From ad14738b2ce731406591c8ddeb744bf87095b989 Mon Sep 17 00:00:00 2001 From: Jason Witkowski Date: Mon, 13 Feb 2023 14:00:29 -0500 Subject: [PATCH] helm: Add customizable global and per-container env vars to helm chart --- helm/druid/Chart.yaml | 2 +- helm/druid/README.md | 51 +++++++++------- helm/druid/templates/broker/deployment.yaml | 8 ++- .../templates/coordinator/deployment.yaml | 8 ++- .../templates/historical/statefulset.yaml | 12 +++- .../templates/middleManager/statefulset.yaml | 10 +++- helm/druid/templates/overlord/deployment.yaml | 8 ++- helm/druid/templates/router/deployment.yaml | 8 ++- helm/druid/values.yaml | 58 +++++++++++++++++++ 9 files changed, 133 insertions(+), 32 deletions(-) diff --git a/helm/druid/Chart.yaml b/helm/druid/Chart.yaml index 8bbc003de34f..5244f7d0afd2 100644 --- a/helm/druid/Chart.yaml +++ b/helm/druid/Chart.yaml @@ -30,7 +30,7 @@ dependencies: version: 8.6.4 repository: https://charts.helm.sh/stable condition: postgresql.enabled -version: 0.3.3 +version: 0.3.6 home: https://druid.apache.org/ icon: https://druid.apache.org/img/favicon.png sources: diff --git a/helm/druid/README.md b/helm/druid/README.md index 1d985f922647..3d8978ea5a3d 100644 --- a/helm/druid/README.md +++ b/helm/druid/README.md @@ -92,12 +92,14 @@ The following table lists the configurable parameters of the Druid chart and the | `image.tag` | container image tag | `0.19.0` | | `image.pullPolicy` | container pull policy | `IfNotPresent` | | `image.pullSecrets` | image pull secrest for private repositoty | `[]` | -| `configMap.enabled` | enable druid configuration as configmap | `true` | -| `configVars` | druid configuration variables for all components | `` | +| `configMap.enabled` | enable druid configuration as configmap | `true` | +| `configVars` | druid configuration variables for all components | `` | +| `env` | global container environment variables to set | `[]` | | `gCloudStorage.enabled` | look for secret to set google cloud credentials | `false` | | `gCloudStorage.secretName` | secretName to be mounted as google cloud credentials | `false` | | `broker.enabled` | enable broker | `true` | | `broker.name` | broker component name | `broker` | +| `broker.env` | broker container environment variables to append | `[]` | | `broker.replicaCount` | broker node replicas (deployment) | `1` | | `broker.port` | port of broker component | `8082` | | `broker.serviceType` | service type for service | `ClusterIP` | @@ -105,14 +107,15 @@ The following table lists the configurable parameters of the Druid chart and the | `broker.podAnnotations` | broker deployment annotations | `{}` | | `broker.nodeSelector` | Node labels for broker pod assignment | `{}` | | `broker.tolerations` | broker tolerations | `[]` | -| `broker.config` | broker private config such as `JAVA_OPTS` | | -| `broker.affinity` | broker affinity policy | `{}` | +| `broker.config` | broker private config such as `JAVA_OPTS` | | +| `broker.affinity` | broker affinity policy | `{}` | | `broker.ingress.enabled` | enable ingress | `false` | | `broker.ingress.hosts` | hosts for the broker api | `[ "chart-example.local" ]` | | `broker.ingress.path` | path of the broker api | `/` | | `broker.ingress.annotations` | annotations for the broker api ingress | `{}` | -| `broker.ingress.tls` | TLS configuration for the ingress | `[]` | +| `broker.ingress.tls` | TLS configuration for the ingress | `[]` | | `coordinator.enabled` | enable coordinator | `true` | +| `coordinator.env` | coordinator container environment variables to append | `[]` | | `coordinator.name` | coordinator component name | `coordinator` | | `coordinator.replicaCount` | coordinator node replicas (deployment) | `1` | | `coordinator.port` | port of coordinator component | `8081` | @@ -121,14 +124,15 @@ The following table lists the configurable parameters of the Druid chart and the | `coordinator.podAnnotations` | coordinator Deployment annotations | `{}` | | `coordinator.nodeSelector` | node labels for coordinator pod assignment | `{}` | | `coordinator.tolerations` | coordinator tolerations | `[]` | -| `coordinator.config` | coordinator private config such as `JAVA_OPTS` | | -| `coordinator.affinity` | coordinator affinity policy | `{}` | +| `coordinator.config` | coordinator private config such as `JAVA_OPTS` | | +| `coordinator.affinity` | coordinator affinity policy | `{}` | | `coordinator.ingress.enabled` | enable ingress | `false` | | `coordinator.ingress.hosts` | hosts for the coordinator api | `[ "chart-example.local" ]` | | `coordinator.ingress.path` | path of the coordinator api | `/` | | `coordinator.ingress.annotations` | annotations for the coordinator api ingress | `{}` | -| `coordinator.ingress.tls` | TLS configuration for the ingress | `[]` | +| `coordinator.ingress.tls` | TLS configuration for the ingress | `[]` | | `overlord.enabled` | enable overlord | `false` | +| `overlord.env` | overlord container environment variables to append | `[]` | | `overlord.name` | overlord component name | `overlord` | | `overlord.replicaCount` | overlord node replicas (deployment) | `1` | | `overlord.port` | port of overlord component | `8081` | @@ -137,14 +141,15 @@ The following table lists the configurable parameters of the Druid chart and the | `overlord.podAnnotations` | overlord Deployment annotations | `{}` | | `overlord.nodeSelector` | node labels for overlord pod assignment | `{}` | | `overlord.tolerations` | overlord tolerations | `[]` | -| `overlord.config` | overlord private config such as `JAVA_OPTS` | | -| `overlord.affinity` | overlord affinity policy | `{}` | +| `overlord.config` | overlord private config such as `JAVA_OPTS` | | +| `overlord.affinity` | overlord affinity policy | `{}` | | `overlord.ingress.enabled` | enable ingress | `false` | | `overlord.ingress.hosts` | hosts for the overlord api | `[ "chart-example.local" ]` | | `overlord.ingress.path` | path of the overlord api | `/` | | `overlord.ingress.annotations` | annotations for the overlord api ingress | `{}` | -| `overlord.ingress.tls` | TLS configuration for the ingress | `[]` | +| `overlord.ingress.tls` | TLS configuration for the ingress | `[]` | | `historical.enabled` | enable historical | `true` | +| `historical.env` | historical container environment variables to append | `[]` | | `historical.name` | historical component name | `historical` | | `historical.replicaCount` | historical node replicas (statefulset) | `1` | | `historical.port` | port of historical component | `8083` | @@ -156,19 +161,20 @@ The following table lists the configurable parameters of the Druid chart and the | `historical.nodeSelector` | node labels for historical pod assignment | `{}` | | `historical.securityContext` | custom security context for historical containers | `{ fsGroup: 1000 }` | | `historical.tolerations` | historical tolerations | `[]` | -| `historical.config` | historical node private config such as `JAVA_OPTS` | | +| `historical.config` | historical node private config such as `JAVA_OPTS` | | | `historical.persistence.enabled` | historical persistent enabled/disabled | `true` | | `historical.persistence.size` | historical persistent volume size | `4Gi` | | `historical.persistence.storageClass` | historical persistent volume Class | `nil` | | `historical.persistence.accessMode` | historical persistent Access Mode | `ReadWriteOnce` | -| `historical.antiAffinity` | historical anti-affinity policy | `soft` | -| `historical.nodeAffinity` | historical node affinity policy | `{}` | +| `historical.antiAffinity` | historical anti-affinity policy | `soft` | +| `historical.nodeAffinity` | historical node affinity policy | `{}` | | `historical.ingress.enabled` | enable ingress | `false` | | `historical.ingress.hosts` | hosts for the historical api | `[ "chart-example.local" ]` | | `historical.ingress.path` | path of the historical api | `/` | | `historical.ingress.annotations` | annotations for the historical api ingress | `{}` | -| `historical.ingress.tls` | TLS configuration for the ingress | `[]` | +| `historical.ingress.tls` | TLS configuration for the ingress | `[]` | | `middleManager.enabled` | enable middleManager | `true` | +| `middleManager.env` | middleManager