├── .ci ├── README.md ├── auto_assign.yml ├── ct-config.yaml └── kind-config.yaml ├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── PULL_REQUEST_TEMPLATE.md └── workflows │ ├── publish.yml │ └── test.yaml ├── LICENSE ├── MAINTAINERS.md ├── README.md ├── artifacthub-repo.yml └── charts ├── grafana-agent ├── .helmignore ├── Chart.lock ├── Chart.yaml ├── README.md ├── charts │ └── consul-1.3.2.tgz ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── clusterrole.yaml │ ├── clusterrolebinding.yaml │ ├── configmap.yaml │ ├── daemonset.yaml │ ├── deployment.yaml │ ├── hooks │ │ └── config-reload-job.yaml │ ├── service.yaml │ ├── serviceaccount.yaml │ └── tests │ │ └── test-connection.yaml └── values.yaml └── redis-ha ├── .helmignore ├── Chart.yaml ├── README.md ├── README.md.gotmpl ├── ci ├── haproxy-enabled-values.yaml └── multi-value-configs-values.yaml ├── templates ├── NOTES.txt ├── _configs.tpl ├── _helpers.tpl ├── redis-auth-secret.yaml ├── redis-ha-announce-service.yaml ├── redis-ha-configmap.yaml ├── redis-ha-exporter-script-configmap.yaml ├── redis-ha-health-configmap.yaml ├── redis-ha-network-policy.yaml ├── redis-ha-pdb.yaml ├── redis-ha-prometheus-rule.yaml ├── redis-ha-role.yaml ├── redis-ha-rolebinding.yaml ├── redis-ha-secret.yaml ├── redis-ha-service.yaml ├── redis-ha-serviceaccount.yaml ├── redis-ha-servicemonitor.yaml ├── redis-ha-statefulset.yaml ├── redis-haproxy-deployment.yaml ├── redis-haproxy-network-policy.yaml ├── redis-haproxy-pdb.yaml ├── redis-haproxy-role.yaml ├── redis-haproxy-rolebinding.yaml ├── redis-haproxy-service.yaml ├── redis-haproxy-serviceaccount.yaml ├── redis-haproxy-servicemonitor.yaml ├── redis-tls-secret.yaml ├── sentinel-auth-secret.yaml └── tests │ ├── test-redis-ha-configmap.yaml │ └── test-redis-ha-pod.yaml └── values.yaml /.ci/README.md: -------------------------------------------------------------------------------- 1 | # CI Testing Directory 2 | 3 | ### Overview 4 | This contains the configuration files for tests that take place through the GitHub actions. 5 | 6 | ### ct-config.yaml 7 | This is the "Chart Testing" config file used by the [test.yml](https://github.com/DandyDeveloper/charts/blob/692f5d10163df10516b8f25b4b57f97013aa650b/.github/workflows/test.yaml#L32) 8 | 9 | ### kind-config.yaml 10 | Used by the [kind action](https://github.com/DandyDeveloper/charts/blob/692f5d10163df10516b8f25b4b57f97013aa650b/.github/workflows/test.yaml#L18) -------------------------------------------------------------------------------- /.ci/auto_assign.yml: -------------------------------------------------------------------------------- 1 | # Set to true to add reviewers to pull requests 2 | addReviewers: true 3 | 4 | # Set to true to add assignees to pull requests 5 | addAssignees: true 6 | 7 | # A list of reviewers to be added to pull requests (GitHub user name) 8 | reviewers: 9 | - DandyDeveloper 10 | 11 | # A list of keywords to be skipped the process that add reviewers if pull requests include it 12 | skipKeywords: 13 | - wip 14 | - donotmerge 15 | 16 | # A number of reviewers added to the pull request 17 | # Set 0 to add all the reviewers (default: 0) 18 | numberOfReviewers: 0 -------------------------------------------------------------------------------- /.ci/ct-config.yaml: -------------------------------------------------------------------------------- 1 | # See https://github.com/helm/chart-testing#configuration 2 | remote: origin 3 | chart-dirs: 4 | - charts 5 | -------------------------------------------------------------------------------- /.ci/kind-config.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | - role: worker 6 | - role: worker 7 | - role: worker 8 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | @dandydeveloper -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: "[chart/][BUG]" 5 | labels: bug 6 | assignees: DandyDeveloper 7 | 8 | --- 9 | 10 | **Describe the bug** 11 | A clear and concise description of what the bug is. 12 | 13 | **To Reproduce** 14 | Steps to reproduce the behavior: 15 | 1. Go to '...' 16 | 2. Click on '....' 17 | 3. Scroll down to '....' 18 | 4. See error 19 | 20 | **Expected behavior** 21 | A clear and concise description of what you expected to happen. 22 | 23 | **Additional context** 24 | Add any other context about the problem here. 25 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: "[chart/][REQUEST] " 5 | labels: enhancement 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | #### What this PR does / why we need it: 2 | 3 | #### Which issue this PR fixes 4 | *(optional, in `fixes #(, fixes #, ...)` format, will close that issue when PR gets merged)* 5 | - fixes # 6 | 7 | #### Special notes for your reviewer: 8 | 9 | #### Checklist 10 | [Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.] 11 | - [ ] [DCO](https://github.com/helm/charts/blob/master/CONTRIBUTING.md#sign-your-work) signed 12 | - [ ] Chart Version bumped 13 | - [ ] Variables are documented in the README.md 14 | - [ ] Title of the PR starts with chart name (e.g. `[stable/mychartname]`) 15 | -------------------------------------------------------------------------------- /.github/workflows/publish.yml: -------------------------------------------------------------------------------- 1 | name: Publish Charts to /docs 2 | 3 | on: 4 | push: 5 | branches: [ master ] 6 | 7 | jobs: 8 | release: 9 | runs-on: ubuntu-latest 10 | 11 | permissions: 12 | contents: write 13 | packages: write 14 | 15 | outputs: 16 | changed_charts: ${{ steps.chart-releaser.outputs.changed_charts }} 17 | version: ${{ steps.chart-releaser.outputs.chart_version }} 18 | 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@v4 22 | with: 23 | fetch-depth: 0 24 | 25 | - name: Configure Git 26 | run: | 27 | git config user.name "$GITHUB_ACTOR" 28 | git config user.email "$GITHUB_ACTOR@users.noreply.github.com" 29 | 30 | - name: Set up Helm 31 | uses: azure/setup-helm@v4.3.0 32 | with: 33 | version: v3.12.0 34 | 35 | - name: Install Helm Deps 36 | run: | 37 | for dir in $(ls -d charts/*/); do 38 | helm dependency list $dir 2> /dev/null | tail +2 | head -n -1 | awk '{ print "helm repo add " $1 " " $3 }' | while read cmd; do $cmd; done 39 | done 40 | 41 | - name: Run chart-releaser 42 | id: chart-releaser 43 | uses: helm/chart-releaser-action@v1.7.0 44 | env: 45 | CR_TOKEN: "${{ secrets.CR_TOKEN }}" 46 | CR_GENERATE_RELEASE_NOTES: true 47 | 48 | - name: Login to GitHub Container Registry 49 | uses: docker/login-action@v3.3.0 50 | with: 51 | registry: ghcr.io 52 | username: ${{ github.actor }} 53 | password: ${{ secrets.CR_TOKEN }} 54 | 55 | - name: Push charts to GHCR # Can't use variables in the push due to case sensitivty. 56 | run: | 57 | shopt -s nullglob 58 | for pkg in .cr-release-packages/*; do 59 | if [ -z "${pkg:-}" ]; then 60 | break 61 | fi 62 | helm push "${pkg}" "oci://ghcr.io/dandydeveloper/charts" 63 | done -------------------------------------------------------------------------------- /.github/workflows/test.yaml: -------------------------------------------------------------------------------- 1 | name: "Test using kind and chart-testing tool" 2 | on: 3 | push: 4 | branches: 5 | - master 6 | pull_request: 7 | branches: 8 | - master 9 | 10 | jobs: 11 | test: 12 | strategy: 13 | fail-fast: false 14 | matrix: 15 | kubernetesVersion: ["v1.29.2", "v1.26.14"] 16 | runs-on: ubuntu-latest 17 | if: github.ref != 'refs/heads/master' 18 | steps: 19 | - name: Checkout 20 | uses: actions/checkout@v2 21 | with: 22 | fetch-depth: 0 23 | 24 | - name: Shellcheck 25 | uses: ludeeus/action-shellcheck@0.1.0 26 | 27 | - name: Set up Helm 28 | uses: azure/setup-helm@v4.2.0 29 | 30 | - uses: actions/setup-python@v5 31 | with: 32 | python-version: '3.13' 33 | 34 | - name: Set up chart-testing 35 | uses: helm/chart-testing-action@v2.0.1 36 | 37 | - name: Run chart-testing (list-changed) 38 | id: list-changed 39 | run: | 40 | changed=$(ct list-changed) 41 | if [[ -n "$changed" ]]; then 42 | echo "::set-output name=changed::true" 43 | fi 44 | 45 | - name: Create kind cluster 46 | uses: helm/kind-action@v1.9.0 47 | if: steps.list-changed.outputs.changed == 'true' 48 | with: 49 | node_image: "kindest/node:${{ matrix.kubernetesVersion }}" 50 | config: .ci/kind-config.yaml 51 | 52 | - name: Verify kind 53 | if: steps.list-changed.outputs.changed == 'true' 54 | run: | 55 | kubectl cluster-info 56 | kubectl get nodes -o wide 57 | kubectl get pods -n kube-system 58 | 59 | - name: Run chart-testing linting (lint) 60 | run: ct lint --config .ci/ct-config.yaml --chart-repos hashicorp=https://helm.releases.hashicorp.com 61 | 62 | - name: Run chart-testing (install) 63 | run: ct install --config .ci/ct-config.yaml 64 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright 2020 The KEDA Authors. 