Skip to content

Commit

Permalink
Merge branch 'develop' into 'master'
Browse files Browse the repository at this point in the history 
Chart 2.0 for NetBox 2.7.6

See merge request charts/netbox!11
  • Loading branch information
@bootc
bootc committed Feb 16, 2020
2 parents 98a3247 + b10b525 commit 6e11bff
Show file tree
Hide file tree
Showing 6 changed files with 133 additions and 50 deletions.
4 changes: 2 additions & 2 deletions Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v1
appVersion: 2.6.12
appVersion: 2.7.6
description: IP address management (IPAM) and data center infrastructure management (DCIM) tool
icon: https://raw.githubusercontent.com/netbox-community/netbox/develop/docs/netbox_logo.png
name: netbox
version: 1.0.4
version: 2.0.0
37 changes: 26 additions & 11 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,14 @@ $ helm delete my-release

## Upgrading

### From 1.x to 2.x

If you use an external Redis you will need to update your configuration values
due to the chart reflecting upstream changes in how it uses Redis. There are
now separate Redis configuration blocks for webhooks and for caching, though
they can both point at the same Redis instance as long as the database numbers
are different.

### From 0.x to 1.x

The chart dependencies on PostgreSQL and Redis have been upgraded, so you may
Expand All @@ -51,7 +59,7 @@ The following table lists the configurable parameters for this chart and their d
| --------------------------------------|---------------------------------------------------------------------|----------------------------------------------|
| `replicaCount` | The desired number of NetBox pods | `1` |
| `image.repository` | NetBox container image repository | `netboxcommunity/netbox` |
| `image.tag` | NetBox container image tag | `v2.6.12` |
| `image.tag` | NetBox container image tag | `v2.7.6` |
| `image.pullPolicy` | NetBox container image pull policy | `IfNotPresent` |
| `superuser.name` | Initial super-user account to create | `admin` |
| `superuser.email` | Email address for the initial super-user account | `[email protected]` |
Expand All @@ -65,6 +73,7 @@ The following table lists the configurable parameters for this chart and their d
| `banner.login` | Banner text to display on the login page | `""` |
| `basePath` | Base URL path if accessing NetBox within a directory | `""` |
| `cacheTimeout` | Cached object time-to-live, in seconds | `900` (15 minutes) |
| `changelogRetention` | Maximum number of days to retain logged changes (0 = forever) | `90` |
| `cors.originAllowAll` | [CORS]: allow all origins | `false` |
| `cors.originWhitelist` | [CORS]: list of origins authorised to make cross-site HTTP requests | `[]` |
| `cors.originRegexWhitelist` | [CORS]: list of regex strings matching authorised origins | `[]` |
Expand All @@ -88,7 +97,6 @@ The following table lists the configurable parameters for this chart and their d
| `paginateCount` | The default number of objects to display per page in the web UI | `50` |
| `preferIPv4` | Prefer devices' IPv4 address when determining their primary address | `false` |
| `metricsEnabled` | Expose Prometheus metrics at the `/metrics` HTTP endpoint | `false` |
| `webhooksEnabled` | Enable NetBox's outgoing webhook functionality | `true` |
| `timeZone` | The time zone NetBox will use when dealing with dates and times | `UTC` |
| `dateFormat` | Django date format for long-form date strings | `"N j, Y"` |
| `shortDateFormat` | Django date format for short-form date strings | `"Y-m-d"` |
Expand All @@ -109,17 +117,24 @@ The following table lists the configurable parameters for this chart and their d
| `externalDatabase.password` | Password for external PostgreSQL (see also `existingSecret`) | `""` |
| `externalDatabase.existingSecretName` | Fetch password for external PostgreSQL from a different `Secret` | `""` |
| `externalDatabase.existingSecretKey` | Key to fetch the password in the above `Secret` | `postgresql-password` |
| `redisDatabase` | Redis database number used for NetBox webhooks queue | `0` |
| `redisCacheDatabase` | Redis database number used for caching views, etc... | `1` |
| `redisTimeout` | Redis connection timeout, in seconds | `300` (5 minutes) |
| `redisSsl` | Enable SSL when connecting to Redis | `false` |
| `redis.enabled` | Deploy Redis using bundled Bitnami Redis chart | `true` |
| `redis.*` | Values under this key are passed to the bundled Redis chart | n/a |
