diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 7a3cb04..c3087a8 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -182,44 +182,13 @@ Create the name of the service account to use {{- end -}} {{- end -}} -{{/* -Create a default fully qualified pinot servicemanager name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "pinot.servicemanager.fullname" -}} -{{- printf "%s-%s" (include "pinot.fullname" .) .Values.servicemanager.name }} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "pinot.servicemanager.serviceAccountName" -}} -{{- if .Values.servicemanager.serviceAccount.create -}} -{{ default (include "pinot.servicemanager.fullname" .) .Values.servicemanager.serviceAccount.name }} -{{- else -}} -{{ default "default" .Values.servicemanager.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Docker image to use for service manager -*/}} -{{/*{{- define "pinot.servicemanager.image" -}}*/}} -{{/* {{- if and .Values.servicemanager.image.repository .Values.servicemanager.image.tag -}}*/}} -{{/* {{- printf "%s:%s" .Values.servicemanager.image.repository .Values.servicemanager.image.tag }}*/}} -{{/* {{- if .Values.servicemanager.image.sha256 -}}*/}} -{{/* {{- printf "@sha256:%s" .Values.servicemanager.image.sha256 }}*/}} -{{/* {{- end -}}*/}} -{{/* {{- else -}}*/}} -{{/* {{- printf "%s:%s" .Values.image.repository .Chart.Version }}*/}} -{{/* {{- end -}}*/}} -{{/*{{- end -}}*/}} - {{/* Docker image to use for controller, broker, minion and server */}} {{- define "pinot.image" -}} - {{- if .Values.image.registry -}} + {{- if .Values.global.image.registry -}} + {{- printf "%s/" .Values.global.image.registry }} + {{- else if .Values.image.registry -}} {{- printf "%s/" .Values.image.registry }} {{- end -}} {{- if and .Values.image.tagOverride -}} diff --git a/helm/templates/broker/statefulset.yml b/helm/templates/broker/statefulset.yml index f20de8d..6c52231 100644 --- a/helm/templates/broker/statefulset.yml +++ b/helm/templates/broker/statefulset.yml @@ -92,6 +92,10 @@ spec: {{- end }} resources: {{- toYaml .Values.broker.resources | nindent 12 }} + {{- with .Values.broker.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- if .Values.broker.prometheus.jmx.enabled }} - name: prometheus-jmx-exporter image: "{{ .Values.broker.prometheus.jmx.image.repository }}:{{ .Values.broker.prometheus.jmx.image.tag }}" @@ -110,6 +114,10 @@ spec: volumeMounts: - name: jmx-config mountPath: /etc/jmx-config + {{- with .Values.broker.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} restartPolicy: Always serviceAccountName: {{ include "pinot.broker.serviceAccountName" . }} @@ -143,7 +151,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.broker.securityContext }} + {{- with .Values.broker.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/templates/controller/prometheusrules.yaml b/helm/templates/controller/prometheusrules.yaml index 94323ed..a6fbd3d 100644 --- a/helm/templates/controller/prometheusrules.yaml +++ b/helm/templates/controller/prometheusrules.yaml @@ -24,7 +24,6 @@ spec: summary: 'Pinot segments in Error state' message: '{{`{{ $value }}`}} segments in table {{`{{ $labels.table }}`}} are in Error state' expr: sum by(pod, table, tabletype) (pinot_controller_segmentsinerrorstate_value) > 0 - for: 10s for: {{ dig "PinotErrorSegments" "for" "1m" .Values.controller.prometheusrule }} labels: severity: {{ dig "PinotErrorSegments" "severity" "critical" .Values.controller.prometheusrule }} diff --git a/helm/templates/controller/statefulset.yaml b/helm/templates/controller/statefulset.yaml index 3e853f1..e73ca8a 100644 --- a/helm/templates/controller/statefulset.yaml +++ b/helm/templates/controller/statefulset.yaml @@ -122,6 +122,10 @@ spec: {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 12 }} + {{- with .Values.controller.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- if .Values.controller.prometheus.jmx.enabled }} - name: prometheus-jmx-exporter image: "{{ .Values.controller.prometheus.jmx.image.repository }}:{{ .Values.controller.prometheus.jmx.image.tag }}" @@ -140,6 +144,10 @@ spec: volumeMounts: - name: jmx-config mountPath: /etc/jmx-config + {{- with .Values.controller.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} restartPolicy: Always serviceAccountName: {{ include "pinot.controller.serviceAccountName" . }} @@ -188,7 +196,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.securityContext }} + {{- with .Values.controller.