191 | 192 | and others that have contributed code to the public domain. 193 | 194 | Licensed under the Apache License, Version 2.0 (the "License"); 195 | you may not use this file except in compliance with the License. 196 | You may obtain a copy of the License at 197 | 198 | http://www.apache.org/licenses/LICENSE-2.0 199 | 200 | Unless required by applicable law or agreed to in writing, software 201 | distributed under the License is distributed on an "AS IS" BASIS, 202 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 203 | See the License for the specific language governing permissions and 204 | limitations under the License. -------------------------------------------------------------------------------- /MAINTAINERS.md: -------------------------------------------------------------------------------- 1 | # Helm Chart Maintainers 2 | 3 | ## Current 4 | 5 | | Maintainer | GitHub ID 6 | | -------------------- | ------------------------------------------------------| 7 | | Aaron Layfield | [dandydeveloper](https://github.com/dandydeveloper) | 8 | | Salim Salaues | [ssalaues](https://github.com/ssalaues) | 9 | 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/dandydev-charts)](https://artifacthub.io/packages/search?repo=dandydev-charts) 2 | 3 | ### Charts for numerous projects. Migrated from `helm/stable` due to deprecation timeline. 4 | 5 | Charts are deployed via Github Actions to the `gh-pages` branch. 6 | -------------------------------------------------------------------------------- /artifacthub-repo.yml: -------------------------------------------------------------------------------- 1 | repositoryID: 97c48e9b-3ece-4ce3-a888-6f3a63f2734a 2 | owners: 3 | - name: Aaron Layfield 4 | email: aaron.layfield@gmail.com 5 | -------------------------------------------------------------------------------- /charts/grafana-agent/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/grafana-agent/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: consul 3 | repository: https://helm.releases.hashicorp.com 4 | version: 1.3.2 5 | digest: sha256:48bd505ab89ecc7beccaf617e79b50ae874dcb89dba8039b36bf09315201aaf2 6 | generated: "2024-02-05T22:39:53.273807587Z" 7 | -------------------------------------------------------------------------------- /charts/grafana-agent/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: grafana-agent 3 | description: Deploy an instance of the Grafana agent on all appropriate nodes for scraping Prometheus metrics. 4 | type: application 5 | home: https://grafana.com/docs/agent/latest/ 6 | version: 0.19.1 7 | appVersion: "v0.20.0" 8 | keywords: 9 | - monitoring 10 | - prometheus 11 | - cortex 12 | dependencies: 13 | - name: consul 14 | version: 1.3.2 15 | repository: https://helm.releases.hashicorp.com 16 | condition: scrapingServiceMode.enabled 17 | maintainers: 18 | - email: aaron.layfield@gmail.com 19 | name: dandydeveloper 20 | sources: 21 | - https://grafana.com/docs/agent/latest/ 22 | - https://github.com/DandyDeveloper/charts/blob/master/charts/grafana-agent 23 | - https://github.com/hashicorp/consul 24 | -------------------------------------------------------------------------------- /charts/grafana-agent/README.md: -------------------------------------------------------------------------------- 1 | # Grafana Agent 2 | 3 | [Grafana Agent](https://grafana.com/docs/agent/latest/) is an alternative to Prometheus specifically crafted for remote writes. Grafana Agent removes the fluff from Prometheus to provide a more compact experience with Prometheus. 4 | 5 | ## TL;DR 6 | 7 | ```bash 8 | helm repo add dandydev https://dandydeveloper.github.io/charts 9 | helm install dandydev/grafana-agent 10 | ``` 11 | 12 | By default, this chart will install a DaemonSet across all nodes. Those agents will scrape the metrics from the local node and its resources. 13 | 14 | ## Introduction 15 | 16 | This chart bootstraps a [Grafana Agent](https://grafana.com/docs/agent/latest/). 17 | 18 | ## Prerequisites 19 | 20 | * Kubernetes 1.15+ 21 | * PV provisioner support in the underlying infrastructure (if scrapingService.enabled) 22 | 23 | ## Installing the Chart 24 | 25 | To install the chart 26 | 27 | ```bash 28 | helm repo add dandydev https://dandydeveloper.github.io/charts 29 | helm install dandydev/grafana-agent 30 | ``` 31 | 32 | ## Uninstalling the Chart 33 | 34 | To uninstall/delete the deployment: 35 | 36 | ```bash 37 | helm delete 38 | ``` 39 | 40 | The command removes all the Kubernetes components associated with the chart and deletes the release. 41 | 42 | ## Configuration 43 | 44 | The following table lists the configurable parameters of the Grafana Agent chart and their default values. 45 | 46 | | Parameter | Description | Default | 47 | |:--------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------| 48 | | `image.repository` | Grafana Agent image | `grafana/agent` | 49 | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | 50 | | `image.tag` | Grafana Agent tag | `` | 51 | | `imagePullSecrets` | Pull secret for private repository | [] | 52 | | `nameOverride` | Release name override | `` | 53 | | `fullnameOverride` | Full name overrie for release | `` | 54 | | `extraVolumeMounts` | Extra Volume mounts | `[]` | 55 | | `extraVolumes` | Extra Volume | `[]` | 56 | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | 57 | | `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the grafana-agent.fullname template | 58 | | `serviceAccount.annotations` | Service Account annotations | `{}` | 59 | | `replicaCount` | Number of replicas of Grafana Agent deployment (only relevant for service scraping mode) | `3` | 60 | | `podAnnotations` | Pod annotations | `{}` | 61 | | `podSecurityContext` | Pod Security Context | `{}` | 62 | | `securityContext.privileged` | Run as privileged user | `true` | 63 | | `service.type` | Service Type | `ClusterIP` | 64 | | `service.port` | Kubernetes service port | `80` | 65 | | `resources` | Kubernetes pod resources | `{}` | 66 | | `nodeSelector` | Pod node selector | `{}` | 67 | | `config.logLevel` | Server log_level | `info` | 68 | | `config.existingConfigMap` | An existing ConfigMap entity that already exists, or is deployed by a parent chart | `""` | 69 | | `config.prometheus.walDir` | Directory mount point for Grafana Agent WAL | `/var/lib/agent/data` | 70 | | `config.prometheus.remoteWrite.url` | URL for the upstream federated Prometheus / Cortex instance | `""` | 71 | | `config.prometheus.remoteWrite.auth.username` | Remote write username | `nil` | 72 | | `config.prometheus.remoteWrite.auth.password` | Remote write password | `nil` | 73 | | `config.prometheus.scrapeInterval` | Global scrape interval | `15s` | 74 | | `config.prometheus.externalLabels` | External labels | `{}` | 75 | | `config.prometheus.configs`| Scrape configs / General configs for the Prometheus scraping | `[]` | 76 | | `scrapingServiceMode.enabled` | Enabled scraping service mode. See below for more details | `false` | 77 | 78 | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, 79 | 80 | ```bash 81 | $ helm repo add dandydev https://dandydeveloper.github.io/charts 82 | $ helm install \ 83 | --set tag=1.7.0 \ 84 | dandydev/grafana-agent 85 | ``` 86 | 87 | The above command deploys a DaemonSet of the Grafana Agent in the `default` namespace. 88 | 89 | # Scraping Service Mode 90 | [Scraping Service mode](https://grafana.com/docs/agent/latest/scraping-service/) 91 | -------------------------------------------------------------------------------- /charts/grafana-agent/charts/consul-1.3.2.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DandyDeveloper/charts/48189ab00d40ce80c349c7ce74ab85fb6b818e33/charts/grafana-agent/charts/consul-1.3.2.tgz -------------------------------------------------------------------------------- /charts/grafana-agent/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Grafana Agent has now been deployed to all nodes matching your nodeSelect / tolerations. 2 | 3 | Pods should be visible from {{ .Release.Namespace }} and scraping metrics via the defined Prometheus config that has been provided. -------------------------------------------------------------------------------- /charts/grafana-agent/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "grafana-agent.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "grafana-agent.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "grafana-agent.