| `externalRedis.host` | Redis host to use when `redis.enabled` is `false` | `localhost` |
| `externalRedis.port` | Port number for external Redis | `6379` |
| `externalRedis.password` | Password for external Redis (see also `existingSecret`) | `""` |
| `externalRedis.existingSecretName` | Fetch password for external Redis from a different `Secret` | `""` |
| `externalRedis.existingSecretKey` | Key to fetch the password in the above `Secret` | `redis-password` |
| `webhooksRedis.database` | Redis database number used for NetBox webhooks queue | `0` |
| `webhooksRedis.timeout` | Redis connection timeout, in seconds | `300` (5 minutes) |
| `webhooksRedis.ssl` | Enable SSL when connecting to Redis | `false` |
| `webhooksRedis.host` | Redis host to use when `redis.enabled` is `false` | `""` |
| `webhooksRedis.port` | Port number for external Redis | `6379` |
| `webhooksRedis.password` | Password for external Redis (see also `existingSecret`) | `""` |
| `webhooksRedis.existingSecretName` | Fetch password for external Redis from a different `Secret` | `""` |
| `webhooksRedis.existingSecretKey` | Key to fetch the password in the above `Secret` | `redis-password` |
| `cachingRedis.database` | Redis database number used for caching views | `1` |
| `cachingRedis.timeout` | Redis connection timeout, in seconds | `300` (5 minutes) |
| `cachingRedis.ssl` | Enable SSL when connecting to Redis | `false` |
| `cachingRedis.host` | Redis host to use when `redis.enabled` is `false` | `""` |
| `cachingRedis.port` | Port number for external Redis | `6379` |
| `cachingRedis.password` | Password for external Redis (see also `existingSecret`) | `""` |
| `cachingRedis.existingSecretName` | Fetch password for external Redis from a different `Secret` | `""` |
| `cachingRedis.existingSecretKey` | Key to fetch the password in the above `Secret` | `redis-password` |
| `imagePullSecrets` | List of `Secret` names containing private registry credentials | `[]` |
| `nameOverride` | Override the application name (`netbox`) used throughout the chart | `""` |
| `fullnameOverride` | Override the full name of resources created as part of the release | `""` |
Expand Down
62 changes: 46 additions & 16 deletions templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ metadata:
{{ include "netbox.labels" . | indent 4 }}
data:
configuration.py: |
import re
import yaml
def _load_yaml():
Expand All @@ -32,18 +33,32 @@ data:
{{- end -}}
{{- end -}})
NAPALM_PASSWORD = _load_secret('netbox', 'napalm_password')
REDIS['PASSWORD'] = _load_secret(
REDIS['webhooks']['PASSWORD'] = _load_secret(
{{- if .Values.redis.enabled -}}
'redis', 'redis-password'
{{- else -}}
{{- if .Values.externalRedis.existingSecretName -}}
'redis', {{ .Values.externalRedis.existingSecretKey | squote }}
{{- if .Values.webhooksRedis.existingSecretName -}}
'redis_webhooks', {{ .Values.webhooksRedis.existingSecretKey | squote }}
{{- else -}}
'netbox', 'redis_password'
{{- end -}}
{{- end -}})
REDIS['caching']['PASSWORD'] = _load_secret(
{{- if .Values.redis.enabled -}}
'redis', 'redis-password'
{{- else -}}
{{- if .Values.cachingRedis.existingSecretName -}}
'redis_caching', {{ .Values.cachingRedis.existingSecretKey | squote }}
{{- else -}}
'netbox', 'redis_cache_password'
{{- end -}}
{{- end -}})
SECRET_KEY = _load_secret('netbox', 'secret_key')
# Post-process certain values
CORS_ORIGIN_REGEX_WHITELIST = [re.compile(r) for r
in CORS_ORIGIN_REGEX_WHITELIST]
netbox.yaml: |
ALLOWED_HOSTS: {{ toJson .Values.allowedHosts }}
Expand All @@ -57,15 +72,19 @@ data:
HOST: {{ .Values.externalDatabase.host | quote }}
USER: {{ .Values.externalDatabase.username | quote }}
NAME: {{ .Values.externalDatabase.database | quote }}
PORT: {{ .Values.externalDatabase.port | int}}
PORT: {{ .Values.externalDatabase.port | int }}
{{- end }}
OPTIONS:
sslmode: {{ .Values.externalDatabase.sslMode | quote }}
CONN_MAX_AGE: {{ .Values.externalDatabase.connMaxAge | int }}
ADMINS: {{ toJson .Values.admins }}
BANNER_TOP: {{ .Values.banner.top | quote }}
BANNER_BOTTOM: {{ .Values.banner.bottom | quote }}
BANNER_LOGIN: {{ .Values.banner.login | quote }}
BASE_PATH: {{ .Values.basePath | quote }}
CACHE_TIMEOUT: {{ int .Values.cacheTimeout }}
CHANGELOG_RETENTION: {{ int .Values.changelogRetention }}
CORS_ORIGIN_ALLOW_ALL: {{ toJson .Values.cors.originAllowAll }}
CORS_ORIGIN_WHITELIST: {{ toJson .Values.cors.originWhitelist }}
CORS_ORIGIN_REGEX_WHITELIST: {{ toJson .Values.cors.originRegexWhitelist }}