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/templates/minion/statefulset.yml b/helm/templates/minion/statefulset.yml index 77ce06a..069d6dd 100644 --- a/helm/templates/minion/statefulset.yml +++ b/helm/templates/minion/statefulset.yml @@ -96,6 +96,10 @@ spec: # failureThreshold: {{ .Values.minion.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.minion.resources | nindent 12 }} + {{- with .Values.minion.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- if .Values.minion.prometheus.jmx.enabled }} - name: prometheus-jmx-exporter image: "{{ .Values.minion.prometheus.jmx.image.repository }}:{{ .Values.minion.prometheus.jmx.image.tag }}" @@ -114,6 +118,10 @@ spec: volumeMounts: - name: jmx-config mountPath: /etc/jmx-config + {{- with .Values.minion.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} restartPolicy: Always serviceAccountName: {{ include "pinot.minion.serviceAccountName" . }} @@ -152,7 +160,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.minion.securityContext }} + {{- with .Values.minion.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/templates/server/statefulset.yml b/helm/templates/server/statefulset.yml index 15addbe..09e922d 100644 --- a/helm/templates/server/statefulset.yml +++ b/helm/templates/server/statefulset.yml @@ -128,6 +128,10 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} resources: {{ toYaml $tier.resources | nindent 12 }} + {{- with $tier.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- if $tier.prometheus.jmx.enabled }} - name: prometheus-jmx-exporter image: "{{ $tier.prometheus.jmx.image.repository }}:{{ $tier.prometheus.jmx.image.tag }}" @@ -146,6 +150,10 @@ spec: volumeMounts: - name: jmx-config mountPath: /etc/jmx-config + {{- with $tier.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} restartPolicy: Always serviceAccountName: {{ include "pinot.server.serviceAccountName" $ }} @@ -192,7 +200,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with $tier.securityContext }} + {{- with $tier.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/helm/templates/servicemanager/jmx-configmap.yaml b/helm/templates/servicemanager/jmx-configmap.yaml deleted file mode 100644 index 25ae7b5..0000000 --- a/helm/templates/servicemanager/jmx-configmap.yaml +++ /dev/null @@ -1,327 +0,0 @@ -{{- if and .Values.servicemanager.enabled .Values.servicemanager.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "pinot.servicemanager.fullname" . }}-jmx-config - labels: - app: {{ include "pinot.name" . }} - chart: {{ include "pinot.chart" . }} - component: {{ .Values.servicemanager.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - prometheus-pinot-servicemanager.yml: |- - jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.servicemanager.jmx.port }}/jmxrmi - lowercaseOutputName: true - lowercaseOutputLabelNames: true - ssl: false - rules: - # broker metrics - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_authorization_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_documentsScanned_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_entriesScannedInFilter_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_entriesScannedPostFilter_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_freshnessLagMs_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_queries_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_queryExecution_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_queryRouting_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_reduce_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_requestCompilation_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_scatterGather_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_totalServerResponseSize_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_groupBySize_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_noServingHostForSegment_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_healthcheck_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_helix_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_helix_zookeeper_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_nettyConnection_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_clusterChangeCheck_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_proactiveClusterChangeCheck_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_exceptions_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_broker_routingTableUpdateTime_$1" - # controller