From f5d1aa1988e1c066ff7cc2830fc8983d13a49b98 Mon Sep 17 00:00:00 2001 From: yeka Date: Sat, 14 Jan 2023 22:07:22 +0800 Subject: [PATCH] add horizon --- charts/horizon/.gitignore | 3 + charts/horizon/.helmignore | 23 + charts/horizon/Chart.yaml | 42 + charts/horizon/README.md | 449 +++ charts/horizon/charts/redis-ha/Chart.yaml | 21 + charts/horizon/charts/redis-ha/README.md | 292 ++ .../charts/redis-ha/templates/NOTES.txt | 25 + .../charts/redis-ha/templates/_configs.tpl | 578 +++ .../charts/redis-ha/templates/_helpers.tpl | 83 + .../redis-ha/templates/redis-auth-secret.yaml | 11 + .../templates/redis-ha-announce-service.yaml | 55 + .../templates/redis-ha-configmap.yaml | 27 + .../redis-ha-exporter-script-configmap.yaml | 10 + .../templates/redis-ha-health-configmap.yaml | 16 + .../redis-ha/templates/redis-ha-pdb.yaml | 17 + .../redis-ha/templates/redis-ha-psp.yaml | 48 + .../redis-ha/templates/redis-ha-role.yaml | 25 + .../templates/redis-ha-rolebinding.yaml | 15 + .../redis-ha/templates/redis-ha-secret.yaml | 23 + .../redis-ha/templates/redis-ha-service.yaml | 50 + .../templates/redis-ha-serviceaccount.yaml | 23 + .../templates/redis-ha-servicemonitor.yaml | 34 + .../templates/redis-ha-statefulset.yaml | 498 +++ .../templates/redis-haproxy-deployment.yaml | 158 + .../redis-ha/templates/redis-haproxy-psp.yaml | 39 + .../templates/redis-haproxy-role.yaml | 28 + .../templates/redis-haproxy-rolebinding.yaml | 18 + .../templates/redis-haproxy-service.yaml | 47 + .../redis-haproxy-serviceaccount.yaml | 11 + .../redis-haproxy-servicemonitor.yaml | 33 + .../redis-ha/templates/redis-tls-secret.yaml | 23 + .../templates/sentinel-auth-secret.yaml | 11 + charts/horizon/charts/redis-ha/values.yaml | 561 +++ .../charts/tektonci-resources/.helmignore | 23 + .../charts/tektonci-resources/Chart.yaml | 13 + .../charts/tektonci-resources/README.md | 16 + .../templates/common/git-secret.yaml | 8 + .../templates/common/harbor-secret.yaml | 8 + .../templates/common/pipeline-sa.yaml | 8 + .../templates/common/psp-clusterrole.yaml | 13 + .../common/psp-clusterrolebinding.yaml | 12 + .../templates/common/psp.yaml | 30 + .../templates/horizon/build-task.yaml | 64 + .../templates/horizon/deploy-task.yaml | 40 + .../templates/horizon/pipeline.yaml | 95 + .../templates/horizon/trigger-binding.yaml | 46 + .../templates/horizon/trigger-el.yaml | 32 + .../templates/horizon/trigger-ingress.yaml | 17 + .../templates/horizon/trigger-template.yaml | 92 + .../templates/trigger-clusterrole.yaml | 9 + .../templates/trigger-clusterrolebinding.yaml | 12 + .../templates/trigger-role.yaml | 25 + .../templates/trigger-rolebinding.yaml | 11 + .../templates/trigger-sa.yaml | 4 + .../charts/tektonci-resources/values.yaml | 318 ++ charts/horizon/files/db-init.sql | 584 +++ charts/horizon/templates/NOTES.txt | 0 charts/horizon/templates/_helpers.tpl | 112 + charts/horizon/templates/config-cm.yaml | 66 + .../core/core-cloudevent-ingress.yaml | 41 + .../templates/core/core-cloudevent-svc.yaml | 14 + charts/horizon/templates/core/core-crb.yaml | 12 + .../templates/core/core-dashboards.yaml | 15 + charts/horizon/templates/core/core-dpl.yaml | 155 + charts/horizon/templates/core/core-sa.yaml | 12 + .../templates/core/core-servicemonitor.yaml | 18 + charts/horizon/templates/core/core-svc.yaml | 14 + charts/horizon/templates/ingress.yaml | 49 + charts/horizon/templates/job/job-dpl.yaml | 90 + charts/horizon/templates/job/job-rb.yaml | 12 + charts/horizon/templates/job/job-sa.yaml | 12 + .../templates/swagger/swagger-dpl.yaml | 43 + .../templates/swagger/swagger-svc.yaml | 14 + charts/horizon/templates/web/web-cm.yaml | 58 + charts/horizon/templates/web/web-dpl.yaml | 59 + charts/horizon/templates/web/web-svc.yaml | 13 + charts/horizon/values.yaml | 3254 +++++++++++++++++ 77 files changed, 8840 insertions(+) create mode 100644 charts/horizon/.gitignore create mode 100644 charts/horizon/.helmignore create mode 100644 charts/horizon/Chart.yaml create mode 100644 charts/horizon/README.md create mode 100644 charts/horizon/charts/redis-ha/Chart.yaml create mode 100644 charts/horizon/charts/redis-ha/README.md create mode 100644 charts/horizon/charts/redis-ha/templates/NOTES.txt create mode 100644 charts/horizon/charts/redis-ha/templates/_configs.tpl create mode 100644 charts/horizon/charts/redis-ha/templates/_helpers.tpl create mode 100644 charts/horizon/charts/redis-ha/templates/redis-auth-secret.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-announce-service.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-configmap.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-exporter-script-configmap.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-health-configmap.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-pdb.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-psp.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-role.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-rolebinding.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-secret.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-service.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-serviceaccount.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-servicemonitor.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-ha-statefulset.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-haproxy-deployment.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-haproxy-psp.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-haproxy-role.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-haproxy-rolebinding.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-haproxy-service.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-haproxy-serviceaccount.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-haproxy-servicemonitor.