├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yml └── workflows │ ├── helm-chart-releaser.yml │ └── tests.yaml ├── .gitignore ├── .helmignore ├── CONTRIBUTING.md ├── HISTORY.md ├── LICENSE ├── README.md └── charts └── zabbix ├── Chart.yaml ├── Makefile ├── README.md ├── README.md.gotmpl ├── artifacthub-pkg.yml ├── artifacthub-repo.yml ├── docs ├── README.md ├── example │ ├── README.md │ └── kind │ │ └── values.yaml └── requirements.md ├── templates ├── NOTES.txt ├── _helpers.tpl ├── clusterrole-binding.yaml ├── clusterrole.yaml ├── cronjob-hanodes-autoclean.yaml ├── daemonset-zabbix-agent.yaml ├── deployment-webdriver.yaml ├── deployment-zabbix-java-gateway.yaml ├── deployment-zabbix-server.yaml ├── deployment-zabbix-web.yaml ├── deployment-zabbix-webservice.yaml ├── extra-manifests.yaml ├── ingress.yaml ├── job-create-upgrade-db.yaml ├── role-ha-helper.yaml ├── rolebinding-ha-helper.yaml ├── secret-db-access.yaml ├── service.yaml ├── serviceaccount-ha-helper.yaml ├── serviceaccount.yaml ├── statefulset-postgresql.yaml ├── statefulset-zabbix-proxy.yaml └── tests │ ├── test-server-connection.yaml │ └── test-web-connection.yaml └── values.yaml /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | - @aeciopires @sa-ChristianAnton 2 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '[zabbix-community/zabbix] issue title' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | 16 | 17 | **Describe the bug** 18 | A clear and concise description of what the bug is. 19 | 20 | **Version of Helm and Kubernetes**: 21 | 22 | 23 | **What happened**: 24 | 25 | 26 | **What you expected to happen**: 27 | 28 | 29 | **How to reproduce it** (as minimally and precisely as possible): 30 | 31 | 32 | **Anything else we need to know**: 33 | 34 | 35 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '[zabbix-community/zabbix] issue title' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | 16 | 17 | **Is your feature request related to a problem? Please describe.** 18 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 19 | 20 | **Describe the solution you'd like** 21 | A clear and concise description of what you want to happen. 22 | 23 | **Describe alternatives you've considered** 24 | A clear and concise description of any alternative solutions or features you've considered. 25 | 26 | **Additional context** 27 | Add any other context or screenshots about the feature request here. 28 | 29 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 17 | 18 | #### What this PR does / why we need it: 19 | 20 | #### Which issue this PR fixes 21 | *(optional, in `fixes #(, fixes #, ...)` format, will close that issue when PR gets merged)* 22 | - fixes # 23 | 24 | #### Special notes for your reviewer: 25 | 26 | #### Checklist 27 | [Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.] 28 | - [ ] [DCO](https://github.com/zabbix-community/helm-zabbix/blob/main/CONTRIBUTING.md) signed 29 | - [ ] Variables are documented in values.yaml with [Helm-Docs](https://github.com/norwoodj/helm-docs) comments, as we build README.md using this utility 30 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: 2 3 | updates: 4 | - package-ecosystem: "github-actions" 5 | directory: "/" 6 | schedule: 7 | interval: "weekly" 8 | time: "09:00" 9 | timezone: "Europe/Berlin" 10 | -------------------------------------------------------------------------------- /.github/workflows/helm-chart-releaser.yml: -------------------------------------------------------------------------------- 1 | name: Release Charts 2 | 3 | # References: 4 | # https://blog.bradmccoy.io/linking-helm-charts-in-github-pages-to-artifacthub-46e02e19abfe 5 | # https://github.com/helm/chart-releaser-action 6 | # https://helm.sh/docs/howto/chart_releaser_action/ 7 | # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions 8 | 9 | on: 10 | push: 11 | # Sequence of patterns matched against refs/heads 12 | #branches: 13 | # - main 14 | # Sequence of patterns matched against refs/tags 15 | tags: 16 | - '*' 17 | 18 | jobs: 19 | release: 20 | # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions 21 | # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token 22 | permissions: 23 | contents: write 24 | runs-on: ubuntu-latest 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v4 28 | with: 29 | fetch-depth: 0 30 | 31 | - name: Configure Git 32 | run: | 33 | git config user.name "$GITHUB_ACTOR" 34 | git config user.email "$GITHUB_ACTOR@users.noreply.github.com" 35 | 36 | - name: Install Helm 37 | uses: azure/setup-helm@v3 38 | with: 39 | version: v3.13.2 40 | 41 | - name: Run chart-releaser 42 | uses: helm/chart-releaser-action@v1.7.0 43 | with: 44 | charts_dir: charts 45 | env: 46 | CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" 47 | -------------------------------------------------------------------------------- /.github/workflows/tests.yaml: -------------------------------------------------------------------------------- 1 | name: Helm Chart Linting and Tests 2 | 3 | on: 4 | workflow_dispatch: 5 | 6 | pull_request: 7 | branches: 8 | - main 9 | 10 | jobs: 11 | codespell: 12 | runs-on: ubuntu-latest 13 | steps: 14 | - name: Checkout Code 15 | uses: actions/checkout@v4 