- name: MONGODB_REPLICA_SET_NAME
value: {{ .Values.replicaSet.name | quote }}
{{- if .Values.replicaSet.useHostnames }}
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MONGODB_POD_NAME).{{ template "mongodb.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
{{- end }}
{{- if .Values.mongodbUsername }}
- name: MONGODB_USERNAME
value: {{ .Values.mongodbUsername | quote }}
{{- end }}
{{- if .Values.mongodbDatabase }}
- name: MONGODB_DATABASE
value: {{ .Values.mongodbDatabase | quote }}
{{- end }}
{{- if .Values.usePassword }}
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-password
{{- end }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
- name: MONGODB_REPLICA_SET_KEY
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-replica-set-key
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: MONGODB_ENABLE_IPV6
{{- if .Values.mongodbEnableIPv6 }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ .Values.mongodbExtraFlags | join " " | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 10 }}
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- pgrep
- mongod
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") (.Values.initConfigMap) }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if .Values.configmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
subPath: mongodb.conf
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{ toYaml .Values.extraVolumeMounts | indent 12}}
{{- end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.usePassword }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:`echo $MONGODB_ROOT_PASSWORD | sed -r "s/@/%40/g;s/:/%3A/g"`@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ]
{{- else }}
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ]
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
resources:
{{ toYaml .Values.metrics.resources | indent 12 }}
{{- end }}
{{- if .Values.sidecars }}
{{ toYaml .Values.sidecars | indent 8 }}
{{- end }}
volumes:
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }}
- name: custom-init-scripts
configMap:
name: {{ template "mongodb.fullname" . }}-init-scripts
{{- end }}
{{- if (.Values.initConfigMap) }}
- name: custom-init-scripts
configMap:
name: {{ .Values.initConfigMap.name }}
{{- end }}
{{- if .Values.configmap }}
- name: config
configMap:
name: {{ template "mongodb.fullname" . }}
{{- end }}
{{- if .Values.extraVolumes }}
{{ toYaml .Values.extraVolumes | indent 8}}
{{- end }}
{{- if .Values.persistence.enabled }}
{{- if.Values.persistence.existingClaim }}
- name: datadir
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim }}
{{- else }}
volumeClaimTemplates:
- metadata:
name: datadir
annotations:
{{- range $key, $value := .Values.persistence.annotations }}
{{ $key }}: "{{ $value }}"
{{- end }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "mongodb.storageClass" . }}
{{- end }}
{{- else }}
- name: datadir
emptyDir: {}
{{- end }}
{{- end }}

285
mongodb/mongodb/templates/statefulset-secondary-rs.yaml
View File

@@ -1,285 +0,0 @@
{{- if .Values.replicaSet.enabled }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ template "mongodb.fullname" . }}-secondary
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- with .Values.labels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- with .Values.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: secondary
podManagementPolicy: "Parallel"
serviceName: {{ template "mongodb.fullname" . }}-headless
replicas: {{ .Values.replicaSet.replicas.secondary }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: {{ .Release.Name }}
component: secondary
{{- if .Values.podLabels }}
{{ toYaml .Values.podLabels | indent 8 }}
{{- end }}
{{- if or .Values.podAnnotations .Values.metrics.enabled }}
annotations:
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
{{- if .Values.metrics.enabled }}
{{ toYaml .Values.metrics.podAnnotations | indent 8 }}
{{- end }}
{{- end }}
spec:
serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end -}}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
initContainers:
{{- if .Values.extraInitContainers }}
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ template "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"]
securityContext:
runAsUser: 0
resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
containers:
- name: {{ template "mongodb.name" . }}-secondary
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
ports:
- containerPort: {{ .Values.service.port }}
name: mongodb
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MONGODB_REPLICA_SET_MODE
value: "secondary"
- name: MONGODB_PRIMARY_HOST
value: {{ template "mongodb.fullname" . }}
- name: MONGODB_REPLICA_SET_NAME
value: {{ .Values.replicaSet.name | quote }}
{{- if .Values.replicaSet.useHostnames }}
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MONGODB_POD_NAME).{{ template "mongodb.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
{{- end }}
{{- if .Values.usePassword }}
- name: MONGODB_PRIMARY_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
- name: MONGODB_REPLICA_SET_KEY
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-replica-set-key
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: MONGODB_ENABLE_IPV6
{{- if .Values.mongodbEnableIPv6 }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ .Values.mongodbExtraFlags | join " " | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 10 }}
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- pgrep
- mongod
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if .Values.configmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
subPath: mongodb.conf
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{ toYaml .Values.extraVolumeMounts | indent 12}}
{{- end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.usePassword }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:`echo $MONGODB_ROOT_PASSWORD | sed -r "s/@/%40/g;s/:/%3A/g"`@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ]
{{- else }}
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ]
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
resources:
{{ toYaml .Values.metrics.resources | indent 12 }}
{{- end }}
{{- if .Values.sidecars }}
{{ toYaml .Values.sidecars | indent 8 }}
{{- end }}
volumes:
{{- if .Values.configmap }}
- name: config
configMap:
name: {{ template "mongodb.fullname" . }}
{{- end }}
{{- if .Values.extraVolumes }}
{{ toYaml .Values.extraVolumes | indent 8}}
{{- end }}
{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: datadir
annotations:
{{- range $key, $value := .Values.persistence.annotations }}
{{ $key }}: "{{ $value }}"
{{- end }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "mongodb.storageClass" . }}
{{- else }}
- name: datadir
emptyDir: {}
{{- end }}
{{- end }}

23
mongodb/mongodb/templates/svc-headless-rs.yaml
View File

@@ -1,23 +0,0 @@
{{- if .Values.replicaSet.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "mongodb.fullname" . }}-headless
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- with .Values.service.annotations }}
annotations: {{ tpl (toYaml .) $ | nindent 4 }}
{{- end }}
spec:
type: ClusterIP
clusterIP: None
ports:
- name: mongodb
port: {{ .Values.service.port }}
selector:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
{{- end }}

44
mongodb/mongodb/templates/svc-primary-rs.yaml
View File

@@ -1,44 +0,0 @@
{{- if .Values.replicaSet.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "mongodb.serviceName" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- with .Values.service.annotations }}
annotations: {{ tpl (toYaml .) $ | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if .Values.service.externalIPs }}
externalIPs: {{ toYaml .Values.service.externalIPs | nindent 4 }}
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: mongodb
port: {{ .Values.service.port }}
targetPort: mongodb
{{- if .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
port: 9216
targetPort: metrics
{{- end }}
selector:
app: {{ template "mongodb.name" . }}
release: "{{ .Release.Name }}"
component: primary
{{- end }}

43
mongodb/mongodb/templates/svc-standalone.yaml
View File

@@ -1,43 +0,0 @@
{{- if not .Values.replicaSet.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "mongodb.serviceName" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- with .Values.service.annotations }}
annotations: {{ tpl (toYaml .) $ | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if .Values.service.externalIPs }}
externalIPs: {{ toYaml .Values.service.externalIPs | nindent 4 }}
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: mongodb
port: {{ .Values.service.port }}
targetPort: mongodb
{{- if .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
port: 9216
targetPort: metrics
{{- end }}
selector:
app: {{ template "mongodb.name" . }}
release: "{{ .Release.Name }}"
{{- end }}

513
mongodb/mongodb/values-production.yaml
View File

@@ -1,513 +0,0 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
image:
## Bitnami MongoDB registry
##
registry: docker.io
## Bitnami MongoDB image name
##
repository: bitnami/mongodb
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
tag: 4.2.5-debian-10-r54
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns on Bitnami debugging in minideb-extras-base
## ref: https://github.com/bitnami/minideb-extras-base
debug: false
## String to partially override mongodb.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mongodb.fullname template
##
# fullnameOverride:
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name:
# Add custom extra environment variables to all the MongoDB containers
# extraEnvVars:
## Init containers parameters:
## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/minideb
tag: buster
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
## Enable authentication
## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
#
usePassword: true
# existingSecret: name-of-existing-secret
## MongoDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run
##
# mongodbRootPassword:
## MongoDB custom user and database
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run
##
# mongodbUsername: username
# mongodbPassword: password
# mongodbDatabase: database
## Whether enable/disable IPv6 on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6
##
mongodbEnableIPv6: false
## Whether enable/disable DirectoryPerDB on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb
##
mongodbDirectoryPerDB: false
## MongoDB System Log configuration
## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level
##
mongodbSystemLogVerbosity: 0
mongodbDisableSystemLog: false
## MongoDB additional command line flags
##
## Can be used to specify command line flags, for example:
##
## mongodbExtraFlags:
## - "--wiredTigerCacheSizeGB=2"
mongodbExtraFlags: []
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Kubernetes Cluster Domain
clusterDomain: cluster.local
## Kubernetes service type
service:
## Specify an explicit service name.
# name: svc-mongo
## Provide any additional annotations which may be required.
## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
annotations: {}
type: ClusterIP
# clusterIP: None
port: 27017
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Specify the externalIP value ClusterIP service type.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
# externalIPs: []
## Specify the loadBalancerIP value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
##
# loadBalancerIP:
## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges: []
## Use StatefulSet instead of Deployment when deploying standalone
useStatefulSet: false
## Setting up replication
## ref: https://github.com/bitnami/bitnami-docker-mongodb#setting-up-a-replication
#
replicaSet:
## Whether to create a MongoDB replica set for high availability or not
enabled: true
useHostnames: true
## Name of the replica set
##
name: rs0
## Key used for replica set authentication
##
# key: key
## Number of replicas per each node type
##
replicas:
secondary: 1
arbiter: 1
## Pod Disruption Budget
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
pdb:
enabled: true
minAvailable:
secondary: 1
arbiter: 1
# maxUnavailable:
# secondary: 1
# arbiter: 1
# Annotations to be added to the deployment or statefulsets
annotations: {}
# Additional labels to apply to the deployment or statefulsets
labels: {}
# Annotations to be added to MongoDB pods
podAnnotations: {}
# Additional pod labels to apply
podLabels: {}
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# Define separate resources per arbiter, which are less then primary or secondary
# used only when replica set is enabled
resourcesArbiter: {}
# limits:
# cpu: 500m
# memory: 512Mi
# requests:
# cpu: 100m
# memory: 256Mi
## Pod priority
## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
# priorityClassName: ""
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
## Affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
# Define separate affinity for arbiter pod
affinityArbiter: {}
## Tolerations
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
## Add sidecars to the pod
##
## For example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
sidecars: []
## Array to add extra volumes
##
extraVolumes: []
## Array to add extra mounts (normally used with extraVolumes)
##
extraVolumeMounts: []
## Add sidecars to the arbiter pod
# used only when replica set is enabled
##
## For example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
sidecarsArbiter: []
## Array to add extra volumes to the arbiter
# used only when replica set is enabled
##
extraVolumesArbiter: []
## Array to add extra mounts (normally used with extraVolumes) to the arbiter
# used only when replica set is enabled
##
extraVolumeMountsArbiter: []
## updateStrategy for MongoDB Primary, Secondary and Arbitrer statefulsets
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
updateStrategy:
type: RollingUpdate
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
##
# existingClaim:
## The path the volume will be mounted at, useful when using different
## MongoDB images.
##
mountPath: /bitnami/mongodb
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
##
subPath: ""
## mongodb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
annotations: {}
## Configure the ingress resource that allows you to access the
## MongoDB installation. Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
## Set to true to enable ingress record generation
enabled: false
## Set this to true in order to add the corresponding annotations for cert-manager
certManager: false
## Ingress annotations done as key:value pairs
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
## The list of hostnames to be covered with this ingress record.
## Most likely this will be just one host, but in the event more hosts are needed, this is an array
hosts:
- name: mongodb.local
path: /
## The tls configuration for the ingress
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
tls:
- hosts:
- mongodb.local
secretName: mongodb.local-tls
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: airflow.local-tls
# key:
# certificate:
## Configure the options for init containers to be run before the main app containers
## are started. All init containers are run sequentially and must exit without errors
## for the next one to be started.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
# extraInitContainers: |
# - name: do-something
# image: busybox
# command: ['do', 'something']
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
# Define custom config map with init scripts
initConfigMap: {}
# name: "init-config-map"
## Entries for the MongoDB config file. For documentation of all options, see:
## http://docs.mongodb.org/manual/reference/configuration-options/
##
configmap:
# # where and how to store data.
# storage:
# dbPath: /bitnami/mongodb/data/db
# journal:
# enabled: true
# directoryPerDB: false
# # where to write logging data.
# systemLog:
# destination: file
# quiet: false
# logAppend: true
# logRotate: reopen
# path: /opt/bitnami/mongodb/logs/mongodb.log
# verbosity: 0
# # network interfaces
# net:
# port: 27017
# unixDomainSocket:
# enabled: true
# pathPrefix: /opt/bitnami/mongodb/tmp
# ipv6: false
# bindIpAll: true
# # replica set options
# #replication:
# #replSetName: replicaset
# #enableMajorityReadConcern: true
# # process management options
# processManagement:
# fork: false
# pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid
# # set parameter options
# setParameter:
# enableLocalhostAuthBypass: true
# # security options
# security:
# authorization: disabled
# #keyFile: /opt/bitnami/mongodb/conf/keyfile
## Prometheus Exporter / Metrics
##
metrics:
enabled: true
image:
registry: docker.io
repository: bitnami/mongodb-exporter
tag: 0.10.0-debian-10-r79
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## String with extra arguments to the metrics exporter
## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go
extraArgs: ""
## Metrics exporter resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
# resources: {}
## Metrics exporter liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
enabled: true
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
## Metrics exporter pod Annotation
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9216"
## Prometheus Service Monitor
## ref: https://github.com/coreos/prometheus-operator
## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
serviceMonitor:
## If the operator is installed in your cluster, set to true to create a Service Monitor Entry
enabled: false
## Specify a namespace if needed
# namespace: monitoring
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
additionalLabels: {}
## Specify Metric Relabellings to add to the scrape endpoint
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
# relabellings:
alerting:
## Define individual alerting rules as required
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup
## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
rules: {}
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Prometheus Rules to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
additionalLabels: {}

