diff --git a/stable/anchore-engine/Chart.yaml b/stable/anchore-engine/Chart.yaml index 9429ad4f..db404351 100644 --- a/stable/anchore-engine/Chart.yaml +++ b/stable/anchore-engine/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: anchore-engine -version: 1.9.1 +version: 1.9.2 appVersion: 0.8.1 description: Anchore container analysis and policy evaluation engine service keywords: diff --git a/stable/anchore-engine/templates/analyzer_deployment.yaml b/stable/anchore-engine/templates/analyzer_deployment.yaml index f739fadd..ebb85179 100644 --- a/stable/anchore-engine/templates/analyzer_deployment.yaml +++ b/stable/anchore-engine/templates/analyzer_deployment.yaml @@ -135,11 +135,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -147,10 +147,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreAnalyzer.resources | nindent 10 }} volumes: diff --git a/stable/anchore-engine/templates/api_deployment.yaml b/stable/anchore-engine/templates/api_deployment.yaml index 597a265b..6f7e7f3e 100644 --- a/stable/anchore-engine/templates/api_deployment.yaml +++ b/stable/anchore-engine/templates/api_deployment.yaml @@ -135,11 +135,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -147,10 +147,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreApi.resources | nindent 10 }} {{- if and .Values.anchoreEnterpriseGlobal.enabled .Values.anchoreEnterpriseRbac.enabled }} @@ -204,11 +204,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -216,10 +216,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreEnterpriseRbac.managerResources | nindent 10 }} - name: {{ .Chart.Name }}-rbac-authorizer @@ -271,21 +271,21 @@ spec: - curl - -f - 'localhost:{{ .Values.anchoreEnterpriseRbac.service.authPort }}/health' - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: exec: command: - curl - -f - 'localhost:{{ .Values.anchoreEnterpriseRbac.service.authPort }}/health' - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreEnterpriseRbac.authResources | nindent 10 }} {{- end }} @@ -340,11 +340,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -352,10 +352,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreEnterpriseReports.resources | nindent 10 }} {{- end }} @@ -410,11 +410,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -422,10 +422,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreEnterpriseNotifications.resources | nindent 10 }} {{- end }} diff --git a/stable/anchore-engine/templates/catalog_deployment.yaml b/stable/anchore-engine/templates/catalog_deployment.yaml index e5f900a8..396487ab 100644 --- a/stable/anchore-engine/templates/catalog_deployment.yaml +++ b/stable/anchore-engine/templates/catalog_deployment.yaml @@ -130,11 +130,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -142,10 +142,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreCatalog.resources | nindent 10 }} volumes: diff --git a/stable/anchore-engine/templates/enterprise_feeds_deployment.yaml b/stable/anchore-engine/templates/enterprise_feeds_deployment.yaml index f8675d32..ae72f423 100644 --- a/stable/anchore-engine/templates/enterprise_feeds_deployment.yaml +++ b/stable/anchore-engine/templates/enterprise_feeds_deployment.yaml @@ -120,11 +120,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -132,10 +132,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreEnterpriseFeeds.resources | nindent 10 }} volumes: diff --git a/stable/anchore-engine/templates/enterprise_ui_deployment.yaml b/stable/anchore-engine/templates/enterprise_ui_deployment.yaml index 2352b0e3..b6b39c86 100644 --- a/stable/anchore-engine/templates/enterprise_ui_deployment.yaml +++ b/stable/anchore-engine/templates/enterprise_ui_deployment.yaml @@ -104,17 +104,19 @@ spec: livenessProbe: tcpSocket: port: enterprise-ui - initialDelaySeconds: 120 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /service/health port: enterprise-ui - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreEnterpriseUi.resources | nindent 10 }} volumes: diff --git a/stable/anchore-engine/templates/policy_engine_deployment.yaml b/stable/anchore-engine/templates/policy_engine_deployment.yaml index 06455f1f..74a5e15d 100644 --- a/stable/anchore-engine/templates/policy_engine_deployment.yaml +++ b/stable/anchore-engine/templates/policy_engine_deployment.yaml @@ -132,11 +132,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -144,10 +144,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchorePolicyEngine.resources | nindent 10 }} volumes: @@ -222,4 +222,4 @@ spec: protocol: TCP selector: app: {{ template "anchore-engine.fullname" . }} - component: {{ $component }} \ No newline at end of file + component: {{ $component }} diff --git a/stable/anchore-engine/templates/simplequeue_deployment.yaml b/stable/anchore-engine/templates/simplequeue_deployment.yaml index 92a86fa9..22a2f062 100644 --- a/stable/anchore-engine/templates/simplequeue_deployment.yaml +++ b/stable/anchore-engine/templates/simplequeue_deployment.yaml @@ -130,11 +130,11 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - initialDelaySeconds: 120 - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 6 - successThreshold: 1 + initialDelaySeconds: {{ .Values.anchoreGlobal.probes.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.anchoreGlobal.probes.liveness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.liveness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.liveness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.liveness.successThreshold }} readinessProbe: httpGet: path: /health @@ -142,10 +142,10 @@ spec: {{- if .Values.anchoreGlobal.internalServicesSsl.enabled }} scheme: HTTPS {{- end }} - timeoutSeconds: 10 - periodSeconds: 10 - failureThreshold: 3 - successThreshold: 1 + timeoutSeconds: {{ .Values.anchoreGlobal.probes.readiness.timeoutSeconds }} + periodSeconds: {{ .Values.anchoreGlobal.probes.readiness.periodSeconds }} + failureThreshold: {{ .Values.anchoreGlobal.probes.readiness.failureThreshold }} + successThreshold: {{ .Values.anchoreGlobal.probes.readiness.successThreshold }} resources: {{ toYaml .Values.anchoreSimpleQueue.resources | nindent 10 }} volumes: diff --git a/stable/anchore-engine/values.yaml b/stable/anchore-engine/values.yaml index 0874d6f3..0e629df6 100644 --- a/stable/anchore-engine/values.yaml +++ b/stable/anchore-engine/values.yaml @@ -203,6 +203,20 @@ anchoreGlobal: general: {} # url: "http://somehost:9090//" + # Allow configuration of Kubernetes probes + probes: + liveness: + initialDelaySeconds: 120 + timeoutSeconds: 10 + periodSeconds: 10 + failureThreshold: 6 + successThreshold: 1 + readiness: + timeoutSeconds: 10 + periodSeconds: 10 + failureThreshold: 3 + successThreshold: 1 + # Configuration for the analyzer pods that perform image analysis # There may be many of these analyzers but best practice is to not have more than one per node since analysis # is very IO intensive. Use of affinity/anti-affinity rules for scheduling the analyzers is future work.