diff --git a/README.md b/README.md
index 5c9b2affa..5048691c0 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ KubeBlocks add-ons.
| apecloud-mysql | apecloud-mysql-8.0.30
wescale-0.2.7 | ApeCloud MySQL is a database that is compatible with MySQL syntax and achieves high availability through the utilization of the RAFT consensus protocol. | xuriwuyun |
| apecloud-postgresql | apecloud-postgresql-14.11.0 | ApeCloud PostgreSQL is a database that is compatible with PostgreSQL syntax and achieves high availability through the utilization of the RAFT consensus protocol. | ldming |
| camellia-redis-proxy | camellia-redis-proxy-1.2.26 | camellia-redis-proxy is a high-performance redis proxy developed using Netty4. | Y-Rookie |
-| clickhouse | clickhouse-cluster-24.3.10 | ClickHouse is an open-source column-oriented OLAP database management system. Use it to boost your database performance while providing linear scalability and hardware efficiency. | sophon-zt |
+| clickhouse | clickhouse-24.8.3 | ClickHouse is an open-source column-oriented OLAP database management system. Use it to boost your database performance while providing linear scalability and hardware efficiency. | sophon-zt |
| dmdb | dmdb-0.1.0 | A Helm chart for Kubernetes | |
| elasticsearch | elasticsearch-7.10.1
elasticsearch-7.7.1
elasticsearch-7.8.1
elasticsearch-8.1.3
elasticsearch-8.8.2 | Elasticsearch is a distributed, RESTful search engine optimized for speed and relevance on production-scale workloads. | iziang |
| etcd | etcd-v3.5.15
etcd-v3.5.6 | Etcd is a strongly consistent, distributed key-value store that provides a reliable way to store data that needs to be accessed by a distributed system or cluster of machines. | free6om |
diff --git a/addons-cluster/clickhouse/Chart.yaml b/addons-cluster/clickhouse/Chart.yaml
index ad9443822..1eb786984 100644
--- a/addons-cluster/clickhouse/Chart.yaml
+++ b/addons-cluster/clickhouse/Chart.yaml
@@ -6,7 +6,7 @@ type: application
version: 1.0.0-alpha.0
-appVersion: 24.3.10
+appVersion: 24.8.3
dependencies:
- name: kblib
diff --git a/addons-cluster/clickhouse/templates/NOTES.txt b/addons-cluster/clickhouse/templates/NOTES.txt
index b2d34ac1c..e8153cdf9 100644
--- a/addons-cluster/clickhouse/templates/NOTES.txt
+++ b/addons-cluster/clickhouse/templates/NOTES.txt
@@ -15,7 +15,7 @@
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "clickhouse-cluster.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "clickhouse-cluster.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name=clickhouse-24,app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
diff --git a/addons-cluster/clickhouse/templates/_helpers.tpl b/addons-cluster/clickhouse/templates/_helpers.tpl
index 738f4fe05..2b60a8ce4 100644
--- a/addons-cluster/clickhouse/templates/_helpers.tpl
+++ b/addons-cluster/clickhouse/templates/_helpers.tpl
@@ -61,6 +61,24 @@ Create the name of the service account to use
{{- default (printf "kb-%s" (include "clustername" .)) .Values.serviceAccount.name }}
{{- end }}
+{{/*
+TLS file
+*/}}
+{{- define "clickhouse-cluster.tls" -}}
+tls: {{ $.Values.tls.enabled }}
+{{- if $.Values.tls.enabled }}
+issuer:
+ name: {{ $.Values.tls.issuer }}
+ {{- if eq $.Values.tls.issuer "UserProvided" }}
+ secretRef:
+ name: {{ $.Values.tls.secretName }}
+ ca: ca.crt
+ cert: tls.crt
+ key: tls.key
+ {{- end }}
+{{- end }}
+{{- end }}
+
{{/*
Define clickhouse componentSpec with ComponentDefinition.