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/redis-tls-secret.yaml create mode 100644 charts/horizon/charts/redis-ha/templates/sentinel-auth-secret.yaml create mode 100644 charts/horizon/charts/redis-ha/values.yaml create mode 100644 charts/horizon/charts/tektonci-resources/.helmignore create mode 100644 charts/horizon/charts/tektonci-resources/Chart.yaml create mode 100644 charts/horizon/charts/tektonci-resources/README.md create mode 100644 charts/horizon/charts/tektonci-resources/templates/common/git-secret.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/common/harbor-secret.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/common/pipeline-sa.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/common/psp-clusterrole.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/common/psp-clusterrolebinding.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/common/psp.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/horizon/build-task.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/horizon/deploy-task.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/horizon/pipeline.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/horizon/trigger-binding.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/horizon/trigger-el.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/horizon/trigger-ingress.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/horizon/trigger-template.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/trigger-clusterrole.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/trigger-clusterrolebinding.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/trigger-role.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/trigger-rolebinding.yaml create mode 100644 charts/horizon/charts/tektonci-resources/templates/trigger-sa.yaml create mode 100644 charts/horizon/charts/tektonci-resources/values.yaml create mode 100644 charts/horizon/files/db-init.sql create mode 100644 charts/horizon/templates/NOTES.txt create mode 100644 charts/horizon/templates/_helpers.tpl create mode 100644 charts/horizon/templates/config-cm.yaml create mode 100644 charts/horizon/templates/core/core-cloudevent-ingress.yaml create mode 100644 charts/horizon/templates/core/core-cloudevent-svc.yaml create mode 100644 charts/horizon/templates/core/core-crb.yaml create mode 100644 charts/horizon/templates/core/core-dashboards.yaml create mode 100644 charts/horizon/templates/core/core-dpl.yaml create mode 100644 charts/horizon/templates/core/core-sa.yaml create mode 100644 charts/horizon/templates/core/core-servicemonitor.yaml create mode 100644 charts/horizon/templates/core/core-svc.yaml create mode 100644 charts/horizon/templates/ingress.yaml create mode 100644 charts/horizon/templates/job/job-dpl.yaml create mode 100644 charts/horizon/templates/job/job-rb.yaml create mode 100644 charts/horizon/templates/job/job-sa.yaml create mode 100644 charts/horizon/templates/swagger/swagger-dpl.yaml create mode 100644 charts/horizon/templates/swagger/swagger-svc.yaml create mode 100644 charts/horizon/templates/web/web-cm.yaml create mode 100644 charts/horizon/templates/web/web-dpl.yaml create mode 100644 charts/horizon/templates/web/web-svc.yaml create mode 100644 charts/horizon/values.yaml diff --git a/charts/horizon/.gitignore b/charts/horizon/.gitignore new file mode 100644 index 0000000..ad151e2 --- /dev/null +++ b/charts/horizon/.gitignore @@ -0,0 +1,3 @@ +.idea +charts/*.tgz +.DS_Store \ No newline at end of file diff --git a/charts/horizon/.helmignore b/charts/horizon/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/horizon/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/horizon/Chart.yaml b/charts/horizon/Chart.yaml new file mode 100644 index 0000000..bae64e6 --- /dev/null +++ b/charts/horizon/Chart.yaml @@ -0,0 +1,42 @@ +apiVersion: v2 +name: horizon +description: A CICD DevOps Platform + +type: application + +version: 2.0.1 +appVersion: v2.0.1 + +dependencies: + - name: gitlab + version: 2.0.1 + repository: https://horizoncd.github.io/helm-charts + condition: gitlab.enabled + - name: tektoncd + version: 2.0.1 + repository: https://horizoncd.github.io/helm-charts + condition: tektoncd.enabled + - name: minio + version: 11.10.13 + repository: https://charts.bitnami.com/bitnami + condition: minio.enabled + - name: mysql + version: 9.4.1 + repository: https://charts.bitnami.com/bitnami + condition: mysql.enabled + - name: chartmuseum + version: 3.9.1 + repository: https://chartmuseum.github.io/charts + condition: chartmuseum.enabled + - name: grafana + version: 6.26.5 + repository: https://grafana.github.io/helm-charts + condition: grafana.enabled + - name: argo-cd + version: 5.0.0 + repository: https://argoproj.github.io/argo-helm + condition: argo-cd.enabled + - name: harbor + version: 1.6.3 + repository: https://helm.goharbor.io + condition: harbor.enabled diff --git a/charts/horizon/README.md b/charts/horizon/README.md new file mode 100644 index 0000000..4af9a8e --- /dev/null +++ b/charts/horizon/README.md @@ -0,0 +1,449 @@ +# Helm Chart for Horizon + +## Introduction + +This Helm chart installs [Horizon](https://github.com/horizoncd/horizon) in a Kubernetes cluster. + +## TL;DR + +```console +helm repo add horizon https://horizoncd.github.io/helm-charts +helm install horizon horizon/horizon -n horizoncd +``` + +**Attention:** + +- The chart's default `values.yaml` file provides a minimal installation, only for test purpose, not for production + use. + +## Prerequisites + +- Kubernetes cluster 1.19+ +- Helm 3.4.0+ + +## Installation + +### Add Helm repository + +```bash +helm repo add horizon https://horizon.github.io/helm-charts +``` + +### Install the chart + +Install the Horizon helm chart with a release name `horizon` in `horizoncd` namespace: + +helm 3: + +```bash +helm install horizon horizon/horizon -n horizoncd +``` + +### Uninstallation + +To uninstall the `horizon` release: + +helm 3: + +```bash +helm uninstall horizon -n horizoncd +``` + +## Parameters + +### Common parameters + +| Name | Description | Value | +| ------------------ | ---------------------------------------------- | ----- | +| `nameOverride` | String