Expand All @@ -91,22 +110,33 @@ data:
NAPALM_ARGS: {{ toJson .Values.napalm.args }}
PAGINATE_COUNT: {{ int .Values.paginateCount }}
PREFER_IPV4: {{ toJson .Values.preferIPv4 }}
WEBHOOKS_ENABLED: {{ toJson .Values.webhooksEnabled }}
REDIS:
{{ if .Values.redis.enabled -}}
HOST: {{ printf "%s-master" (include "netbox.redis.fullname" .) | quote }}
PORT: {{ .Values.redis.redisPort | int }}
{{- else -}}
HOST: {{ .Values.externalRedis.host | quote }}
PORT: {{ .Values.externalRedis.port | int}}
{{- end }}
DATABASE: {{ int .Values.redisDatabase }}
CACHE_DATABASE: {{ int .Values.redisCacheDatabase }}
DEFAULT_TIMEOUT: {{ int .Values.redisTimeout }}
SSL: {{ toJson .Values.redisSsl }}
webhooks:
{{ if .Values.redis.enabled -}}
HOST: {{ printf "%s-master" (include "netbox.redis.fullname" .) | quote }}
PORT: {{ .Values.redis.redisPort | int }}
{{- else -}}
HOST: {{ .Values.webhooksRedis.host | quote }}
PORT: {{ .Values.webhooksRedis.port | int}}
{{- end }}
DATABASE: {{ int .Values.webhooksRedis.database }}
DEFAULT_TIMEOUT: {{ int .Values.webhooksRedis.timeout }}
SSL: {{ toJson .Values.webhooksRedis.ssl }}
caching:
{{ if .Values.redis.enabled -}}
HOST: {{ printf "%s-master" (include "netbox.redis.fullname" .) | quote }}
PORT: {{ .Values.redis.redisPort | int }}
{{- else -}}
HOST: {{ .Values.cachingRedis.host | quote }}
PORT: {{ .Values.cachingRedis.port | int}}
{{- end }}
DATABASE: {{ int .Values.cachingRedis.database }}
DEFAULT_TIMEOUT: {{ int .Values.cachingRedis.timeout }}
SSL: {{ toJson .Values.cachingRedis.ssl }}
REPORTS_ROOT: /opt/netbox/netbox/reports
SCRIPTS_ROOT: /opt/netbox/netbox/scripts
TIME_ZONE: {{ .Values.timeZone | quote }}
DATE_FORMAT: {{ .Values.dateFormat | quote }}
SHORT_DATE_FORMAT: {{ .Values.shortDateFormat | quote }}
Expand Down
30 changes: 24 additions & 6 deletions templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,10 +72,21 @@ spec:
mountPath: /run/secrets/database
readOnly: true
{{- end }}
{{- if or .Values.redis.enabled .Values.externalRedis.existingSecretName }}
{{- if .Values.redis.enabled }}
- name: redis-secret
mountPath: /run/secrets/redis
readOnly: true
{{- else }}
{{- if .Values.webhooksRedis.existingSecretName }}
- name: redis-webhooks-secret
mountPath: /run/secrets/redis_webhooks
readOnly: true
{{- end }}
{{- if .Values.cachingRedis.existingSecretName }}
- name: redis-caching-secret
mountPath: /run/secrets/redis_caching
readOnly: true
{{- end }}
{{- end }}
- name: secrets
mountPath: /run/secrets/superuser_password
Expand Down Expand Up @@ -152,14 +163,21 @@ spec:
secretName: {{ .Values.externalDatabase.existingSecretName | quote }}
{{- end }}
{{- end }}
{{- if or .Values.redis.enabled .Values.externalRedis.existingSecretName }}
{{- if .Values.redis.enabled }}
- name: redis-secret
secret:
{{- if .Values.redis.enabled }}
secretName: {{ include "netbox.redis.fullname" . | quote }}
{{- else }}
secretName: {{ .Values.externalRedis.existingSecretName | quote }}
{{- end }}
{{- else }}
{{- if .Values.webhooksRedis.existingSecretName }}
- name: redis-webhooks-secret
secret:
secretName: {{ .Values.webhooksRedis.existingSecretName | quote }}
{{- end }}
{{- if .Values.cachingRedis.existingSecretName }}
- name: redis-caching-secret
secret:
secretName: {{ .Values.cachingRedis.existingSecretName | quote }}
{{- end }}
{{- end }}
{{- with .Values.extraVolumes }}
{{ toYaml . | indent 8 | trim }}
Expand Down
7 changes: 5 additions & 2 deletions templates/secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,11 @@ data:
{{ end -}}
email_password: {{ .Values.email.password | b64enc | quote }}
napalm_password: {{ .Values.napalm.password | b64enc | quote }}
{{ if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecretName) -}}
redis_password: {{ .Values.externalRedis.password | b64enc | quote }}
{{ if and (not .Values.redis.enabled) (not .Values.webhooksRedis.existingSecretName) -}}
redis_password: {{ .Values.webhooksRedis.password | b64enc | quote }}
{{ end -}}
{{ if and (not .Values.redis.enabled) (not .Values.cachingRedis.existingSecretName) -}}
redis_cache_password: {{ .Values.cachingRedis.password | b64enc | quote }}
{{ end -}}
secret_key: {{ .Values.secretKey | default (randAscii 60) | b64enc }}
superuser_password: {{ .Values.superuser.password | default (randAlphaNum 16) | b64enc }}
Expand Down
43 changes: 30 additions & 13 deletions values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ replicaCount: 1