147
mongodb/mongodb/values.schema.json
View File

@@ -1,147 +0,0 @@
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"properties": {
"usePassword": {
"type": "boolean",
"title": "Enable password authentication",
"form": true
},
"mongodbRootPassword": {
"type": "string",
"title": "MongoDB admin password",
"form": true,
"description": "Defaults to a random 10-character alphanumeric string if not set",
"hidden": {
"condition": false,
"value": "usePassword"
}
},
"mongodbDatabase": {
"type": "string",
"title": "MongoDB custom database",
"description": "Name of the custom database to be created during the 1st initialization of MongoDB",
"form": true
},
"mongodbUsername": {
"type": "string",
"title": "MongoDB custom user",
"description": "Name of the custom user to be created during the 1st initialization of MongoDB. This user only has permissions on the MongoDB custom database",
"form": true
},
"mongodbPassword": {
"type": "string",
"title": "Password for MongoDB custom user",
"form": true,
"description": "Defaults to a random 10-character alphanumeric string if not set",
"hidden": {
"condition": false,
"value": "usePassword"
}
},
"replicaSet": {
"type": "object",
"title": "Replicaset configuration",
"form": true,
"properties": {
"enabled": {
"type": "boolean",
"form": true,
"title": "Enable replicaset configuration"
},
"replicas": {
"type": "object",
"title": "Number of replicas",
"form": true,
"hidden": {
"condition": false,
"value": "replicaSet.enabled"
},
"properties": {
"secondary": {
"type": "integer",
"title": "Secondary node replicas",
"description": "Number of secondary node replicas to deploy",
"form": true
},
"arbiter": {
"type": "integer",
"title": "Arbiter node replicas",
"description": "Number of arbiter node replicas to deploy",
"form": true
}
}
}
}
},
"persistence": {
"type": "object",
"title": "Persistence configuration",
"form": true,
"properties": {
"enabled": {
"type": "boolean",
"form": true,
"title": "Enable persistence",
"description": "Enable persistence using Persistent Volume Claims"
},
"size": {
"type": "string",
"title": "Persistent Volume Size",
"form": true,
"render": "slider",
"sliderMin": 1,
"sliderMax": 100,
"sliderUnit": "Gi",
"hidden": {
"condition": false,
"value": "persistence.enabled"
}
}
}
},
"volumePermissions": {
"type": "object",
"hidden": {
"condition": false,
"value": "persistence.enabled"
},
"properties": {
"enabled": {
"type": "boolean",
"form": true,
"title": "Enable Init Containers",
"description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination"
}
}
},
"metrics": {
"type": "object",
"form": true,
"title": "Prometheus metrics details",
"properties": {
"enabled": {
"type": "boolean",
"title": "Create Prometheus metrics exporter",
"description": "Create a side-car container to expose Prometheus metrics",
"form": true
},
"serviceMonitor": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"title": "Create Prometheus Operator ServiceMonitor",
"description": "Create a ServiceMonitor to track metrics using Prometheus Operator",
"form": true,
"hidden": {
"condition": false,
"value": "metrics.enabled"
}
}
}
}
}
}
}
}

515
mongodb/mongodb/values.yaml
View File

@@ -1,515 +0,0 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
image:
## Bitnami MongoDB registry
##
registry: docker.io
## Bitnami MongoDB image name
##
repository: bitnami/mongodb
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
tag: 4.2.5-debian-10-r54
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns on Bitnami debugging in minideb-extras-base
## ref: https://github.com/bitnami/minideb-extras-base
debug: false
## String to partially override mongodb.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mongodb.fullname template
##
# fullnameOverride:
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name:
## Init containers parameters:
## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/minideb
tag: buster
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
## Enable authentication
## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
#
usePassword: true
# existingSecret: name-of-existing-secret
## MongoDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run
##
# mongodbRootPassword:
## MongoDB custom user and database
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run
##
# mongodbUsername: username
# mongodbPassword: password
# mongodbDatabase: database
## Whether enable/disable IPv6 on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6
##
mongodbEnableIPv6: false
## Whether enable/disable DirectoryPerDB on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb
##
mongodbDirectoryPerDB: false
## MongoDB System Log configuration
## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level
##
mongodbSystemLogVerbosity: 0
mongodbDisableSystemLog: false
## MongoDB additional command line flags
##
## Can be used to specify command line flags, for example:
##
## mongodbExtraFlags:
## - "--wiredTigerCacheSizeGB=2"
mongodbExtraFlags: []
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Kubernetes Cluster Domain
clusterDomain: cluster.local
## Kubernetes service type
service:
## Specify an explicit service name.
# name: svc-mongo
## Provide any additional annotations which may be required.
## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
annotations: {}
type: ClusterIP
# clusterIP: None
port: 27017
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Specify the externalIP value ClusterIP service type.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
# externalIPs: []
## Specify the loadBalancerIP value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
##
# loadBalancerIP:
## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges: []
# Add custom extra environment variables to all the MongoDB containers
# extraEnvVars:
## Use StatefulSet instead of Deployment when deploying standalone
useStatefulSet: false
## Setting up replication
## ref: https://github.com/bitnami/bitnami-docker-mongodb#setting-up-a-replication
#
replicaSet:
## Whether to create a MongoDB replica set for high availability or not
enabled: false
useHostnames: true
## Name of the replica set
##
name: rs0
## Key used for replica set authentication
##
# key: key
## Number of replicas per each node type
##
replicas:
secondary: 1
arbiter: 1
## Pod Disruption Budget
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
pdb:
enabled: true
minAvailable:
primary: 1
secondary: 1
arbiter: 1
# maxUnavailable:
# primary: 1
# secondary: 1
# arbiter: 1
# Annotations to be added to the deployment or statefulsets
annotations: {}
# Additional labels to apply to the deployment or statefulsets
labels: {}
# Annotations to be added to MongoDB pods
podAnnotations: {}
# Additional pod labels to apply
podLabels: {}
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# Define separate resources per arbiter, which are less then primary or secondary
# used only when replica set is enabled
resourcesArbiter: {}
# limits:
# cpu: 500m
# memory: 512Mi
# requests:
# cpu: 100m
# memory: 256Mi
## Pod priority
## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
# priorityClassName: ""
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
## Affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
# Define separate affinity for arbiter pod
affinityArbiter: {}
## Tolerations
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
## updateStrategy for MongoDB Primary, Secondary and Arbitrer statefulsets
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
updateStrategy:
type: RollingUpdate
## Add sidecars to the pod
##
## For example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
sidecars: []
## Array to add extra volumes
##
extraVolumes: []
## Array to add extra mounts (normally used with extraVolumes)
##
extraVolumeMounts: []
## Add sidecars to the arbiter pod
# used only when replica set is enabled
##
## For example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
sidecarsArbiter: []
## Array to add extra volumes to the arbiter
# used only when replica set is enabled
##
extraVolumesArbiter: []
## Array to add extra mounts (normally used with extraVolumes) to the arbiter
# used only when replica set is enabled
##
extraVolumeMountsArbiter: []
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
##
# existingClaim:
## The path the volume will be mounted at, useful when using different
## MongoDB images.
##
mountPath: /bitnami/mongodb
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
##
subPath: ""
## mongodb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
annotations: {}
## Configure the ingress resource that allows you to access the
## MongoDB installation. Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
## Set to true to enable ingress record generation
enabled: false
## Set this to true in order to add the corresponding annotations for cert-manager
certManager: false
## Ingress annotations done as key:value pairs
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
## The list of hostnames to be covered with this ingress record.
## Most likely this will be just one host, but in the event more hosts are needed, this is an array
hosts:
- name: mongodb.local
path: /
## The tls configuration for the ingress
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
tls:
- hosts:
- mongodb.local
secretName: mongodb.local-tls
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: airflow.local-tls
# key:
# certificate:
## Configure the options for init containers to be run before the main app containers
## are started. All init containers are run sequentially and must exit without errors
## for the next one to be started.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
# extraInitContainers: |
# - name: do-something
# image: busybox
# command: ['do', 'something']
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
# Define custom config map with init scripts
initConfigMap: {}
# name: "init-config-map"
## Entries for the MongoDB config file. For documentation of all options, see:
## http://docs.mongodb.org/manual/reference/configuration-options/
##
configmap:
# # where and how to store data.
# storage:
# dbPath: /bitnami/mongodb/data/db
# journal:
# enabled: true
# directoryPerDB: false
# # where to write logging data.
# systemLog:
# destination: file
# quiet: false
# logAppend: true
# logRotate: reopen
# path: /opt/bitnami/mongodb/logs/mongodb.log
# verbosity: 0
# # network interfaces
# net:
# port: 27017
# unixDomainSocket:
# enabled: true
# pathPrefix: /opt/bitnami/mongodb/tmp
# ipv6: false
# bindIpAll: true
# # replica set options
# #replication:
# #replSetName: replicaset
# #enableMajorityReadConcern: true
# # process management options
# processManagement:
# fork: false
# pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid
# # set parameter options
# setParameter:
# enableLocalhostAuthBypass: true
# # security options
# security:
# authorization: disabled
# #keyFile: /opt/bitnami/mongodb/conf/keyfile
## Prometheus Exporter / Metrics
##
metrics:
enabled: false
image:
registry: docker.io
repository: bitnami/mongodb-exporter
tag: 0.10.0-debian-10-r79
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## String with extra arguments to the metrics exporter
## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go
extraArgs: ""
## Metrics exporter resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
# resources: {}
## Metrics exporter liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
enabled: false
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
## Metrics exporter pod Annotation
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9216"
## Prometheus Service Monitor
## ref: https://github.com/coreos/prometheus-operator
## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
serviceMonitor:
## If the operator is installed in your cluster, set to true to create a Service Monitor Entry
enabled: false
## Specify a namespace if needed
# namespace: monitoring
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
additionalLabels: {}
## Specify Metric Relabellings to add to the scrape endpoint
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
# relabellings:
alerting:
## Define individual alerting rules as required
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup
## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
rules: {}
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Prometheus Rules to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
additionalLabels: {}

6
mongodb/requirements.lock
View File

@@ -1,6 +0,0 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 0.8.1
digest: sha256:ad106a61ddcf8b78033635f756554bda2de59183ca30ef9b6642a392eb832c3a
generated: "2020-10-12T00:00:59.94799946Z"

6
mongodb/requirements.yaml
View File

@@ -1,6 +0,0 @@
dependencies:
- name: common
version: 0.x.x
repository: https://charts.bitnami.com/bitnami
tags:
- bitnami-common