to partially override fullname template | "" | +| `fullnameOverride` | String to fully override fullname template | "" | +| `imagePullSecrets` | The image pull policy | "" | +| `imagePullPolicy` | The imagePullSecrets names for all deployments | "" | + +### Ingress parameters + +| Name | Description | Value | +| ----------------- | ----------------------- | ------------------ | +| `ingress.enabled` | The replica count | true | +| `ingress.tls` | Tls for ingress's hosts | [] | +| `ingress.hosts` | Hosts for the ingress | - horizon.h8s.site | + +### Core / Job application parameters + +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `config.serverConfig.port` | The service port Horizon listens on when serving with HTTP | 8080 | +| `config.cloudEventServerConfig.port` | The service port CloudEvent listens on when serving with HTTP. CloudEvent is a a separate HTTP service used to receive callback requests from Tekton. | 8181 | +| `config.dbConfig.host` | The host of the database | horizon-mysql | +| `config.dbConfig.port` | The port of the database | 3306 | +| `config.dbConfig.username` | The username of the database | horizon | +| `config.dbConfig.password` | The password of the database | horizon | +| `config.dbConfig.database` | The schema of the database | horizon | +| `config.dbConfig.prometheusEnabled` | Enable prometheus metrics exposing or not | true | +| `config.kubeconfig` | The kubeconfig Horizon use | "" | +| `config.redisConfig.protocol` | The protocol of the redis Horizon will connect | tcp | +| `config.redisConfig.address` | The address of the redis Horizon will connect | horizon-redis-ha:6379 | +| `config.redisConfig.password` | The password of the redis Horizon will connect | "" | +| `config.redisConfig.db` | The database of the redis Horizon will connect | 1 | +| `config.sessionConfig.maxAge` | The duration of the session | 43200 | +| `config.gitRepos` | The git repository configurations, including url and token, example is like:
gitRepos:
- kind: github
  url: https://github.com
  token: xxxxxx | [] | +| `config.gitopsRepoConfig.rootGroupPath` | The path of the root group for gitops gitlab | cloud-native | +| `config.templateRepo.kind` | The kind of the repository for templates, `harbor` and `chartmuseum` are the available options | chartmuseum | +| `config.templateRepo.host` | The host of the repository for templates | http://horizon-chartmuseum:8080 | +| `config.templateRepo.username` | The username of the repository the templates | "" | +| `config.templateRepo.password` | The password of the repository for templates | "" | +| `config.templateRepo.insecure` | Set security of the host of the repository for templates | true | +| `config.templateRepo.repoName` | Project name in the Chart Repository (must be set when kind is `harbor`) | "" | +| `config.argoCDMapper` | The mapping between environments and configs of argocds | default:
  url: http://horizon-argocd-server
  token: xxx
  namespace: horizoncd | +| `config.tektonMapper` | The mapping between environments and configs of tektons | default:
  server: http://el-horizon-  listener:8080
  namespace: horizoncd
  kubeconfig: ""
  s3:
    accessKey: admin
    secretKey: qOIh3Xt5jg
    region: china
    endpoint: "horizon-minio:9000"
    bucket: horizon
    disableSSL: true
    skipVerify: true
    s3ForcePathStyle: true | +| `config.grafanaConfig.host` | The host of the grafana installed on the K8s | "" | +| `config.grafanaConfig.namespace` | The namespace of the grafana installed on the K8s | horizoncd | +| `config.grafanaConfig.dashboards.labelKey` | The dashboards' label key of the grafana installed on the K8s | grafana_dashboard | +| `config.grafanaConfig.dashboards.labelValue` | The dashboards' label value of the grafana installed on the K8s | "1" | +| `config.grafanaConfig.syncDatasourceConfig.period` | The period that horizon-job sync prometheus datasources to grafana | 2m | +| `config.grafanaConfig.syncDatasourceConfig.labelKey` | The datasources' label key of the grafana installed on the K8s | grafana_datasource | +| `config.grafanaConfig.syncDatasourceConfig.labelValue` | The datasources' label value of the grafana installed on the K8s | "1" | +| `config.autoFree.enabled` | Enable autoFree moudule or not | false | +| `config.oauth.oauthHTMLLocation` | The path of the oauth html file | "/home/appops/authhtml" | +| `config.oauth.authorizeCodeExpireIn` | The duration of the authorized code | 10m | +| `config.oauth.accessTokenExpireIn` | The duration of the access token | 24h | +| `config.webhook.clientTimeout` | The timeout duration of webhook's http client | 30 | +| `config.webhook.idleWaitInterval` | The idleWait internal of webhook's http client | 2 | +| `config.webhook.workerReconcileInterval` | The reconcile internal of webhook | 5 | +| `config.webhook.responseBodyTruncateSize` | The size that needs to be exceeded when truncating text | 16384 | +| `config.eventHandler.batchEventsCount` | The batch events count of the event handler | 5 | +| `config.eventHandler.cursorSaveInterval` | The cursor save interval of the event handler | 10 | +| `config.eventHandler.idleWaitInterval` | The idle wait of the event handler's http client | 3 | + +### Core deployment parameters + +| Name | Description | Value | +| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `core.replica` | The replica count | 1 | +| `core.image.repository` | Repository for Horizon core image | horizoncd/horizon | +| `core.image.tag` | Tag for Horizon core image | v1.0.0 | +| `core.args.loglevel` | Loglevel of Horizon core | info | +| `core.args.gitOpsRepoDefaultBranch` | Default branch for gitops repository | main | +| `core.securityContext.runAsUser` | User ID for the container | 10001 | +| `core.securityContext.fsGroup` | Group ID for the container | 10001 | +| `core.serviceAccount.create` | Create the serviceAccount or not | true | +| `core.resources` | The [resources] to allocate for container | {} | +| `core.nodeSelector` | Node labels for pod assignment | {} | +| `core.tolerations` | Tolerations for pod assignment | [] | +| `core.affinity` | Node/Pod affinities | {} | +| `core.service.port` | The port of the core service | 80 | +| `core.cloudEventService.port` | The port of the cloudevent service | 80 | +| `core.cloudEventIngress.enabled` | Enable ingress of the cloudEvent or not | true | +| `core.cloudEventIngress.hosts` | The hosts of the cloudEvent's ingress | [] | +| `core.envs` | The environments in Horizon core | {} | +| `core.monitor.enabled` | Enable monitor of Horizon core or not | false | +| `core.grafanaDashboards` | Grafana dashboards in json format. Please note that the default dashboards are built based on metrics of `Kube-state-metrics:v1.9.7`, you may need to modify the dashboards if you are using a higher verion becuase of renaming in some metrics. | - name: pod
  value: xxx | + +### Web deployment parameters + +| Name | Description | Value | +| ------------------------------- | ----------------------------------------- | ------------- | +| `web.replicas` | The replica count | 1 | +| `web.image.repository` | Repository for Horizon web image | horizoncd/web | +| `web.image.tag` | Tag for Horizon web image | v1.0.0 | +| `web.securityContext.runAsUser` | User ID for the container | 10001 | +| `web.securityContext.fsGroup` | Group ID for the container | 10001 | +| `web.resources` | The [resources] to allocate for container | {} | +| `web.nodeSelector` | Node labels for pod assignment | {} | +| `web.tolerations` | Tolerations for pod assignment | [] | +| `web.affinity` | Node/Pod affinities | {} | +| `web.port` | Port of Horizon web container | 8080 | +| `web.service.port` | Kubernetes port where service is exposed | 80 | + +### Job deployment parameters + +| Name | Description | Value | +| ---------------------------------- | ----------------------------------------- | ------------- | +| `job.image.repository` | Repository for Horizon job image | horizoncd/job | +| `job.image.tag` | Tag for Horizon job image | v1.0.0 | +| `job.args.loglevel` | Loglevel of Horizon job | info | +| `job.args.gitOpsRepoDefaultBranch` | Default branch for gitops repository | main | +| `job.securityContext.runAsUser` | User ID for the container | 10001 | +| `job.securityContext.fsGroup` | Group ID for the container | 10001 | +| `job.serviceAccount.create` | Create the serviceAccount or not | true | +| `job.resources` | The [resources] to allocate for container | {} | +| `job.nodeSelector` | Node labels for pod assignment | {} | +| `job.tolerations` | Tolerations for pod assignment | [] | +| `job.affinity` | Node/Pod affinities | {} | + +### Swagger deployment parameters + +| Name | Description | Value | +| ----------------------------------- | ------------------------------------------------------------- | --------------------- | +| `swagger.replicas` | The replica count | 1 | +| `swagger.image.repository` | Repository for Horizon swagger image | horizoncd/swagger | +| `swagger.image.tag` | Tag for Horizon swagger image | v1.0.0 | +| `swagger.securityContext.runAsUser` | User ID for the container | 10001 | +| `swagger.securityContext.fsGroup` | Group ID for the container | 10001 | +| `swagger.envs.BASE_URL` | Environment named `BSE_URL` in Horizon swagger container | /apis/swagger | +| `swagger.envs.SWAGGER_JSON` | Environment named `SWAGGER_JSON` in Horizon swagger container | /openapi/restful.json | +| `swagger.service.port` | Kubernetes port where service is exposed | 80 | +| `swagger.service.targetPort` | The port on which the service will send requests to | 8080 | +| `swagger.resources` | The [resources] to allocate for container | {} | + +### Third-party components parameters + +Horizon has the ability to initialize third-party components conveniently to build the whole CI&CD system. + +**Attention**: + +- By default, the components(Mysql、Gitlab、Minio、Harbor) that are initialized by Horizon use `PVC` to persistent data, + which means a default `StorageClass` is needed in the Kubernetes cluster to dynamic provision the volumes. + +- You can definitely use your own maintained components for sure, to do that, just set the `enabled` field to false, and then fill in the corresponding fields with your own configurations. More information will be explained below. + +#### Minio + +We use `Minio` as the `s3` storage service. The default parameters are: + +``` +minio: + enabled: true + ingress: + enabled: true + hostname: minio.h8r.site + persistence: + enabled: true + defaultBuckets: horizon + auth: + rootUser: admin + rootPassword: qOIh3Xt5jg + provisioning: + enabled: true + config: + - name: region + options: + name: china +``` + +If you want to use your own `s3` storage service, you need to do the following steps: + +1. disable `minio` by setting the `enabled` field to false + +2. modify `Tekton` config in the path: `config.tektonMapper.[environment].s3` + +3. modify `Harbor` config in the path: `harbor.persistence.imageChartStorage.s3` + +4. Modify `Chartmusuem` config in the path: `chartmuseum.env.open` and `chartmuseum.env.secret` + +#### Gitlab + +We use `Gitlab` as the `gitops` repository. The default parameters are: + +``` +gitlab: + enabled: true + image: gitlab/gitlab-ce + imageTag: "13.11.7-ce.0" + ingress: + enabled: true + hosts: + - gitlab.h8r.site + persistence: + enabled: true + config: + GITLAB_ROOT_PASSWORD: root1234 + GITLAB_ROOT_ACCESS_TOKEN: horizon-access-token + GITLAB_HOST: gitlab.h8r.site + GITLAB_TIMEZONE: "Asia/Shanghai" + resources: + requests: + memory: 4Gi + cpu: 2 + limits: + memory: 4Gi + cpu: 2 +``` + +If you want to use your own `gitlab` instance, you need to do the following steps: + +1. disable `gitlab` by setting the `enabled` field to false + +2. modify gitops config in path: `cnofig.gitopsRepoConfig` + +#### Chartmuseum + +We use `Chartmuseum` as the helm chart repository. The