image:
repository: netboxcommunity/netbox
tag: v2.6.12
tag: v2.7.6
pullPolicy: IfNotPresent

superuser:
Expand Down Expand Up @@ -50,6 +50,10 @@ basePath: ''
# (15 minutes).
cacheTimeout: 900

# Maximum number of days to retain logged changes. Set to 0 to retain change
# logs indefinitely. (Default: 90)
changelogRetention: 90

# API Cross-Origin Resource Sharing (CORS) settings. If originAllowAll
# is set to true, all origins will be allowed. Otherwise, define a list of
# allowed origins using either originWhitelist or originRegexWhitelist. For
Expand Down Expand Up @@ -131,9 +135,6 @@ preferIPv4: false
# Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'
metricsEnabled: false

# Webhooks can be disabled to remove the dependency on Redis.
webhooksEnabled: true

# Time zone (default: UTC)
timeZone: UTC

Expand All @@ -156,8 +157,10 @@ secretKey: ""
# externalDatabase.existingSecretName is blank)
# - email_password: SMTP user password
# - napalm_password: NAPALM user password
# - redis_password: Redis password (if redis.enabled is false and
# externalRedis.existingSecretName is blank)
# - redis_password: Redis password for webhooks Redis instance (if
# redis.enabled is false and webhooksRedis.existingSecretName is blank)
# - redis_cache_password: Redis password for caching Redis instance (if
# redis.enabled is false and cachingRedis.existingSecretName is blank)
# - secret_key: session encryption token (50+ random characters)
existingSecret: ""

Expand All @@ -180,25 +183,39 @@ externalDatabase:
password: ""
existingSecretName: ""
existingSecretKey: postgresql-password

redisDatabase: 0
redisCacheDatabase: 1
redisTimeout: 300
redisSsl: false
sslMode: prefer
connMaxAge: 300

redis:
## Deploy Redis using bundled chart
# To use an external Redis instance, set this to false and configure the
# settings under externalRedis
# settings under *both* webhooksRedis *and* cachingRedis
enabled: true

externalRedis:
webhooksRedis:
database: 0
timeout: 300
ssl: false

# Used only when redis.enabled is false
host: localhost
port: 6379
password: ""
existingSecretName: ""
existingSecretKey: redis-password

cachingRedis:
database: 1
timeout: 300
ssl: false

# Used only when redis.enabled is false
host: ""
port: 6379
password: ""
existingSecretName: ""
existingSecretKey: redis-password

imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
Expand Down

0 comments on commit 6e11bff

Please sign in to comment.