193
mongodb/templates/NOTES.txt
View File

@@ -1,193 +0,0 @@
{{- $replicaCount := int .Values.replicaCount }}
{{- $portNumber := int .Values.service.port }}
{{- $fullname := include "mongodb.fullname" . }}
{{- $releaseNamespace := include "mongodb.namespace" . }}
{{- $clusterDomain := .Values.clusterDomain }}
{{- $loadBalancerIPListLength := len .Values.externalAccess.service.loadBalancerIPs }}
{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $loadBalancerIPListLength )) (eq .Values.externalAccess.service.type "LoadBalancer") }}
###############################################################################
### ERROR: You enabled external access to MongoDB nodes without specifying ###
### the array of load balancer IPs for MongoDB nodes. ###
###############################################################################
This deployment will be incomplete until you configure the array of load balancer
IPs for MongoDB nodes. To complete your deployment follow the steps below:
1. Wait for the load balancer IPs (it may take a few minutes for them to be available):
kubectl get svc --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "mongodb.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=mongodb" -w
2. Obtain the load balancer IPs and upgrade your chart:
{{- range $e, $i := until $replicaCount }}
LOAD_BALANCER_IP_{{ add $i 1 }}="$(kubectl get svc --namespace {{ $releaseNamespace }} {{ $fullname }}-{{ $i }}-external -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
{{- end }}
3. Upgrade you chart:
helm upgrade {{ .Release.Name }} bitnami/{{ .Chart.Name }} \
--set mongodb.replicaCount={{ $replicaCount }} \
--set mongodb.externalAccess.enabled=true \
{{- range $i, $e := until $replicaCount }}
--set mongodb.externalAccess.service.loadBalancerIPs[{{ $i }}]=$LOAD_BALANCER_IP_{{ add $i 1 }} \
{{- end }}
--set mongodb.externalAccess.service.type=LoadBalancer
{{- else }}
{{- if and (or (and (eq .Values.architecture "standalone") (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort"))) (and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled)) (not .Values.auth.enabled) }}
-------------------------------------------------------------------------------
WARNING
By not enabling "mongodb.auth.enabled" you have most likely exposed the
MongoDB service externally without any authentication mechanism.
For security reasons, we strongly suggest that you enable authentiation
setting the "mongodb.auth.enabled" parameter to "true".
-------------------------------------------------------------------------------
{{- end }}
** Please be patient while the chart is being deployed **
MongoDB can be accessed via port {{ .Values.service.port }} on the following DNS name(s) from within your cluster:
{{- if eq .Values.architecture "replicaset" }}
{{ range $e, $i := until $replicaCount }}
{{- $fullname }}-{{ $i }}.{{ $fullname }}-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}
{{ end }}
{{- else }}
{{ $fullname }}.{{ $releaseNamespace }}.svc.{{ .Values.clusterDomain }}
{{- end }}
{{- if .Values.auth.enabled }}
To get the root password run:
export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace {{ template "mongodb.namespace" . }} {{ template "mongodb.fullname" . }} -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)
{{- end }}
{{- if and .Values.auth.username .Values.auth.database .Values.auth.password }}
To get the password for "{{ .Values.auth.username }}" run:
export MONGODB_PASSWORD=$(kubectl get secret --namespace {{ template "mongodb.namespace" . }} {{ template "mongodb.fullname" . }} -o jsonpath="{.data.mongodb-password}" | base64 --decode)
{{- end }}
To connect to your database, create a MongoDB client container:
kubectl run --namespace {{ template "mongodb.namespace" . }} {{ template "mongodb.fullname" . }}-client --rm --tty -i --restart='Never' --image {{ template "mongodb.image" . }} --command -- bash
Then, run the following command:
{{- if eq .Values.architecture "replicaset" }}
mongo admin --host "{{- range $e, $i := until $replicaCount }}{{ $fullname }}-{{ $i }}.{{ $fullname }}-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }},{{ end }}" {{- if .Values.auth.enabled }} --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- else }}
mongo admin --host "{{ template "mongodb.fullname" . }}" {{- if .Values.auth.enabled }} --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- end }}
{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled }}
To connect to your database nodes from outside, you need to add both primary and secondary nodes hostnames/IPs to your Mongo client. To obtain them, follow the instructions below:
{{- if eq "NodePort" .Values.externalAccess.service.type }}
{{- if .Values.externalAccess.service.domain }}
MongoDB nodes domain: Use your provided hostname to reach MongoDB nodes, {{ .Values.externalAccess.service.domain }}
{{- else }}
MongoDB nodes domain: you can reach MongoDB nodes on any of the K8s nodes external IPs.
kubectl get nodes -o wide
{{- end }}
MongoDB nodes port: You will have a different node port for each MongoDB node. You can get the list of configured node ports using the command below:
echo "$(kubectl get svc --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "mongodb.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=mongodb,pod" -o jsonpath='{.items[*].spec.ports[0].nodePort}' | tr ' ' '\n')"
{{- else if contains "LoadBalancer" .Values.externalAccess.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IPs to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "mongodb.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=mongodb,pod" -w'
MongoDB nodes domain: You will have a different external IP for each MongoDB node. You can get the list of external IPs using the command below:
echo "$(kubectl get svc --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "mongodb.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=mongodb,pod" -o jsonpath='{.items[*].status.loadBalancer.ingress[0].ip}' | tr ' ' '\n')"
MongoDB nodes port: {{ .Values.externalAccess.service.port }}
{{- end }}
{{- else if eq .Values.architecture "standalone" }}
To connect to your database from outside the cluster execute the following commands:
{{- if contains "NodePort" .Values.service.type }}
export NODE_IP=$(kubectl get nodes --namespace {{ template "mongodb.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
export NODE_PORT=$(kubectl get --namespace {{ template "mongodb.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "mongodb.fullname" . }})
mongo --host $NODE_IP --port $NODE_PORT {{- if .Values.auth.enabled }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ template "mongodb.namespace" . }} -w {{ template "mongodb.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ template "mongodb.namespace" . }} {{ template "mongodb.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
mongo --host $SERVICE_IP --port {{ .Values.service.port }} {{- if .Values.auth.enabled }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- else if contains "ClusterIP" .Values.service.type }}
kubectl port-forward --namespace {{ template "mongodb.namespace" . }} svc/{{ template "mongodb.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} &
mongo --host 127.0.0.1 {{- if .Values.auth.enabled }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.metrics.enabled }}
To access the MongoDB Prometheus metrics, get the MongoDB Prometheus URL by running:
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "mongodb.fullname" . }}-metrics {{ .Values.metrics.service.port }}:{{ .Values.metrics.service.port }} &
echo "Prometheus Metrics URL: http://127.0.0.1:{{ .Values.metrics.service.port }}/metrics"
Then, open the obtained URL in a browser.
{{- end }}
{{- include "common.warnings.rollingTag" .Values.image }}
{{- include "common.warnings.rollingTag" .Values.metrics.image }}
{{- include "common.warnings.rollingTag" .Values.externalAccess.autoDiscovery.image }}
{{- include "mongodb.validateValues" . }}
{{- $secretName := include "mongodb.fullname" . -}}
{{- $requiredPasswords := list -}}
{{- if and .Values.auth.enabled (not .Values.auth.existingSecret) }}
{{- $requiredRootPassword := dict "valueKey" "auth.rootPassword" "secret" $secretName "field" "mongodb-root-password" "context" $ -}}
{{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}}
{{- if and .Values.auth.username .Values.auth.database }}
{{- $requiredDBPassword := dict "valueKey" "auth.password" "secret" $secretName "field" "mongodb-password" "context" $ -}}
{{- $requiredPasswords = append $requiredPasswords $requiredDBPassword -}}
{{- end -}}
{{- if eq .Values.architecture "replicaset" }}
{{- $requiredReplicaSetKey := dict "valueKey" "auth.replicaSetKey" "secret" $secretName "field" "mongodb-replica-set-key" "context" $ -}}
{{- $requiredPasswords = append $requiredPasswords $requiredReplicaSetKey -}}
{{- end -}}
{{- $requiredPasswordValidationErrors := include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" $) -}}
{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $requiredPasswordValidationErrors) "context" $) -}}
{{- end }}

266
mongodb/templates/_helpers.tpl
View File

@@ -1,266 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mongodb.name" -}}
{{- include "common.names.name" . -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "mongodb.fullname" -}}
{{- include "common.names.fullname" . -}}
{{- end -}}
{{/*
Return the proper MongoDB image name
*/}}
{{- define "mongodb.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }}
{{- end -}}
{{/*
Return the proper image name (for the metrics image)
*/}}
{{- define "mongodb.metrics.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }}
{{- end -}}
{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "mongodb.volumePermissions.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }}
{{- end -}}
{{/*
Return the proper image name (for the init container auto-discovery image)
*/}}
{{- define "mongodb.externalAccess.autoDiscovery.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.externalAccess.autoDiscovery.image "global" .Values.global) }}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "mongodb.imagePullSecrets" -}}
{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) }}
{{- end -}}
{{/*
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
*/}}
{{- define "mongodb.namespace" -}}
{{- if .Values.global -}}
{{- if .Values.global.namespaceOverride }}
{{- .Values.global.namespaceOverride -}}
{{- else -}}
{{- .Release.Namespace -}}
{{- end -}}
{{- else -}}
{{- .Release.Namespace -}}
{{- end }}
{{- end -}}
{{- define "mongodb.serviceMonitor.namespace" -}}
{{- if .Values.metrics.serviceMonitor.namespace -}}
{{- .Values.metrics.serviceMonitor.namespace -}}
{{- else -}}
{{- include "mongodb.namespace" . -}}
{{- end }}
{{- end -}}
{{- define "mongodb.prometheusRule.namespace" -}}
{{- if .Values.metrics.prometheusRule.namespace -}}
{{- .Values.metrics.prometheusRule.namespace -}}
{{- else -}}
{{- include "mongodb.namespace" . -}}
{{- end }}
{{- end -}}
{{/*
Returns the proper service account name depending if an explicit service account name is set
in the values file. If the name is not set it will default to either mongodb.fullname if serviceAccount.create
is true or default otherwise.
*/}}
{{- define "mongodb.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "mongodb.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Return the configmap with the MongoDB configuration
*/}}
{{- define "mongodb.configmapName" -}}
{{- if .Values.existingConfigmap -}}
{{- printf "%s" (tpl .Values.existingConfigmap $) -}}
{{- else -}}
{{- printf "%s" (include "mongodb.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a configmap object should be created for MongoDB
*/}}
{{- define "mongodb.createConfigmap" -}}
{{- if and .Values.configuration (not .Values.existingConfigmap) }}
{{- true -}}
{{- else -}}
{{- end -}}
{{- end -}}
{{/*
Return the secret with MongoDB credentials
*/}}
{{- define "mongodb.secretName" -}}
{{- if .Values.auth.existingSecret -}}
{{- printf "%s" .Values.auth.existingSecret -}}
{{- else -}}
{{- printf "%s" (include "mongodb.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a secret object should be created for MongoDB
*/}}
{{- define "mongodb.createSecret" -}}
{{- if and .Values.auth.enabled (not .Values.auth.existingSecret) }}
{{- true -}}
{{- else -}}
{{- end -}}
{{- end -}}
{{/*
Get the initialization scripts ConfigMap name.
*/}}
{{- define "mongodb.initdbScriptsCM" -}}
{{- if .Values.initdbScriptsConfigMap -}}
{{- printf "%s" .Values.initdbScriptsConfigMap -}}
{{- else -}}
{{- printf "%s-init-scripts" (include "mongodb.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if the Arbiter should be deployed
*/}}
{{- define "mongodb.arbiter.enabled" -}}
{{- if and (eq .Values.architecture "replicaset") .Values.arbiter.enabled }}
{{- true -}}
{{- else -}}
{{- end -}}
{{- end -}}
{{/*
Return the configmap with the MongoDB configuration for the Arbiter
*/}}
{{- define "mongodb.arbiter.configmapName" -}}
{{- if .Values.arbiter.existingConfigmap -}}
{{- printf "%s" (tpl .Values.arbiter.existingConfigmap $) -}}
{{- else -}}
{{- printf "%s-arbiter" (include "mongodb.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a configmap object should be created for MongoDB Arbiter
*/}}
{{- define "mongodb.arbiter.createConfigmap" -}}
{{- if and (eq .Values.architecture "replicaset") .Values.arbiter.enabled .Values.arbiter.configuration (not .Values.arbiter.existingConfigmap) }}
{{- true -}}
{{- else -}}
{{- end -}}
{{- end -}}
{{/*
Compile all warnings into a single message, and call fail.
*/}}
{{- define "mongodb.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "mongodb.validateValues.architecture" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.customDatabase" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.externalAccessServiceType" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.loadBalancerIPsListLength" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.nodePortListLength" .) -}}
{{- $messages := append $messages (include "mongodb.validateValues.externalAccessAutoDiscoveryRBAC" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}
{{/* Validate values of MongoDB - must provide a valid architecture */}}
{{- define "mongodb.validateValues.architecture" -}}
{{- if and (ne .Values.architecture "standalone") (ne .Values.architecture "replicaset") -}}
mongodb: architecture
Invalid architecture selected. Valid values are "standalone" and
"replicaset". Please set a valid architecture (--set mongodb.architecture="xxxx")
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB - both auth.username and auth.database are necessary
to create a custom user and database during 1st initialization
*/}}
{{- define "mongodb.validateValues.customDatabase" -}}
{{- if or (and .Values.auth.username (not .Values.auth.database)) (and (not .Values.auth.username) .Values.auth.database) }}
mongodb: auth.username, auth.database
Both auth.username and auth.database must be provided to create
a custom user and database during 1st initialization.
Please set both of them (--set auth.username="xxxx",auth.database="yyyy")
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB - service type for external access
*/}}
{{- define "mongodb.validateValues.externalAccessServiceType" -}}
{{- if and (eq .Values.architecture "replicaset") (not (eq .Values.externalAccess.service.type "NodePort")) (not (eq .Values.externalAccess.service.type "LoadBalancer")) -}}
mongodb: externalAccess.service.type
Available servive type for external access are NodePort or LoadBalancer.
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB - number of replicas must be the same than LoadBalancer IPs list
*/}}
{{- define "mongodb.validateValues.loadBalancerIPsListLength" -}}
{{- $replicaCount := int .Values.replicaCount }}
{{- $loadBalancerListLength := len .Values.externalAccess.service.loadBalancerIPs }}
{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled ) (eq .Values.externalAccess.service.type "LoadBalancer") (not (eq $replicaCount $loadBalancerListLength )) -}}
mongodb: .Values.externalAccess.service.loadBalancerIPs
Number of replicas and loadBalancerIPs array length must be the same.
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB - number of replicas must be the same than NodePort list
*/}}
{{- define "mongodb.validateValues.nodePortListLength" -}}
{{- $replicaCount := int .Values.replicaCount }}
{{- $nodePortListLength := len .Values.externalAccess.service.nodePorts }}
{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled (eq .Values.externalAccess.service.type "NodePort") (not (eq $replicaCount $nodePortListLength )) -}}
mongodb: .Values.externalAccess.service.nodePorts
Number of replicas and nodePorts array length must be the same.
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB - RBAC should be enabled when autoDiscovery is enabled
*/}}
{{- define "mongodb.validateValues.externalAccessAutoDiscoveryRBAC" -}}
{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (not .Values.rbac.create )}}
mongodb: rbac.create
By specifying "externalAccess.enabled=true" and "externalAccess.autoDiscovery.enabled=true"
an initContainer will be used to autodetect the external IPs/ports by querying the
K8s API. Please note this initContainer requires specific RBAC resources. You can create them
by specifying "--set rbac.create=true".
{{- end -}}
{{- end -}}