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "grafana-agent.labels" -}} 37 | helm.sh/chart: {{ include "grafana-agent.chart" . }} 38 | {{ include "grafana-agent.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "grafana-agent.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "grafana-agent.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | 53 | {{/* 54 | Create the name of the service account to use 55 | */}} 56 | {{- define "grafana-agent.serviceAccountName" -}} 57 | {{- if .Values.serviceAccount.create }} 58 | {{- default (include "grafana-agent.name" .) .Values.serviceAccount.name }} 59 | {{- else }} 60 | {{- default "default" .Values.serviceAccount.name }} 61 | {{- end }} 62 | {{- end }} 63 | 64 | {{- define "grafana-agent.scrapingConfigFilename" -}} 65 | scrapingModeConfig.yaml 66 | {{- end }} 67 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: {{ include "grafana-agent.name" . }} 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - nodes 10 | - nodes/proxy 11 | - services 12 | - endpoints 13 | - pods 14 | verbs: 15 | - get 16 | - list 17 | - watch 18 | - nonResourceURLs: 19 | - /metrics 20 | verbs: 21 | - get 22 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: {{ include "grafana-agent.name" . }} 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: {{ include "grafana-agent.name" . }} 9 | subjects: 10 | - kind: ServiceAccount 11 | name: {{ include "grafana-agent.name" . }} 12 | namespace: {{ .Release.Namespace }} 13 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.config.existingConfigMap -}} 2 | {{- $prometheusConfigs := tpl .Values.config.prometheus.configs . -}} 3 | kind: ConfigMap 4 | apiVersion: v1 5 | metadata: 6 | name: {{ include "grafana-agent.fullname" . }} 7 | data: 8 | agent.yml: | 9 | server: 10 | log_level: {{ .Values.config.logLevel }} 11 | {{- if .Values.config.prometheus.enabled }} 12 | prometheus: 13 | global: 14 | scrape_interval: {{ .Values.config.prometheus.scrapeInterval }} 15 | {{- if .Values.config.prometheus.externalLabels }} 16 | external_labels: 17 | {{ toYaml .Values.config.prometheus.externalLabels }} 18 | {{- end }} 19 | wal_directory: {{ .Values.config.prometheus.walDir }} 20 | {{- if .Values.scrapingServiceMode.enabled }} 21 | scraping_service: 22 | enabled: true 23 | dangerous_allow_reading_files: true 24 | kvstore: 25 | store: consul 26 | consul: 27 | host: grafana-agent-consul-server:8500 28 | lifecycler: 29 | ring: 30 | replication_factor: 2 31 | kvstore: 32 | store: consul 33 | consul: 34 | host: grafana-agent-consul-server:8500 35 | {{- end }} 36 | {{ if not .Values.scrapingServiceMode.enabled -}} 37 | {{ printf "configs:" | indent 2 }} 38 | {{- $prometheusConfigs | nindent 8 }} 39 | {{- end }} 40 | {{- end }} 41 | {{- if .Values.config.tempo.enabled }} 42 | tempo: 43 | configs: 44 | {{- .Values.config.tempo.configs | nindent 8 }} 45 | {{- end }} 46 | {{- if .Values.config.loki.enabled }} 47 | loki: 48 | {{- .Values.config.loki.configs | nindent 6 }} 49 | {{- end }} 50 | 51 | {{- if .Values.scrapingServiceMode.enabled }} 52 | {{ include "grafana-agent.scrapingConfigFilename" . }}: | 53 | {{- $prometheusConfigs | nindent 4 }} 54 | {{- end }} 55 | {{- end }} -------------------------------------------------------------------------------- /charts/grafana-agent/templates/daemonset.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.scrapingServiceMode.enabled }} 2 | apiVersion: apps/v1 3 | kind: DaemonSet 4 | metadata: 5 | name: {{ include "grafana-agent.fullname" . }} 6 | labels: 7 | {{- include "grafana-agent.labels" . | nindent 4 }} 8 | spec: 9 | minReadySeconds: 10 10 | selector: 11 | matchLabels: 12 | {{- include "grafana-agent.selectorLabels" . | nindent 6 }} 13 | template: 14 | metadata: 15 | annotations: 16 | checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} 17 | {{- with .Values.podAnnotations }} 18 | {{- toYaml . | nindent 8 }} 19 | {{- end }} 20 | labels: 21 | {{- include "grafana-agent.selectorLabels" . | nindent 8 }} 22 | spec: 23 | {{- with .Values.imagePullSecrets }} 24 | imagePullSecrets: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | serviceAccountName: {{ include "grafana-agent.serviceAccountName" . }} 28 | securityContext: 29 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 30 | containers: 31 | - name: {{ .Chart.Name }} 32 | args: 33 | - -config.file=/etc/agent/agent.yml 34 | - -prometheus.wal-directory=/tmp/agent/data 35 | command: 36 | - /bin/agent 37 | securityContext: 38 | {{- toYaml .Values.securityContext | nindent 12 }} 39 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 40 | imagePullPolicy: {{ .Values.image.pullPolicy }} 41 | ports: 42 | - name: http 43 | containerPort: 80 44 | protocol: TCP 45 | env: 46 | - name: HOSTNAME 47 | valueFrom: 48 | fieldRef: 49 | fieldPath: spec.nodeName 50 | livenessProbe: 51 | httpGet: 52 | path: /-/healthy 53 | port: http 54 | initialDelaySeconds: 60 55 | readinessProbe: 56 | httpGet: 57 | path: /-/ready 58 | port: http 59 | initialDelaySeconds: 60 60 | resources: 61 | {{- toYaml .Values.resources | nindent 12 }} 62 | volumeMounts: 63 | - name: config 64 | mountPath: /etc/agent 65 | - name: wal-dir 66 | mountPath: {{ .Values.config.prometheus.walDir }} 67 | {{- with .Values.extraVolumeMounts }} 68 | {{- toYaml . | nindent 12 }} 69 | {{- end }} 70 | {{- with .Values.nodeSelector }} 71 | nodeSelector: 72 | {{- toYaml . | nindent 8 }} 73 | {{- end }} 74 | {{- with .Values.affinity }} 75 | affinity: 76 | {{- toYaml . | nindent 8 }} 77 | {{- end }} 78 | {{- with .Values.tolerations }} 79 | tolerations: 80 | {{- toYaml . | nindent 8 }} 81 | {{- end }} 82 | volumes: 83 | - configMap: 84 | name: {{ default (printf "%s" (include "grafana-agent.fullname" .)) .Values.config.existingConfigMap }} 85 | name: config 86 | - name: wal-dir 87 | emptyDir: {} 88 | {{- with .Values.extraVolumes }} 89 | {{- toYaml . | nindent 8 }} 90 | {{- end }} 91 | {{- end }} 92 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.scrapingServiceMode.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ include "grafana-agent.fullname" . }} 6 | labels: 7 | {{- include "grafana-agent.labels" . | nindent 4 }} 8 | spec: 9 | replicas: {{ .Values.replicaCount }} 10 | minReadySeconds: 10 11 | selector: 12 | matchLabels: 13 | {{- include "grafana-agent.selectorLabels" . | nindent 6 }} 14 | strategy: 15 | type: {{ default "Recreate" .Values.updateStrategy }} 16 | template: 17 | metadata: 18 | annotations: 19 | checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} 20 | {{- with .Values.podAnnotations }} 21 | {{- toYaml . | nindent 8 }} 22 | {{- end }} 23 | labels: 24 | {{- include "grafana-agent.selectorLabels" . | nindent 8 }} 25 | spec: 26 | {{- with .Values.imagePullSecrets }} 27 | imagePullSecrets: 28 | {{- toYaml . | nindent 8 }} 29 | {{- end }} 30 | serviceAccountName: {{ include "grafana-agent.serviceAccountName" . }} 31 | securityContext: 32 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 33 | containers: 34 | - name: {{ .Chart.Name }} 35 | args: 36 | - -config.file=/etc/agent/agent.yml 37 | - -prometheus.wal-directory=/tmp/agent/data 38 | command: 39 | - /bin/agent 40 | securityContext: 41 | {{- toYaml .Values.securityContext | nindent 12 }} 42 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 43 | imagePullPolicy: {{ .Values.image.pullPolicy }} 44 | ports: 45 | - name: http 46 | containerPort: 80 47 | protocol: TCP 48 | env: 49 | - name: HOSTNAME 50 | valueFrom: 51 | fieldRef: 52 | fieldPath: spec.nodeName 53 | livenessProbe: 54 | httpGet: 55 | path: /-/healthy 56 | port: http 57 | initialDelaySeconds: 60 58 | readinessProbe: 59 | httpGet: 60 | path: /-/ready 61 | port: http 62 | initialDelaySeconds: 60 63 | resources: 64 | {{- toYaml .Values.resources | nindent 12 }} 65 | volumeMounts: 66 | - name: config 67 | mountPath: /etc/agent 68 | - name: wal-dir 69 | mountPath: {{ .Values.config.prometheus.walDir }} 70 | {{- with .Values.extraVolumeMounts }} 71 | {{- toYaml . | nindent 12 }} 72 | {{- end }} 73 | {{- with .Values.nodeSelector }} 74 | nodeSelector: 75 | {{- toYaml . | nindent 8 }} 76 | {{- end }} 77 | {{- with .Values.affinity }} 78 | affinity: 79 | {{- toYaml . | nindent 8 }} 80 | {{- end }} 81 | {{- with .Values.tolerations }} 82 | tolerations: 83 | {{- toYaml . | nindent 8 }} 84 | {{- end }} 85 | volumes: 86 | - configMap: 87 | name: {{ default (printf "%s" (include "grafana-agent.fullname" .)) .Values.config.existingConfigMap }} 88 | name: config 89 | - name: wal-dir 90 | emptyDir: {} 91 | {{- with .Values.extraVolumes }} 92 | {{- toYaml . | nindent 8 }} 93 | {{- end }} 94 | {{- end }} 95 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/hooks/config-reload-job.