*/}}
@@ -90,6 +108,7 @@ Define clickhouse componentSpec with ComponentDefinition.
resources:
requests:
storage: {{ $.Values.clickhouse.persistence.data.size }}
+{{ include "clickhouse-cluster.tls" . | indent 2 }}
{{- end }}
{{/*
@@ -120,6 +139,7 @@ Define clickhouse keeper componentSpec with ComponentDefinition.
resources:
requests:
storage: {{ $.Values.keeper.persistence.data.size }}
+{{ include "clickhouse-cluster.tls" . | indent 2 }}
{{- end }}
{{/*
@@ -154,6 +174,7 @@ Define clickhouse shardingComponentSpec with ComponentDefinition.
resources:
requests:
storage: {{ $.Values.clickhouse.persistence.data.size }}
+{{ include "clickhouse-cluster.tls" . | indent 4 }}
{{- end }}
{{/*
@@ -187,5 +208,6 @@ Define clickhouse componentSpec with compatible ComponentDefinition API
resources:
requests:
storage: {{ $.Values.clickhouse.persistence.data.size }}
+{{ include "clickhouse-cluster.tls" . | indent 2 }}
{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/addons-cluster/clickhouse/templates/cluster-tls-secrets.yaml b/addons-cluster/clickhouse/templates/cluster-tls-secrets.yaml
new file mode 100644
index 000000000..c57b952af
--- /dev/null
+++ b/addons-cluster/clickhouse/templates/cluster-tls-secrets.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.tls.enabled (eq .Values.tls.issuer "UserProvided") }}
+{{- $ca := genCA "KubeBlocks" 36500 }}
+{{- $cert := genSignedCert "clickhouse" (list "127.0.0.1" "::1") (list "localhost" "*.cluster.local") 36500 $ca }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.tls.secretName }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels: {{- include "clickhouse-cluster.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+ ca.crt: {{ $ca.Cert | quote }}
+ tls.crt: {{ $cert.Cert | quote }}
+ tls.key: {{ $cert.Key | quote }}
+{{- end }}
\ No newline at end of file
diff --git a/addons-cluster/clickhouse/values.yaml b/addons-cluster/clickhouse/values.yaml
index 6863b53b0..08cafc06b 100644
--- a/addons-cluster/clickhouse/values.yaml
+++ b/addons-cluster/clickhouse/values.yaml
@@ -283,3 +283,11 @@ extra:
sharding:
enabled: false
+
+## @param tlsEnable Enable TLS for clickhouse cluster
+tls:
+ enabled: false
+ # KubeBlocks or UserProvided
+ issuer: UserProvided
+ # if issuer is UserProvided, will automatically generate tls file by cluster-tls-secrets.yaml
+ secretName: clickhouse-cluster-tls
\ No newline at end of file
diff --git a/addons/clickhouse/Chart.yaml b/addons/clickhouse/Chart.yaml
index 3596b0626..7dcc81cb3 100644
--- a/addons/clickhouse/Chart.yaml
+++ b/addons/clickhouse/Chart.yaml
@@ -8,7 +8,7 @@ type: application
version: 1.0.0-alpha.0
-appVersion: 24.3.10
+appVersion: 24.8.3
home: https://clickhouse.com/
icon: https://bitnami.com/assets/stacks/clickhouse/img/clickhouse-stack-220x234.png
diff --git a/addons/clickhouse/configs/00_default_overrides.xml.tpl b/addons/clickhouse/configs/00_default_overrides.xml.tpl
index c87b21021..b73400de7 100644
--- a/addons/clickhouse/configs/00_default_overrides.xml.tpl
+++ b/addons/clickhouse/configs/00_default_overrides.xml.tpl
@@ -1,10 +1,23 @@
{{- $clusterName := $.cluster.metadata.name }}
{{- $namespace := $.cluster.metadata.namespace }}
-
+ 0.0.0.0
+ {{- if $.component.tlsConfig }}
+
+
+
+
+
+
+ {{- else }}