12
mongodb/templates/arbiter/configmap.yaml
View File

@@ -1,12 +0,0 @@
{{- if (include "mongodb.arbiter.createConfigmap" .) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "mongodb.fullname" . }}-arbiter
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: arbiter
data:
mongodb.conf: |-
{{- include "common.tplvalues.render" (dict "value" .Values.arbiter.configuration "context" $) | nindent 4 }}
{{- end }}

21
mongodb/templates/arbiter/headless-svc.yaml
View File

@@ -1,21 +0,0 @@
{{- if (include "mongodb.arbiter.enabled" .) }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mongodb.fullname" . }}-arbiter-headless
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: arbiter
{{- if .Values.service.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
type: ClusterIP
clusterIP: None
ports:
- name: tcp-mongodb
port: {{ .Values.service.port }}
targetPort: mongodb
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: arbiter
{{- end }}

19
mongodb/templates/arbiter/pdb.yaml
View File

@@ -1,19 +0,0 @@
{{- if and (include "mongodb.arbiter.enabled" .) .Values.arbiter.pdb.create }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ include "mongodb.fullname" . }}-arbiter
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: arbiter
spec:
{{- if .Values.arbiter.pdb.minAvailable }}
minAvailable: {{ .Values.arbiter.pdb.minAvailable }}
{{- end }}
{{- if .Values.arbiter.pdb.maxUnavailable }}
maxUnavailable: {{ .Values.arbiter.pdb.maxUnavailable }}
{{- end }}
selector:
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: arbiter
{{- end }}

181
mongodb/templates/arbiter/statefulset.yaml
View File

@@ -1,181 +0,0 @@
{{- if (include "mongodb.arbiter.enabled" .) }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "mongodb.fullname" . }}-arbiter
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: arbiter
{{- if .Values.arbiter.labels }}
{{- include "common.tplvalues.render" (dict "value" .Values.arbiter.labels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.arbiter.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
serviceName: {{ include "mongodb.fullname" . }}-arbiter-headless
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: arbiter
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: arbiter
{{- if .Values.arbiter.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.arbiter.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if or (include "mongodb.arbiter.createConfigmap" .) .Values.arbiter.podAnnotations }}
annotations:
{{- if (include "mongodb.arbiter.createConfigmap" .) }}
checksum/configuration: {{ include (print $.Template.BasePath "/arbiter/configmap.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.arbiter.podAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.arbiter.podAnnotations "context" $) | nindent 8 }}
{{- end }}
{{- end }}
spec:
{{- include "mongodb.imagePullSecrets" . | nindent 6 }}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
{{- if .Values.arbiter.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.affinity "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.arbiter.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.nodeSelector "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.arbiter.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.tolerations "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.arbiter.priorityClassName }}
priorityClassName: {{ .Values.arbiter.priorityClassName }}
{{- end }}
{{- if .Values.arbiter.podSecurityContext.enabled }}
securityContext: {{- omit .Values.arbiter.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
{{- if .Values.arbiter.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.initContainers "context" $) | nindent 8 }}
{{- end }}
containers:
- name: mongodb-arbiter
image: {{ include "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.arbiter.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.arbiter.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.arbiter.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.command "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.arbiter.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.args "context" $) | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: K8S_SERVICE_NAME
value: "{{ include "mongodb.fullname" . }}-arbiter-headless"
- name: MONGODB_REPLICA_SET_MODE
value: "arbiter"
- name: MONGODB_INITIAL_PRIMARY_HOST
value: "{{ include "mongodb.fullname" . }}-0.{{ include "mongodb.fullname" . }}-headless.$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
- name: MONGODB_REPLICA_SET_NAME
value: {{ .Values.replicaSetName | quote }}
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
{{- if .Values.auth.enabled }}
- name: MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
- name: MONGODB_REPLICA_SET_KEY
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-replica-set-key
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
{{- if .Values.arbiter.extraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ .Values.arbiter.extraFlags | join " " | quote }}
{{- end }}
{{- if .Values.arbiter.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.arbiter.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.arbiter.extraEnvVarsCM .Values.arbiter.extraEnvVarsSecret }}
envFrom:
{{- if .Values.arbiter.extraEnvVarsCM }}
- configMapRef:
name: {{ tpl .Values.arbiter.extraEnvVarsCM . | quote }}
{{- end }}
{{- if .Values.arbiter.extraEnvVarsSecret }}
- secretRef:
name: {{ tpl .Values.arbiter.extraEnvVarsSecret . | quote }}
{{- end }}
{{- end }}
ports:
- containerPort: 27017
name: mongodb
{{- if .Values.arbiter.livenessProbe.enabled }}
livenessProbe:
tcpSocket:
port: mongodb
initialDelaySeconds: {{ .Values.arbiter.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.arbiter.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.arbiter.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.arbiter.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.arbiter.livenessProbe.failureThreshold }}
{{- else if .Values.arbiter.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.arbiter.readinessProbe.enabled }}
readinessProbe:
tcpSocket:
port: mongodb
initialDelaySeconds: {{ .Values.arbiter.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.arbiter.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.arbiter.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.arbiter.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.arbiter.readinessProbe.failureThreshold }}
{{- else if .Values.arbiter.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.arbiter.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.arbiter.resources }}
resources: {{- toYaml .Values.arbiter.resources | nindent 12 }}
{{- end }}
{{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap .Values.arbiter.extraVolumeMounts }}
volumeMounts:
{{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
subPath: mongodb.conf
{{- end }}
{{- if .Values.arbiter.extraVolumeMounts }}
{{- toYaml .Values.arbiter.extraVolumeMounts | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.arbiter.sidecars }}
{{- include "common.tplvalues.render" (dict "value" .Values.arbiter.sidecars "context" $) | nindent 8 }}
{{- end }}
{{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap .Values.arbiter.extraVolumes }}
volumes:
{{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap }}
- name: config
configMap:
name: {{ include "mongodb.arbiter.configmapName" . }}
{{- end }}
{{- if .Values.arbiter.extraVolumes }}
{{- toYaml .Values.arbiter.extraVolumes | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}

12
mongodb/templates/configmap.yaml
View File

@@ -1,12 +0,0 @@
{{- if (include "mongodb.createConfigmap" .) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
data:
mongodb.conf: |-
{{- include "common.tplvalues.render" (dict "value" .Values.configuration "context" $) | nindent 4 }}
{{- end }}

11
mongodb/templates/initialization-configmap.yaml
View File

@@ -1,11 +0,0 @@
{{- if and .Values.initdbScripts (not .Values.initdbScriptsConfigMap) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "mongodb.fullname" . }}-init-scripts
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
data:
{{- include "common.tplvalues.render" (dict "value" .Values.initdbScripts "context" .) | nindent 2 }}
{{- end }}

21
mongodb/templates/metrics-svc.yaml
View File

@@ -1,21 +0,0 @@
{{- if .Values.metrics.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mongodb.fullname" . }}-metrics
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: metrics
{{- if .Values.metrics.service.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.metrics.service.type }}
ports:
- port: {{ .Values.metrics.service.port }}
targetPort: metrics
protocol: TCP
name: http-metrics
selector: {{- include "common.labels.matchLabels" $ | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- end }}

14
mongodb/templates/prometheusrule.yaml
View File

@@ -1,14 +0,0 @@
{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.prometheusRule.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.metrics.prometheusRule.additionalLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.additionalLabels "context" $) | nindent 4 }}
{{- end }}
spec:
groups:
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.rules "context" $) | nindent 4 }}
{{- end }}

45
mongodb/templates/replicaset/external-access-svc.yaml
View File

@@ -1,45 +0,0 @@
{{- if and (eq .Values.architecture "replicaset") .Values.externalAccess.enabled }}
{{- $fullName := include "mongodb.fullname" . }}
{{- $replicaCount := .Values.replicaCount | int }}
{{- $root := . }}
{{- range $i, $e := until $replicaCount }}
{{- $targetPod := printf "%s-%d" (printf "%s" $fullName) $i }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ $fullName }}-{{ $i }}-external
namespace: {{ include "mongodb.namespace" $ }}
labels: {{- include "common.labels.standard" $ | nindent 4 }}
app.kubernetes.io/component: mongodb
pod: {{ $targetPod }}
{{- if $root.Values.externalAccess.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" $root.Values.externalAccess.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
type: {{ $root.Values.externalAccess.service.type }}
{{- if eq $root.Values.externalAccess.service.type "LoadBalancer" }}
{{- if not (empty $root.Values.externalAccess.service.loadBalancerIPs) }}
loadBalancerIP: {{ index $root.Values.externalAccess.service.loadBalancerIPs $i }}
{{- end }}
{{- if $root.Values.externalAccess.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml $root.Values.externalAccess.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
{{- end }}
publishNotReadyAddresses: true
ports:
- name: {{ $root.Values.service.portName }}
port: {{ $root.Values.externalAccess.service.port }}
{{- if not (empty $root.Values.externalAccess.service.nodePorts) }}
nodePort: {{ index $root.Values.externalAccess.service.nodePorts $i }}
{{- else }}
nodePort: null
{{- end }}
targetPort: mongodb
selector: {{- include "common.labels.matchLabels" $ | nindent 4 }}
app.kubernetes.io/component: mongodb
statefulset.kubernetes.io/pod-name: {{ $targetPod }}
---
{{- end }}
{{- end }}

22
mongodb/templates/replicaset/headless-svc.yaml
View File

@@ -1,22 +0,0 @@
{{- if eq .Values.architecture "replicaset" }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mongodb.fullname" . }}-headless
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- if .Values.service.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: {{ .Values.service.portName }}
port: {{ .Values.service.port }}
targetPort: mongodb
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- end }}