16 | with: 17 | fetch-depth: 0 18 | 19 | - name: Run code spelling check 20 | uses: codespell-project/actions-codespell@v2 21 | with: 22 | ignore_words_list: aks,NotIn 23 | 24 | 25 | test_intdb_noha_noextsecret: 26 | runs-on: ubuntu-latest 27 | needs: codespell 28 | env: 29 | COLUMN_OPTIONS: 'custom-columns="NAME:.metadata.name,READY:.status.containerStatuses[*].ready,STATUS:.status.phase,RESTARTS:.status.containerStatuses[*].restartCount,IP:.status.podIP,IMAGE:.spec.containers[*].image"' 30 | steps: 31 | - name: Checkout code 32 | uses: actions/checkout@v4 33 | 34 | - name: Set up Kind 35 | uses: helm/kind-action@v1 36 | 37 | - name: Install Helm 38 | run: | 39 | curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 40 | chmod +x get_helm.sh 41 | ./get_helm.sh 42 | 43 | - name: Create Namespace in Kind 44 | run: | 45 | kubectl create namespace zabbix 46 | 47 | - name: Run Helm install with default values (AppVersion) 48 | run: | 49 | helm install --wait --namespace zabbix zabbix ./charts/zabbix 50 | 51 | - name: Run helm test CURRENT LTS 52 | run: | 53 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 54 | helm test --namespace zabbix zabbix 55 | 56 | - name: Run helm uninstall 57 | run: | 58 | helm uninstall --wait zabbix --namespace zabbix 59 | kubectl delete secrets --all --namespace zabbix 60 | 61 | - name: Run Helm install with version 6.0 LTS 62 | run: | 63 | helm install --wait --namespace zabbix zabbix --set zabbixImageTag=ubuntu-6.0-latest ./charts/zabbix 64 | 65 | - name: Run helm test 6.0 66 | run: | 67 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 68 | helm test --namespace zabbix zabbix 69 | 70 | - name: Run Helm upgrade with default values (AppVersion) 71 | run: | 72 | helm upgrade --wait --namespace zabbix zabbix ./charts/zabbix 73 | 74 | - name: Run helm test CURRENT LTS 75 | run: | 76 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 77 | helm test --namespace zabbix zabbix 78 | 79 | - name: Run Helm upgrade with version 7.2 non-LTS 80 | run: | 81 | helm upgrade --wait --namespace zabbix zabbix --set zabbixImageTag=ubuntu-7.2-latest ./charts/zabbix 82 | 83 | - name: Run helm test 7.2 non-LTS 84 | run: | 85 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 86 | helm test --namespace zabbix zabbix 87 | 88 | 89 | test_extdb_ha_extsecret: 90 | runs-on: ubuntu-latest 91 | needs: codespell 92 | env: 93 | COLUMN_OPTIONS: 'custom-columns="NAME:.metadata.name,READY:.status.containerStatuses[*].ready,STATUS:.status.phase,RESTARTS:.status.containerStatuses[*].restartCount,IP:.status.podIP,IMAGE:.spec.containers[*].image"' 94 | VALUES_SET: '--set postgresAccess.existingSecretName=db-access --set postgresql.enabled=false --set zabbixServer.zabbixServerHA.enabled=true --set zabbixServer.replicaCount=2' 95 | steps: 96 | - name: Checkout code 97 | uses: actions/checkout@v4 98 | 99 | - name: Set up Kind 100 | uses: helm/kind-action@v1 101 | 102 | - name: Install Helm 103 | run: | 104 | curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 105 | chmod +x get_helm.sh 106 | ./get_helm.sh 107 | 108 | - name: Create Namespace in Kind 109 | run: | 110 | kubectl create namespace zabbix 111 | 112 | - name: Create simple postgresql database for testing 113 | run: | 114 | kubectl --namespace zabbix run postgres --image=postgres:16 --env="POSTGRES_PASSWORD=zabbix123" --env="POSTGRES_DB=zabbix" --env="POSTGRES_USER=zabbix" --port=5432 115 | kubectl --namespace zabbix wait --for=condition=ready pod -l run=postgres --timeout=60s 116 | kubectl --namespace zabbix expose pod postgres 117 | 118 | - name: Create postgres secret (existingSecret) 119 | run: | 120 | kubectl --namespace zabbix create secret generic db-access --from-literal host=postgres --from-literal port=5432 --from-literal user=zabbix --from-literal password=zabbix123 --from-literal dbname=zabbix 121 | 122 | - name: Run Helm install with HA and external DB (AppVersion) 123 | run: | 124 | helm install --wait --namespace zabbix zabbix ${{ env.VALUES_SET }} ./charts/zabbix 125 | 126 | - name: Run helm test CURRENT LTS 127 | run: | 128 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 129 | helm test --namespace zabbix zabbix 130 | 131 | - name: Run helm uninstall and reset database 132 | run: | 133 | helm uninstall --wait zabbix --namespace zabbix 134 | kubectl --namespace zabbix delete pod postgres 135 | kubectl --namespace zabbix wait --for=delete pod -l run=postgres --timeout=60s 136 | kubectl --namespace zabbix run postgres --image=postgres:16 --env="POSTGRES_PASSWORD=zabbix123" --env="POSTGRES_DB=zabbix" --env="POSTGRES_USER=zabbix" --port=5432 137 | kubectl --namespace zabbix wait --for=condition=ready pod -l run=postgres --timeout=60s 138 | 139 | - name: Run Helm install with version 6.0 LTS 140 | run: | 141 | helm install --wait --namespace zabbix zabbix --set zabbixImageTag=ubuntu-6.0-latest ${{ env.VALUES_SET }} ./charts/zabbix 142 | 143 | - name: Run helm test 6.0 144 | run: | 145 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 146 | helm test --namespace zabbix zabbix 147 | 148 | - name: Run Helm upgrade with custom values (AppVersion) 149 | run: | 150 | helm upgrade --wait --namespace zabbix zabbix ${{ env.VALUES_SET }} ./charts/zabbix 151 | 152 | - name: Run helm test CURRENT LTS 153 | run: | 154 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 155 | helm test --namespace zabbix zabbix 156 | 157 | - name: Run Helm upgrade with version 7.2 non-LTS 158 | run: | 159 | helm upgrade --wait --namespace zabbix zabbix --set zabbixImageTag=ubuntu-7.2-latest ${{ env.VALUES_SET }} ./charts/zabbix 160 | 161 | - name: Run helm test 7.2 non-LTS 162 | run: | 163 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 164 | helm test --namespace zabbix zabbix 165 | 166 | 167 | test_extdb_ha_noextsecret: 168 | runs-on: ubuntu-latest 169 | needs: codespell 170 | env: 171 | COLUMN_OPTIONS: 'custom-columns="NAME:.metadata.name,READY:.status.containerStatuses[*].ready,STATUS:.status.phase,RESTARTS:.status.containerStatuses[*].restartCount,IP:.status.podIP,IMAGE:.spec.containers[*].image"' 172 | VALUES_SET: '--set postgresql.enabled=false --set zabbixServer.zabbixServerHA.enabled=true --set zabbixServer.replicaCount=1 --set postgresAccess.host=postgres --set postgresAccess.password=zabbix123' 173 | steps: 174 | - name: Checkout code 175 | uses: actions/checkout@v4 176 | 177 | - name: Set up Kind 178 | uses: helm/kind-action@v1 179 | 180 | - name: Install Helm 181 | run: | 182 | curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 183 | chmod +x get_helm.sh 184 | ./get_helm.sh 185 | 186 | - name: Create Namespace in Kind 187 | run: | 188 | kubectl create namespace zabbix 189 | 190 | - name: Create simple postgresql database for testing 191 | run: | 192 | kubectl --namespace zabbix run postgres --image=postgres:16 --env="POSTGRES_PASSWORD=zabbix123" --env="POSTGRES_DB=zabbix" --env="POSTGRES_USER=zabbix" --port=5432 193 | kubectl --namespace zabbix wait --for=condition=ready pod -l run=postgres --timeout=60s 194 | kubectl --namespace zabbix expose pod postgres 195 | 196 | - name: Run Helm install with HA and external DB (AppVersion) 197 | run: | 198 | helm install --wait --namespace zabbix zabbix ${{ env.VALUES_SET }} ./charts/zabbix 199 | 200 | - name: Run helm test CURRENT LTS 201 | run: | 202 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 203 | helm test --namespace zabbix zabbix 204 | 205 | - name: Run helm uninstall and reset database 206 | run: | 207 | helm uninstall --wait zabbix --namespace zabbix 208 | kubectl --namespace zabbix delete pod postgres 209 | kubectl --namespace zabbix wait --for=delete pod -l run=postgres --timeout=60s 210 | kubectl --namespace zabbix run postgres --image=postgres:16 --env="POSTGRES_PASSWORD=zabbix123" --env="POSTGRES_DB=zabbix" --env="POSTGRES_USER=zabbix" --port=5432 211 | kubectl --namespace zabbix wait --for=condition=ready pod -l run=postgres --timeout=60s 212 | 213 | - name: Run Helm install with version 6.0 LTS 214 | run: | 215 | helm install --wait --namespace zabbix zabbix --set zabbixImageTag=ubuntu-6.0-latest ${{ env.VALUES_SET }} ./charts/zabbix 216 | 217 | - name: Run helm test 6.0 218 | run: | 219 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 220 | helm test --namespace zabbix zabbix 221 | 222 | - name: Run Helm upgrade with custom values (AppVersion) 223 | run: | 224 | helm upgrade --wait --namespace zabbix zabbix ${{ env.VALUES_SET }} ./charts/zabbix 225 | 226 | - name: Run helm test CURRENT LTS 227 | run: | 228 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 229 | helm test --namespace zabbix zabbix 230 | 231 | - name: Run Helm upgrade with version 7.2 non-LTS 232 | run: | 233 | helm upgrade --wait --namespace zabbix zabbix --set zabbixImageTag=ubuntu-7.2-latest ${{ env.VALUES_SET }} ./charts/zabbix 234 | 235 | - name: Run helm test 7.2 non-LTS 236 | run: | 237 | kubectl --namespace zabbix get pods -o ${{ env.COLUMN_OPTIONS }} 238 | helm test --namespace zabbix zabbix 239 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Helm Charts dependencies 2 | *.lock 3 | 4 | .DS_Store 5 | 6 | .idea 7 | 8 | .vscode 9 | -------------------------------------------------------------------------------- /.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | 6 | # Common VCS dirs 7 | .git/ 8 | .gitignore 9 | .github/ 10 | .bzr/ 11 | .bzrignore 12 | .hg/ 13 | .hgignore 14 | .svn/ 15 | 16 | # Common backup files 17 | *.swp 18 | *.bak 19 | *.tmp 20 | *~ 21 | 22 | # Various IDEs 23 | .project 24 | .idea/ 25 | *.tmproj 26 | 27 | docs/ 28 | 29 | # Makefile and other stuff 30 | Makefile 31 | CONTRIBUTING.md 32 | README.md.gotmpl 33 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | - [Contributing](#contributing) 4 | - [For code mainteners only](#for-code-mainteners-only) 5 | - [About Visual Code (VSCode)](#about-visual-code-vscode) 6 | 7 | 8 | 9 | # Contributing 10 | 11 | - Configure authentication on your Github account to use the SSH protocol instead of HTTP. Watch this tutorial to learn how to set up: https://help.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account 12 | - Have the ``make`` and ``docker`` commands installed on your system. With this, you don't need the below mentioned ``helm`` and use containers for the needed steps instead. See this [tutorial](charts/zabbix/docs/requirements.md). 13 | - Create a fork this repository. 