default parameters are: + +``` +chartmuseum: + enabled: true + ingress: + enabled: true + hosts: + - name: chartmuseum.h8r.site + env: + open: + # storage backend, can be one of: local, alibaba, amazon, google, microsoft, oracle + STORAGE: amazon + # s3 bucket to store charts for amazon storage backend + STORAGE_AMAZON_BUCKET: horizon + # region of s3 bucket to store charts + STORAGE_AMAZON_REGION: china + # alternative s3 endpoint + STORAGE_AMAZON_ENDPOINT: "http://horizon-minio:9000" + DISABLE_API: false + secret: + AWS_ACCESS_KEY_ID: admin + AWS_SECRET_ACCESS_KEY: qOIh3Xt5jg +``` + +If you want to use your own helm chart repository, you need to do the following steps: + +1. disable `chartmuseum` by setting the `enabled` field to false + +2. modify helm template config in path: `cnofig.templateRepo` + +#### Mysql + +We use `Mysql` as the database. The default parameters are: + +``` +mysql: + enabled: true + auth: + rootPassword: "horizon" + createDatabase: true + database: "horizon" + initdbScriptsConfigMap: horizon-dbinit + primary: + resources: + limits: + cpu: 250m + memory: 1Gi + requests: + cpu: 100m + memory: 500Mi +``` + +If you want to use your own database, you need to do the following steps: + +1. disable `mysql` by setting the `enabled` field to false + +2. modify database config in path: `cnofig.dbConfig` + +#### Harbor + +We use `Harbor` as the image repository. The default parameters are: + +``` +harbor: + enabled: true + expose: + type: clusterIP + tls: + auto: + commonName: "harbor.horizoncd.svc.cluster.local" + clusterIP: + name: harbor + externalURL: https://harbor.horizoncd.svc.cluster.local + persistence: + imageChartStorage: + disableredirect: true + type: s3 + s3: + region: china + bucket: horizon + accesskey: admin + secretkey: qOIh3Xt5jg + regionendpoint: http://horizon-minio:9000 + secure: false + skipverify: true + redis: + type: external + external: + addr: "horizon-redis-ha:6379" + chartmuseum: + enabled: false + core: + replicas: 1 + jobservice: + replicas: 1 + registry: + replicas: 1 + notary: + enabled: false + trivy: + enabled: false +``` + +If you want to use your own image repository, you need to do the following steps: + +1. disable `harbor` by setting the `enabled` field to false + +2. Add `Registry` in the Horizon manager web + +#### Grafana + +We use `Grafana` as the monitoring display system. The default parameters are: + +``` +grafana: + enabled: true + defaultDashboardsEnabled: true + adminPassword: admin + ingress: + enabled: true + hosts: + - grafana.h8r.site + path: / + sidecar: + dashboards: + enabled: true + datasources: + enabled: true + grafana.ini: + auth.anonymous: + enabled: true + security: + allow_embedding: true +``` + +If you want to use your own Grafana instance, you need to do the following steps: + +1. disable `grafana` by setting the `enabled` field to false + +2. Modify `grafana` config in the path: `config.grafanaConfig` + +#### Tektoncd + +We use `Tektoncd` as the CI tool. The default parameters are: + +``` +tektoncd: + enabled: true + configDefaults: + default-cloud-events-sink: http://horizon-core-cloudevent.horizoncd/apis/internal/cloudevents + tektonDashboard: + ingress: + host: tekton.h8s.site +``` + +If you want to use your own `Tektoncd` instance, you need to do the following steps: + +1. disable `tektoncd` by setting the `enabled` field to false + +2. Modify tektoncd config in the path: `config.tektonMapper.[environment]` + +#### Tektonci-resources + +We have embedded `Tekton Pipeline & Task` as the default CI definition. The default parameters are: + +``` +tektonci-resources: + horizon: + deployTask: + horizonApiUrl: http://horizon-core + auth: + dockerConfigJson: { "auths": { "harbor.horizoncd.svc.cluster.local": { "username": "admin", "password": "Harbor12345", "auth": "YWRtaW46SGFyYm9yMTIzNDU=" } }} + gitRepos: [] +``` + +If you want to define your own CI logics, you need to do the following steps: + +1. Modify scripts in the path: `tektonci-resources.horiozn.script` diff --git a/charts/horizon/charts/redis-ha/Chart.yaml b/charts/horizon/charts/redis-ha/Chart.yaml new file mode 100644 index 0000000..c57e616 --- /dev/null +++ b/charts/horizon/charts/redis-ha/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +name: redis-ha +home: http://redis.io/ +engine: gotpl +keywords: +- redis +- keyvalue +- database +version: 4.12.15 +appVersion: 6.0.7 +description: This Helm chart provides a highly available Redis implementation with a master/slave configuration and uses Sentinel sidecars for failover management +icon: https://upload.wikimedia.org/wikipedia/en/thumb/6/6b/Redis_Logo.svg/1200px-Redis_Logo.svg.png +maintainers: +- email: salimsalaues@gmail.com + name: ssalaues +- email: aaron.layfield@gmail.com + name: dandydeveloper +sources: +- https://redis.io/download +- https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha +- https://github.com/oliver006/redis_exporter diff --git a/charts/horizon/charts/redis-ha/README.md b/charts/horizon/charts/redis-ha/README.md new file mode 100644 index 0000000..8241a96 --- /dev/null +++ b/charts/horizon/charts/redis-ha/README.md @@ -0,0 +1,292 @@ +# Redis + +[Redis](http://redis.io/) is an advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs. + +## TL;DR + +```bash +helm repo add dandydev https://dandydeveloper.github.io/charts +helm install dandydev/redis-ha +``` + +By default this chart install 3 pods total: + +* one pod containing a redis master and sentinel container (optional prometheus metrics exporter sidecar available) +* two pods each containing a redis slave and sentinel containers (optional prometheus metrics exporter sidecars available) + +## Introduction + +This chart bootstraps a [Redis](https://redis.io) highly available master/slave statefulset in a [Kubernetes](http://kubernetes.io) cluster using the Helm package manager. + +## Prerequisites + +* Kubernetes 1.8+ with Beta APIs enabled +* PV provisioner support