metrics - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_helix_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_helix_ZookeeperReconnects_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_idealstateZnodeSize_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_numberOfReplicas_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_percentOfReplicas_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_percentSegmentsAvailable_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_segmentCount_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_segmentsInErrorState_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_numberSegmentUploadTimeoutExceeded_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_numberTimesScheduleTasksCalled_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_periodicTaskNumTablesProcessed_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_pinotControllerLeader_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_partitionLeader_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_realtimeTableCount_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_controller_validateion_$2_$3" - # server metrics - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_documentCount_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_segmentCount_$3" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_$3_$4" - labels: - table: "$1" - tableType: "$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_realtimeRowsConsumed_$5" - labels: - table: "$1" - tableType: "$2" - topic: "$3" - partition: "$4" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_helix_connected_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_helix_zookeeperReconnects_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_highestKafkaOffsetConsumed_$5" - labels: - table: "$1" - tableType: "$2" - topic: "$3" - partition: "$4" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_highestStreamOffsetConsumed_$5" - labels: - table: "$1" - tableType: "$2" - topic: "$3" - partition: "$4" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_lastRealtimeSegment$1Seconds_$6" - labels: - table: "$2" - tableType: "$3" - topic: "$4" - partition: "$5" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_llcControllerResponse_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_llcPartitionConsuming_$5" - labels: - table: "$1" - tableType: "$2" - topic: "$3" - partition: "$4" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_llcSimultaneousSegmentBuilds_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_memory_$1_$2" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_queries_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_realtime_consumptionExceptions_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_realtime_offheapMemoryUsed_$2" - labels: - table: "$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_realtime_offsetCommits_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_realtime_rowsConsumed_$1" - - pattern: "\"org.apache.pinot.common.metrics\"<>(\\w+)" - name: "pinot_server_realtime_exceptions_$1_$2" - - pattern: "\"org.apache.pinot.transport.netty.NettyTCPServer_(\\w+)_\"<>(\\w+)" - name: "pinot_server_netty_tcp_$2_$3" - labels: - id: "$1" - # common metrics - - pattern: "java.lang<>(\\w+)" - name: "java_lang_codeheap_non_nmethods_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_codeheap_non_nmethods_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_codeheap_non_profiled_nmethods_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_codeheap_non_profiled_nmethods_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_codeheap_profiled_nmethods_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_codeheap_profiled_nmethods_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_compressed_class_space_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_compressed_class_space_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_g1_eden_space_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_g1_eden_space_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_g1_old_gen_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_g1_old_gen_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_g1_survivor_space_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_g1_survivor_space_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_metaspace_$1" - labels: - type: "MemoryPool" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_metaspace_$1_$2" - labels: - type: "MemoryPool" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_g1_old_generation_$1" - labels: - type: "GarbageCollector" - - pattern: "java.lang(\\w+)" - name: "java_lang_g1_young_generation_lastgcinfo_memoryusageaftergc_$1" - labels: - type: "GarbageCollector" - key: "CodeHeap 'profiled nmethods'" - - pattern: "java.lang(\\w+)" - name: "java_lang_g1_young_generation_lastgcinfo_memoryusagebeforegc_$1" - labels: - type: "GarbageCollector" - key: "CodeHeap 'profiled nmethods'" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_g1_young_generation_$1" - labels: - type: "GarbageCollector" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_g1_young_generation_$1_$2" - labels: - type: "GarbageCollector" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_classloading_$1" - - pattern: "java.lang<(\\w+)>(\\w+)" - name: "java_lang_memory_$1_$2" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_operatingsystem_$1" - - pattern: "java.lang<>(\\w+)" - name: "java_lang_threading_$1" - - pattern: "java.nio<>(\\w+)" - name: "java_nio_direct_$1" - labels: - type: "BufferPool" - - pattern: "java.nio<>(\\w+)" - name: "java_nio_mapped_$1" - labels: - type: "BufferPool" -{{- end }} diff --git a/helm/templates/servicemanager/log-configmap.yaml b/helm/templates/servicemanager/log-configmap.yaml deleted file mode 100644 index fd63325..0000000 --- a/helm/templates/servicemanager/log-configmap.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if .Values.servicemanager.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "pinot.servicemanager.fullname" . }}-log-config - labels: - app: {{ include "pinot.name" . }} - chart: {{ include "pinot.chart" . }} - component: {{ .Values.servicemanager.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - pinot-servicemanager-log4j2.xml: |- - - - - - %d{yyyy/MM/dd HH:mm:ss.SSS} %p [%c{1.}] [%t] %m%n - - - - - - - - - - - - - - - - - - -{{- end }} diff --git a/helm/templates/servicemanager/poddisruptionbudget.yaml b/helm/templates/servicemanager/poddisruptionbudget.yaml deleted file mode 100644 index 1e7cef3..0000000 --- a/helm/templates/servicemanager/poddisruptionbudget.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if and .Values.servicemanager.enabled .Values.servicemanager.podDisruptionBudget.enabled }} -{{- if .Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} -apiVersion: policy/v1 -{{- else }} -apiVersion: policy/v1beta1 -{{- end }} -kind: PodDisruptionBudget -metadata: - name: {{ include "pinot.servicemanager.fullname" . }} - labels: - app: {{ include "pinot.name" . }} - chart: {{ include "pinot.chart" . }} - component: {{ .Values.servicemanager.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - {{- if .Values.servicemanager.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.servicemanager.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if .Values.servicemanager.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.servicemanager.podDisruptionBudget.maxUnavailable }} - {{- end }} - selector: - matchLabels: - app: {{ include "pinot.name" . }} - release: {{ .Release.Name }} - component: {{ .Values.servicemanager.name }} -{{- end }} diff --git a/helm/templates/servicemanager/service-headless.yaml b/helm/templates/servicemanager/service-headless.yaml deleted file mode 100644 index def415f..0000000 --- a/helm/templates/servicemanager/service-headless.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.servicemanager.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "pinot.servicemanager.fullname" . }} - labels: - app: {{ include "pinot.name" . }} - chart: {{ include "pinot.chart" . }} - component: {{ .Values.servicemanager.