14 | - Clone the forked repository to your local system: 15 | 16 | ```bash 17 | git clone FORKED_REPOSITORY 18 | ``` 19 | 20 | - Add the address for the remote original repository: 21 | 22 | ```bash 23 | git remote -v 24 | git remote add upstream git@github.com:zabbix-community/helm-zabbix.git 25 | git remote -v 26 | ``` 27 | 28 | - Create a branch. Example: 29 | 30 | ```bash 31 | git checkout -b BRANCH_NAME 32 | ``` 33 | 34 | - Make sure you are on the correct branch using the following command. The branch in use contains the '*' before the name. 35 | 36 | ```bash 37 | git branch 38 | ``` 39 | 40 | - Make your changes and tests to the new branch. 41 | - Keep the ``charts/zabbix/values.yaml`` file updated with working default values ​​in case any variables are referenced in the helm chart template files 42 | - Verify your changes do not introduce syntactical/semantic errors: 43 | - Do NOT change ``version`` in ``charts/zabbix/chart.yaml`` nor in ``charts/zabbix/artifacthub-pkg.yml``, as this is now part of the release process issued by the code owners 44 | - Make any changes you want in ``charts/zabbix/README.md`` in ``charts/zabbix/README.md.gotmpl``, out of which ``charts/zabbix/README.md`` will be generated using ``helm-docs`` during the version release process by the code owners 45 | 46 | Method to check for syntactical/semantic errors using ``make`` and ``docker``: 47 | 48 | ```bash 49 | cd charts/zabbix 50 | make lint 51 | ``` 52 | 53 | - Method using locally installed ``helm`` command: 54 | 55 | ```bash 56 | cd charts/zabbix 57 | helm lint . 58 | ``` 59 | 60 | - Commit the changes to the branch. 61 | - Push files to repository remote with command: 62 | 63 | ```bash 64 | git push --set-upstream origin BRANCH_NAME 65 | ``` 66 | 67 | - Create Pull Request (PR) to the `main` branch. See this [tutorial](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork) 68 | - Update the content with the suggestions of the reviewer (if necessary). 69 | - After your pull request is merged to the `main` branch, update your local clone: 70 | 71 | ```bash 72 | git checkout main 73 | git pull upstream main 74 | ``` 75 | 76 | - Clean up after your pull request is merged with command: 77 | 78 | ```bash 79 | git branch -d BRANCH_NAME 80 | ``` 81 | 82 | - Then you can update the ``main`` branch in your forked repository. 83 | 84 | ```bash 85 | git push origin main 86 | ``` 87 | 88 | - And push the deletion of the feature branch to your GitHub repository with command: 89 | 90 | ```bash 91 | git push --delete origin BRANCH_NAME 92 | ``` 93 | 94 | - To keep your fork in sync with the original repository, use these commands: 95 | 96 | ```bash 97 | git pull upstream main 98 | git pull upstream main --tags 99 | 100 | git push origin main 101 | git push origin main --tags 102 | ``` 103 | 104 | References: 105 | 106 | - https://blog.scottlowe.org/2015/01/27/using-fork-branch-git-workflow/ 107 | 108 | ## For code mainteners only 109 | 110 | To generate a new release of the helm chart, follow these instructions: 111 | 112 | - Review and merge the opened PRs 113 | - Run local tests 114 | - Create a branch. Example: 115 | 116 | ```bash 117 | git checkout -b BRANCH_NAME 118 | ``` 119 | 120 | Make sure you are on the correct branch using the following command. The branch in use will show with a '*' before the name. 121 | 122 | ```bash 123 | git branch 124 | ``` 125 | 126 | - Make your changes and tests to the new branch 127 | - Verify the syntax errors using the follow commands: 128 | 129 | ```bash 130 | cd charts/zabbix 131 | make lint 132 | ``` 133 | 134 | - Analyse the changes of the PRs merged and set a new release using the follow approach: 135 | 136 | A **major** version" should be the "dot-release". Example: *6.0.2* -> *6.1.0* is be a **major release update**. Users have to check whether they have to modify their values.yaml, and we need to write a short explanation of what has changed in the ``chart/zabbix/README.md.gotmpl``. 137 | 138 | A **minor** is the "dot-dot" release. Example: *6.0.2* -> *6.0.3* is **minor upgrade**, no changes in any APIs, interfaces etc. should be necessary. 139 | 140 | - Change the ``version`` and ``appVersion`` parameters (helm chart and Zabbix version, respectively) in ``charts/zabbix/Chart.yaml`` and ``charts/zabbix/artifacthub-pkg.yml`` files. 141 | - Change the ``zabbixImageTag`` value (Zabbix version) in ``charts/zabbix/values.yaml`` file. 142 | - Change the ``createdAt`` parameter in ``charts/zabbix/artifacthub-pkg.yml`` file using the output of the command ``date +%Y-%m-%dT%TZ`` command. 143 | - Change the ``ZABBIX_CHART_VERSION`` variable in ``charts/zabbix/artifacthub-pkg.yml`` file. 144 | - Run the following commands to update the documentation of the helm chart. 145 | 146 | ```bash 147 | cd charts/zabbix 148 | make gen-docs 149 | ``` 150 | 151 | - Commit the changes to the branch. 152 | - Push files to repository remote with command: 153 | 154 | ```bash 155 | git push --set-upstream origin BRANCH_NAME 156 | ``` 157 | 158 | - Create Pull Request (PR) to the main branch. See this [tutorial](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork) 159 | - Update the content with the suggestions of the reviewer (if necessary). 