in the underlying infrastructure + +## Upgrading the Chart + +Please note that there have been a number of changes simplifying the redis management strategy (for better failover and elections) in the 3.x version of this chart. These changes allow the use of official [redis](https://hub.docker.com/_/redis/) images that do not require special RBAC or ServiceAccount roles. As a result when upgrading from version >=2.0.1 to >=3.0.0 of this chart, `Role`, `RoleBinding`, and `ServiceAccount` resources should be deleted manually. + +### Upgrading the chart from 3.x to 4.x + +Starting from version `4.x` HAProxy sidecar prometheus-exporter removed and replaced by the embedded [HAProxy metrics endpoint](https://github.com/haproxy/haproxy/tree/master/contrib/prometheus-exporter), as a result when upgrading from version 3.x to 4.x section `haproxy.exporter` should be removed and the `haproxy.metrics` need to be configured for fit your needs. + +## Installing the Chart + +To install the chart + +```bash +helm repo add dandydev https://dandydeveloper.github.io/charts +helm install dandydev/redis-ha +``` + +The command deploys Redis on the Kubernetes cluster in the default configuration. By default this chart install one master pod containing redis master container and sentinel container along with 2 redis slave pods each containing their own sentinel sidecars. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the deployment: + +```bash +helm delete +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the Redis chart and their default values. + +| Parameter | Description | Default | +|:--------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------------------| +| `image` | Redis image | `redis` | +| `imagePullSecrets` | Reference to one or more secrets to be used when pulling redis images | [] | +| `tag` | Redis tag | `6.0.3-alpine` | +| `replicas` | Number of redis master/slave pods | `3` | +| `ro_replicas` | Comma separated list of slaves which never get promoted to be master. Count starts with 0. Allowed values 1-9. i.e. 3,4 - 3th and 4th redis slave never make it to be master, where master is index 0. | ``| +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the redis-ha.fullname template | +| `serviceAccount.automountToken` | Opt in/out of automounting API credentials into container | `false` | +| `podSecurityPolicy.create` | Specifies whether a PodSecurityPolicy should be created | `false` | +| `rbac.create` | Create and use RBAC resources | `true` | +| `redis.port` | Port to access the redis service | `6379` | +| `redis.tlsPort` | TLS Port to access the redis service |``| +| `redis.tlsReplication` | Configures redis with tls-replication parameter, if true sets "tls-replication yes" in redis.conf |``| +| `redis.authClients` | It is possible to disable client side certificates authentication when "authClients" is set to "no" |``| +| `redis.livenessProbe.initialDelaySeconds` | Initial delay in seconds for liveness probe | `30` | +| `redis.livenessProbe.periodSeconds` | Period in seconds after which liveness probe will be repeated | `15` | +| `redis.livenessProbe.timeoutSeconds` | Timeout seconds for liveness probe | `15` | +| `redis.livenessProbe.successThreshold` | Success threshold for liveness probe | `1` | +| `redis.livenessProbe.failureThreshold` | Failure threshold for liveness probe | `5` | +| `redis.readinessProbe.initialDelaySeconds` | Initial delay in seconds for readiness probe | `30` | +| `redis.readinessProbe.periodSeconds` | Period in seconds after which readiness probe will be repeated | `15` | +| `redis.readinessProbe.timeoutSeconds` | Timeout seconds for readiness probe | `15` | +| `redis.readinessProbe.successThreshold` | Success threshold for readiness probe | `1` | +| `redis.readinessProbe.failureThreshold` | Failure threshold for readiness probe | `5` | +| `redis.masterGroupName` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | `mymaster` | +| `redis.config` | Any valid redis config options in this section will be applied to each server (see below) | see values.yaml | +| `redis.customConfig` | Allows for custom redis.conf files to be applied. If this is used then `redis.config` is ignored |``| +| `redis.resources` | CPU/Memory for master/slave nodes resource requests/limits | `{}` | +| `redis.lifecycle` | Container Lifecycle Hooks for redis container | `{}` | +| `redis.annotations` | Annotations for the redis statefulset | `{}` | +| `redis.updateStategy.type`| Update strategy for redis statefulSet | `RollingUpdate` | +| `sentinel.port` | Port to access the sentinel service | `26379` | +| `sentinel.bind` | Configure the 'bind' directive to bind to a list of network interfaces | `` | +| `sentinel.tlsPort` | TLS Port to access the sentinel service |``| +| `sentinel.tlsReplication` | Configures sentinel with tls-replication parameter, if true sets "tls-replication yes" in sentinel.conf |``| +| `sentinel.authClients` | It is possible to disable client side certificates authentication when "authClients" is set to "no" |``| +| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay in seconds for liveness probe | `30` | +| `sentinel.livenessProbe.periodSeconds` | Period in seconds after which liveness probe will be repeated | `15` | +| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for liveness probe | `15` | +| `sentinel.livenessProbe.successThreshold` | Success threshold for liveness probe | `1` | +| `sentinel.livenessProbe.failureThreshold` | Failure threshold for liveness probe | `5` | +| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay in seconds for readiness probe | `30` | +| `sentinel.readinessProbe.periodSeconds` | Period in seconds after which readiness probe will be repeated | `15` | +| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readiness probe | `15` | +| `sentinel.readinessProbe.successThreshold` | Success threshold for readiness probe | `3` | +| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readiness