+
+
+
+ {{- end }}
+
-
-
+
+
{{ $clusterName }}
@@ -15,12 +28,17 @@
- {{- range $_, $host := splitList "," .CLICKHOUSE_POD_FQDN_LIST }}
+ {{- range $_, $host := splitList "," .CLICKHOUSE_POD_FQDN_LIST }}
- {{ $host }}
- 9000
+ {{ $host }}
+ {{- if $.component.tlsConfig }}
+
+ 1
+ {{- else }}
+
+ {{- end }}
- {{- end }}
+ {{- end }}
@@ -29,16 +47,76 @@
{{- range $_, $host := splitList "," .CH_KEEPER_POD_FQDN_LIST }}
{{ $host }}
- 2181
+ {{- if $.component.tlsConfig }}
+
+ 1
+ {{- else }}
+
+ {{- end }}
{{- end }}
/metrics
-
+
true
true
true
+
+ {{- if $.component.tlsConfig -}}
+ {{- $CA_FILE := getCAFile -}}
+ {{- $CERT_FILE := getCertFile -}}
+ {{- $KEY_FILE := getKeyFile }}
+
+
+ prometheus
+ prometheus protocol
+
+
+ tls
+ prometheus_protocol
+ prometheus over https
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+
+
+
+
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+ relaxed
+ {{$CA_FILE}}
+ true
+ sslv2,sslv3
+ true
+
+
+ false
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+ {{$CA_FILE}}
+ true
+ sslv2,sslv3
+ true
+ relaxed
+
+ RejectCertificateHandler
+
+
+
+
+ 1
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+ false
+ {{$CA_FILE}}
+ none
+ 0
+ -1
+ -1
+ false
+
+ {{- end }}
diff --git a/addons/clickhouse/configs/ch-keeper_00_default_overrides.xml.tpl b/addons/clickhouse/configs/ch-keeper_00_default_overrides.xml.tpl
index 8a46c09f1..ccafe6782 100644
--- a/addons/clickhouse/configs/ch-keeper_00_default_overrides.xml.tpl
+++ b/addons/clickhouse/configs/ch-keeper_00_default_overrides.xml.tpl
@@ -2,9 +2,26 @@
{{- $namespace := $.cluster.metadata.namespace }}
0.0.0.0
+ {{- if $.component.tlsConfig }}
+
+
+
+
+
+
+ {{- else }}
+
+
+
+ {{- end }}
-
-
+ {{- if $.component.tlsConfig }}
+
+ 1
+ {{- else }}
+
+ {{- end }}
+
/var/lib/clickhouse/coordination/log
/var/lib/clickhouse/coordination/snapshots
@@ -13,21 +30,83 @@
warning
-{{- range $id, $host := splitList "," .CH_KEEPER_POD_FQDN_LIST }}
+ {{- if $.component.tlsConfig }}
+ true
+ {{- end }}
+ {{- range $id, $host := splitList "," .CH_KEEPER_POD_FQDN_LIST }}
{{ $id }}
{{ $host }}
-
+ {{- if $.component.tlsConfig }}
+
+ {{- else }}
+
+ {{- end }}
-{{- end }}
+ {{- end }}
- /metrics
-
- true
- true
- true
+ /metrics
+
+ true
+ true
+ true
+
+ {{- if $.component.tlsConfig -}}
+ {{- $CA_FILE := getCAFile -}}
+ {{- $CERT_FILE := getCertFile -}}
+ {{- $KEY_FILE := getKeyFile -}}
+
+
+ prometheus
+ prometheus protocol
+
+
+ tls
+ prometheus_protocol
+ prometheus over https
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+
+
+
+
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+ relaxed
+ {{$CA_FILE}}
+ true
+ sslv2,sslv3
+ true
+
+
+ false
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+ {{$CA_FILE}}
+ true
+ sslv2,sslv3
+ true
+ relaxed
+
+ RejectCertificateHandler
+
+
+
+
+ 1
+ {{$CERT_FILE}}
+ {{$KEY_FILE}}
+ true
+ {{$CA_FILE}}
+ none
+ 0
+ -1
+ -1
+ false
+
+ {{- end }}
\ No newline at end of file
diff --git a/addons/clickhouse/configs/client.xml.tpl b/addons/clickhouse/configs/client.xml.tpl
new file mode 100644
index 000000000..9e7e6002d
--- /dev/null
+++ b/addons/clickhouse/configs/client.xml.tpl
@@ -0,0 +1,15 @@
+
+ admin
+
+ {{- if $.component.tlsConfig -}}
+ {{- $CA_FILE := getCAFile -}}