160 | - After your pull request is merged to the main branch, update your local clone: 161 | 162 | ```bash 163 | git checkout main 164 | git pull upstream main 165 | ``` 166 | 167 | - Clean up after your pull request is merged with command: 168 | 169 | ```bash 170 | git branch -d BRANCH_NAME 171 | ``` 172 | 173 | Then you can update the main branch in your forked repository. 174 | 175 | ```bash 176 | git push origin main 177 | ``` 178 | 179 | And push the deletion of the feature branch to your GitHub repository with command: 180 | 181 | ```bash 182 | git push --delete origin BRANCH_NAME 183 | ``` 184 | 185 | - Create a new tag to generate a new release of the helm chart using the following commands: 186 | 187 | ```bash 188 | git tag -a 7.0.7 -m "New release" #example 189 | git push upstream --tags 190 | ``` 191 | 192 | - The before commands will start the pipeline and will generate a new release and tag in standard ``zabbix-7.0.1``. 193 | - To keep your fork in sync with the original repository, use these commands: 194 | 195 | ```bash 196 | git pull upstream main 197 | git pull upstream main --tags 198 | 199 | git push origin main 200 | git push origin main --tags 201 | ``` 202 | 203 | - After this, edit and adjust the text generated automatically for new release and adjust the release notes follow the examples the other releases published in https://github.com/zabbix-community/helm-zabbix/releases 204 | 205 | References: 206 | 207 | - https://blog.scottlowe.org/2015/01/27/using-fork-branch-git-workflow/ 208 | 209 | # About Visual Code (VSCode) 210 | 211 | Use a IDE (Integrated Development Environment) or text editor of your choice. By default, the use of VSCode is recommended. 212 | 213 | VSCode (https://code.visualstudio.com), combined with the following plugins, helps the editing/review process, mainly allowing the preview of the content before the commit, analyzing the Markdown syntax and generating the automatic summary, as the section titles are created/changed. 214 | 215 | Plugins to Visual Code: 216 | 217 | - docker: https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-docker (require docker-ce package) 218 | - gitlens: https://marketplace.visualstudio.com/items?itemName=eamodio.gitlens (require git package) 219 | - gotemplate-syntax: https://marketplace.visualstudio.com/items?itemName=casualjim.gotemplate 220 | - Markdown-all-in-one: https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one 221 | - Markdown-lint: https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint 222 | - Markdown-toc: https://marketplace.visualstudio.com/items?itemName=AlanWalk.markdown-toc 223 | - shellcheck: https://marketplace.visualstudio.com/items?itemName=timonwong.shellcheck (require shellcheck package) 224 | - YAML: https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml 225 | - Helm Intellisense: https://marketplace.visualstudio.com/items?itemName=Tim-Koehler.helm-intellisense 226 | 227 | Theme for VSCode: 228 | 229 | - https://code.visualstudio.com/docs/getstarted/themes 230 | - https://dev.to/thegeoffstevens/50-vs-code-themes-for-2020-45cc 231 | - https://vscodethemes.com/ 232 | -------------------------------------------------------------------------------- /HISTORY.md: -------------------------------------------------------------------------------- 1 | # History 2 | 3 | This is the new home of the Zabbix helm chart. It is a fork from the [cetic/helm-zabbix](https://github.com/cetic/helm-zabbix). 4 | 5 | In this [issue](https://github.com/cetic/helm-zabbix/issues/68) it was agreed with [Sebastien Dupont](https://github.com/banzothat) that the repository would get a new home. 6 | 7 | We are grateful to [Cetic](https://www.cetic.be/) for making the infrastructure available on CircleCI to host the helm chart from the start. Now, the new versions will be hosted on Github. 8 | 9 | We are very grateful to [Alexandre Nuttinck](https://github.com/alexnuttinck) and [Amen Ayadi](https://github.com/AyadiAmen), who were the first developers of the helm chart and who worked at Cetic. Your dedication and effort made it possible to install Zabbix on a Kubernetes cluster. 10 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Helm Zabbix 2 | 3 | [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) ![Release Charts](https://github.com/zabbix-community/helm-zabbix/workflows/Release%20Charts/badge.svg?branch=main) [![Releases downloads](https://img.shields.io/github/downloads/zabbix-community/helm-zabbix/total.svg)](https://github.com/zabbix-community/helm-zabbix/releases) 4 | 5 | 6 | 7 | - [Helm Zabbix](#helm-zabbix) 8 | - [About this chart](#about-this-chart) 9 | - [Contributing](#contributing) 10 | - [Examples](#examples) 11 | - [Important links](#important-links) 12 | - [Related to this helm chart](#related-to-this-helm-chart) 13 | - [Related to Zabbix](#related-to-zabbix) 14 | - [Contributors](#contributors) 15 | - [Maintainers](#maintainers) 16 | - [History](#history) 17 | - [License](#license) 18 | 19 | 20 | 21 | ## About this chart 22 | 23 | See the [charts/zabbix/README.md](charts/zabbix/README.md) file to learn more about this helm chart or access [Artifact Hub](https://artifacthub.io/packages/helm/zabbix-community/zabbix). 