19
mongodb/templates/replicaset/pdb.yaml
View File

@@ -1,19 +0,0 @@
{{- if and (eq .Values.architecture "replicaset") .Values.pdb.create }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
spec:
{{- if .Values.pdb.minAvailable }}
minAvailable: {{ .Values.pdb.minAvailable }}
{{- end }}
{{- if .Values.pdb.maxUnavailable }}
maxUnavailable: {{ .Values.pdb.maxUnavailable }}
{{- end }}
selector:
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: mongodb
{{- end }}

88
mongodb/templates/replicaset/scripts-configmap.yaml
View File

@@ -1,88 +0,0 @@
{{- if eq .Values.architecture "replicaset" }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "mongodb.fullname" . }}-scripts
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
data:
{{- $fullname := include "mongodb.fullname" . }}
{{- $releaseNamespace := include "mongodb.namespace" . }}
{{- if and .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
auto-discovery.sh: |-
#!/bin/bash
SVC_NAME="${MY_POD_NAME}-external"
# Auxiliar functions
retry_while() {
local -r cmd="${1:?cmd is missing}"
local -r retries="${2:-12}"
local -r sleep_time="${3:-5}"
local return_value=1
read -r -a command <<< "$cmd"
for ((i = 1 ; i <= retries ; i+=1 )); do
"${command[@]}" && return_value=0 && break
sleep "$sleep_time"
done
return $return_value
}
k8s_svc_lb_ip() {
local namespace=${1:?namespace is missing}
local service=${2:?service is missing}
local service_ip=$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.status.loadBalancer.ingress[0].ip}")
local service_hostname=$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.status.loadBalancer.ingress[0].hostname}")
if [[ -n ${service_ip} ]]; then
echo "${service_ip}"
else
echo "${service_hostname}"
fi
}
k8s_svc_lb_ip_ready() {
local namespace=${1:?namespace is missing}
local service=${2:?service is missing}
[[ -n "$(k8s_svc_lb_ip "$namespace" "$service")" ]]
}
# Wait until LoadBalancer IP is ready
retry_while "k8s_svc_lb_ip_ready {{ $releaseNamespace }} $SVC_NAME" || exit 1
# Obtain LoadBalancer external IP
k8s_svc_lb_ip "{{ $releaseNamespace }}" "$SVC_NAME" | tee "$SHARED_FILE"
{{- end }}
setup.sh: |-
#!/bin/bash
{{- if .Values.externalAccess.enabled }}
{{- if eq .Values.externalAccess.service.type "LoadBalancer" }}
{{- if .Values.externalAccess.autoDiscovery.enabled }}
export MONGODB_ADVERTISED_HOSTNAME="$(<${SHARED_FILE})"
{{- else }}
ID="${MY_POD_NAME#"{{ $fullname }}-"}"
export MONGODB_ADVERTISED_HOSTNAME=$(echo '{{ .Values.externalAccess.service.loadBalancerIPs }}' | tr -d '[]' | cut -d ' ' -f "$(($ID + 1))")
{{- end }}
{{- else if eq .Values.externalAccess.service.type "NodePort" }}
{{- if .Values.externalAccess.service.domain }}
export MONGODB_ADVERTISED_HOSTNAME={{ .Values.externalAccess.service.domain }}
{{- else }}
export MONGODB_ADVERTISED_HOSTNAME=$(curl -s https://ipinfo.io/ip)
{{- end }}
{{- end }}
{{- end }}
echo "Advertised Hostname: $MONGODB_ADVERTISED_HOSTNAME"
if [[ "$MY_POD_NAME" = "{{ $fullname }}-0" ]]; then
echo "Pod name matches initial primary pod name, configuring node as a primary"
export MONGODB_REPLICA_SET_MODE="primary"
else
echo "Pod name doesn't match initial primary pod name, configuring node as a secondary"
export MONGODB_REPLICA_SET_MODE="secondary"
export MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD="$MONGODB_ROOT_PASSWORD"
export MONGODB_INITIAL_PRIMARY_PORT_NUMBER="$MONGODB_PORT_NUMBER"
export MONGODB_ROOT_PASSWORD="" MONGODB_USERNAME="" MONGODB_DATABASE="" MONGODB_PASSWORD=""
fi
exec /opt/bitnami/scripts/mongodb/entrypoint.sh /opt/bitnami/scripts/mongodb/run.sh
{{- end }}

375
mongodb/templates/replicaset/statefulset.yaml
View File

@@ -1,375 +0,0 @@
{{- if eq .Values.architecture "replicaset" }}
{{- $replicaCount := int .Values.replicaCount }}
{{- $loadBalancerIPListLength := len .Values.externalAccess.service.loadBalancerIPs }}
{{- if not (and .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (not (eq $replicaCount $loadBalancerIPListLength )) (eq .Values.externalAccess.service.type "LoadBalancer")) }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- if .Values.labels }}
{{- include "common.tplvalues.render" (dict "value" .Values.labels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
serviceName: {{ include "mongodb.fullname" . }}-headless
podManagementPolicy: {{ .Values.podManagementPolicy }}
replicas: {{ .Values.replicaCount }}
updateStrategy:
type: {{ .Values.strategyType }}
{{- if (eq "OnDelete" .Values.strategyType) }}
rollingUpdate: null
{{- end }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: mongodb
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: mongodb
{{- if .Values.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if or (include "mongodb.createConfigmap" .) .Values.podAnnotations }}
annotations:
{{- if (include "mongodb.createConfigmap" .) }}
checksum/configuration: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.podAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
{{- end }}
{{- end }}
spec:
{{- include "mongodb.imagePullSecrets" . | nindent 6 }}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
{{- if .Values.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.podSecurityContext.enabled }}
securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
{{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) (and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled) }}
initContainers:
{{- if .Values.initContainers }}
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ include "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
- -ec
args:
- |
mkdir -p {{ .Values.persistence.mountPath }}
{{- if and .Values.podSecurityContext.enabled .Values.containerSecurityContext.enabled }}
chown -R "{{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}" "{{ .Values.persistence.mountPath }}"
{{- end }}
{{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
{{- else }}
securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
{{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
- name: auto-discovery
image: {{ include "mongodb.externalAccess.autoDiscovery.image" . }}
imagePullPolicy: {{ .Values.externalAccess.autoDiscovery.image.pullPolicy | quote }}
command:
- /scripts/auto-discovery.sh
env:
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: SHARED_FILE
value: "/shared/info.txt"
{{- if .Values.externalAccess.autoDiscovery.resources }}
resources: {{- toYaml .Values.externalAccess.autoDiscovery.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: shared
mountPath: /shared
- name: scripts
mountPath: /scripts/auto-discovery.sh
subPath: auto-discovery.sh
{{- end }}
{{- end }}
containers:
- name: mongodb
image: {{ include "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }}
{{- else }}
command:
- /scripts/setup.sh
{{- end }}
{{- if .Values.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
{{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
- name: SHARED_FILE
value: "/shared/info.txt"
{{- end }}
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: K8S_SERVICE_NAME
value: "{{ include "mongodb.fullname" . }}-headless"
- name: MONGODB_INITIAL_PRIMARY_HOST
value: "{{ include "mongodb.fullname" . }}-0.$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
- name: MONGODB_REPLICA_SET_NAME
value: {{ .Values.replicaSetName | quote }}
{{- if and .Values.replicaSetHostnames (not .Values.externalAccess.enabled) }}
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.clusterDomain }}"
{{- end }}
{{- if .Values.auth.username }}
- name: MONGODB_USERNAME
value: {{ .Values.auth.username | quote }}
{{- end }}
{{- if .Values.auth.database }}
- name: MONGODB_DATABASE
value: {{ .Values.auth.database | quote }}
{{- end }}
{{- if .Values.auth.enabled }}
{{- if and .Values.auth.username .Values.auth.database }}
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-password
{{- end }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
- name: MONGODB_REPLICA_SET_KEY
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-replica-set-key
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.systemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
value: {{ ternary "yes" "no" .Values.disableSystemLog | quote }}
- name: MONGODB_ENABLE_IPV6
value: {{ ternary "yes" "no" .Values.enableIPv6 | quote }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
value: {{ ternary "yes" "no" .Values.directoryPerDB | quote }}
{{- if .Values.extraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ .Values.extraFlags | join " " | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret }}
envFrom:
{{- if .Values.extraEnvVarsCM }}
- configMapRef:
name: {{ tpl .Values.extraEnvVarsCM . | quote }}
{{- end }}
{{- if .Values.extraEnvVarsSecret }}
- secretRef:
name: {{ tpl .Values.extraEnvVarsSecret . | quote }}
{{- end }}
{{- end }}
ports:
- containerPort: 27017
name: mongodb
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- pgrep
- mongod
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- else if .Values.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- else if .Values.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.resources }}
resources: {{- toYaml .Values.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if or .Values.configuration .Values.existingConfigmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
subPath: mongodb.conf
{{- end }}
- name: scripts
mountPath: /scripts/setup.sh
subPath: setup.sh
{{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
- name: shared
mountPath: /shared
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
command:
- /bin/bash
- -ec
args:
- |
{{- if .Values.auth.enabled }}
/bin/mongodb_exporter --mongodb.uri mongodb://root:$(echo $MONGODB_ROOT_PASSWORD | sed -r "s/@/%40/g;s/:/%3A/g")@localhost:27017/admin{{ .Values.metrics.extraUri }} {{ .Values.metrics.extraFlags }}
{{- else }}
/bin/mongodb_exporter --mongodb.uri mongodb://localhost:27017/admin{{ .Values.metrics.extraUri }} {{ .Values.metrics.extraFlags }}
{{- end }}
env:
{{- if .Values.auth.enabled }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.sidecars }}
{{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }}
{{- end }}
volumes:
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
name: {{ template "mongodb.initdbScriptsCM" . }}
{{- end }}
{{- if or .Values.configuration .Values.existingConfigmap }}
- name: config
configMap:
name: {{ include "mongodb.configmapName" . }}
{{- end }}
{{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (eq .Values.externalAccess.service.type "LoadBalancer") }}
- name: shared
emptyDir: {}
{{- end }}
- name: scripts
configMap:
name: {{ include "mongodb.fullname" . }}-scripts
defaultMode: 0755
{{- if .Values.extraVolumes }}
{{- toYaml .Values.extraVolumes | nindent 8 }}
{{- end }}
{{- if not .Values.persistence.enabled }}
- name: datadir
emptyDir: {}
{{- else }}
volumeClaimTemplates:
- metadata:
name: datadir
{{- if .Values.persistence.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }}
{{- end }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) }}
{{- end }}
{{- end }}
{{- end }}

17
mongodb/templates/role.yaml
View File

@@ -1,17 +0,0 @@
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
{{- end }}

16
mongodb/templates/rolebinding.yaml
View File

@@ -1,16 +0,0 @@
{{- if and .Values.serviceAccount.create .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
roleRef:
kind: Role
name: {{ include "mongodb.fullname" . }}
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: {{ include "mongodb.serviceAccountName" . }}
namespace: {{ include "mongodb.namespace" . }}
{{- end }}

30
mongodb/templates/secrets.yaml
View File

@@ -1,30 +0,0 @@
{{- if (include "mongodb.createSecret" .) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ template "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
type: Opaque
data:
{{- if .Values.auth.rootPassword }}
mongodb-root-password: {{ .Values.auth.rootPassword | b64enc | quote }}
{{- else }}
mongodb-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- if and .Values.auth.username .Values.auth.database }}
{{- if .Values.auth.password }}
mongodb-password: {{ .Values.auth.password | b64enc | quote }}
{{- else }}
mongodb-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
{{- if eq .Values.architecture "replicaset" }}
{{- if .Values.auth.replicaSetKey }}
mongodb-replica-set-key: {{ .Values.auth.replicaSetKey | b64enc | quote }}
{{- else }}
mongodb-replica-set-key: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}

10
mongodb/templates/serviceaccount.yaml
View File

@@ -1,10 +0,0 @@
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "mongodb.serviceAccountName" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
secrets:
- name: {{ template "mongodb.fullname" . }}
{{- end }}

26
mongodb/templates/servicemonitor.yaml
View File

@@ -1,26 +0,0 @@
{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.serviceMonitor.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.metrics.serviceMonitor.additionalLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.additionalLabels "context" $) | nindent 4 }}
{{- end }}
spec:
endpoints:
- port: http-metrics
{{- if .Values.metrics.serviceMonitor.interval }}
interval: {{ .Values.metrics.serviceMonitor.interval }}
{{- end }}
{{- if .Values.metrics.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
{{- end }}
namespaceSelector:
matchNames:
- "{{ include "mongodb.namespace" . }}"
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: metrics
{{- end }}