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.scrapingServiceMode.enabled }} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ include "grafana-agent.fullname" . }}-update-config 6 | labels: 7 | {{- include "grafana-agent.labels" . | nindent 4 }} 8 | annotations: 9 | "helm.sh/hook": post-install,post-upgrade 10 | "helm.sh/hook-weight": "-5" 11 | spec: 12 | ttlSecondsAfterFinished: 10 13 | template: 14 | spec: 15 | containers: 16 | - name: agent-config-sync 17 | image: grafana/agentctl 18 | args: 19 | - config-sync 20 | - /etc/agent/{{ include "grafana-agent.scrapingConfigFilename" . }} 21 | - --addr 22 | - http://grafana-agent:80 23 | volumeMounts: 24 | - name: config 25 | mountPath: /etc/agent 26 | restartPolicy: Never 27 | volumes: 28 | - configMap: 29 | name: {{ include "grafana-agent.fullname" . }} 30 | name: config 31 | {{- end }} 32 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "grafana-agent.fullname" . }} 5 | labels: 6 | {{- include "grafana-agent.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "grafana-agent.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "grafana-agent.serviceAccountName" . }} 6 | labels: 7 | {{- include "grafana-agent.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/grafana-agent/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "grafana-agent.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "grafana-agent.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "grafana-agent.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/grafana-agent/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for grafana-agent. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | image: 5 | repository: grafana/agent 6 | pullPolicy: IfNotPresent 7 | # Overrides the image tag whose default is the chart appVersion. 8 | tag: "" 9 | 10 | imagePullSecrets: [] 11 | nameOverride: "" 12 | fullnameOverride: "" 13 | 14 | extraVolumeMounts: [] 15 | # Scrape k8s logs 16 | # - name: containers 17 | # mountPath: /var/lib/docker/containers 18 | # readOnly: true 19 | #- name: pods 20 | # mountPath: /var/log/pods 21 | # readOnly: true 22 | 23 | extraVolumes: [] 24 | # Scrape k8s logs 25 | #- name: containers 26 | # hostPath: 27 | # path: /var/lib/docker/containers 28 | #- name: pods 29 | # hostPath: 30 | # path: /var/log/pods 31 | 32 | # Only relevant if scrapingMode.enabled is true 33 | # Delcares # of replicas for Grafana Agent deployment 34 | replicaCount: 3 35 | 36 | updateStrategy: Recreate 37 | 38 | serviceAccount: 39 | # Specifies whether a service account should be created 40 | create: true 41 | # Annotations to add to the service account 42 | annotations: {} 43 | # The name of the service account to use. 44 | # If not set and create is true, a name is generated using the fullname template 45 | name: "" 46 | 47 | podAnnotations: {} 48 | 49 | podSecurityContext: {} 50 | # fsGroup: 2000 51 | 52 | securityContext: 53 | privileged: true 54 | runAsUser: 0 55 | 56 | service: 57 | type: ClusterIP 58 | port: 80 59 | 60 | resources: {} 61 | # We usually recommend not to specify default resources and to leave this as a conscious 62 | # choice for the user. This also increases chances charts run on environments with little 63 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 64 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 65 | # limits: 66 | # cpu: 100m 67 | # memory: 128Mi 68 | # requests: 69 | # cpu: 100m 70 | # memory: 128Mi 71 | 72 | nodeSelector: {} 73 | 74 | tolerations: 75 | - effect: NoSchedule 76 | operator: Exists 77 | 78 | affinity: {} 79 | 80 | # Currently only supports Prometheus 'configs'. 81 | # Other telemetary options will be added overtime. 82 | config: 83 | logLevel: info 84 | # Populate this to provide an existing config for Grafana Agent. This disables the charts configMap. 85 | existingConfigMap: "" 86 | loki: 87 | enabled: true 88 | configs: | 89 | positions_directory: /tmp/loki-positions 90 | configs: 91 | - name: default 92 | clients: 93 | - url: http://localhost:3100/loki/api/v1/push 94 | scrape_configs: 95 | - job_name: system 96 | static_configs: 97 | - targets: ['localhost'] 98 | labels: 99 | job: varlogs 100 | __path__: /var/log/*log 101 | tempo: 102 | enabled: true 103 | configs: | 104 | - name: default 105 | receivers: 106 | jaeger: 107 | protocols: 108 | thrift_http: 109 | attributes: 110 | actions: 111 | - action: upsert 112 | key: env 113 | value: prod 114 | remote_write: 115 | - endpoint: tempo:55680 116 | insecure: true 117 | batch: 118 | timeout: 5s 119 | send_batch_size: 100 120 | automatic_logging: 121 | backend: loki 122 | loki_name: default 123 | spans: true 124 | processes: true 125 | roots: true 126 | prometheus: 127 | enabled: true 128 | walDir: /var/lib/agent/data 129 | scrapeInterval: 15s 130 | externalLabels: {} 131 | remoteWrite: 132 | url: http://cortex.default.svc.cluster.local 133 | auth: 134 | # username: "" 135 | # password: "" 136 | configs: | 137 | - name: agent 138 | remote_write: 139 | - url: {{ .Values.config.prometheus.remoteWrite.url }} 140 | {{- if .Values.config.prometheus.remoteWrite.auth }} 141 | basic_auth: 142 | password: {{ .Values.config.prometheus.remoteWrite.auth.password }} 143 | username: {{ .Values.config.prometheus.remoteWrite.auth.username }} 144 | {{- end }} 145 | headers: 146 | X-Scope-OrgID: fake 147 | scrape_configs: 148 | - job_name: local_scrape 149 | static_configs: 150 | - targets: ['127.0.0.1:12345'] 151 | labels: 152 | cluster: 'docker_compose' 153 | container: 'agent' 154 | pod: 'grafana-agent-local' 155 | 156 | # Enables separation of ConfigMap for Agent expectations 157 | # Also enables Consul for hash ring 158 | scrapingServiceMode: 159 | enabled: false 160 | 161 | # Only deployed when scrapingServiceMode.enabled is true 162 | consul: 163 | client: 164 | enabled: false 165 | dns: 166 | enabled: false 167 | server: 168 | replica: 3 169 | ui: 170 | enabled: false 171 | nodeSelector: 172 | role: server 173 | -------------------------------------------------------------------------------- /charts/redis-ha/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | ci/ 25 | *.gotmpl 26 | -------------------------------------------------------------------------------- /charts/redis-ha/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: redis-ha 3 | home: http://redis.io/ 4 | keywords: 5 | - redis 6 | - keyvalue 7 | - database 8 | version: 4.33.7 9 | appVersion: 7.2.7 10 | description: This Helm chart provides a highly available Redis implementation with a master/slave configuration and uses Sentinel sidecars for failover management 11 | icon: https://upload.wikimedia.org/wikipedia/en/thumb/6/6b/Redis_Logo.svg/1200px-Redis_Logo.svg.png 12 | maintainers: 13 | - email: aaron.layfield@gmail.com 14 | name: dandydeveloper 15 | sources: 16 | - https://redis.io/download 17 | - https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha 18 | - https://github.com/oliver006/redis_exporter 19 | -------------------------------------------------------------------------------- /charts/redis-ha/README.md: -------------------------------------------------------------------------------- 1 | # Redis 2 | 3 | [Redis](http://redis.io/) is an advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs. 4 | 5 | ## TL;DR 6 | 7 | ```bash 8 | helm repo add dandydev https://dandydeveloper.github.io/charts 9 | helm install dandydev/redis-ha 10 | ``` 11 | 12 | By default this chart install 3 pods total: 13 | 14 | * one pod containing a redis master and sentinel container (optional prometheus metrics exporter sidecar available) 15 | * two pods each containing a redis slave and sentinel containers (optional prometheus metrics exporter sidecars available) 16 | 17 | ## Introduction 18 | 19 | This chart bootstraps a [Redis](https://redis.io) highly available master/slave statefulset in a [Kubernetes](http://kubernetes.io) cluster using the Helm package manager. 20 | 21 | ## Prerequisites 22 | 23 | * Kubernetes 1.8+ with Beta APIs enabled 24 | * PV provisioner support in the underlying infrastructure 25 | 26 | ## Upgrading the Chart 27 | 28 | Please note that there have been a number of changes simplifying the redis management strategy (for better failover and elections) in the 3.x version of this chart. These changes allow the use of official [redis](https://hub.docker.com/_/redis/) images that do not require special RBAC or ServiceAccount roles. As a result when upgrading from version >=2.0.1 to >=3.0.0 of this chart, `Role`, `RoleBinding`, and `ServiceAccount` resources should be deleted manually. 