From 715ca3f454e6709907badb5c8047e71444dbf862 Mon Sep 17 00:00:00 2001 From: Karl Levik Date: Wed, 12 Apr 2023 18:05:46 +0100 Subject: [PATCH 1/5] Use values.yaml for config parameters and add new VERSION option --- example-values.yaml | 129 ++++++++++++++++++++++++++++++++++++++++++++ pmm-server.sh | 19 ++++++- 2 files changed, 146 insertions(+), 2 deletions(-) create mode 100644 example-values.yaml diff --git a/example-values.yaml b/example-values.yaml new file mode 100644 index 0000000..b802b05 --- /dev/null +++ b/example-values.yaml @@ -0,0 +1,129 @@ +## @section Percona Monitoring and Management (PMM) parameters +## Default values for PMM. +## This is a YAML-formatted file. +## Declare variables to be passed into your templates. + +## PMM image version +## ref: https://hub.docker.com/r/percona/pmm-server/tags +## @param image.repository PMM image repository +## @param image.pullPolicy PMM image pull policy +## @param image.tag PMM image tag (immutable tags are recommended) +## @param image.imagePullSecrets Global Docker registry secret names as an array +## +image: + repository: percona/pmm-server + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. +# tag: "2.31.0" +# imagePullSecrets: [] + +## PMM environment variables +## ref: https://docs.percona.com/percona-monitoring-and-management/setting-up/server/docker.html#environment-variables +## +pmmEnv: + ## @param pmmEnv.DISABLE_UPDATES Disables a periodic check for new PMM versions as well as ability to apply upgrades using the UI (need to be disabled in k8s environment as updates rolled with helm/container update) + ## + DISABLE_UPDATES: "1" +# ENABLE_DBAAS: "1" +# optional variables to integrate Grafana with internal iDP, see also secret part +# GF_AUTH_GENERIC_OAUTH_ENABLED: 'true' +# GF_AUTH_GENERIC_OAUTH_SCOPES: '' +# GF_AUTH_GENERIC_OAUTH_AUTH_URL: '' +# GF_AUTH_GENERIC_OAUTH_TOKEN_URL: '' +# GF_AUTH_GENERIC_OAUTH_API_URL: '' +# GF_AUTH_GENERIC_OAUTH_ALLOWED_DOMAINS: '' + +## @param pmmResources optional [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) requested for [PMM container](https://docs.percona.com/percona-monitoring-and-management/setting-up/server/index.html#set-up-pmm-server) + ## pmmResources: + ## requests: + ## memory: "32Gi" + ## cpu: "8" + ## limits: + ## memory: "64Gi" + ## cpu: "32" +pmmResources: {} + +## @section PMM secrets +## +secret: + ## @param secret.name Defines the name of the k8s secret that holds passwords and other secrets + ## + name: pmm-secret + ## @param secret.create If true then secret will be generated by Helm chart. Otherwise it is expected to be created by user. + ## + create: true + ## @param secret.pmm_password Initial PMM password - it changes only on the first deployment, ignored if PMM was already provisioned and just restarted. If PMM admin password is not set, it will be generated. + ## E.g. + ## pmm_password: admin + ## + ## To get password execute `kubectl get secret pmm-secret -o jsonpath='{.data.PMM_ADMIN_PASSWORD}' | base64 --decode` + ## + pmm_password: "password123" + ## +# GF_AUTH_GENERIC_OAUTH_CLIENT_ID optional client ID to integrate Grafana with internal iDP, requires other env defined as well under pmmEnv +# GF_AUTH_GENERIC_OAUTH_CLIENT_ID: + # GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET optional secret to integrate Grafana with internal iDP, requires other env defined as well under pmmEnv + # GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: + +## @section PMM network configuration +## Service configuration +## +service: + ## @param service.name Service name that is dns name monitoring services would send data to. `monitoring-service` used by default by pmm-client in Percona operators. + ## + name: monitoring-service + ## @param service.type Kubernetes Service type + ## + type: LoadBalancer + + ## Ports 443 and/or 80 + ## + ports: + ## @param service.ports[0].port https port number + - port: 443 + ## @param service.ports[0].targetPort target port to map for statefulset and ingress + targetPort: https + ## @param service.ports[0].protocol protocol for https + protocol: TCP + ## @param service.ports[0].name port name + name: https + ## @param service.ports[1].port http port number + - port: 80 + ## @param service.ports[1].targetPort target port to map for statefulset and ingress + targetPort: http + ## @param service.ports[1].protocol protocol for http + protocol: TCP + ## @param service.ports[1].name port name + name: http + +## @section PMM storage configuration +## Claiming storage for PMM using Persistent Volume Claims (PVC) +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## +storage: + ## @param storage.name name of PVC + name: pmm-storage + ## @param storage.storageClassName optional PMM data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClassName: "my-storage-class-name" + ## + ## @param storage.size size of storage [depends](https://docs.percona.com/percona-monitoring-and-management/setting-up/server/index.html#set-up-pmm-server) on number of monitored services and data retention + ## + size: 50Gi + +## Pods Service Account +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## @param serviceAccount.create Specifies whether a ServiceAccount should be created +## @param serviceAccount.annotations Annotations for service account. Evaluated as a template. Only used if `create` is `true`. +## @param serviceAccount.name Name of the service account to use. If not set and create is true, a name is generated using the fullname template. +## +serviceAccount: + create: false + annotations: {} + name: "default" + diff --git a/pmm-server.sh b/pmm-server.sh index 7cd428b..1d642b5 100755 --- a/pmm-server.sh +++ b/pmm-server.sh @@ -19,6 +19,8 @@ Options understood: ACTION Allowed values: SHOW | INSTALL | UNINSTALL | REINSTALL. Case-insensitive. Default: SHOW. + VERSION The chart version to use. + Default: latest WHAT With ACTION = SHOW: Allowed values: ALL | SYSTEM | SERVICES | VOLUMES | EVENTS Default: ALL @@ -37,6 +39,9 @@ Specify REPO to remove the repository or ALL to remove both. SHOW shows information about PMM if installed. One can specify multiple comma-separated flags, for example: ACTION=SHOW WHAT=SYSTEM,SERVICES ./pmm-server.sh + +A 'values.yaml' file containing chart configuration values are used if it exists +in the current directory. " exit 0 fi @@ -265,7 +270,18 @@ then fi if [ $WHAT == 'ALL' ] || [ $WHAT == 'RELEASE' ]; then - run "helm install monitoring percona/pmm --set secret.pmm_password=$PMM_SERVER_PASSWORD --set serviceAccount.create=false --set serviceAccount.name=default" + if [ -r values.yaml ] && [ ! -z $VERSION ]; + then + run "helm install -f example-values.yaml --version=$VERSION monitoring percona/pmm" + elif [ -r values.yaml ]; + then + run "helm install -f example-values.yaml monitoring percona/pmm" + elif [ ! -z $VERSION ]; + then + run "helm install --version=$VERSION monitoring percona/pmm" + else + run "helm install monitoring percona/pmm" + fi fi helm get values monitoring @@ -293,6 +309,5 @@ success 'Success' # TODO: -# - Allow to install a specific version # - Allow to use a non-standard server port From 796f34c549c55b1ac97054f59567f64ff70ad2c0 Mon Sep 17 00:00:00 2001 From: Karl Levik Date: Wed, 12 Apr 2023 19:33:45 +0100 Subject: [PATCH 2/5] Use values YAML file defined in conf.sh. Git ignore its default name values.yaml --- .gitignore | 2 ++ conf.sh.default.sh | 2 ++ pmm-server.sh | 11 ++++------- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 741ba7c..8e86095 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,8 @@ # Global configuration. # Use conf.sh.default as a template. conf.sh +# Use example-values.yaml as a template. +values.yaml # Host-level configuration hosts/* !hosts/.KEEP diff --git a/conf.sh.default.sh b/conf.sh.default.sh index 5535278..52b4bd6 100644 --- a/conf.sh.default.sh +++ b/conf.sh.default.sh @@ -20,6 +20,8 @@ PMM_SERVER_HOST= PMM_SERVER_USER='admin' # Password for PMM Server user PMM_SERVER_PASSWORD='...' +# File containing chart configuration values for PMM Server +PMM_SERVER_VALUES='values.yaml' # Set exactly to 1 to enable "mysql" service in PMM Client PMM_SERVICE_MYSQL=1 diff --git a/pmm-server.sh b/pmm-server.sh index 1d642b5..9d9d48b 100755 --- a/pmm-server.sh +++ b/pmm-server.sh @@ -39,9 +39,6 @@ Specify REPO to remove the repository or ALL to remove both. SHOW shows information about PMM if installed. One can specify multiple comma-separated flags, for example: ACTION=SHOW WHAT=SYSTEM,SERVICES ./pmm-server.sh - -A 'values.yaml' file containing chart configuration values are used if it exists -in the current directory. " exit 0 fi @@ -270,12 +267,12 @@ then fi if [ $WHAT == 'ALL' ] || [ $WHAT == 'RELEASE' ]; then - if [ -r values.yaml ] && [ ! -z $VERSION ]; + if [ -r $PMM_SERVER_VALUES ] && [ ! -z $VERSION ]; then - run "helm install -f example-values.yaml --version=$VERSION monitoring percona/pmm" - elif [ -r values.yaml ]; + run "helm install -f $PMM_SERVER_VALUES --version=$VERSION monitoring percona/pmm" + elif [ -r $PMM_SERVER_VALUES ]; then - run "helm install -f example-values.yaml monitoring percona/pmm" + run "helm install -f $PMM_SERVER_VALUES monitoring percona/pmm" elif [ ! -z $VERSION ]; then run "helm install --version=$VERSION monitoring percona/pmm" From 1a29a3bc96c9504060f8c5723d6d8d3c8da68c28 Mon Sep 17 00:00:00 2001 From: KarlLevik Date: Thu, 21 Sep 2023 12:42:17 +0100 Subject: [PATCH 3/5] Separate LoadBalancer manifest + README documentation, more gitignores --- .gitignore | 4 ++++ README.md | 30 +++++++++++++++++++++++++----- pmm-loadbalancer.yaml | 27 +++++++++++++++++++++++++++ 3 files changed, 56 insertions(+), 5 deletions(-) create mode 100644 pmm-loadbalancer.yaml diff --git a/.gitignore b/.gitignore index 8e86095..0d81a45 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,7 @@ values.yaml # Host-level configuration hosts/* !hosts/.KEEP +# Info sharing between pmm-server and pmm-client? +info/* +# Logs +log diff --git a/README.md b/README.md index d0f7ad9..e2f2262 100644 --- a/README.md +++ b/README.md @@ -10,13 +10,23 @@ are not desirable for some reason, or not necessary. Copy the configuration template: -``` +```bash cp conf.sh.default.sh conf.sh ``` -`conf.sh` contains all the configuration. Each option is documented in the file itself. +Also copy the example 'values' file: + +```bash +cp example-values.yaml values.yaml +``` + +`conf.sh` and `values.yaml` contain all the configuration. Each option is +documented in the files themselves. + +NB! Make sure the values are the same for `PMM_SERVER_PASSWORD` in `conf.sh` and +`pmm_password` in `values.yaml`. -The file is ignored by git. +These file are ignored by git. ## Usage @@ -24,7 +34,7 @@ The file is ignored by git. Currently scripts usage is documented in the scripts themselves. To see their built-in help: -``` +```bash HELP=1 ./pmm-server.sh HELP=1 ./pmm-client.sh ``` @@ -32,12 +42,22 @@ HELP=1 ./pmm-client.sh `ACTION=INSTALL pmm-server.sh` outputs, amongst other things, the IP of PMM Server. But you may need this information at any later time. To obtain it, run: -``` +```bash ./get-ip.sh ``` It only outputs the IP, so it can be piped to another script. +## Load balancer + +Currently, the project needs a separate LoadBalancer to work. This has a fixed +IP address which was assigned especially for PMM. + +Install this with: + +```bash +kubectl apply -f ./pmm-loadbalancer.yaml +``` ## Copyright and License diff --git a/pmm-loadbalancer.yaml b/pmm-loadbalancer.yaml new file mode 100644 index 0000000..e698c6c --- /dev/null +++ b/pmm-loadbalancer.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Service +metadata: + name: nginx +spec: + ports: + - name: https + protocol: TCP + port: 443 + targetPort: https + - name: http + protocol: TCP + port: 80 + targetPort: http + - name: p7777 + protocol: TCP + port: 7777 + targetPort: 7777 + selector: + app.kubernetes.io/component: pmm-server + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: pmm + app.kubernetes.io/part-of: percona-platform + type: LoadBalancer + loadBalancerIP: 172.23.169.239 + externalTrafficPolicy: Cluster + From febca34b6be923d8c4782b3731c0ec4b0190c9eb Mon Sep 17 00:00:00 2001 From: KarlLevik Date: Thu, 21 Sep 2023 14:40:20 +0100 Subject: [PATCH 4/5] Use values closer to those used in Diamond environment --- example-values.yaml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/example-values.yaml b/example-values.yaml index b802b05..ec34494 100644 --- a/example-values.yaml +++ b/example-values.yaml @@ -34,14 +34,14 @@ pmmEnv: # GF_AUTH_GENERIC_OAUTH_ALLOWED_DOMAINS: '' ## @param pmmResources optional [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) requested for [PMM container](https://docs.percona.com/percona-monitoring-and-management/setting-up/server/index.html#set-up-pmm-server) - ## pmmResources: - ## requests: - ## memory: "32Gi" - ## cpu: "8" - ## limits: - ## memory: "64Gi" - ## cpu: "32" -pmmResources: {} +pmmResources: + requests: + memory: "32Gi" + cpu: "8" + limits: + memory: "64Gi" + cpu: "24" +## pmmResources: {} ## @section PMM secrets ## @@ -74,7 +74,7 @@ service: name: monitoring-service ## @param service.type Kubernetes Service type ## - type: LoadBalancer + type: ClusterIP ## Ports 443 and/or 80 ## @@ -110,7 +110,7 @@ storage: ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## - # storageClassName: "my-storage-class-name" + storageClassName: "db-nvme-storage" ## ## @param storage.size size of storage [depends](https://docs.percona.com/percona-monitoring-and-management/setting-up/server/index.html#set-up-pmm-server) on number of monitored services and data retention ## From 08d037241002881350038620ffa77142ab3571a4 Mon Sep 17 00:00:00 2001 From: KarlLevik Date: Thu, 21 Sep 2023 14:40:55 +0100 Subject: [PATCH 5/5] Add section about values.yaml file --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index e2f2262..947de6a 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,13 @@ NB! Make sure the values are the same for `PMM_SERVER_PASSWORD` in `conf.sh` and These file are ignored by git. +### Notes about the values.yaml file + +The `example-values.yaml` file has the `service` `type` as `ClusterIP`, so it +can use the separate `LoadBalancer` (see below). + +Note also that the `storageClassName` used is a magical one which in the +Diamond Kubernetes cluster will give us node-local storage. ## Usage