+ {{- $CERT_FILE := getCertFile -}}
+ {{- $KEY_FILE := getKeyFile }}
+ true
+
+
+ {{$CA_FILE}}
+
+
+ {{- end }}
+
\ No newline at end of file
diff --git a/addons/clickhouse/configs/user.xml.tpl b/addons/clickhouse/configs/user.xml.tpl
index 98a433683..548e58da5 100644
--- a/addons/clickhouse/configs/user.xml.tpl
+++ b/addons/clickhouse/configs/user.xml.tpl
@@ -1,41 +1,41 @@
-
-
+
+
-
- 8
+
+ 8
- 1000000000
- 100000000000
+ 1000000000
+ 100000000000
- 1000000
- any
+ 1000000
+ any
- 1000000
- 1000000000
+ 1000000
+ 1000000000
- 100000
- 100000000
- break
+ 100000
+ 100000000
+ break
- 600
- 1000000
- 15
+ 600
+ 1000000
+ 15
- 25
- 100
- 50
+ 25
+ 100
+ 50
- 2
- 25
- 50
- 100
+ 2
+ 25
+ 50
+ 100
- 1
+ 1
-
+
diff --git a/addons/clickhouse/templates/cmpd-ch.yaml b/addons/clickhouse/templates/cmpd-ch.yaml
index 960acad4b..9c26d1c12 100644
--- a/addons/clickhouse/templates/cmpd-ch.yaml
+++ b/addons/clickhouse/templates/cmpd-ch.yaml
@@ -14,29 +14,51 @@ spec:
provider: ApeCloud
description: {{ .Chart.Description }}
serviceKind: {{ .Chart.Name }}
- serviceVersion: "24.3.10"
- services:
- - name: default
- spec:
+ serviceVersion: "24.8.3"
+ runtime:
+ securityContext:
+ fsGroup: 1001
+ seccompProfile:
+ type: RuntimeDefault
+ containers:
+ - name: clickhouse
+ imagePullPolicy: {{ default "IfNotPresent" .Values.image.pullPolicy }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ runAsNonRoot: true
+ runAsUser: 1001
ports:
+ - name: http-metrics
+ containerPort: 8001
- name: http
- targetPort: http
- port: 8123
+ containerPort: 8123
+ - name: https
+ containerPort: 8443
- name: tcp
- targetPort: tcp
- port: 9000
+ containerPort: 9000
- name: tcp-mysql
- targetPort: tcp-mysql
- port: 9004
+ containerPort: 9004
- name: tcp-postgresql
- targetPort: tcp-postgresql
- port: 9005
+ containerPort: 9005
- name: http-intersrv
- targetPort: http-intersrv
- port: 9009
- - name: http-metrics
- targetPort: http-metrics
- port: 8001
+ containerPort: 9009
+ - name: https-intersrv
+ containerPort: 9010
+ - name: tcp-secure
+ containerPort: 9440
+ volumeMounts:
+ - name: data
+ mountPath: /bitnami/clickhouse
+ - name: config
+ mountPath: /bitnami/clickhouse/etc/conf.d/default
+ - name: user-config
+ mountPath: /bitnami/clickhouse/etc/users.d/default
+ - name: client-config
+ mountPath: /etc/clickhouse-client/
+ updateStrategy: BestEffortParallel
logConfigs:
{{- range $name, $pattern := .Values.logConfigs }}
- name: {{ $name }}
@@ -55,10 +77,39 @@ spec:
volumeName: user-config
namespace: {{ .Release.Namespace }}
constraintRef: clickhouse-constraints
- systemAccounts:
- - name: admin
- initAccount: true
+ - name: clickhouse-client-tpl
+ templateRef: clickhouse-client-tpl
+ volumeName: client-config
+ namespace: {{ .Release.Namespace }}
vars:
+ - name: BITNAMI_DEBUG
+ value: "false"
+ - name: CLICKHOUSE_HTTP_PORT
+ value: "8123"
+ - name: CLICKHOUSE_HTTPS_PORT
+ value: "8443"
+ - name: CLICKHOUSE_TCP_PORT
+ value: "9000"
+ - name: CLICKHOUSE_MYSQL_PORT
+ value: "9004"
+ - name: CLICKHOUSE_POSTGRESQL_PORT
+ value: "9005"
+ - name: CLICKHOUSE_INTERSERVER_HTTP_PORT
+ value: "9009"
+ - name: CLICKHOUSE_INTERSERVER_HTTPS_PORT
+ value: "9010"
+ - name: CLICKHOUSE_KEEPER_TCP_PORT
+ value: "9181"
+ - name: CLICKHOUSE_KEEPER_TCP_TLS_PORT