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - clusterIP: None - ports: - - name: servicemanager - port: {{ .Values.servicemanager.service.port }} - - name: controller - port: {{ .Values.controller.service.port }} - - name: server-netty - port: {{ .Values.server.ports.netty }} - - name: broker - port: {{ .Values.broker.service.port }} - {{- if .Values.servicemanager.minion.enabled }} - - name: minion - port: {{ .Values.minion.service.port }} - {{- end }} - selector: - app: {{ include "pinot.name" . }} - release: {{ .Release.Name }} - component: {{ .Values.servicemanager.name }} -{{- end }} diff --git a/helm/templates/servicemanager/service.yaml b/helm/templates/servicemanager/service.yaml deleted file mode 100644 index 04442f4..0000000 --- a/helm/templates/servicemanager/service.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if and .Values.servicemanager.enabled .Values.servicemanager.service.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "pinot.servicemanager.fullname" . }}-svc - labels: - app: {{ include "pinot.name" . }} - chart: {{ include "pinot.chart" . }} - component: {{ .Values.servicemanager.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: ClusterIP - ports: - - name: servicemanager - port: {{ .Values.servicemanager.service.port }} - - name: controller - port: {{ .Values.controller.service.port }} - - name: server-netty - port: {{ .Values.server.ports.netty }} - - name: broker - port: {{ .Values.broker.service.port }} - {{- if .Values.servicemanager.minion.enabled }} - - name: minion - port: {{ .Values.minion.service.port }} - {{- end }} - {{- if .Values.servicemanager.prometheus.jmx.enabled }} - - name: http-metrics - port: {{ .Values.servicemanager.prometheus.jmx.port }} - {{- end }} - selector: - app: {{ include "pinot.name" . }} - release: {{ .Release.Name }} - component: {{ .Values.servicemanager.name }} -{{- end }} \ No newline at end of file diff --git a/helm/templates/servicemanager/serviceaccount.yaml b/helm/templates/servicemanager/serviceaccount.yaml deleted file mode 100644 index 586023e..0000000 --- a/helm/templates/servicemanager/serviceaccount.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if and .Values.servicemanager.enabled .Values.servicemanager.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "pinot.servicemanager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} - labels: - app: {{ include "pinot.name" . }} - chart: {{ include "pinot.chart" . }} - component: {{ .Values.servicemanager.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- with .Values.server.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/servicemanager/statefulset.yml b/helm/templates/servicemanager/statefulset.yml deleted file mode 100644 index abdd6fe..0000000 --- a/helm/templates/servicemanager/statefulset.yml +++ /dev/null @@ -1,231 +0,0 @@ -{{- if .Values.servicemanager.enabled }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "pinot.servicemanager.fullname" . }} - labels: - app: {{ include "pinot.name" . }} - chart: {{ include "pinot.chart" . }} - component: {{ .Values.servicemanager.name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "pinot.name" . }} - release: {{ .Release.Name }} - component: {{ .Values.servicemanager.name }} - serviceName: {{ include "pinot.servicemanager.fullname" . }} - replicas: {{ .Values.servicemanager.replicaCount }} - updateStrategy: - type: {{ .Values.servicemanager.updateStrategy.type }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "pinot.name" . }} - release: {{ .Release.Name }} - component: {{ .Values.servicemanager.name }} - {{- with .Values.servicemanager.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - annotations: {{ toYaml .Values.servicemanager.podAnnotations | nindent 8 }} - spec: - {{- if .Values.zookeeper.path }} - initContainers: - - name: create-zk-root-path - image: "{{ .Values.zookeeper.image.repository }}:{{ .Values.zookeeper.image.tag }}" - imagePullPolicy: {{ .Values.zookeeper.image.pullPolicy }} - command: ["/bin/bash", "-cx"] - args: - - | - # zookeper-shell used doesn't have proper mechanism to configure retries. - # Retrying within helm as a workaround - exitCode=1 - i=0 - while [ $i -le {{ .Values.zookeeper.retries }} ]; do - bin/zookeeper-shell.sh ZooKeeper -server {{ include "zookeeper.url" . | quote }} create {{ .Values.zookeeper.path | quote }} "" - if [ $? -eq 0 ]; then - exitCode=0 - break - fi - sleep {{ .Values.zookeeper.retryInterval }} - i=`expr $i + 1` - done - exit $exitCode - {{- end }} - containers: - - name: pinot-servicemanager - image: {{ include "pinot.image" $ }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: [ - "StartServiceManager", - "-clusterName", {{ .Values.cluster.name | quote }}, - "-zkAddress", {{ include "zookeeper.path" . | quote }}, - "-port", {{ .Values.servicemanager.port | quote }}, - "-bootstrapServices", - "CONTROLLER", - "BROKER", - "SERVER", - {{- if .Values.servicemanager.minion.enabled }} - "MINION", - {{- end }} - "-bootstrapConfigPaths", - "/var/config/pinot/pinot-controller.conf", - "/var/config/pinot/pinot-broker.conf", - {{- if .Values.servicemanager.minion.enabled }} - "/var/config/pinot/pinot-minion.conf", - {{- end }} - "/var/config/pinot/pinot-server.conf" - ] - env: - - name: JAVA_OPTS - value: "{{ .Values.servicemanager.jvmOpts }} -Djute.maxbuffer=4194304 -Dlog4j2.configurationFile={{ .Values.servicemanager.log4j2ConfFile }} -Dplugins.dir={{ .Values.servicemanager.pluginsDir }} {{ if .Values.servicemanager.jmx.enabled }}{{ .Values.servicemanager.jmx.opts }}{{ end }}" - ports: - - name: servicemanager - containerPort: {{ .Values.servicemanager.port }} - protocol: TCP - - name: controller - containerPort: {{ .Values.controller.port }} - protocol: TCP - - name: broker - containerPort: {{ .Values.broker.port }} - protocol: TCP - {{- if .Values.servicemanager.minion.enabled }} - - name: minion - containerPort: {{ .Values.minion.port }} - protocol: TCP - {{- end }} - - name: server-netty - containerPort: {{ .Values.server.ports.netty }} - protocol: TCP - - name: server-admin - containerPort: {{ .Values.server.ports.admin }} - protocol: TCP - {{- if .Values.controller.jmx.enabled }} - - name: jmx - containerPort: {{ .Values.controller.jmx.port }} - protocol: TCP - {{- end }} - volumeMounts: - - name: combined-config - mountPath: /var/config/pinot/ # required to break convention for servicemanager - - name: pinot-servicemanager-storage - mountPath: "{{ .Values.servicemanager.persistence.mountPath }}" - - name: log-config - mountPath: /opt/pinot/conf/pinot-servicemanager-log4j2.xml - subPath: "pinot-servicemanager-log4j2.xml" - {{- if eq .Values.cluster.storage.scheme "gs" }} - - name: gcs-iam-secret - mountPath: "/account" - {{- end }} - {{- with .Values.extraVolumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - livenessProbe: - httpGet: - path: /health - port: {{ .Values.servicemanager.port }} - initialDelaySeconds: {{ .Values.servicemanager.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.servicemanager.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.servicemanager.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.servicemanager.livenessProbe.failureThreshold }} - readinessProbe: - httpGet: - path: /health - port: {{ .Values.servicemanager.port }} - initialDelaySeconds: {{ .Values.servicemanager.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.servicemanager.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.servicemanager.readinessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.servicemanager.readinessProbe.failureThreshold }} - resources: {{ toYaml .Values.servicemanager.resources | nindent 12 }} - {{- if and .Values.servicemanager.prometheus.jmx.enabled .Values.servicemanager.jmx.enabled }} - - name: prometheus-jmx-exporter - image: "{{ .Values.servicemanager.prometheus.jmx.image.repository }}:{{ .Values.servicemanager.prometheus.jmx.image.tag }}" - imagePullPolicy: "{{ .Values.servicemanager.prometheus.jmx.image.pullPolicy }}" - command: - - java - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.servicemanager.prometheus.jmx.port | quote }} - - /etc/jmx-config/prometheus-pinot-servicemanager.yml - ports: - - name: http-metrics - containerPort: {{ .Values.servicemanager.prometheus.jmx.port }} - resources: - {{- toYaml .Values.servicemanager.prometheus.jmx.resources | nindent 12 }} - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-config - {{- end }} - restartPolicy: Always - serviceAccountName: {{ include "pinot.servicemanager.serviceAccountName" . }} - volumes: - - name: combined-config - projected: - sources: - - configMap: - name: {{ include "pinot.broker.fullname" . }}-config - - configMap: - name: {{ include "pinot.server.fullname" . }}-config - - configMap: - name: {{ include "pinot.minion.fullname" . }}-config - {{- if .Values.controller.