24 | 25 | > This Helm chart installs [Zabbix](https://www.zabbix.com) in a Kubernetes cluster. It supports only Postgresql/TimescaleDB as a database backend at this point in time, without any plans to extend database support towards MySQL, MariaDB, etc. Also, this Helm Chart supports [Zabbix Server High Availability](charts/zabbix/#native-zabbix-server-high-availability) 26 | 27 | ## Contributing 28 | 29 | See the [CONTRIBUTING.md](CONTRIBUTING.md) file to learn how to contribute to this helm chart. 30 | 31 | ## Examples 32 | 33 | See the [charts/zabbix/docs/example/README.md](charts/zabbix/docs/example/README.md/README.md) file to install this helm chart in [kind](https://kind.sigs.k8s.io) cluster. 34 | 35 | ## Important links 36 | 37 | ### Related to this helm chart 38 | 39 | - Open issue, bug or feature request: https://github.com/zabbix-community/helm-zabbix/issues 40 | - Ask help: https://github.com/zabbix-community/helm-zabbix/discussions 41 | - Releases and Changelog: https://github.com/zabbix-community/helm-zabbix/releases 42 | - Artifact Hub: https://artifacthub.io/packages/helm/zabbix-community/zabbix 43 | - Closed issues: https://github.com/zabbix-community/helm-zabbix/issues?q=is%3Aissue+is%3Aclosed 44 | - Closed PRs: https://github.com/zabbix-community/helm-zabbix/pulls?q=is%3Apr+is%3Aclosed 45 | - Download statistics: https://tooomm.github.io/github-release-stats/?username=zabbix-community&repository=helm-zabbix 46 | - Presentations: 47 | - Video: [Install and operate Zabbix in Kubernetes and OpenShift by Christian Anton / Zabbix Summit 2022](https://youtu.be/NU3FsXQp_rE?si=LjXsxjjrZd_VDEDU&t=150) 48 | - Slides: [Install and operate Zabbix in Kubernetes and OpenShift by Christian Anton / Zabbix Summit 2022](https://assets.zabbix.com/files/events/2022/zabbix_summit_2022/Christian_Anton_Install_and_operate_Zabbix_in_Kubernetes_and_OpenShift.pdf) 49 | 50 | ### Related to Zabbix 51 | 52 | - Official page: https://www.zabbix.com 53 | - Documentation: https://www.zabbix.com/manuals 54 | - Community support: https://www.zabbix.com/forum 55 | - Open issues: https://support.zabbix.com/projects/ZBX/issues/ZBX-25876?filter=allopenissues 56 | - Open feature requests: https://support.zabbix.com/projects/ZBXNEXT/issues/ZBXNEXT-8875?filter=allopenissues 57 | 58 | ## Contributors 59 | 60 | 61 | 62 | 63 | 64 | Made with [contributors-img](https://contrib.rocks). 65 | 66 | 67 | 68 | ### Maintainers 69 | 70 | - [Aecio dos Santos Pires](https://www.linkedin.com/in/aeciopires/) 71 | - [Christian Anton](https://www.linkedin.com/in/christiananton1/) 72 | 73 | ## History 74 | 75 | See the [HISTORY.md](HISTORY.md) file. 76 | 77 | ## License 78 | 79 | [Apache 2.0 License](https://github.com/zabbix-community/helm-zabbix/blob/main/LICENSE). 80 | -------------------------------------------------------------------------------- /charts/zabbix/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 # Don't change this 3 | name: zabbix 4 | version: 7.0.7 # helm chart version 5 | # LTS Zabbix version by default due to stability. See: https://www.zabbix.com/life_cycle_and_release_policy 6 | appVersion: 7.0.13 # zabbix version 7 | description: Zabbix is a mature and effortless enterprise-class open source monitoring solution for network monitoring and application monitoring of millions of metrics. 8 | keywords: 9 | - zabbix 10 | - monitoring 11 | - metrics 12 | - kubernetes 13 | - helm 14 | home: https://www.zabbix.com 15 | icon: https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png 16 | sources: 17 | - https://github.com/zabbix-community/helm-zabbix 18 | maintainers: 19 | - name: Aecio Pires 20 | email: aeciopires@yahoo.com.br 21 | url: https://github.com/aeciopires 22 | - name: Christian Anton 23 | email: christian.anton@inqbeo.de 24 | url: https://inqbeo.de 25 | -------------------------------------------------------------------------------- /charts/zabbix/Makefile: -------------------------------------------------------------------------------- 1 | #--------------------------- 2 | #--------------------------- 3 | # VARIABLES 4 | #--------------------------- 5 | #--------------------------- 6 | 7 | URL=https://github.com/zabbix-community/helm-zabbix/ 8 | HELM_IMAGE=alpine/helm:3.18.0 9 | HELM_DOCS_IMAGE=jnorwood/helm-docs:v1.14.2 10 | KNOWN_TARGETS=helm 11 | 12 | #---------------------------------------------------------------------------------------------------------- 13 | 14 | 15 | 16 | 17 | #--------------------------- 18 | #--------------------------- 19 | # MAIN 20 | #--------------------------- 21 | #--------------------------- 22 | 23 | # References 24 | # https://ryanstutorials.net/bash-scripting-tutorial/bash-input.php 25 | # https://stackoverflow.com/questions/3743793/makefile-why-is-the-read-command-not-reading-the-user-input 26 | # https://stackoverflow.com/questions/60147129/interactive-input-of-a-makefile-variable 27 | # https://makefiletutorial.com/ 28 | # https://stackoverflow.com/questions/589276/how-can-i-use-bash-syntax-in-makefile-targets 29 | # https://til.hashrocket.com/posts/k3kjqxtppx-escape-dollar-sign-on-makefiles 30 | # https://stackoverflow.com/questions/5618615/check-if-a-program-exists-from-a-makefile 31 | 32 | 33 | 34 | # Check requirements 35 | requirements: 36 | REQUIRED_PACKAGES := docker 37 | $(foreach package,$(REQUIRED_PACKAGES),\ 38 | $(if $(shell command -v $(package) 2> /dev/null),$(info Found `$(package)`),$(error Please install `$(package)`))) 39 | 40 | 41 | # Run helm subcommands 42 | helm: 43 | make requirements 44 | 45 | docker run --rm --name helm-exec \ 46 | --user $(shell id -u):$(shell id -g) \ 47 | --mount type=bind,src="$(shell pwd)",dst=/helm-chart \ 48 | -w /helm-chart \ 49 | -e HELM_CACHE_HOME=/helm-chart/.helm/cache \ 50 | -e HELM_CONFIG_HOME=/helm-chart/.helm/config \ 51 | -e HELM_DATA_HOME=/helm-chart/.helm/data \ 52 | $(HELM_IMAGE) \ 53 | $(CMD) 54 | 55 | # Run linter for helm chart 56 | lint: 57 | make requirements 58 | 59 | CMD="lint ." $(MAKE) helm 60 | 61 | # Package chart into zip file 62 | package: 63 | make requirements 64 | 65 | CMD="package . -d packages" $(MAKE) helm 66 | 67 | # Update documentation of helm chart 68 | gen-docs: 69 | make requirements 70 | 71 | docker run --rm --name helm-docs \ 72 | --user $(shell id -u):$(shell id -g) \ 73 | --mount type=bind,src="$(shell pwd)",dst=/helm-chart \ 74 | -w /helm-chart \ 75 | $(HELM_DOCS_IMAGE) \ 76 | helm-docs 77 | -------------------------------------------------------------------------------- /charts/zabbix/README.md.gotmpl: -------------------------------------------------------------------------------- 1 | # Helm chart for Zabbix 2 | 3 | [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) {{ template "chart.versionBadge" . }} [![Downloads](https://img.shields.io/github/downloads/zabbix-community/helm-zabbix/total?label=Downloads%20All%20Releases 4 | )](https://tooomm.github.io/github-release-stats/?username=zabbix-community&repository=helm-zabbix) 5 | 6 | 7 | {{ template "chart.description" . }} 8 | 9 | This Helm chart installs [Zabbix](https://www.zabbix.com) in a Kubernetes cluster. It supports only Postgresql/TimescaleDB as a database backend at this point in time, without any plans to extend database support towards MySQL, MariaDB, etc. Also, this Helm Chart supports [Zabbix Server High Availability](#native-zabbix-server-high-availability) 10 | 11 | # Table of Contents 12 | 13 | 14 | - [Helm chart for Zabbix](#helm-chart-for-zabbix) 15 | - [Table of Contents](#table-of-contents) 16 | - [Prerequisites](#prerequisites) 17 | - [Installation](#installation) 18 | - [How to access Zabbix](#how-to-access-zabbix) 19 | - [Troubleshooting](#troubleshooting) 20 | - [Uninstallation](#uninstallation) 21 | - [Breaking changes of this helm chart](#breaking-changes-of-this-helm-chart) 22 | - [Version 7.0.0](#version-700) 23 | - [Version 6.1.0](#version-610) 24 | - [Version 6.0.0](#version-600) 25 | - [Version 5.0.0](#version-500) 26 | - [Version 4.0.0](#version-400) 27 | - [Version 3.0.0](#version-300) 28 | - [Version 2.0.0](#version-200) 29 | - [Version 1.0.0](#version-100) 30 | - [Zabbix components](#zabbix-components) 31 | - [Zabbix Server](#zabbix-server) 32 | - [Zabbix Agent](#zabbix-agent) 33 | - [Zabbix Web (frontend)](#zabbix-web-frontend) 34 | - [Zabbix Web Service](#zabbix-web-service) 35 | - [Zabbix Proxy](#zabbix-proxy) 36 | - [PostgreSQL](#postgresql) 37 | - [Thanks](#thanks) 38 | - [License](#license) 39 | - [Configuration](#configuration) 40 | - [Helm Values](#helm-values) 41 | - [Database access settings](#database-access-settings) 42 | - [Postgresql database](#postgresql-database) 43 | - [Native Zabbix Server High Availability](#native-zabbix-server-high-availability) 44 | - [Expose Zabbix service](#expose-zabbix-service) 45 | - [Multiple replicas for Zabbix Proxy statefulset](#multiple-replicas-for-zabbix-proxy-statefulset) 46 | 47 | 48 | 49 | # Prerequisites 50 | 51 | - Kubernetes cluster 1.21+ 52 | - Helm 3.0+ 53 | - Kubectl 54 | - PV provisioner support in the underlying infrastructure (optional). 55 | 56 | Install the ``kubectl`` and ``helm`` requirements following the instructions in this [tutorial](docs/requirements.md). 57 | 58 | # Installation 59 | 60 | > [!IMPORTANT] 61 | > Read the [Breaking changes of this helm chart](#breaking-changes-of-this-helm-chart)! 62 | 63 | Access the Kubernetes cluster. 64 | 65 | Add Helm repository: 66 | 67 | ```bash 68 | helm repo add zabbix-community https://zabbix-community.github.io/helm-zabbix 69 | ``` 70 | 71 | Update the list helm charts available for installation. This is recommend prior to installation/upgrade: 72 | 73 | ```bash 74 | helm repo update 75 | ``` 76 | 77 | Get all versions of helm chart: 78 | 79 | ```bash 80 | helm search repo zabbix-community/zabbix -l 81 | ``` 82 | 83 | Set the helm chart version you want to use. Example: 84 | 85 | ```bash 86 | export ZABBIX_CHART_VERSION='{{ template "chart.version" . }}' 87 | ``` 88 | 89 | Export default values of ``zabbix`` chart to ``$HOME/zabbix_values.yaml`` file: 90 | 91 | ```bash 92 | helm show values zabbix-community/zabbix --version $ZABBIX_CHART_VERSION > $HOME/zabbix_values.yaml 93 | ``` 94 | 95 | Change the values according to the environment in the ``$HOME/zabbix_values.yaml`` file. The items of [Configuration](#configuration) section