+ value: "9281"
+ - name: CLICKHOUSE_TCP_SECURE_PORT
+ value: "9440"
+ - name: CLICKHOUSE_METRICS_PORT
+ value: "8001"
+ - name: CLICKHOUSE_SHARD_ID
+ value: "$(KB_COMP_NAME)"
+ - name: CLICKHOUSE_REPLICA_ID
+ value: "$(KB_POD_NAME)"
- name: CLICKHOUSE_ADMIN_USER
value: admin
- name: CLICKHOUSE_ADMIN_PASSWORD
@@ -79,80 +130,36 @@ spec:
compDef: ch-keeper-24
optional: false
podFQDNs: Required
- runtime:
- securityContext:
- fsGroup: 1001
- seccompProfile:
- type: RuntimeDefault
- containers:
- - name: clickhouse
- imagePullPolicy: {{ default "IfNotPresent" .Values.image.pullPolicy }}
- image: {{ .Values.image.registry | default "docker.io" }}/{{ .Values.image.repository | default "bitnami/clickhouse" }}:{{ default .Chart.AppVersion .Values.image.tag }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- runAsNonRoot: true
- runAsUser: 1001
- env:
- - name: BITNAMI_DEBUG
- value: "false"
- - name: CLICKHOUSE_HTTP_PORT
- value: "8123"
- - name: CLICKHOUSE_TCP_PORT
- value: "9000"
- - name: CLICKHOUSE_MYSQL_PORT
- value: "9004"
- - name: CLICKHOUSE_POSTGRESQL_PORT
- value: "9005"
- - name: CLICKHOUSE_INTERSERVER_HTTP_PORT
- value: "9009"
- - name: CLICKHOUSE_METRICS_PORT
- value: "8001"
- - name: CLICKHOUSE_SHARD_ID
- value: "$(KB_COMP_NAME)"
- - name: SERVICE_PORT
- value: "$(CLICKHOUSE_METRICS_PORT)"
- - name: CLICKHOUSE_REPLICA_ID
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
+ volumes:
+ - name: data
+ services:
+ - name: default
+ spec:
ports:
+ - name: http-metrics
+ targetPort: http-metrics
+ port: 8001
- name: http
- containerPort: 8123
+ targetPort: http
+ port: 8123
+ - name: https
+ targetPort: https
+ port: 8443
- name: tcp
- containerPort: 9000
- - name: tcp-postgresql
- containerPort: 9005
+ targetPort: tcp
+ port: 9000
- name: tcp-mysql
- containerPort: 9004
+ targetPort: tcp-mysql
+ port: 9004
+ - name: tcp-postgresql
+ targetPort: tcp-postgresql
+ port: 9005
- name: http-intersrv
- containerPort: 9009
- - name: http-metrics
- containerPort: 8001
- livenessProbe:
- failureThreshold: 3
- initialDelaySeconds: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 1
- httpGet:
- path: /ping
- port: http
- readinessProbe:
- failureThreshold: 3
- initialDelaySeconds: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 1
- httpGet:
- path: /ping
- port: http
- volumeMounts:
- - name: data
- mountPath: /bitnami/clickhouse
- - name: config
- mountPath: /bitnami/clickhouse/etc/conf.d/default
- - name: user-config
- mountPath: /bitnami/clickhouse/etc/users.d/default
\ No newline at end of file
+ targetPort: http-intersrv
+ port: 9009
+ - name: https-intersrv
+ targetPort: https-intersrv
+ port: 9010
+ - name: tcp-secure
+ targetPort: tcp-secure
+ port: 9440
\ No newline at end of file
diff --git a/addons/clickhouse/templates/cmpd-keeper.yaml b/addons/clickhouse/templates/cmpd-keeper.yaml
index bef12cb66..e08c72c5e 100644
--- a/addons/clickhouse/templates/cmpd-keeper.yaml
+++ b/addons/clickhouse/templates/cmpd-keeper.yaml
@@ -14,47 +14,7 @@ spec:
provider: ApeCloud
description: {{ .Chart.Description }}
serviceKind: clickhouse-keeper
- serviceVersion: "24.3.10"
- services:
- - name: default
- spec:
- ports:
- - name: tcp
- targetPort: tcp
- port: 2181
- - name: http-metrics