container environment variables to append | `[]` | | `middleManager.name` | middleManager component name | `middleManager` | | `middleManager.replicaCount` | middleManager node replicas (statefulset) | `1` | | `middleManager.port` | port of middleManager component | `8091` | @@ -178,13 +184,13 @@ The following table lists the configurable parameters of the Druid chart and the | `middleManager.nodeSelector` | Node labels for middleManager pod assignment | `{}` | | `middleManager.securityContext` | custom security context for middleManager containers | `{ fsGroup: 1000 }` | | `middleManager.tolerations` | middleManager tolerations | `[]` | -| `middleManager.config` | middleManager private config such as `JAVA_OPTS` | | +| `middleManager.config` | middleManager private config such as `JAVA_OPTS` | | | `middleManager.persistence.enabled` | middleManager persistent enabled/disabled | `true` | | `middleManager.persistence.size` | middleManager persistent volume size | `4Gi` | | `middleManager.persistence.storageClass` | middleManager persistent volume Class | `nil` | | `middleManager.persistence.accessMode` | middleManager persistent Access Mode | `ReadWriteOnce` | -| `middleManager.antiAffinity` | middleManager anti-affinity policy | `soft` | -| `middleManager.nodeAffinity` | middleManager node affinity policy | `{}` | +| `middleManager.antiAffinity` | middleManager anti-affinity policy | `soft` | +| `middleManager.nodeAffinity` | middleManager node affinity policy | `{}` | | `middleManager.autoscaling.enabled` | enable horizontal pod autoscaling | `false` | | `middleManager.autoscaling.minReplicas` | middleManager autoscaling min replicas | `2` | | `middleManager.autoscaling.maxReplicas` | middleManager autoscaling max replicas | `5` | @@ -193,8 +199,9 @@ The following table lists the configurable parameters of the Druid chart and the | `middleManager.ingress.hosts` | hosts for the middleManager api | `[ "chart-example.local" ]` | | `middleManager.ingress.path` | path of the middleManager api | `/` | | `middleManager.ingress.annotations` | annotations for the middleManager api ingress | `{}` | -| `middleManager.ingress.tls` | TLS configuration for the ingress | `[]` | +| `middleManager.ingress.tls` | TLS configuration for the ingress | `[]` | | `router.enabled` | enable router | `false` | +| `router.env` | router container environment variables to append | `[]` | | `router.name` | router component name | `router` | | `router.replicaCount` | router node replicas (deployment) | `1` | | `router.port` | port of router component | `8888` | @@ -203,12 +210,12 @@ The following table lists the configurable parameters of the Druid chart and the | `router.podAnnotations` | router Deployment annotations | `{}` | | `router.nodeSelector` | node labels for router pod assignment | `{}` | | `router.tolerations` | router tolerations | `[]` | -| `router.config` | router private config such as `JAVA_OPTS` | | -| `router.affinity` | router affinity policy | `{}` | +| `router.config` | router private config such as `JAVA_OPTS` | | +| `router.affinity` | router affinity policy | `{}` | | `router.ingress.enabled` | enable ingress | `false` | | `router.ingress.hosts` | hosts for the router api | `[ "chart-example.local" ]` | | `router.ingress.path` | path of the router api | `/` | | `router.ingress.annotations` | annotations for the router api ingress | `{}` | -| `router.ingress.tls` | TLS configuration for the ingress | `[]` | +| `router.ingress.tls` | TLS configuration for the ingress | `[]` | Full and up-to-date documentation can be found in the comments of the `values.yaml` file. diff --git a/helm/druid/templates/broker/deployment.yaml b/helm/druid/templates/broker/deployment.yaml index d320cf1cbf4b..ac6b1e5cca88 100644 --- a/helm/druid/templates/broker/deployment.yaml +++ b/helm/druid/templates/broker/deployment.yaml @@ -56,10 +56,16 @@ spec: valueFrom: {fieldRef: {fieldPath: metadata.name}} - name: POD_NAMESPACE valueFrom: {fieldRef: {fieldPath: metadata.namespace}} + {{- with .Values.env }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $key, $val := .Values.broker.config }} - name: {{ $key }} value: {{ $val | quote }} - {{- end}} + {{- end }} + {{- with .Values.broker.env }} + {{- toYaml . | nindent 10 }} + {{- end }} envFrom: - configMapRef: name: {{ template "druid.name" . }} diff --git a/helm/druid/templates/coordinator/deployment.yaml b/helm/druid/templates/coordinator/deployment.yaml index fc26757ef22f..aab516b36040 100644 --- a/helm/druid/templates/coordinator/deployment.yaml +++ b/helm/druid/templates/coordinator/deployment.yaml @@ -56,10 +56,16 @@ spec: valueFrom: {fieldRef: {fieldPath: metadata.name}} - name: POD_NAMESPACE valueFrom: {fieldRef: {fieldPath: metadata.namespace}} + {{- with .Values.env }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $key, $val := .Values.coordinator.config }} - name: {{ $key }} value: {{ $val | quote }} - {{- end}} + {{- end }} + {{- with .Values.coordinator.env }} + {{- toYaml . | nindent 10 }} + {{- end }} envFrom: - configMapRef: name: {{ template "druid.name" . }} diff --git a/helm/druid/templates/historical/statefulset.yaml b/helm/druid/templates/historical/statefulset.yaml index 1a575ac7202d..a38ba7437042 100644 --- a/helm/druid/templates/historical/statefulset.yaml +++ b/helm/druid/templates/historical/statefulset.yaml @@ -56,7 +56,7 @@ spec: - topologyKey: "kubernetes.io/hostname" labelSelector: matchLabels: - app: "{{ template "druid.name" . }}" + app: {{ template "druid.name" . | quote }} release: "{{ .Release.Name }}" component: "{{ .Values.historical.name }}" {{- else if eq .Values.historical.antiAffinity "soft" }} @@ -67,7 +67,7 @@ spec: topologyKey: kubernetes.io/hostname labelSelector: matchLabels: - app: "{{ template "druid.name" . }}" + app: {{ template "druid.name" . | quote }} release: "{{ .Release.Name }}" component: "{{ .Values.historical.name }}" {{- end }} @@ -99,10 +99,16 @@ spec: valueFrom: {fieldRef: {fieldPath: metadata.name}} - name: POD_NAMESPACE valueFrom: {fieldRef: {fieldPath: metadata.namespace}} + {{- with .Values.env }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- range $key, $val := .Values.historical.config }} - name: {{ $key }} value: {{ $val | quote }} - {{- end}} + {{- end }} + {{- with .Values.historical.env }} + {{- toYaml . | nindent 8 }} + {{- end }} envFrom: - configMapRef: name: {{ template "druid.name" . }} diff --git a/helm/druid/templates/middleManager/statefulset.yaml b/helm/druid/templates/middleManager/statefulset.yaml index 827ed561fe0d..d527fabc719b 100644 --- a/helm/druid/templates/middleManager/statefulset.yaml +++ b/helm/druid/templates/middleManager/statefulset.yaml @@ -67,7 +67,7 @@ spec: topologyKey: kubernetes.io/hostname labelSelector: matchLabels: - app: "{{ template "druid.name" . }}" + app: {{ template "druid.name" . | quote }} release: "{{ .Release.Name }}" component: "{{ .Values.middleManager.name }}" {{- end }} @@ -99,10 +99,16 @@ spec: valueFrom: {fieldRef: {fieldPath: metadata.name}} - name: POD_NAMESPACE valueFrom: {fieldRef: {fieldPath: metadata.namespace}} + {{- with .Values.env }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- range $key, $val := .Values.middleManager.config }} - name: {{ $key }} value: {{ $val | quote }} - {{- end}} + {{- end }} + {{- with .Values.middleManager.env }} + {{- toYaml . | nindent 8 }} + {{- end }} envFrom: - configMapRef: name: {{ template "druid.name" . }} diff --git a/helm/druid/templates/overlord/deployment.yaml b/helm/druid/templates/overlord/deployment.yaml index 8eebbe2b3ac2..8636ba2f2f2a 100644 --- a/helm/druid/templates/overlord/deployment.yaml +++ b/helm/druid/templates/overlord/deployment.yaml @@ -56,10 +56,16 @@ spec: valueFrom: {fieldRef: {fieldPath: metadata.name}} - name: POD_NAMESPACE valueFrom: {fieldRef: {fieldPath: metadata.namespace}} + {{- with .Values.env }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $key, $val := .Values.overlord.config }} - name: {{ $key }} value: {{ $val | quote }} - {{- end}} + {{- end }} + {{- with .Values.overlord.env }} + {{- toYaml . | nindent 10 }} + {{- end }} envFrom: - configMapRef: name: {{ template "druid.name" . }} diff --git a/helm/druid/templates/router/deployment.yaml b/helm/druid/templates/router/deployment.yaml index 31e272858286..0404ceafc889 100644 --- a/helm/druid/templates/router/deployment.yaml +++ b/helm/druid/templates/router/deployment.yaml @@ -56,10 +56,16 @@ spec: valueFrom: {fieldRef: {fieldPath: metadata.name}} - name: POD_NAMESPACE valueFrom: {fieldRef: {fieldPath: metadata.namespace}} + {{- with .Values.env }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $key, $val := .Values.router.config }} - name: {{ $key }} value: {{ $val | quote }} - {{- end}} + {{- end }} + {{- with .Values.router.env }} + {{- toYaml . | nindent 10 }} + {{- end }} envFrom: - configMapRef: name: {{ template "druid.name" . }} diff --git a/helm/druid/values.yaml b/helm/druid/values.yaml index f710f012ab3e..0bb5563182fa 100644 --- a/helm/druid/values.yaml +++ b/helm/druid/values.yaml @@ -48,6 +48,14 @@ configVars: druid_emitter_logging_logLevel: debug druid_emitter_http_recipientBaseUrl: http://druid_exporter_url:druid_exporter_port/druid +# Array of container env objects to append to all containers +env: [] +# - name: druid_metadata_storage_connector_password +# valueFrom: +# secretKeyRef: +# name: myDatabaseSecret +# key: myDatabasePasswordKey + gCloudStorage: enabled: false secretName: google-cloud-key @@ -70,6 +78,14 @@ broker: druid_processing_numThreads: 1 # druid_monitoring_monitors: '["org.apache.druid.client.cache.CacheMonitor", "org.apache.druid.server.metrics.QueryCountStatsMonitor"]' + # Array of container env objects to append to broker container + env: [] + # - name: druid_metadata_storage_connector_password + # valueFrom: + # secretKeyRef: + # name: myDatabaseSecret + # key: myDatabasePasswordKey + ingress: enabled: false annotations: {} @@ -113,6 +129,14 @@ coordinator: DRUID_XMS: 256m # druid_monitoring_monitors: '["org.apache.druid.server.metrics.TaskCountStatsMonitor"]' + # Array of container env objects to append to coordinator container + env: [] + # - name: druid_metadata_storage_connector_password + # valueFrom: + # secretKeyRef: + # name: myDatabaseSecret + # key: myDatabasePasswordKey + ingress: enabled: false annotations: {} @@ -151,6 +175,16 @@ overlord: port: 8081 serviceType: ClusterIP + config: {} + + # Array of container env objects to append to overlord container + env: [] + # - name: druid_metadata_storage_connector_password + # valueFrom: + # secretKeyRef: + # name: myDatabaseSecret + # key: myDatabasePasswordKey + javaOpts: "-Xms1G -Xmx1G" ingress: @@ -195,6 +229,14 @@ historical: # druid_monitoring_monitors: '["org.apache.druid.client.cache.CacheMonitor", "org.apache.druid.server.metrics.HistoricalMetricsMonitor", "org.apache.druid.server.metrics.QueryCountStatsMonitor"]' # druid_segmentCache_locations: '[{"path":"/var/druid/segment-cache","maxSize":300000000000}]' + # Array of container env objects to append to historical container + env: [] + # - name: druid_metadata_storage_connector_password + # valueFrom: + # secretKeyRef: + # name: myDatabaseSecret + # key: myDatabasePasswordKey + ingress: enabled: false annotations: {} @@ -262,6 +304,14 @@ middleManager: druid_indexer_runner_javaOptsArray: '["-server", "-Xms256m", "-Xmx256m", "-XX:MaxDirectMemorySize=300m", "-Duser.timezone=UTC", "-Dfile.encoding=UTF-8", "-XX:+ExitOnOutOfMemoryError", "-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager"]' druid_indexer_fork_property_druid_processing_buffer_sizeBytes: '25000000' + # Array of container env objects to append to middleManager container + env: [] + # - name: druid_metadata_storage_connector_password + # valueFrom: + # secretKeyRef: + # name: myDatabaseSecret + # key: myDatabasePasswordKey + autoscaling: enabled: false minReplicas: 2 @@ -343,6 +393,14 @@ router: DRUID_XMS: 128m DRUID_MAXDIRECTMEMORYSIZE: 128m + # Array of container env objects to append to router container + env: [] + # - name: druid_metadata_storage_connector_password + # valueFrom: + # secretKeyRef: + # name: myDatabaseSecret + # key: myDatabasePasswordKey + ingress: enabled: false annotations: {}