313
mongodb/templates/standalone/dep-sts.yaml
View File

@@ -1,313 +0,0 @@
{{- if not (eq .Values.architecture "replicaset") }}
apiVersion: {{ if .Values.useStatefulSet }}apps/v1{{- else }}{{ include "common.capabilities.deployment.apiVersion" . }}{{- end }}
kind: {{ if .Values.useStatefulSet }}StatefulSet{{- else }}Deployment{{- end }}
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- if .Values.labels }}
{{- include "common.tplvalues.render" (dict "value" .Values.labels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
{{- if .Values.useStatefulSet }}
serviceName: {{ include "mongodb.fullname" . }}
updateStrategy:
{{- else }}
strategy:
{{- end }}
type: {{ .Values.strategyType }}
{{- if or (and (not .Values.useStatefulSet) (eq "Recreate" .Values.strategyType)) (and .Values.useStatefulSet (eq "OnDelete" .Values.strategyType)) }}
rollingUpdate: null
{{- end }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: mongodb
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: mongodb
{{- if .Values.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if or (include "mongodb.createConfigmap" .) .Values.podAnnotations }}
annotations:
{{- if (include "mongodb.createConfigmap" .) }}
checksum/configuration: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.podAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
{{- end }}
{{- end }}
spec:
{{- include "mongodb.imagePullSecrets" . | nindent 6 }}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
serviceAccountName: {{ template "mongodb.serviceAccountName" . }}
{{- if .Values.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.podSecurityContext.enabled }}
securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
{{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) }}
initContainers:
{{- if .Values.initContainers }}
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ include "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
- -ec
args:
- |
mkdir -p {{ .Values.persistence.mountPath }}
{{- if and .Values.podSecurityContext.enabled .Values.containerSecurityContext.enabled }}
chown -R "{{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}" "{{ .Values.persistence.mountPath }}"
{{- end }}
{{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
{{- else }}
securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
{{- end }}
containers:
- name: mongodb
image: {{ include "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
{{- if .Values.auth.username }}
- name: MONGODB_USERNAME
value: {{ .Values.auth.username | quote }}
{{- end }}
{{- if .Values.auth.database }}
- name: MONGODB_DATABASE
value: {{ .Values.auth.database | quote }}
{{- end }}
{{- if .Values.auth.enabled }}
{{- if and .Values.auth.username .Values.auth.database }}
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-password
{{- end }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
{{- end }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "no" "yes" .Values.auth.enabled | quote }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.systemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
value: {{ ternary "yes" "no" .Values.disableSystemLog | quote }}
- name: MONGODB_ENABLE_IPV6
value: {{ ternary "yes" "no" .Values.enableIPv6 | quote }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
value: {{ ternary "yes" "no" .Values.directoryPerDB | quote }}
{{- if .Values.extraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ .Values.extraFlags | join " " | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret }}
envFrom:
{{- if .Values.extraEnvVarsCM }}
- configMapRef:
name: {{ tpl .Values.extraEnvVarsCM . | quote }}
{{- end }}
{{- if .Values.extraEnvVarsSecret }}
- secretRef:
name: {{ tpl .Values.extraEnvVarsSecret . | quote }}
{{- end }}
{{- end }}
ports:
- name: mongodb
containerPort: 27017
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- pgrep
- mongod
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- else if .Values.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- else if .Values.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.resources }}
resources: {{- toYaml .Values.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if or .Values.configuration .Values.existingConfigmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
subPath: mongodb.conf
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
command:
- /bin/bash
- -ec
args:
- |
{{- if .Values.auth.enabled }}
/bin/mongodb_exporter --mongodb.uri mongodb://root:$(echo $MONGODB_ROOT_PASSWORD | sed -r "s/@/%40/g;s/:/%3A/g")@localhost:27017/admin{{ .Values.metrics.extraUri }} {{ .Values.metrics.extraFlags }}
{{- else }}
/bin/mongodb_exporter --mongodb.uri mongodb://localhost:27017/admin{{ .Values.metrics.extraUri }} {{ .Values.metrics.extraFlags }}
{{- end }}
env:
{{- if .Values.auth.enabled }}
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mongodb.secretName" . }}
key: mongodb-root-password
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.sidecars }}
{{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }}
{{- end }}
volumes:
{{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
name: {{ template "mongodb.initdbScriptsCM" . }}
{{- end }}
{{- if or .Values.configuration .Values.existingConfigmap }}
- name: config
configMap:
name: {{ include "mongodb.configmapName" . }}
{{- end }}
{{- if .Values.extraVolumes }}
{{- toYaml .Values.extraVolumes | nindent 8 }}
{{- end }}
{{- if not .Values.persistence.enabled }}
- name: datadir
emptyDir: {}
{{- else if .Values.persistence.existingClaim }}
- name: datadir
persistentVolumeClaim:
claimName: {{ printf "%s" (tpl .Values.persistence.existingClaim .) }}
{{- else if not .Values.useStatefulSet }}
- name: datadir
persistentVolumeClaim:
claimName: {{ template "mongodb.fullname" . }}
{{- else }}
volumeClaimTemplates:
- metadata:
name: datadir
{{- if .Values.persistence.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }}
{{- end }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) }}
{{- end }}
{{- end }}

18
mongodb/templates/standalone/pvc.yaml
View File

@@ -1,18 +0,0 @@
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (not (eq .Values.architecture "replicaset")) (not .Values.useStatefulSet) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) }}
{{- end }}

37
mongodb/templates/standalone/svc.yaml
View File

@@ -1,37 +0,0 @@
{{- if not (eq .Values.architecture "replicaset") }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mongodb.fullname" . }}
namespace: {{ include "mongodb.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- if .Values.service.annotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if .Values.service.externalIPs }}
externalIPs: {{ toYaml .Values.service.externalIPs | nindent 4 }}
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: {{ .Values.service.portName }}
port: {{ .Values.service.port }}
targetPort: mongodb
{{- if and (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
{{- else if eq .Values.service.type "ClusterIP" }}
nodePort: null
{{- end }}
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: mongodb
{{- end }}