- targetPort: http-metrics
- port: 8001
- logConfigs:
- {{- range $name, $pattern := .Values.logConfigs }}
- - name: {{ $name }}
- filePathPattern: {{ $pattern }}
- {{- end }}
- exporter:
- scrapePath: /metrics
- scrapePort: "8001"
- configs:
- - name: clickhouse-keeper-tpl
- templateRef: clickhouse-keeper-tpl
- volumeName: config
- namespace: {{ .Release.Namespace }}
- systemAccounts:
- - name: admin
- initAccount: true
- vars:
- - name: CLICKHOUSE_ADMIN_PASSWORD
- valueFrom:
- credentialVarRef:
- name: admin
- optional: false
- password: Required
- - name: CH_KEEPER_POD_FQDN_LIST
- valueFrom:
- componentVarRef:
- optional: false
- podFQDNs: Required
- updateStrategy: Serial
- podManagementPolicy: Parallel
+ serviceVersion: "24.8.3"
runtime:
securityContext:
fsGroup: 1001
@@ -63,7 +23,6 @@ spec:
containers:
- name: clickhouse
imagePullPolicy: {{ default "IfNotPresent" .Values.image.pullPolicy }}
- image: {{ .Values.image.registry | default "docker.io" }}/{{ .Values.image.repository | default "bitnami/clickhouse" }}:{{ default .Chart.AppVersion .Values.image.tag }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
@@ -78,24 +37,31 @@ spec:
HOSTNAME="$(hostname -s)"
export CH_KEEPER_ID=${HOSTNAME##*-}
exec /opt/bitnami/scripts/clickhouse/entrypoint.sh /opt/bitnami/scripts/clickhouse/run.sh -- --listen_host=0.0.0.0
- env:
- - name: BITNAMI_DEBUG
- value: "false"
- - name: CLICKHOUSE_KEEPER_TCP_PORT
- value: "2181"
- - name: CLICKHOUSE_KEEPER_RAFT_PORT
- value: "9181"
- - name: CLICKHOUSE_METRICS_PORT
- value: "8001"
- - name: SERVICE_PORT
- value: "$(CLICKHOUSE_METRICS_PORT)"
ports:
+ # clickhouse ports
+ - name: http
+ containerPort: 8123
+ - name: https
+ containerPort: 8443
- name: tcp
- containerPort: 2181
- - name: raft
- containerPort: 9181
+ containerPort: 9000
+ - name: http-intersrv
+ containerPort: 9009
+ - name: https-intersrv
+ containerPort: 9010
+ - name: tcp-secure
+ containerPort: 9440
- name: http-metrics
containerPort: 8001
+ # keeper ports
+ - name: chk-tcp
+ containerPort: 9181
+ - name: chk-raft
+ containerPort: 9234
+ - name: chk-tcp-tls
+ containerPort: 9281
+ - name: chk-raft-tls
+ containerPort: 9444
# livenessProbe:
# failureThreshold: 6
# initialDelaySeconds: 30
@@ -117,3 +83,97 @@ spec:
mountPath: /bitnami/clickhouse
- name: config
mountPath: /bitnami/clickhouse/etc/conf.d/default
+ services:
+ - name: default
+ spec:
+ ports:
+ # clickhouse ports
+ - name: http
+ targetPort: http
+ port: 8123
+ - name: https
+ targetPort: https
+ port: 8443
+ - name: tcp
+ targetPort: tcp
+ port: 9000
+ - name: http-intersrv
+ targetPort: http-intersrv
+ port: 9009
+ - name: https-intersrv
+ targetPort: https-intersrv
+ port: 9010
+ # keeper ports
+ - name: http-metrics
+ targetPort: http-metrics
+ port: 8001
+ - name: chk-tcp
+ targetPort: chk-tcp
+ port: 9181
+ - name: chk-raft
+ targetPort: chk-raft
+ port: 9234
+ - name: chk-tcp-tls
+ targetPort: chk-tcp-tls
+ port: 9281
+ - name: tcp-secure
+ targetPort: tcp-secure
+ port: 9440
+ logConfigs:
+ {{- range $name, $pattern := .Values.logConfigs }}
+ - name: {{ $name }}
+ filePathPattern: {{ $pattern }}
+ {{- end }}
+ exporter:
+ scrapePath: /metrics
+ scrapePort: "8001"
+ configs:
+ - name: clickhouse-keeper-tpl
+ templateRef: clickhouse-keeper-tpl