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "pinot.servicemanager.fullname" . }}-jmx-config - {{- end }} - - name: log-config - configMap: - name: {{ include "pinot.servicemanager.fullname" . }}-log-config - {{- if not .Values.servicemanager.persistence.enabled }} - - name: pinot-servicemanager-storage - emptyDir: {} - {{- end }} - {{- if eq .Values.cluster.storage.scheme "gs" }} - - name: gcs-iam-secret - secret: - secretName: {{ .Values.cluster.storage.gs.secretName }} - {{- end }} - {{- with .Values.extraVolumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml .Values.imagePullSecrets | nindent 8 }} - {{- end }} - {{- with .Values.servicemanager.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.servicemanager.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.servicemanager.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.servicemanager.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.servicemanager.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: pinot-servicemanager-storage - spec: - accessModes: - - {{ .Values.servicemanager.persistence.accessMode | quote }} - {{- if .Values.servicemanager.persistence.storageClass }} - {{- if (eq "-" .Values.servicemanager.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: {{ .Values.servicemanager.persistence.storageClass }} - {{- end }} - {{- end }} - resources: - requests: - storage: {{ .Values.servicemanager.persistence.size }} - {{- end }} -{{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index 22d4bc3..9cad983 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -117,7 +117,9 @@ controller: affinity: {} - securityContext: {} + podSecurityContext: {} + + containerSecurityContext: {} hostNetwork: false @@ -154,7 +156,7 @@ controller: port: 7071 image: repository: hypertrace/prometheus-jmx-exporter - tag: 0.1.6 + tag: 0.1.7 pullPolicy: IfNotPresent resources: requests: @@ -237,7 +239,9 @@ broker: tolerations: [] - securityContext: {} + podSecurityContext: {} + + containerSecurityContext: {} hostNetwork: false @@ -270,7 +274,7 @@ broker: port: 7072 image: repository: hypertrace/prometheus-jmx-exporter - tag: 0.1.6 + tag: 0.1.7 pullPolicy: IfNotPresent resources: requests: @@ -345,7 +349,9 @@ minion: tolerations: [] - securityContext: {} + podSecurityContext: {} + + containerSecurityContext: {} hostNetwork: false @@ -378,7 +384,7 @@ minion: port: 7074 image: repository: hypertrace/prometheus-jmx-exporter - tag: 0.1.6 + tag: 0.1.7 pullPolicy: IfNotPresent resources: requests: @@ -457,7 +463,9 @@ server: tolerations: [] - securityContext: {} + podSecurityContext: {} + + containerSecurityContext: {} hostNetwork: false @@ -490,7 +498,7 @@ server: port: 7073 image: repository: hypertrace/prometheus-jmx-exporter - tag: 0.1.6 + tag: 0.1.7 pullPolicy: IfNotPresent resources: requests: @@ -520,105 +528,6 @@ server: repository: curlimages/curl tag: latest -servicemanager: - name: servicemanager - enabled: false - port: 9090 - replicaCount: 1 - - persistence: - enabled: true - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /var/pinot/ - storageClass: "standard" - - data: - dir: /var/pinot/servicemanager/data - - jvmOpts: "-Xms128M -Xmx320M" - - logging: - level: warn - - log4j2ConfFile: /opt/pinot/conf/pinot-servicemanager-log4j2.xml - pluginsDir: /opt/pinot/plugins - - minion: - enabled: false - - jmx: - enabled: false - port: 7024 - opts: "-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.port=7024 -Dcom.sun.management.jmxremote.rmi.port=7024 -Djava.rmi.server.hostname=127.0.0.1" - - prometheus: - jmx: - enabled: false - port: 7073 - image: - repository: hypertrace/prometheus-jmx-exporter - tag: 0.1.6 - pullPolicy: IfNotPresent - resources: - requests: - cpu: "0.25" - memory: "256Mi" - - service: - enabled: true - annotations: {} - clusterIP: "" - externalIPs: [] - loadBalancerIP: "" - loadBalancerSourceRanges: [] - type: ClusterIP - port: 9090 - nodePort: "" - - resources: - requests: - cpu: "0.1" - memory: 400Mi - - podLabels: {} - - podAnnotations: {} - - updateStrategy: - type: RollingUpdate - - livenessProbe: - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 10 - failureThreshold: 3 - - readinessProbe: - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 10 - failureThreshold: 3 - - nodeSelector: {} - - tolerations: [] - - affinity: {} - - securityContext: {} - - serviceAccount: - create: true - name: "" - - terminationGracePeriodSeconds: 30 - - podDisruptionBudget: - enabled: true - maxUnavailable: 1 - minAvailable: "" - zookeeper: url: "" port: 2181