908
mongodb/values-production.yaml
View File

@@ -1,908 +0,0 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
## Override the namespace for resource deployed by the chart, but can itself be overridden by the local namespaceOverride
# namespaceOverride: my-global-namespace
image:
## Bitnami MongoDB registry
##
registry: docker.io
## Bitnami MongoDB image name
##
repository: bitnami/mongodb
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
tag: 4.4.1-debian-10-r39
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns on Bitnami debugging in minideb-extras-base
## ref: https://github.com/bitnami/minideb-extras-base
debug: false
## String to partially override mongodb.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mongodb.fullname template
##
# fullnameOverride:
## Kubernetes Cluster Domain
##
clusterDomain: cluster.local
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## MongoDB architecture. Allowed values: standalone or replicaset
##
architecture: replicaset
## Use StatefulSet instead of Deployment when deploying standalone
##
useStatefulSet: false
## MongoDB Authentication parameters
##
auth:
## Enable authentication
## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
##
enabled: true
## MongoDB root password
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run
##
rootPassword: ""
## MongoDB custom user and database
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run
##
# username: username
# password: password
# database: database
## Key used for replica set authentication
## Ignored when mongodb.architecture=standalone
##
replicaSetKey: ""
## Existing secret with MongoDB credentials
## NOTE: When it's set the previous parameters are ignored.
##
# existingSecret: name-of-existing-secret
## Name of the replica set
## Ignored when mongodb.architecture=standalone
##
replicaSetName: rs0
## Enable DNS hostnames in the replica set config
## Ignored when mongodb.architecture=standalone
## Ignored when externalAccess.enabled=true
##
replicaSetHostnames: true
## Whether enable/disable IPv6 on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6
##
enableIPv6: false
## Whether enable/disable DirectoryPerDB on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb
##
directoryPerDB: false
## MongoDB System Log configuration
## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level
##
systemLogVerbosity: 0
disableSystemLog: false
## MongoDB configuration file for Primary and Secondary nodes. For documentation of all options, see:
## http://docs.mongodb.org/manual/reference/configuration-options/
## Example:
## configuration:
## # where and how to store data.
## storage:
## dbPath: /bitnami/mongodb/data/db
## journal:
## enabled: true
## directoryPerDB: false
## # where to write logging data
## systemLog:
## destination: file
## quiet: false
## logAppend: true
## logRotate: reopen
## path: /opt/bitnami/mongodb/logs/mongodb.log
## verbosity: 0
## # network interfaces
## net:
## port: 27017
## unixDomainSocket:
## enabled: true
## pathPrefix: /opt/bitnami/mongodb/tmp
## ipv6: false
## bindIpAll: true
## # replica set options
## #replication:
## #replSetName: replicaset
## #enableMajorityReadConcern: true
## # process management options
## processManagement:
## fork: false
## pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid
## # set parameter options
## setParameter:
## enableLocalhostAuthBypass: true
## # security options
## security:
## authorization: disabled
## #keyFile: /opt/bitnami/mongodb/conf/keyfile
##
configuration: ""
## ConfigMap with MongoDB configuration for Primary and Secondary nodes
## NOTE: When it's set the arbiter.configuration parameter is ignored
##
# existingConfigmap:
## initdb scripts
## Specify dictionary of scripts to be run at first boot
## Example:
## initdbScripts:
## my_init_script.sh: |
## #!/bin/bash
## echo "Do something."
initdbScripts: {}
## Existing ConfigMap with custom init scripts
##
# initdbScriptsConfigMap:
## Command and args for running the container (set to default if not set). Use array form
##
# command:
# args:
## Additional command line flags
## Example:
## extraFlags:
## - "--wiredTigerCacheSizeGB=2"
##
extraFlags: []
## Additional environment variables to set
## E.g:
## extraEnvVars:
## - name: FOO
## value: BAR
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
# extraEnvVarsCM:
## Secret with extra environment variables
##
# extraEnvVarsSecret:
## Annotations to be added to the MongoDB statefulset. Evaluated as a template.
##
annotations: {}
## Additional labels to be added to the MongoDB statefulset. Evaluated as a template.
##
labels: {}
## Number of MongoDB replicas to deploy.
## Ignored when mongodb.architecture=standalone
##
replicaCount: 4
## StrategyType for MongoDB statefulset
## It can be set to RollingUpdate or Recreate by default.
##
strategyType: RollingUpdate
## MongoDB should be initialized one by one when building the replicaset for the first time.
##
podManagementPolicy: OrderedReady
## Affinity for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Lables for MongoDB pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Annotations for MongoDB pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## MongoDB pods' priority.
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
# priorityClassName: ""
## MongoDB pods' Security Context.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
##
podSecurityContext:
enabled: true
fsGroup: 1001
## sysctl settings
## Example:
## sysctls:
## - name: net.core.somaxconn
## value: "10000"
##
sysctls: []
## MongoDB containers' Security Context (main and metrics container).
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
##
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
## MongoDB containers' resource requests and limits.
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## MongoDB pods' liveness and readiness probes. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Custom Liveness probes for MongoDB pods
##
customLivenessProbe: {}
## Custom Rediness probes MongoDB pods
##
customReadinessProbe: {}
## Add init containers to the MongoDB pods.
## Example:
## initContainers:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
initContainers: {}
## Add sidecars to the MongoDB pods.
## Example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
sidecars: {}
## extraVolumes and extraVolumeMounts allows you to mount other volumes on MongoDB pods
## Examples:
## extraVolumeMounts:
## - name: extras
## mountPath: /usr/share/extras
## readOnly: true
## extraVolumes:
## - name: extras
## emptyDir: {}
extraVolumeMounts: []
extraVolumes: []
## MongoDB Pod Disruption Budget configuration
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
##
pdb:
create: true
## Min number of pods that must still be available after the eviction
##
minAvailable: 1
## Max number of pods that can be unavailable after the eviction
##
# maxUnavailable: 1
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
## Ignored when mongodb.architecture=replicaset
##
# existingClaim:
## PV Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner.
##
# storageClass: "-"
## PV Access Mode
##
accessModes:
- ReadWriteOnce
## PVC size
##
size: 8Gi
## PVC annotations
##
annotations: {}
## The path the volume will be mounted at, useful when using different
## MongoDB images.
##
mountPath: /bitnami/mongodb
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
##
subPath: ""
## Service parameters
##
service:
## Service type
##
type: ClusterIP
## MongoDB service port
##
port: 27017
## MongoDB service port name
##
portName: mongodb
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
nodePort: ""
## MongoDB service clusterIP IP
##
# clusterIP: None
## Specify the externalIP value ClusterIP service type.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
##
externalIPs: []
## Specify the loadBalancerIP value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
##
# loadBalancerIP:
## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
loadBalancerSourceRanges: []
## Provide any additional annotations which may be required. Evaluated as a template
##
annotations: {}
## External Access to MongoDB nodes configuration
##
externalAccess:
## Enable Kubernetes external cluster access to MongoDB nodes
##
enabled: false
## External IPs auto-discovery configuration
## An init container is used to auto-detect LB IPs or node ports by querying the K8s API
## Note: RBAC might be required
##
autoDiscovery:
## Enable external IP/ports auto-discovery
##
enabled: false
## Bitnami Kubectl image
## ref: https://hub.docker.com/r/bitnami/kubectl/tags/
##
image:
registry: docker.io
repository: bitnami/kubectl
tag: 1.18.9-debian-10-r30
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## Example:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## Init Container resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## Parameters to configure K8s service(s) used to externally access MongoDB
## A new service per broker will be created
##
service:
## Service type. Allowed values: LoadBalancer or NodePort
##
type: LoadBalancer
## Port used when service type is LoadBalancer
##
port: 27017
## Array of load balancer IPs for each MongoDB node. Length must be the same as replicaCount
## Example:
## loadBalancerIPs:
## - X.X.X.X
## - Y.Y.Y.Y
##
loadBalancerIPs: []
## Load Balancer sources
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
## Example:
## loadBalancerSourceRanges:
## - 10.10.10.0/24
##
loadBalancerSourceRanges: []
## Array of node ports used for each MongoDB node. Length must be the same as replicaCount
## Example:
## nodePorts:
## - 30001
## - 30002
##
nodePorts: []
## When service type is NodePort, you can specify the domain used for MongoDB advertised hostnames.
## If not specified, the container will try to get the kubernetes node external IP
##
# domain: mydomain.com
## Provide any additional annotations which may be required. Evaluated as a template
##
annotations: {}
##
## MongoDB Arbiter parameters.
##
arbiter:
## Enable deploying the MongoDB Arbiter
## https://docs.mongodb.com/manual/tutorial/add-replica-set-arbiter/
enabled: true
## MongoDB configuration file for the Arbiter. For documentation of all options, see:
## http://docs.mongodb.org/manual/reference/configuration-options/
##
configuration: ""
## ConfigMap with MongoDB configuration for the Arbiter
## NOTE: When it's set the arbiter.configuration parameter is ignored
##
# existingConfigmap:
## Command and args for running the container (set to default if not set). Use array form
##
# command:
# args:
## Additional command line flags
## Example:
## extraFlags:
## - "--wiredTigerCacheSizeGB=2"
##
extraFlags: []
## Additional environment variables to set
## E.g:
## extraEnvVars:
## - name: FOO
## value: BAR
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
# extraEnvVarsCM:
## Secret with extra environment variables
##
# extraEnvVarsSecret:
## Annotations to be added to the Arbiter statefulset. Evaluated as a template.
##
annotations: {}
## Additional to be added to the Arbiter statefulset. Evaluated as a template.
##
labels: {}
## Affinity for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Lables for MongoDB Arbiter pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Annotations for MongoDB Arbiter pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## MongoDB Arbiter pods' priority.
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
# priorityClassName: ""
## MongoDB Arbiter pods' Security Context.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
##
podSecurityContext:
enabled: true
fsGroup: 1001
## sysctl settings
## Example:
## sysctls:
## - name: net.core.somaxconn
## value: "10000"
##
sysctls: []
## MongoDB Arbiter containers' Security Context (only main container).
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
##
containerSecurityContext:
enabled: true
runAsUser: 1001
## MongoDB Arbiter containers' resource requests and limits.
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## MongoDB Arbiter pods' liveness and readiness probes. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Custom Liveness probes for MongoDB Arbiter pods
##
customLivenessProbe: {}
## Custom Rediness probes MongoDB Arbiter pods
##
customReadinessProbe: {}
## Add init containers to the MongoDB Arbiter pods.
## Example:
## initContainers:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
initContainers: {}
## Add sidecars to the MongoDB Arbiter pods.
## Example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
sidecars: {}
## extraVolumes and extraVolumeMounts allows you to mount other volumes on MongoDB Arbiter pods
## Examples:
## extraVolumeMounts:
## - name: extras
## mountPath: /usr/share/extras
## readOnly: true
## extraVolumes:
## - name: extras
## emptyDir: {}
extraVolumeMounts: []
extraVolumes: []
## MongoDB Arbiter Pod Disruption Budget configuration
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
##
pdb:
create: false
## Min number of pods that must still be available after the eviction
##
minAvailable: 1
## Max number of pods that can be unavailable after the eviction
##
# maxUnavailable: 1
## ServiceAccount
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
serviceAccount:
## Specifies whether a ServiceAccount should be created
##
create: true
## The name of the ServiceAccount to use.
## If not set and create is true, a name is generated using the rabbitmq.fullname template
##
# name:
## Role Based Access
## ref: https://kubernetes.io/docs/admin/authorization/rbac/
##
rbac:
## Specifies whether RBAC rules should be created
## binding MongoDB ServiceAccount to a role
## that allows MongoDB pods querying the K8s API
##
create: false
## Init Container paramaters
## Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each component
## values from the securityContext section of the component
##
volumePermissions:
enabled: false
## Bitnami Minideb image
## ref: https://hub.docker.com/r/bitnami/minideb/tags/
##
image:
registry: docker.io
repository: bitnami/minideb
tag: buster
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## Example:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## Init Container resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## Init container Security Context
## Note: the chown of the data folder is done to containerSecurityContext.runAsUser
## and not the below volumePermissions.securityContext.runAsUser
## When runAsUser is set to special value "auto", init container will try to chwon the
## data folder to autodetermined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
## "auto" is especially useful for OpenShift which has scc with dynamic userids (and 0 is not allowed).
## You may want to use this volumePermissions.securityContext.runAsUser="auto" in combination with
## podSecurityContext.enabled=false,containerSecurityContext.enabled=false and shmVolume.chmod.enabled=false
##
securityContext:
runAsUser: 0
## Prometheus Exporter / Metrics
##
metrics:
enabled: true
## Bitnami MongoDB Promtheus Exporter image
## ref: https://hub.docker.com/r/bitnami/mongodb-exporter/tags/
##
image:
registry: docker.io
repository: bitnami/mongodb-exporter
tag: 0.11.2-debian-10-r18
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## String with extra flags to the metrics exporter
## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go
##
extraFlags: ""
## String with additional URI options to the metrics exporter
## ref: https://docs.mongodb.com/manual/reference/connection-string
##
extraUri: ""
## Metrics exporter container resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## Prometheus Exporter service configuration
##
service:
## Annotations for Prometheus Exporter pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.metrics.service.port }}"
prometheus.io/path: "/metrics"
type: ClusterIP
port: 9216
## Metrics exporter liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
## Prometheus Service Monitor
## ref: https://github.com/coreos/prometheus-operator
## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
##
serviceMonitor:
## If the operator is installed in your cluster, set to true to create a Service Monitor Entry
enabled: false
## Specify the namespace where Prometheus Operator is running
##
# namespace: monitoring
## Specify the interval at which metrics should be scraped
##
interval: 30s
## Specify the timeout after which the scrape is ended
##
# scrapeTimeout: 30s
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
##
additionalLabels: {}
## Custom PrometheusRule to be defined
## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
##
prometheusRule:
enabled: false
additionalLabels: {}
## Specify the namespace where Prometheus Operator is running
##
# namespace: monitoring
## Define individual alerting rules as required
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup
## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
##
rules: {}

167
mongodb/values.schema.json
View File

@@ -1,167 +0,0 @@
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"properties": {
"architecture": {
"type": "string",
"title": "MongoDB architecture",
"form": true,
"description": "Allowed values: `standalone` or `replicaset`"
},
"auth": {
"type": "object",
"title": "Authentication configuration",
"form": true,
"properties": {
"enabled": {
"type": "boolean",
"title": "Enable Authentication",
"form": true
},
"rootPassword": {
"type": "string",
"title": "MongoDB admin password",
"form": true,
"description": "Defaults to a random 10-character alphanumeric string if not set",
"hidden": {
"value": false,
"path": "auth/enabled"
}
},
"database": {
"type": "string",
"title": "MongoDB custom database",
"description": "Name of the custom database to be created during the 1st initialization of MongoDB",
"form": true
},
"username": {
"type": "string",
"title": "MongoDB custom user",
"description": "Name of the custom user to be created during the 1st initialization of MongoDB. This user only has permissions on the MongoDB custom database",
"form": true
},
"password": {
"type": "string",
"title": "Password for MongoDB custom user",
"form": true,
"description": "Defaults to a random 10-character alphanumeric string if not set",
"hidden": {
"value": false,
"path": "auth/enabled"
}
},
"replicaSetKey": {
"type": "string",
"title": "Key used for replica set authentication",
"form": true,
"description": "Defaults to a random 10-character alphanumeric string if not set",
"hidden": {
"value": "standalone",
"path": "architecture"
}
}
}
},
"replicaCount": {
"type": "integer",
"form": true,
"title": "Number of MongoDB replicas",
"hidden": {
"value": "standalone",
"path": "architecture"
}
},
"configuration": {
"type": "string",
"title": "MongoDB Custom Configuration",
"form": true,
"render": "textArea"
},
"arbiter": {
"type": "object",
"title": "Arbiter configuration",
"form": true,
"properties": {
"configuration": {
"type": "string",
"title": "Arbiter Custom Configuration",
"form": true,
"render": "textArea",
"hidden": {
"value": "standalone",
"path": "architecture"
}
}
}
},
"persistence": {
"type": "object",
"title": "Persistence configuration",
"form": true,
"properties": {
"enabled": {
"type": "boolean",
"form": true,
"title": "Enable persistence",
"description": "Enable persistence using Persistent Volume Claims"
},
"size": {
"type": "string",
"title": "Persistent Volume Size",
"form": true,
"render": "slider",
"sliderMin": 1,
"sliderMax": 100,
"sliderUnit": "Gi",
"hidden": {
"value": false,
"path": "persistence/enabled"
}
}
}
},
"volumePermissions": {
"type": "object",
"hidden": {
"value": false,
"path": "persistence/enabled"
},
"properties": {
"enabled": {
"type": "boolean",
"form": true,
"title": "Enable Init Containers",
"description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination"
}
}
},
"metrics": {
"type": "object",
"form": true,
"title": "Prometheus metrics details",
"properties": {
"enabled": {
"type": "boolean",
"title": "Create Prometheus metrics exporter",
"description": "Create a side-car container to expose Prometheus metrics",
"form": true
},
"serviceMonitor": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"title": "Create Prometheus Operator ServiceMonitor",
"description": "Create a ServiceMonitor to track metrics using Prometheus Operator",
"form": true,
"hidden": {
"value": false,
"path": "metrics/enabled"
}
}
}
}
}
}
}
}