+ volumeName: config
+ namespace: {{ .Release.Namespace }}
+ systemAccounts:
+ - name: admin
+ initAccount: true
+ vars:
+ - name: BITNAMI_DEBUG
+ value: "false"
+ - name: CLICKHOUSE_HTTP_PORT
+ value: "8123"
+ - name: CLICKHOUSE_HTTPS_PORT
+ value: "8443"
+ - name: CLICKHOUSE_TCP_PORT
+ value: "9000"
+ - name: CLICKHOUSE_INTERSERVER_HTTP_PORT
+ value: "9009"
+ - name: CLICKHOUSE_INTERSERVER_HTTPS_PORT
+ value: "9010"
+ - name: CLICKHOUSE_KEEPER_TCP_PORT
+ value: "9181"
+ - name: CLICKHOUSE_KEEPER_RAFT_PORT
+ value: "9234"
+ - name: CLICKHOUSE_KEEPER_TCP_TLS_PORT
+ value: "9281"
+ - name: CLICKHOUSE_TCP_SECURE_PORT
+ value: "9440"
+ - name: CLICKHOUSE_KEEPER_RAFT_TLS_PORT
+ value: "9444"
+ - name: CLICKHOUSE_METRICS_PORT
+ value: "8001"
+ - name: KEEPER_REPLICA_ID
+ value: "$(KB_POD_NAME)"
+ - name: CLICKHOUSE_ADMIN_PASSWORD
+ valueFrom:
+ credentialVarRef:
+ name: admin
+ optional: false
+ password: Required
+ - name: CH_KEEPER_POD_FQDN_LIST
+ valueFrom:
+ componentVarRef:
+ optional: false
+ podFQDNs: Required
+ updateStrategy: Serial
+ podManagementPolicy: Parallel
+ volumes:
+ - name: data
\ No newline at end of file
diff --git a/addons/clickhouse/templates/cmpv.yaml b/addons/clickhouse/templates/cmpv.yaml
index 705935f1f..eeb78a919 100644
--- a/addons/clickhouse/templates/cmpv.yaml
+++ b/addons/clickhouse/templates/cmpv.yaml
@@ -1,7 +1,7 @@
apiVersion: apps.kubeblocks.io/v1
kind: ComponentVersion
metadata:
- name: clickhouse-cluster
+ name: clickhouse
labels:
{{- include "clickhouse.labels" . | nindent 4 }}
{{- if .Values.commonLabels }}
@@ -13,15 +13,15 @@ metadata:
spec:
compatibilityRules:
- releases:
- - 24.3.10
+ - 24.8.3
compDefs:
- clickhouse-24
- releases:
- - 24.3.10
+ - 24.8.3
compDefs:
- ch-keeper-24
releases:
- - name: 24.3.10
- serviceVersion: 24.3.10
+ - name: 24.8.3
+ serviceVersion: 24.8.3
images:
clickhouse: {{ .Values.image.registry | default "docker.io" }}/{{ .Values.image.repository | default "bitnami/clickhouse" }}:{{ default .Chart.AppVersion .Values.image.tag }}
diff --git a/addons/clickhouse/templates/configmap.yaml b/addons/clickhouse/templates/configmap.yaml
index ffcfb8953..cb58ed0da 100644
--- a/addons/clickhouse/templates/configmap.yaml
+++ b/addons/clickhouse/templates/configmap.yaml
@@ -40,5 +40,20 @@ metadata:
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data:
- 00_default_overrides.xml: |
- {{- .Files.Get "configs/ch-keeper_00_default_overrides.xml.tpl" | nindent 4 }}
\ No newline at end of file
+ ch-keeper_00_default_overrides.xml: |
+ {{- .Files.Get "configs/ch-keeper_00_default_overrides.xml.tpl" | nindent 4 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: clickhouse-client-tpl
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+data:
+ config.xml: |
+ {{- .Files.Get "configs/client.xml.tpl" | nindent 4 }}
\ No newline at end of file
diff --git a/addons/clickhouse/values.yaml b/addons/clickhouse/values.yaml
index 6b823dc45..b8b289551 100644
--- a/addons/clickhouse/values.yaml
+++ b/addons/clickhouse/values.yaml
@@ -18,4 +18,4 @@ image:
repository: bitnami/clickhouse
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
- tag: 24.3.10-debian-12-r1
\ No newline at end of file
+ tag: 24.8.3-debian-12-r1
\ No newline at end of file