29 | 30 | ### Upgrading the chart from 3.x to 4.x 31 | 32 | Starting from version `4.x` HAProxy sidecar prometheus-exporter removed and replaced by the embedded [HAProxy metrics endpoint](https://github.com/haproxy/haproxy/tree/master/contrib/prometheus-exporter), as a result when upgrading from version 3.x to 4.x section `haproxy.exporter` should be removed and the `haproxy.metrics` need to be configured for fit your needs. 33 | 34 | ## Installing the Chart 35 | 36 | To install the chart 37 | 38 | ```bash 39 | helm repo add dandydev https://dandydeveloper.github.io/charts 40 | helm install dandydev/redis-ha 41 | ``` 42 | 43 | The command deploys Redis on the Kubernetes cluster in the default configuration. By default this chart install one master pod containing redis master container and sentinel container along with 2 redis slave pods each containing their own sentinel sidecars. The [configuration](#configuration) section lists the parameters that can be configured during installation. 44 | 45 | > **Tip**: List all releases using `helm list` 46 | 47 | ## Uninstalling the Chart 48 | 49 | To uninstall/delete the deployment: 50 | 51 | ```bash 52 | helm delete 53 | ``` 54 | 55 | The command removes all the Kubernetes components associated with the chart and deletes the release. 56 | 57 | ## Configuration 58 | 59 | The following table lists the configurable parameters of the Redis chart and their default values. 60 | 61 | ### General parameters 62 | 63 | | Parameter | Description | Type | Default | 64 | |-----|------|---------|-------------| 65 | | `additionalAffinities` | Additional affinities to add to the Redis server pods. # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity | object | `{}` | 66 | | `affinity` | Override all other affinity settings for the Redis server pods with a string. | string | `""` | 67 | | `auth` | Configures redis with AUTH (requirepass & masterauth conf params) | bool | `false` | 68 | | `authKey` | Defines the key holding the redis password in existing secret. | string | `"auth"` | 69 | | `configmap.labels` | Custom labels for the redis configmap | object | `{}` | 70 | | `configmapTest.image` | Image for redis-ha-configmap-test hook | object | `{"repository":"koalaman/shellcheck","tag":"v0.10.0"}` | 71 | | `configmapTest.image.repository` | Repository of the configmap shellcheck test image. | string | `"koalaman/shellcheck"` | 72 | | `configmapTest.image.tag` | Tag of the configmap shellcheck test image. | string | `"v0.10.0"` | 73 | | `configmapTest.resources` | Resources for the ConfigMap test pod | object | `{}` | 74 | | `containerSecurityContext` | Security context to be added to the Redis containers. | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsNonRoot":true,"runAsUser":1000,"seccompProfile":{"type":"RuntimeDefault"}}` | 75 | | `emptyDir` | Configuration of `emptyDir`, used only if persistentVolume is disabled and no hostPath specified | object | `{}` | 76 | | `existingSecret` | An existing secret containing a key defined by `authKey` that configures `requirepass` and `masterauth` in the conf parameters (Requires `auth: enabled`, cannot be used in conjunction with `.Values.redisPassword`) | string | `nil` | 77 | | `extraContainers` | Extra containers to include in StatefulSet | list | `[]` | 78 | | `extraInitContainers` | Extra init containers to include in StatefulSet | list | `[]` | 79 | | `extraLabels` | Labels added here are applied to all created resources | object | `{}` | 80 | | `extraVolumes` | Extra volumes to include in StatefulSet | list | `[]` | 81 | | `fullnameOverride` | Full name of the Redis HA Resources | string | `""` | 82 | | `global.compatibility` | Openshift compatibility options | object | `{"openshift":{"adaptSecurityContext":"auto"}}` | 83 | | `global.priorityClassName` | Default priority class for all components | string | `""` | 84 | | `hardAntiAffinity` | Whether the Redis server pods should be forced to run on separate nodes. # This is accomplished by setting their AntiAffinity with requiredDuringSchedulingIgnoredDuringExecution as opposed to preferred. # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity-beta-feature | bool | `true` | 85 | | `hostPath.chown` | if chown is true, an init-container with root permissions is launched to change the owner of the hostPath folder to the user defined in the security context | bool | `true` | 86 | | `hostPath.path` | Use this path on the host for data storage. path is evaluated as template so placeholders are replaced | string | `""` | 87 | | `image.pullPolicy` | Redis image pull policy | string | `"IfNotPresent"` | 88 | | `image.repository` | Redis image repository | string | `"public.ecr.aws/docker/library/redis"` | 89 | | `image.tag` | Redis image tag | string | `"7.2.7-alpine"` | 90 | | `imagePullSecrets` | Reference to one or more secrets to be used when pulling redis images | list | `[]` | 91 | | `init.resources` | Extra init resources | object | `{}` | 92 | | `labels` | Custom labels for the redis pod | object | `{}` | 93 | | `nameOverride` | Name override for Redis HA resources | string | `""` | 94 | | `networkPolicy.annotations` | Annotations for NetworkPolicy | object | `{}` | 95 | | `networkPolicy.egressRules` | user can define egress rules too, uses the same structure as ingressRules | list | `[{"ports":[{"port":53,"protocol":"UDP"},{"port":53,"protocol":"TCP"}],"selectors":[{"namespaceSelector":{}},{"ipBlock":{"cidr":"169.254.0.0/16"}}]}]` | 96 | | `networkPolicy.egressRules[0].selectors[0]` | Allow all destinations for DNS traffic | object | `{"namespaceSelector":{}}` | 97 | | `networkPolicy.enabled` | whether NetworkPolicy for Redis StatefulSets should be created. when enabled, inter-Redis connectivity is created | bool | `false` | 98 | | `networkPolicy.ingressRules` | User defined ingress rules that Redis should permit into. Uses the format defined in https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors | list | `[]` | 99 | | `networkPolicy.labels` | Labels for NetworkPolicy | object | `{}` | 100 | | `nodeSelector` | Node labels for pod assignment | object | `{}` | 101 | | `persistentVolume.accessModes` | Persistent volume access modes | list | `["ReadWriteOnce"]` | 102 | | `persistentVolume.annotations` | Annotations for the volume | object | `{}` | 103 | | `persistentVolume.enabled` | Enable persistent volume | bool | `true` | 104 | | `persistentVolume.labels` | Labels for the volume | object | `{}` | 105 | | `persistentVolume.size` | Persistent volume size | string | `"10Gi"` | 106 | | `persistentVolume.storageClass` | redis-ha data Persistent Volume Storage Class | string | `nil` | 107 | | `podDisruptionBudget` | Pod Disruption Budget rules | object | `{}` | 108 | | `podManagementPolicy` | The statefulset pod management policy | string | `"OrderedReady"` | 109 | | `priorityClassName` | Kubernetes priorityClass name for the redis-ha-server pod | string | `""` | 110 | | `rbac.create` | Create and use RBAC resources | bool | `true` | 111 | | `redis.annotations` | Annotations for the redis statefulset | object | `{}` | 112 | | `redis.authClients` | It is possible to disable client side certificates authentication when "authClients" is set to "no" | string | `""` | 113 | | `redis.config` | Any valid redis config options in this section will be applied to each server, For multi-value configs use list instead of string (for example loadmodule) (see below) | object | see values.yaml | 114 | | `redis.config.maxmemory` | Max memory to use for each redis instance. Default is unlimited. | string | `"0"` | 115 | | `redis.config.maxmemory-policy` | Max memory policy to use for each redis instance. Default is volatile-lru. | string | `"volatile-lru"` | 116 | | `redis.config.min-replicas-max-lag` | Value in seconds | int | `5` | 117 | | `redis.config.repl-diskless-sync` | When enabled, directly sends the RDB over the wire to slaves, without using the disk as intermediate storage. Default is false. | string | `"yes"` | 118 | | `redis.config.save` | Please note that local (on-disk) RDBs will still be created when re-syncing with a new slave. The only way to prevent this is to enable diskless replication. | string | `"900 1"` | 119 | | `redis.customArgs` | Allows overriding the redis container arguments | list | `[]` | 120 | | `redis.customCommand` | Allows overriding the redis container command | list | `[]` | 121 | | `redis.customConfig` | Allows for custom redis.conf files to be applied. If this is used then `redis.config` is ignored | string | `nil` | 122 | | `redis.disableCommands` | Array with commands to