probe | `5` | +| `sentinel.auth` | Enables or disables sentinel AUTH (Requires `sentinel.password` to be set) | `false` | +| `sentinel.password` | A password that configures a `requirepass` in the conf parameters (Requires `sentinel.auth: enabled`) |``| +| `sentinel.existingSecret` | An existing secret containing a key defined by `sentinel.authKey` that configures `requirepass` in the conf parameters (Requires `sentinel.auth: enabled`, cannot be used in conjunction with `.Values.sentinel.password`) |``| +| `sentinel.authKey` | The key holding the sentinel password in an existing secret. | `sentinel-password` | +| `sentinel.quorum` | Minimum number of servers necessary to maintain quorum | `2` | +| `sentinel.config` | Valid sentinel config options in this section will be applied as config options to each sentinel (see below) | see values.yaml | +| `sentinel.customConfig` | Allows for custom sentinel.conf files to be applied. If this is used then `sentinel.config` is ignored |``| +| `sentinel.resources` | CPU/Memory for sentinel node resource requests/limits | `{}` | +| `sentinel.lifecycle` | Container Lifecycle Hooks for sentinel container | `{}` | +| `init.resources` | CPU/Memory for init Container node resource requests/limits | `{}` | +| `auth` | Enables or disables redis AUTH (Requires `redisPassword` to be set) | `false` | +| `redisPassword` | A password that configures a `requirepass` and `masterauth` in the conf parameters (Requires `auth: enabled`) |``| +| `authKey` | The key holding the redis password in an existing secret. | `auth` | +| `existingSecret` | An existing secret containing a key defined by `authKey` that configures `requirepass` and `masterauth` in the conf parameters (Requires `auth: enabled`, cannot be used in conjunction with `.Values.redisPassword`) |``| +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Toleration labels for pod assignment | `[]` | +| `hardAntiAffinity` | Whether the Redis server pods should be forced to run on separate nodes. | `true` | +| `additionalAffinities` | Additional affinities to add to the Redis server pods. | `{}` | +| `securityContext` | Security context to be added to the Redis server pods. | `{runAsUser: 1000, fsGroup: 1000, runAsNonRoot: true}` | +| `affinity` | Override all other affinity settings with a string. | `""` | +| `labels` | Labels for the Redis pod. | `{}` | +| `configmap.labels` | Labels for the Redis configmap. | `{}` | +| `persistentVolume.size` | Size for the volume | 10Gi | +| `persistentVolume.annotations` | Annotations for the volume | `{}` | +| `emptyDir` | Configuration of `emptyDir`, used only if persistentVolume is disabled and no hostPath specified | `{}` | +| `exporter.enabled` | If `true`, the prometheus exporter sidecar is enabled | `false` | +| `exporter.image` | Exporter image | `oliver006/redis_exporter` | +| `exporter.tag` | Exporter tag | `v1.15.1` | +| `exporter.port` | Exporter port | `9121` | +| `exporter.portName` | Exporter port name | `exporter-port` | +| `exporter.address` | Redis instance Hostname/Address Exists to circumvent some issues with issues in IPv6 hostname resolution | `localhost` | +| `exporter.annotations` | Prometheus scrape annotations | `{prometheus.io/path: /metrics, prometheus.io/port: "9121", prometheus.io/scrape: "true"}` | +| `exporter.extraArgs` | Additional args for the exporter | `{}` | +| `exporter.script` | A custom custom Lua script that will be mounted to exporter for collection of custom metrics. Creates a ConfigMap and sets env var `REDIS_EXPORTER_SCRIPT`. | | +| `exporter.serviceMonitor.enabled` | Use servicemonitor from prometheus operator | `false` | +| `exporter.serviceMonitor.namespace` | Namespace the service monitor is created in | `default` | +| `exporter.serviceMonitor.interval` | Scrape interval, If not set, the Prometheus default scrape interval is used | `nil` | +| `exporter.serviceMonitor.telemetryPath` | Path to redis-exporter telemetry-path | `/metrics` | +| `exporter.serviceMonitor.labels` | Labels for the servicemonitor passed to Prometheus Operator | `{}` | +| `exporter.serviceMonitor.timeout` | How long until a scrape request times out. If not set, the Prometheus default scape timeout is used | `nil` | +| `haproxy.enabled` | Enabled HAProxy LoadBalancing/Proxy | `false` | +| `haproxy.replicas` | Number of HAProxy instances | `3` | +| `haproxy.image.repository`| HAProxy Image Repository | `haproxy` | +| `haproxy.image.tag` | HAProxy Image Tag | `2.0.1` | +| `haproxy.image.pullPolicy`| HAProxy Image PullPolicy | `IfNotPresent` | +| `haproxy.imagePullSecrets`| Reference to one or more secrets to be used when pulling haproxy images | [] | +| `haproxy.annotations` | HAProxy template annotations | `{}` | +| `haproxy.customConfig` | Allows for custom config-haproxy.cfg file to be applied. If this is used then default config will be overwriten |``| +| `haproxy.extraConfig` | Allows to place any additional configuration section to add to the default config-haproxy.cfg |``| +| `haproxy.resources` | HAProxy resources | `{}` | +| `haproxy.emptyDir` | Configuration of `emptyDir` | `{}` | +| `haproxy.labels` | Labels for the HAProxy pod | `{}` | +| `haproxy.podSecurityPolicy.create` | Specifies whether a PodSecurityPolicy should be created | `false` | +| `haproxy.service.type` | HAProxy service type "ClusterIP", "LoadBalancer" or "NodePort" | `ClusterIP` | +| `haproxy.service.nodePort` | HAProxy service nodePort value (haproxy.service.type must be NodePort) | not set | +| `haproxy.service.externalTrafficPolicy`| HAProxy service externalTrafficPolicy value (haproxy.service.type must be LoadBalancer) | not set | +| `haproxy.service.annotations` | HAProxy service annotations | `{}` | +| `haproxy.stickyBalancing` | HAProxy sticky load balancing to Redis nodes. Helps with connections shutdown. | `false` | +| `haproxy.hapreadport.enable` | Enable a read only port for redis slaves | `false` | +| `haproxy.hapreadport.port` | Haproxy port for read only redis slaves | `6380` | +| `haproxy.metrics.enabled` | HAProxy enable prometheus metric scraping | `false` | +| `haproxy.metrics.port` | HAProxy prometheus metrics scraping port | `9101` | +| `haproxy.metrics.portName` | HAProxy metrics scraping port name | `http-exporter-port` | +| `haproxy.metrics.scrapePath` | HAProxy prometheus metrics scraping port | `/metrics` | +| `haproxy.metrics.serviceMonitor.enabled` | Use servicemonitor from prometheus operator for HAProxy metrics | `false` | +| `haproxy.metrics.serviceMonitor.namespace` | Namespace the service monitor for HAProxy metrics is created in | `default` | +| `haproxy.metrics.serviceMonitor.interval` | Scrape interval, If not set, the Prometheus default scrape interval is used | `nil` | +| `haproxy.metrics.serviceMonitor.telemetryPath` | Path to HAProxy metrics telemetry-path | `/metrics` | +| `haproxy.metrics.serviceMonitor.labels` | Labels for the HAProxy metrics servicemonitor passed to Prometheus Operator | `{}` | +| `haproxy.metrics.serviceMonitor.timeout` | How long until a scrape request times out. If not set, the Prometheus default scape timeout is used | `nil` | +| `haproxy.init.resources` | Extra init resources | `{}` | +| `haproxy.timeout.connect` | haproxy.cfg `timeout connect` setting | `4s` | +| `haproxy.timeout.server` | haproxy.cfg `timeout server` setting | `30s` | +| `haproxy.timeout.client` | haproxy.cfg `timeout client` setting | `30s` | +| `haproxy.timeout.check` | haproxy.cfg `timeout check` setting | `2s` | +| `haproxy.checkInterval` | haproxy.cfg `check inter` setting | `1s` | +| `haproxy.priorityClassName` | priorityClassName for `haproxy` deployment | not set | +| `haproxy.securityContext` | Security context to be added to the HAProxy deployment. | `{runAsUser: 1000, fsGroup: 1000, runAsNonRoot: true}` | +| `haproxy.hardAntiAffinity` | Whether the haproxy pods should be forced to run on separate nodes. | `true` | +| `haproxy.affinity` | Override all other haproxy affinity settings with a string. | `""` | +| `haproxy.additionalAffinities` | Additional affinities to add to the haproxy server pods. | `{}` | +| `podDisruptionBudget` | Pod Disruption Budget rules | `{}` | +| `priorityClassName` | priorityClassName for `redis-ha-statefulset` | not set | +| `hostPath.path` | Use this path on the host for data storage | not set | +| `hostPath.chown` | Run an init-container as root to set ownership on the hostPath | `true` | +| `sysctlImage.enabled` | Enable an init container to modify Kernel settings | `false` | +| `sysctlImage.command` | sysctlImage command to execute | [] | +| `sysctlImage.registry` | sysctlImage Init container registry | `docker.io` | +| `sysctlImage.repository` | sysctlImage Init container name | `busybox` | +| `sysctlImage.tag` | sysctlImage Init container tag | `1.31.1` | +| `sysctlImage.pullPolicy` | sysctlImage Init container pull policy | `Always` | +| `sysctlImage.mountHostSys`| Mount the host `/sys` folder to `/host-sys` | `false` | +| `sysctlImage.resources` | sysctlImage resources | `{}` | +| `schedulerName` | Alternate scheduler name | `nil` | +| `tls.secretName` | The name of secret if you want to use your own TLS certificates. The secret should contains keys named by "tls.certFile" - the certificate, "tls.keyFile" - the private key, "tls.caCertFile" - the certificate of CA and "tls.dhParamsFile" - the dh parameter file | ``| +| `tls.certFile` | Name of certificate file | `redis.crt` | +| `tls.keyFile` | Name of key file | `redis.key` | +| `tls.dhParamsFile` | Name of Diffie-Hellman (DH) key exchange parameters file |`` | +| `tls.caCertFile` | Name of CA certificate file | `ca.crt` | +| `restore.s3.source` | Restore init container - AWS S3 location of dump - i.e. s3://bucket/dump.rdb | `false` | +| `restore.s3.access_key` | Restore init container - AWS AWS_ACCESS_KEY_ID to access restore.s3.source |``| +| `restore.s3.secret_key` | Restore init container - AWS AWS_SECRET_ACCESS_KEY to access restore.s3.source |``| +| `restore.s3.region` | Restore init container - AWS AWS_REGION to access restore.s3.source |``| +| `restore.ssh.source` | Restore init container - SSH scp location of dump - i.e. user@server:/path/dump.rdb | `false` | +| `restore.ssh.key` | Restore init container - SSH private key to scp restore.ssh.source to init container. Key should be in one line separated with \n. i.e. -----BEGIN RSA PRIVATE KEY-----\n...\n...\n-----END RSA PRIVATE KEY----- |`` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```bash +$ helm repo add dandydev https://dandydeveloper.github.io/charts +$ helm install \ + --set image=redis \ + --set tag=5.0.5-alpine \ + dandydev/redis-ha +``` + +The above command sets the Redis server within `default` namespace. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml dandydev/redis-ha +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +## Custom Redis and Sentinel config options + +This chart allows for most redis or sentinel config options to be passed as a key value pair through the `values.yaml` under `redis.config` and `sentinel.config`. See links below for all available options. + +[Example redis.conf](http://download.redis.io/redis-stable/redis.conf) +[Example sentinel.conf](http://download.redis.io/redis-stable/sentinel.conf) + +For example `repl-timeout 60` would be added to the `redis.config` section of the `values.yaml` as: + +```yml + repl-timeout: "60" +``` + +Note: + +1. Some config options should be renamed by redis version,e.g.: + + ```yml + # In redis 5.x,see https://raw.githubusercontent.com/antirez/redis/5.0/redis.conf + min-replicas-to-write: 1 + min-replicas-max-lag: 5 + + # In redis 4.x and redis 3.x,see https://raw.githubusercontent.com/antirez/redis/4.0/redis.conf and https://raw.githubusercontent.com/antirez/redis/3.0/redis.conf + min-slaves-to-write 1 + min-slaves-max-lag 5 + ``` + +Sentinel options supported must be in the the `sentinel