908
mongodb/values.yaml
View File

@@ -1,908 +0,0 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
## Override the namespace for resource deployed by the chart, but can itself be overridden by the local namespaceOverride
# namespaceOverride: my-global-namespace
image:
## Bitnami MongoDB registry
##
registry: docker.io
## Bitnami MongoDB image name
##
repository: bitnami/mongodb
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
tag: 4.4.1-debian-10-r39
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns on Bitnami debugging in minideb-extras-base
## ref: https://github.com/bitnami/minideb-extras-base
debug: false
## String to partially override mongodb.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mongodb.fullname template
##
# fullnameOverride:
## Kubernetes Cluster Domain
##
clusterDomain: cluster.local
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## MongoDB architecture. Allowed values: standalone or replicaset
##
architecture: standalone
## Use StatefulSet instead of Deployment when deploying standalone
##
useStatefulSet: false
## MongoDB Authentication parameters
##
auth:
## Enable authentication
## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
##
enabled: true
## MongoDB root password
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run
##
rootPassword: ""
## MongoDB custom user and database
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run
##
# username: username
# password: password
# database: database
## Key used for replica set authentication
## Ignored when mongodb.architecture=standalone
##
replicaSetKey: ""
## Existing secret with MongoDB credentials
## NOTE: When it's set the previous parameters are ignored.
##
# existingSecret: name-of-existing-secret
## Name of the replica set
## Ignored when mongodb.architecture=standalone
##
replicaSetName: rs0
## Enable DNS hostnames in the replica set config
## Ignored when mongodb.architecture=standalone
## Ignored when externalAccess.enabled=true
##
replicaSetHostnames: true
## Whether enable/disable IPv6 on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6
##
enableIPv6: false
## Whether enable/disable DirectoryPerDB on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb
##
directoryPerDB: false
## MongoDB System Log configuration
## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level
##
systemLogVerbosity: 0
disableSystemLog: false
## MongoDB configuration file for Primary and Secondary nodes. For documentation of all options, see:
## http://docs.mongodb.org/manual/reference/configuration-options/
## Example:
## configuration:
## # where and how to store data.
## storage:
## dbPath: /bitnami/mongodb/data/db
## journal:
## enabled: true
## directoryPerDB: false
## # where to write logging data
## systemLog:
## destination: file
## quiet: false
## logAppend: true
## logRotate: reopen
## path: /opt/bitnami/mongodb/logs/mongodb.log
## verbosity: 0
## # network interfaces
## net:
## port: 27017
## unixDomainSocket:
## enabled: true
## pathPrefix: /opt/bitnami/mongodb/tmp
## ipv6: false
## bindIpAll: true
## # replica set options
## #replication:
## #replSetName: replicaset
## #enableMajorityReadConcern: true
## # process management options
## processManagement:
## fork: false
## pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid
## # set parameter options
## setParameter:
## enableLocalhostAuthBypass: true
## # security options
## security:
## authorization: disabled
## #keyFile: /opt/bitnami/mongodb/conf/keyfile
##
configuration: ""
## ConfigMap with MongoDB configuration for Primary and Secondary nodes
## NOTE: When it's set the arbiter.configuration parameter is ignored
##
# existingConfigmap:
## initdb scripts
## Specify dictionary of scripts to be run at first boot
## Example:
## initdbScripts:
## my_init_script.sh: |
## #!/bin/bash
## echo "Do something."
initdbScripts: {}
## Existing ConfigMap with custom init scripts
##
# initdbScriptsConfigMap:
## Command and args for running the container (set to default if not set). Use array form
##
# command:
# args:
## Additional command line flags
## Example:
## extraFlags:
## - "--wiredTigerCacheSizeGB=2"
##
extraFlags: []
## Additional environment variables to set
## E.g:
## extraEnvVars:
## - name: FOO
## value: BAR
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
# extraEnvVarsCM:
## Secret with extra environment variables
##
# extraEnvVarsSecret:
## Annotations to be added to the MongoDB statefulset. Evaluated as a template.
##
annotations: {}
## Additional labels to be added to the MongoDB statefulset. Evaluated as a template.
##
labels: {}
## Number of MongoDB replicas to deploy.
## Ignored when mongodb.architecture=standalone
##
replicaCount: 2
## StrategyType for MongoDB statefulset
## It can be set to RollingUpdate or Recreate by default.
##
strategyType: RollingUpdate
## MongoDB should be initialized one by one when building the replicaset for the first time.
##
podManagementPolicy: OrderedReady
## Affinity for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Lables for MongoDB pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Annotations for MongoDB pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## MongoDB pods' priority.
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
# priorityClassName: ""
## MongoDB pods' Security Context.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
##
podSecurityContext:
enabled: true
fsGroup: 1001
## sysctl settings
## Example:
## sysctls:
## - name: net.core.somaxconn
## value: "10000"
##
sysctls: []
## MongoDB containers' Security Context (main and metrics container).
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
##
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
## MongoDB containers' resource requests and limits.
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## MongoDB pods' liveness and readiness probes. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Custom Liveness probes for MongoDB pods
##
customLivenessProbe: {}
## Custom Rediness probes MongoDB pods
##
customReadinessProbe: {}
## Add init containers to the MongoDB pods.
## Example:
## initContainers:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
initContainers: {}
## Add sidecars to the MongoDB pods.
## Example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
sidecars: {}
## extraVolumes and extraVolumeMounts allows you to mount other volumes on MongoDB pods
## Examples:
## extraVolumeMounts:
## - name: extras
## mountPath: /usr/share/extras
## readOnly: true
## extraVolumes:
## - name: extras
## emptyDir: {}
extraVolumeMounts: []
extraVolumes: []
## MongoDB Pod Disruption Budget configuration
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
##
pdb:
create: false
## Min number of pods that must still be available after the eviction
##
minAvailable: 1
## Max number of pods that can be unavailable after the eviction
##
# maxUnavailable: 1
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
## Ignored when mongodb.architecture=replicaset
##
# existingClaim:
## PV Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner.
##
# storageClass: "-"
## PV Access Mode
##
accessModes:
- ReadWriteOnce
## PVC size
##
size: 8Gi
## PVC annotations
##
annotations: {}
## The path the volume will be mounted at, useful when using different
## MongoDB images.
##
mountPath: /bitnami/mongodb
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
##
subPath: ""
## Service parameters
##
service:
## Service type
##
type: ClusterIP
## MongoDB service port
##
port: 27017
## MongoDB service port name
##
portName: mongodb
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
nodePort: ""
## MongoDB service clusterIP IP
##
# clusterIP: None
## Specify the externalIP value ClusterIP service type.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
##
externalIPs: []
## Specify the loadBalancerIP value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
##
# loadBalancerIP:
## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
loadBalancerSourceRanges: []
## Provide any additional annotations which may be required. Evaluated as a template
##
annotations: {}
## External Access to MongoDB nodes configuration
##
externalAccess:
## Enable Kubernetes external cluster access to MongoDB nodes
##
enabled: false
## External IPs auto-discovery configuration
## An init container is used to auto-detect LB IPs or node ports by querying the K8s API
## Note: RBAC might be required
##
autoDiscovery:
## Enable external IP/ports auto-discovery
##
enabled: false
## Bitnami Kubectl image
## ref: https://hub.docker.com/r/bitnami/kubectl/tags/
##
image:
registry: docker.io
repository: bitnami/kubectl
tag: 1.18.9-debian-10-r30
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## Example:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## Init Container resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## Parameters to configure K8s service(s) used to externally access MongoDB
## A new service per broker will be created
##
service:
## Service type. Allowed values: LoadBalancer or NodePort
##
type: LoadBalancer
## Port used when service type is LoadBalancer
##
port: 27017
## Array of load balancer IPs for each MongoDB node. Length must be the same as replicaCount
## Example:
## loadBalancerIPs:
## - X.X.X.X
## - Y.Y.Y.Y
##
loadBalancerIPs: []
## Load Balancer sources
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
## Example:
## loadBalancerSourceRanges:
## - 10.10.10.0/24
##
loadBalancerSourceRanges: []
## Array of node ports used for each MongoDB nodes. Length must be the same as replicaCount
## Example:
## nodePorts:
## - 30001
## - 30002
##
nodePorts: []
## When service type is NodePort, you can specify the domain used for MongoDB advertised hostnames.
## If not specified, the container will try to get the kubernetes node external IP
##
# domain: mydomain.com
## Provide any additional annotations which may be required. Evaluated as a template
##
annotations: {}
##
## MongoDB Arbiter parameters.
##
arbiter:
## Enable deploying the MongoDB Arbiter
## https://docs.mongodb.com/manual/tutorial/add-replica-set-arbiter/
enabled: true
## MongoDB configuration file for the Arbiter. For documentation of all options, see:
## http://docs.mongodb.org/manual/reference/configuration-options/
##
configuration: ""
## ConfigMap with MongoDB configuration for the Arbiter
## NOTE: When it's set the arbiter.configuration parameter is ignored
##
# existingConfigmap:
## Command and args for running the container (set to default if not set). Use array form
##
# command:
# args:
## Additional command line flags
## Example:
## extraFlags:
## - "--wiredTigerCacheSizeGB=2"
##
extraFlags: []
## Additional environment variables to set
## E.g:
## extraEnvVars:
## - name: FOO
## value: BAR
##
extraEnvVars: []
## ConfigMap with extra environment variables
##
# extraEnvVarsCM:
## Secret with extra environment variables
##
# extraEnvVarsSecret:
## Annotations to be added to the Arbiter statefulset. Evaluated as a template.
##
annotations: {}
## Additional to be added to the Arbiter statefulset. Evaluated as a template.
##
labels: {}
## Affinity for pod assignment. Evaluated as a template.
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Lables for MongoDB Arbiter pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Annotations for MongoDB Arbiter pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## MongoDB Arbiter pods' priority.
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
##
# priorityClassName: ""
## MongoDB Arbiter pods' Security Context.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
##
podSecurityContext:
enabled: true
fsGroup: 1001
## sysctl settings
## Example:
## sysctls:
## - name: net.core.somaxconn
## value: "10000"
##
sysctls: []
## MongoDB Arbiter containers' Security Context (only main container).
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
##
containerSecurityContext:
enabled: true
runAsUser: 1001
## MongoDB Arbiter containers' resource requests and limits.
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## MongoDB Arbiter pods' liveness and readiness probes. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Custom Liveness probes for MongoDB Arbiter pods
##
customLivenessProbe: {}
## Custom Rediness probes MongoDB Arbiter pods
##
customReadinessProbe: {}
## Add init containers to the MongoDB Arbiter pods.
## Example:
## initContainers:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
initContainers: {}
## Add sidecars to the MongoDB Arbiter pods.
## Example:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
sidecars: {}
## extraVolumes and extraVolumeMounts allows you to mount other volumes on MongoDB Arbiter pods
## Examples:
## extraVolumeMounts:
## - name: extras
## mountPath: /usr/share/extras
## readOnly: true
## extraVolumes:
## - name: extras
## emptyDir: {}
extraVolumeMounts: []
extraVolumes: []
## MongoDB Arbiter Pod Disruption Budget configuration
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
##
pdb:
create: false
## Min number of pods that must still be available after the eviction
##
minAvailable: 1
## Max number of pods that can be unavailable after the eviction
##
# maxUnavailable: 1
## ServiceAccount
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
serviceAccount:
## Specifies whether a ServiceAccount should be created
##
create: true
## The name of the ServiceAccount to use.
## If not set and create is true, a name is generated using the rabbitmq.fullname template
##
# name:
## Role Based Access
## ref: https://kubernetes.io/docs/admin/authorization/rbac/
##
rbac:
## Specifies whether RBAC rules should be created
## binding MongoDB ServiceAccount to a role
## that allows MongoDB pods querying the K8s API
##
create: false
## Init Container paramaters
## Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each component
## values from the securityContext section of the component
##
volumePermissions:
enabled: false
## Bitnami Minideb image
## ref: https://hub.docker.com/r/bitnami/minideb/tags/
##
image:
registry: docker.io
repository: bitnami/minideb
tag: buster
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## Example:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## Init Container resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## Init container Security Context
## Note: the chown of the data folder is done to containerSecurityContext.runAsUser
## and not the below volumePermissions.securityContext.runAsUser
## When runAsUser is set to special value "auto", init container will try to chwon the
## data folder to autodetermined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
## "auto" is especially useful for OpenShift which has scc with dynamic userids (and 0 is not allowed).
## You may want to use this volumePermissions.securityContext.runAsUser="auto" in combination with
## podSecurityContext.enabled=false,containerSecurityContext.enabled=false and shmVolume.chmod.enabled=false
##
securityContext:
runAsUser: 0
## Prometheus Exporter / Metrics
##
metrics:
enabled: false
## Bitnami MongoDB Promtheus Exporter image
## ref: https://hub.docker.com/r/bitnami/mongodb-exporter/tags/
##
image:
registry: docker.io
repository: bitnami/mongodb-exporter
tag: 0.11.2-debian-10-r18
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## String with extra flags to the metrics exporter
## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go
##
extraFlags: ""
## String with additional URI options to the metrics exporter
## ref: https://docs.mongodb.com/manual/reference/connection-string
##
extraUri: ""
## Metrics exporter container resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
## Prometheus Exporter service configuration
##
service:
## Annotations for Prometheus Exporter pods. Evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.metrics.service.port }}"
prometheus.io/path: "/metrics"
type: ClusterIP
port: 9216
## Metrics exporter liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
## Prometheus Service Monitor
## ref: https://github.com/coreos/prometheus-operator
## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
##
serviceMonitor:
## If the operator is installed in your cluster, set to true to create a Service Monitor Entry
enabled: false
## Specify the namespace where Prometheus Operator is running
##
# namespace: monitoring
## Specify the interval at which metrics should be scraped
##
interval: 30s
## Specify the timeout after which the scrape is ended
##
# scrapeTimeout: 30s
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
##
additionalLabels: {}
## Custom PrometheusRule to be defined
## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
##
prometheusRule:
enabled: false
additionalLabels: {}
## Specify the namespace where Prometheus Operator is running
##
# namespace: monitoring
## Define individual alerting rules as required
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup
## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
##
rules: {}