disable | list | `["FLUSHDB","FLUSHALL"]` | 123 | | `redis.envFrom` | Load environment variables from ConfigMap/Secret | list | `[]` | 124 | | `redis.extraVolumeMounts` | additional volumeMounts for Redis container | list | `[]` | 125 | | `redis.lifecycle` | Container Lifecycle Hooks for redis container Ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ | object | see values.yaml | 126 | | `redis.livenessProbe` | Liveness probe parameters for redis container | object | `{"enabled":true,"failureThreshold":5,"initialDelaySeconds":30,"periodSeconds":15,"successThreshold":1,"timeoutSeconds":15}` | 127 | | `redis.livenessProbe.enabled` | Enable the Liveness Probe | bool | `true` | 128 | | `redis.livenessProbe.failureThreshold` | Failure threshold for liveness probe | int | `5` | 129 | | `redis.livenessProbe.initialDelaySeconds` | Initial delay in seconds for liveness probe | int | `30` | 130 | | `redis.livenessProbe.periodSeconds` | Period in seconds after which liveness probe will be repeated | int | `15` | 131 | | `redis.livenessProbe.successThreshold` | Success threshold for liveness probe | int | `1` | 132 | | `redis.livenessProbe.timeoutSeconds` | Timeout seconds for liveness probe | int | `15` | 133 | | `redis.masterGroupName` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | string | `"mymaster"` | 134 | | `redis.port` | Port to access the redis service | int | `6379` | 135 | | `redis.readinessProbe` | Readiness probe parameters for redis container | object | `{"enabled":true,"failureThreshold":5,"initialDelaySeconds":30,"periodSeconds":15,"successThreshold":1,"timeoutSeconds":15}` | 136 | | `redis.readinessProbe.enabled` | Enable the Readiness Probe | bool | `true` | 137 | | `redis.readinessProbe.failureThreshold` | Failure threshold for readiness probe | int | `5` | 138 | | `redis.readinessProbe.initialDelaySeconds` | Initial delay in seconds for readiness probe | int | `30` | 139 | | `redis.readinessProbe.periodSeconds` | Period in seconds after which readiness probe will be repeated | int | `15` | 140 | | `redis.readinessProbe.successThreshold` | Success threshold for readiness probe | int | `1` | 141 | | `redis.readinessProbe.timeoutSeconds` | Timeout seconds for readiness probe | int | `15` | 142 | | `redis.resources` | CPU/Memory for master/slave nodes resource requests/limits | object | `{}` | 143 | | `redis.startupProbe` | Startup probe parameters for redis container | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":15}` | 144 | | `redis.startupProbe.enabled` | Enable Startup Probe | bool | `true` | 145 | | `redis.startupProbe.failureThreshold` | Failure threshold for startup probe | int | `3` | 146 | | `redis.startupProbe.initialDelaySeconds` | Initial delay in seconds for startup probe | int | `5` | 147 | | `redis.startupProbe.periodSeconds` | Period in seconds after which startup probe will be repeated | int | `10` | 148 | | `redis.startupProbe.successThreshold` | Success threshold for startup probe | int | `1` | 149 | | `redis.startupProbe.timeoutSeconds` | Timeout seconds for startup probe | int | `15` | 150 | | `redis.terminationGracePeriodSeconds` | Increase terminationGracePeriodSeconds to allow writing large RDB snapshots. (k8s default is 30s) ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-termination-forced | int | `60` | 151 | | `redis.tlsPort` | TLS Port to access the redis service | int | `nil` | 152 | | `redis.tlsReplication` | Configures redis with tls-replication parameter, if true sets "tls-replication yes" in redis.conf | bool | `nil` | 153 | | `redis.updateStrategy` | Update strategy for Redis StatefulSet # ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies | object | `{"type":"RollingUpdate"}` | 154 | | `redisPassword` | A password that configures a `requirepass` and `masterauth` in the conf parameters (Requires `auth: enabled`) | string | `nil` | 155 | | `replicas` | Number of redis master/slave | int | `3` | 156 | | `restore.existingSecret` | Set existingSecret to true to use secret specified in existingSecret above | bool | `false` | 157 | | `restore.s3.access_key` | Restore init container - AWS AWS_ACCESS_KEY_ID to access restore.s3.source | string | `""` | 158 | | `restore.s3.region` | Restore init container - AWS AWS_REGION to access restore.s3.source | string | `""` | 159 | | `restore.s3.secret_key` | Restore init container - AWS AWS_SECRET_ACCESS_KEY to access restore.s3.source | string | `""` | 160 | | `restore.s3.source` | Restore init container - AWS S3 location of dump - i.e. s3://bucket/dump.rdb or false | string | `""` | 161 | | `restore.ssh.key` | Restore init container - SSH private key to scp restore.ssh.source to init container. Key should be in one line separated with \n. i.e. `-----BEGIN RSA PRIVATE KEY-----\n...\n...\n-----END RSA PRIVATE KEY-----` | string | `""` | 162 | | `restore.ssh.source` | Restore init container - SSH scp location of dump - i.e. user@server:/path/dump.rdb or false | string | `""` | 163 | | `restore.timeout` | Timeout for the restore | int | `600` | 164 | | `ro_replicas` | Comma separated list of slaves which never get promoted to be master. Count starts with 0. Allowed values 1-9. i.e. 3,4 - 3th and 4th redis slave never make it to be master, where master is index 0. | string | `""` | 165 | | `schedulerName` | Use an alternate scheduler, e.g. "stork". ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ | string | `""` | 166 | | `securityContext` | Security context to be added to the Redis StatefulSet. | object | `{"fsGroup":1000,"runAsNonRoot":true,"runAsUser":1000}` | 167 | | `serviceAccount.annotations` | Annotations to be added to the service account for the redis statefulset | object | `{}` | 168 | | `serviceAccount.automountToken` | opt in/out of automounting API credentials into container. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ | bool | `true` | 169 | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | bool | `true` | 170 | | `serviceAccount.name` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the redis-ha.fullname template | string | `""` | 171 | | `serviceLabels` | Custom labels for redis service | object | `{}` | 172 | | `splitBrainDetection.interval` | Interval between redis sentinel and server split brain checks (in seconds) | int | `60` | 173 | | `splitBrainDetection.resources` | splitBrainDetection resources | object | `{}` | 174 | | `sysctlImage.command` | sysctlImage command to execute | list | `[]` | 175 | | `sysctlImage.enabled` | Enable an init container to modify Kernel settings | bool | `false` | 176 | | `sysctlImage.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | bool | `false` | 177 | | `sysctlImage.pullPolicy` | sysctlImage Init container pull policy | string | `"Always"` | 178 | | `sysctlImage.registry` | sysctlImage Init container registry | string | `"public.ecr.aws/docker/library"` | 179 | | `sysctlImage.repository` | sysctlImage Init container name | string | `"busybox"` | 180 | | `sysctlImage.resources` | sysctlImage resources | object | `{}` | 181 | | `sysctlImage.tag` | sysctlImage Init container tag | string | `"1.34.1"` | 182 | | `tls.caCertFile` | Name of CA certificate file | string | `"ca.crt"` | 183 | | `tls.certFile` | Name of certificate file | string | `"redis.crt"` | 184 | | `tls.dhParamsFile` | Name of Diffie-Hellman (DH) key exchange parameters file (Example: redis.dh) | string | `nil` | 185 | | `tls.keyFile` | Name of key file | string | `"redis.key"` | 186 | | `topologySpreadConstraints.enabled` | Enable topology spread constraints | bool | `false` | 187 | | `topologySpreadConstraints.maxSkew` | Max skew of pods tolerated | string | `""` | 188 | | `topologySpreadConstraints.topologyKey` | Topology key for spread constraints | string | `""` | 189 | | `topologySpreadConstraints.whenUnsatisfiable` | Enforcement policy, hard or soft | string | `""` | 190 | 191 | ### Redis Sentinel parameters 192 | 193 | | Parameter | Description | Type | Default | 194 | |-----|------|---------|-------------| 195 | | `sentinel.auth` | Enables or disables sentinel AUTH (Requires `sentinel.password` to be set) | bool | `false` | 196 | | `sentinel.authClients` | It is possible to disable client side certificates authentication when "authClients" is set to "no" | string | `""` | 197 | | `sentinel.authKey` | The key holding the sentinel password in an existing secret. | string | `"sentinel-password"` | 198 | | `sentinel.config` | Valid sentinel config options in this section will be applied as config options to each sentinel (see below) | object | see values.yaml | 199 | | `sentinel.customArgs` | | list | `[]` | 200 | | `sentinel.customCommand` | | list | `[]` | 201 | | `sentinel.customConfig` | Allows for custom sentinel.conf files to be applied. If this is used then `sentinel.config` is ignored | string | `""` | 202 | | `sentinel.existingSecret` | An existing secret containing a key defined by `sentinel.authKey` that configures `requirepass` in the conf parameters (Requires `sentinel.auth: enabled`, cannot be used in conjunction with `.Values.sentinel.password`) | string | `""` | 203 | | `sentinel.extraVolumeMounts` | additional volumeMounts for Sentinel container | list | `[]` | 204 | | `sentinel.lifecycle` | Container Lifecycle Hooks for sentinel container. Ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ | object | `{}` | 205 | | `sentinel.livenessProbe.enabled` | | bool | `true` | 206 | | `sentinel.livenessProbe.failureThreshold` | Failure threshold for liveness probe | int | `5` | 207 | | `sentinel.livenessProbe.initialDelaySeconds` | Initial delay in seconds for liveness probe | int | `30` | 208 | | `sentinel.livenessProbe.periodSeconds` | Period in seconds after which liveness probe will be repeated | int | `15` | 209 | | `sentinel.livenessProbe.successThreshold` | Success threshold for liveness probe | int | `1` | 210 | | `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for liveness probe | int | `15` | 211 | | `sentinel.password` | A password that configures a `requirepass` in the conf parameters (Requires `sentinel.auth: enabled`) | string | `nil` | 212 | | `sentinel.port` | Port to access the sentinel service | int | `26379` | 213 | | `sentinel.quorum` | Minimum number of nodes expected to be live. | int | `2` | 214 | | `sentinel.readinessProbe.enabled` | | bool | `true` | 215 | | `sentinel.readinessProbe.failureThreshold` | Failure threshold for readiness probe | int | `5` | 216 | | `sentinel.readinessProbe.initialDelaySeconds` | Initial delay in seconds for readiness probe | int | `30` | 217 | | `sentinel.readinessProbe.periodSeconds` | Period in seconds after which readiness probe will be repeated | int | `15` | 218 | | `sentinel.readinessProbe.successThreshold` | Success threshold for readiness probe | int | `3` | 219 | | `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readiness probe | int | `15` | 220 | | `sentinel.resources` | CPU/Memory for sentinel node resource requests/limits | object | `{}` | 221 | | `sentinel.startupProbe` | Startup probe parameters for redis container | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":15}` | 222 | | `sentinel.startupProbe.enabled` | Enable Startup Probe | bool | `true` | 223 | | `sentinel.startupProbe.failureThreshold` | Failure threshold for startup probe | int | `3` | 224 | | `sentinel.startupProbe.initialDelaySeconds` | Initial delay in seconds for startup probe | int | `5` | 225 | | `sentinel.startupProbe.periodSeconds` | Period in seconds after which startup probe will be repeated | int | `10` | 226 | | `sentinel.startupProbe.successThreshold` | Success threshold for startup probe | int | `1` | 227 | | `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startup probe | int | `15` | 228 | | `sentinel.tlsPort` | TLS Port to access the sentinel service | int | `nil` | 229 | | `sentinel.tlsReplication` | Configures sentinel with tls-replication parameter, if true sets "tls-replication yes" in sentinel.conf | bool | `nil` | 230 | 231 | ### HAProxy parameters 232 | 233 | | Parameter | Description | Type | Default | 234 | |-----|------|---------|-------------| 235 | | `haproxy.IPv6.enabled` | Enable HAProxy parameters to bind and consume IPv6 addresses. Enabled by default. | bool | `true` | 236 | | `haproxy.additionalAffinities` | Additional affinities to add to the haproxy pods. | object | `{}` | 237 | | `haproxy.affinity` | Override all other affinity settings for the haproxy pods with a string. | string | `""` | 238 | | `haproxy.annotations` | HAProxy template annotations | object | `{}` | 239 | | `haproxy.checkFall` | haproxy.cfg `check fall` setting | int | `1` | 240 | | `haproxy.checkInterval` | haproxy.cfg `check inter` setting | string | `"1s"` | 241 | | `haproxy.containerPort` | Modify HAProxy deployment container port | int | `6379` | 242 | | `haproxy.containerSecurityContext` | Security context to be added to the HAProxy containers. | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}` | 243 | | `haproxy.customConfig` | Allows for custom config-haproxy.cfg file to be applied. If this is used then default config will be overwriten | string | `nil` | 244 | | `haproxy.deploymentStrategy` | Deployment strategy for the haproxy deployment | object | `{"type":"RollingUpdate"}` | 245 | | `haproxy.emptyDir` | Configuration of `emptyDir` | object | `{}` | 246 | | `haproxy.enabled` | Enabled HAProxy LoadBalancing/Proxy | bool | `false` | 247 | | `haproxy.extraConfig` | Allows to place any additional configuration section to add to the default config-haproxy.cfg | string | `nil` | 248 | | `haproxy.hardAntiAffinity` | Whether the haproxy pods should be forced to run on separate nodes. | bool | `true` | 249 | | `haproxy.image.pullPolicy` | HAProxy Image PullPolicy | string | `"IfNotPresent"` | 250 | | `haproxy.image.repository` | HAProxy Image Repository | string | `"public.ecr.aws/docker/library/haproxy"` | 251 | | `haproxy.image.tag` | HAProxy Image Tag | string | `"2.9.4-alpine"` | 252 | | `haproxy.imagePullSecrets` | Reference to one or more secrets to be used when pulling images ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ | list | `[]` | 253 | | `haproxy.init.resources` | Extra init resources | object | `{}` | 254 | | `haproxy.labels` | Custom labels for the haproxy pod | object | `{}` | 255 | | `haproxy.lifecycle` | Container lifecycle hooks. Ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ | object | `{}` | 256 | | `haproxy.metrics.enabled` | HAProxy enable prometheus metric scraping | bool | `false` | 257 | | `haproxy.metrics.port` | HAProxy prometheus metrics scraping port | int | `9101` | 258 | | `haproxy.metrics.portName` | HAProxy metrics scraping port name | string | `"http-exporter-port"` | 259 | | `haproxy.metrics.scrapePath` | HAProxy prometheus metrics scraping path | string | `"/metrics"` | 260 | | `haproxy.metrics.serviceMonitor.disableAPICheck` | Disable API Check on ServiceMonitor | bool | `false` | 261 | | `haproxy.metrics.serviceMonitor.enabled` | When set true then use a ServiceMonitor to configure scraping | bool | `false` | 262 | | `haproxy.metrics.serviceMonitor.endpointAdditionalProperties` | Set additional properties for the ServiceMonitor endpoints such as relabeling, scrapeTimeout, tlsConfig, and more. | object | `{}` | 263 | | `haproxy.metrics.serviceMonitor.interval` | Set how frequently Prometheus should scrape (default is 30s) | string | `""` | 264 | | `haproxy.metrics.serviceMonitor.labels` | Set labels for the ServiceMonitor, use this to define your scrape label for Prometheus Operator | object | `{}` | 265 | | `haproxy.metrics.serviceMonitor.namespace` | Set the namespace the ServiceMonitor should be deployed | string | `.Release.Namespace` | 266 | | `haproxy.metrics.serviceMonitor.telemetryPath` | Set path to redis-exporter telemtery-path (default is /metrics) | string | `""` | 267 | | `haproxy.metrics.serviceMonitor.timeout` | Set timeout for scrape (default is 10s) | string | `""` | 268 | | `haproxy.networkPolicy.annotations` | Annotations for Haproxy NetworkPolicy | object | `{}` | 269 | | `haproxy.networkPolicy.egressRules` | user can define egress rules too, uses the same structure as ingressRules | list | `[]` | 270 | | `haproxy.networkPolicy.enabled` | whether NetworkPolicy for Haproxy should be created | bool | `false` | 271 | | `haproxy.networkPolicy.ingressRules` | user defined ingress rules that Haproxy should permit into. uses the format defined in https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors | list | `[]` | 272 | | `haproxy.networkPolicy.labels` | Labels for Haproxy NetworkPolicy | object | `{}` | 273 | | `haproxy.podDisruptionBudget` | Pod Disruption Budget ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ | object | `{}` | 274 | | `haproxy.priorityClassName` | Kubernetes priorityClass name for the haproxy pod | string | `""` | 275 | | `haproxy.readOnly` | Enable read-only redis-slaves | object | `{"enabled":false,"port":6380}` | 276 | | `haproxy.readOnly.enabled` | Enable if you want a dedicated port in haproxy for redis-slaves | bool | `false` | 277 | | `haproxy.readOnly.port` | Port for the read-only redis-slaves | int | `6380` | 278 | | `haproxy.replicas` | Number of HAProxy instances | int | `3` | 279 | | `haproxy.resources` | HAProxy resources | object | `{}` | 280 | | `haproxy.securityContext` | Security context to be added to the HAProxy deployment. | object | `{"fsGroup":99,"runAsNonRoot":true,"runAsUser":99}` | 281 | | `haproxy.service.annotations` | HAProxy service annotations | string | `nil` | 282 | | `haproxy.service.externalIPs` | HAProxy external IPs | object | `{}` | 283 | | `haproxy.service.externalTrafficPolicy` | HAProxy service externalTrafficPolicy value (haproxy.service.type must be LoadBalancer) | string | `nil` | 284 | | `haproxy.service.labels` | HAProxy service labels | object | `{}` | 285 | | `haproxy.service.loadBalancerIP` | HAProxy service loadbalancer IP | string | `nil` | 286 | | `haproxy.service.loadBalancerSourceRanges` | List of CIDR's allowed to connect to LoadBalancer | list | `[]` | 287 | | `haproxy.service.nodePort` | HAProxy service nodePort value (haproxy.service.type must be NodePort) | int | `nil` | 288 | | `haproxy.service.type` | HAProxy service type "ClusterIP", "LoadBalancer" or "NodePort" | string | `"ClusterIP"` | 289 | | `haproxy.serviceAccount.automountToken` | | bool | `false` | 290 | | `haproxy.serviceAccount.create` | Specifies whether a ServiceAccount should be created | bool | `true` | 291 | | `haproxy.serviceAccountName` | HAProxy serviceAccountName | string | `"redis-sa"` | 292 | | `haproxy.servicePort` | Modify HAProxy service port | int | `6379` | 293 | | `haproxy.stickyBalancing` | HAProxy sticky load balancing to Redis nodes. Helps with connections shutdown. | bool | `false` | 294 | | `haproxy.tests.resources` | Pod resources for the tests against HAProxy. | object | `{}` | 295 | | `haproxy.timeout.check` | haproxy.cfg `timeout check` setting | string | `"2s"` | 296 | | `haproxy.timeout.client` | haproxy.cfg `timeout client` setting | string | `"330s"` | 297 | | `haproxy.timeout.connect` | haproxy.cfg `timeout connect` setting | string | `"4s"` | 298 | | `haproxy.timeout.server` | haproxy.cfg `timeout server` setting | string | `"330s"` | 299 | | `haproxy.tls` | Enable TLS termination on HAproxy, This will create a volume mount | object | `{"certMountPath":"/tmp/","enabled":false,"keyName":null,"secretName":""}` | 300 | | `haproxy.tls.certMountPath` | Path to mount the secret that contains the certificates. haproxy | string | `"/tmp/"` | 301 | | `haproxy.tls.enabled` | If "true" this will enable TLS termination on haproxy | bool | `false` | 302 | | `haproxy.tls.keyName` | Key file name | string | `nil` | 303 | | `haproxy.tls.secretName` | Secret containing the .pem file | string | `""` | 304 | 305 | ### Prometheus exporter parameters 306 | 307 | | Parameter | Description | Type | Default | 308 | |-----|------|---------|-------------| 309 | | `exporter.address` | Address/Host for Redis instance. Exists to circumvent issues with IPv6 dns resolution that occurs on certain environments | string | `"localhost"` | 310 | | `exporter.enabled` | If `true`, the prometheus exporter sidecar is enabled | bool | `false` | 311 | | `exporter.extraArgs` | Additional args for redis exporter | object | `{}` | 312 | | `exporter.image` | Exporter image | string | `"oliver006/redis_exporter"` | 313 | | `exporter.livenessProbe.httpGet.path` | Exporter liveness probe httpGet path | string | `"/metrics"` | 314 | | `exporter.livenessProbe.httpGet.port` | Exporter liveness probe httpGet port | int | `9121` | 315 | | `exporter.livenessProbe.initialDelaySeconds` | Initial delay in seconds for liveness probe of exporter | int | `15` | 316 | | `exporter.livenessProbe.periodSeconds` | Period in seconds after which liveness probe will be repeated | int | `15` | 317 | | `exporter.livenessProbe.timeoutSeconds` | Timeout seconds for liveness probe of exporter | int | `3` | 318 | | `exporter.port` | Exporter port | int | `9121` | 319 | | `exporter.portName` | Exporter port name | string | `"exporter-port"` | 320 | | `exporter.pullPolicy` | Exporter image pullPolicy | string | `"IfNotPresent"` | 321 | | `exporter.readinessProbe.httpGet.path` | Exporter readiness probe httpGet path | string | `"/metrics"` | 322 | | `exporter.readinessProbe.httpGet.port` | Exporter readiness probe httpGet port | int | `9121` | 323 | | `exporter.readinessProbe.initialDelaySeconds` | Initial delay in seconds for readiness probe of exporter | int | `15` | 324 | | `exporter.readinessProbe.periodSeconds` | Period in seconds after which readiness probe will be repeated | int | `15` | 325 | | `exporter.readinessProbe.successThreshold` | Success threshold for readiness probe of exporter | int | `2` | 326 | | `exporter.readinessProbe.timeoutSeconds` | Timeout seconds for readiness probe of exporter | int | `3` | 327 | | `exporter.resources` | cpu/memory resource limits/requests | object | `{}` | 328 | | `exporter.scrapePath` | Exporter scrape path | string | `"/metrics"` | 329 | | `exporter.script` | A custom custom Lua script that will be mounted to exporter for collection of custom metrics. Creates a ConfigMap and sets env var `REDIS_EXPORTER_SCRIPT`. | string | `""` | 330 | | `exporter.serviceMonitor.disableAPICheck` | Disable API Check on ServiceMonitor | bool | `false` | 331 | | `exporter.serviceMonitor.enabled` | When set true then use a ServiceMonitor to configure scraping | bool | `false` | 332 | | `exporter.serviceMonitor.endpointAdditionalProperties` | Set additional properties for the ServiceMonitor endpoints such as relabeling, scrapeTimeout, tlsConfig, and more. | object | `{}` | 333 | | `exporter.serviceMonitor.interval` | Set how frequently Prometheus should scrape (default is 30s) | string | `""` | 334 | | `exporter.serviceMonitor.labels` | Set labels for the ServiceMonitor, use this to define your scrape label for Prometheus Operator | object | `{}` | 335 | | `exporter.serviceMonitor.namespace` | Set the namespace the ServiceMonitor should be deployed | string | `.Release.Namespace` | 336 | | `exporter.serviceMonitor.telemetryPath` | Set path to redis-exporter telemtery-path (default is /metrics) | string | `""` | 337 | | `exporter.serviceMonitor.timeout` | Set timeout for scrape (default is 10s) | string | `""` | 338 | | `exporter.tag` | Exporter image tag | string | `"v1.57.0"` | 339 | | `prometheusRule.additionalLabels` | Additional labels to be set in metadata. | object | `{}` | 340 | | `prometheusRule.enabled` | If true, creates a Prometheus Operator PrometheusRule. | bool | `false` | 341 | | `prometheusRule.interval` | How often rules in the group are evaluated (falls back to `global.evaluation_interval` if not set). | string | `"10s"` | 342 | | `prometheusRule.namespace` | Namespace which Prometheus is running in. | string | `nil` | 343 | | `prometheusRule.rules` | Rules spec template (see https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#rule). | list | `[]` | 344 | 345 | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, 346 | 347 | ```bash 348 | $ helm repo add dandydev https://dandydeveloper.github.io/charts 349 | $ helm install \ 350 | --set image=redis \ 351 | --set tag=5.0.5-alpine \ 352 | dandydev/redis-ha 353 | ``` 354 | 355 | The above command sets the Redis server within `default` namespace. 356 | 357 | Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, 358 | 359 | ```bash 360 | helm install -f values.yaml dandydev/redis-ha 361 | ``` 362 | 363 | > **Tip**: You can use the default [values.yaml](values.yaml) 364 | 365 | ## Custom Redis and Sentinel config options 366 | 367 | This chart allows for most redis or sentinel config options to be passed as a key value pair through the `values.yaml` under `redis.config` and `sentinel.config`. See links below for all available options. 368 | 369 | [Example redis.conf](http://download.redis.io/redis-stable/redis.conf) 370 | [Example sentinel.conf](http://download.redis.io/redis-stable/sentinel.conf) 371 | 372 | For example `repl-timeout 60` would be added to the `redis.config` section of the `values.yaml` as: 373 | 374 | ```yml 375 | repl-timeout: "60" 376 | ``` 377 | 378 | Note: 379 | 380 | 1. Some config options should be renamed by redis version,e.g.: 381 | 382 | ```yml 383 | # In redis 5.x,see https://raw.githubusercontent.com/antirez/redis/5.0/redis.conf 384 | min-replicas-to-write: 1 385 | min-replicas-max-lag: 5 386 | 387 | # In redis 4.x and redis 3.x,see https://raw.githubusercontent.com/antirez/redis/4.0/redis.conf and https://raw.githubusercontent.com/antirez/redis/3.0/redis.conf 388 | min-slaves-to-write 1 389 | min-slaves-max-lag 5 390 | ``` 391 | 392 | Sentinel options supported must be in the the `sentinel