can be set via ``--set`` flag in 96 | installation command or change the values according to the need of the environment in ``$HOME/zabbix_values.yaml`` file. 97 | 98 | Test the installation/upgrade with the command: 99 | 100 | ```bash 101 | helm upgrade --install zabbix zabbix-community/zabbix \ 102 | --dependency-update \ 103 | --create-namespace \ 104 | --version $ZABBIX_CHART_VERSION \ 105 | -f $HOME/zabbix_values.yaml -n monitoring --debug --dry-run 106 | ``` 107 | 108 | Install/upgrade Zabbix with the command: 109 | 110 | ```bash 111 | helm upgrade --install zabbix zabbix-community/zabbix \ 112 | --dependency-update \ 113 | --create-namespace \ 114 | --version $ZABBIX_CHART_VERSION \ 115 | -f $HOME/zabbix_values.yaml -n monitoring --debug 116 | ``` 117 | 118 | See the installation example in [kind](https://kind.sigs.k8s.io) cluster in this [tutorial](docs/example/README.md). 119 | 120 | # How to access Zabbix 121 | 122 | Create port-forward for Zabbix: 123 | 124 | ```bash 125 | kubectl port-forward service/zabbix-zabbix-web 8888:80 -n monitoring 126 | ``` 127 | 128 | Login to Zabbix: 129 | 130 | - URL: http://localhost:8888 131 | - Login: **Admin** 132 | - Password: **zabbix** 133 | 134 | # Troubleshooting 135 | 136 | See the pods: 137 | 138 | ```bash 139 | kubectl get pods -n monitoring 140 | ``` 141 | 142 | See details for each pod: 143 | 144 | ```bash 145 | kubectl describe pods/POD_NAME -n monitoring 146 | ``` 147 | 148 | See all containers in the pod: 149 | 150 | ```bash 151 | kubectl get pods POD_NAME -n monitoring -o jsonpath='{.spec.containers[*].name}*' 152 | ``` 153 | 154 | See the logs for each container in the pod: 155 | 156 | ```bash 157 | kubectl logs -f pods/POD_NAME -c CONTAINER_NAME -n monitoring 158 | ``` 159 | 160 | Access the container prompt. 161 | 162 | ```bash 163 | kubectl exec -it pods/POD_NAME -c CONTAINER_NAME -n monitoring -- sh 164 | ``` 165 | 166 | See details of Zabbix services. 167 | 168 | ```bash 169 | kubectl get svc -n monitoring 170 | kubectl get pods --output=wide -n monitoring 171 | kubectl describe services zabbix -n monitoring 172 | ``` 173 | 174 | # Uninstallation 175 | 176 | To uninstall/delete the ``zabbix`` deployment: 177 | 178 | ```bash 179 | helm uninstall zabbix -n monitoring 180 | ``` 181 | 182 | # Breaking changes of this helm chart 183 | 184 | ## Version 7.0.0 185 | 186 | > [!CAUTION] 187 | > Re-installation of your Release will be necessary. Make sure you do not lose any data! 188 | 189 | - Changed values under `postgresAccess`, partially made necessary by changing *db-create-upgrade-job* for [Native Zabbix Server High Availability](#native-zabbix-server-high-availability) to be a *pre-install/pre-upgrade* job: 190 | - removed `postgresAccess.useUnifiedSecret`. It's now ALWAYS a unified secret containing DB connection relevant settings that is used by all components of this Chart requiring a DB connection 191 | - `unifiedSecretName` now called `existingSecretName` to be more compliant with other Helm Charts 192 | - `unifiedSecretAutoCreate` has been removed. Secret generation now depends on having set `existingSecretName` 193 | - `unifiedSecretXXXKey` renamed to simpler `secretXXXKey` value names 194 | - Default settings in `values.yaml` are now `postgresql.enabled=true` (no change here) and `zabbixServer.zabbixServerHA=false` (changed, due to [Native Zabbix Server High Availability](#native-zabbix-server-high-availability)) 195 | - All labels of all manifests have been unified to fulfill the best practices / standards of how a newly created helm chart (`helm create...`) would do it. This results in you having to **uninstall and install your Release again**, as `spec.selector` label matchers are *immutable* for *Deployments*, *Statefulsets* and such. If you use `postgresql.enabled=true` ("internal database"), be careful not to delete your Zabbix database when issuing uninstallation. By default, Helm does not remove *PersistentVolumeClaims* when uninstalling a release, but to be sure, you can [annotate your PVC additionally](https://github.com/helm/helm/issues/6261#issuecomment-523472128) to prevent its deletion 196 | - Removed all pre 1.21 Kubernetes compatibility switches (`v1beta1`, ...) 197 | - `deploymentAnnotations` have been renamed to `extraDeploymentAnnotations` for every of the components of this helm chart in `values.yaml` 198 | - `deploymentLabels` have been renamed to `extraDeploymentLabels` for every of the components of this helm chart in `values.yaml`. The same counts for `statefulSetLabels`, etc. 199 | - `deploymentAnnotations` have been renamed to `extraDeploymentAnnotations` for every of the components of this helm chart in `values.yaml`. The same counts for `statefulSetAnnotations`, `daemonSetAnnotations`, etc. 200 | - `containerLabels` are now called `extraPodLabels` and `containerAnnotations` went to be `extraPodAnnotations`, as these names match better to what the values actually do 201 | - when using `zabbixAgent.runAsDaemonSet=true`, zabbix agent pods now default to use `hostNetwork: true` 202 | 203 | ## Version 6.1.0 204 | 205 | - Removing support for non-default Kubernetes features and Custom Resource objects: `IngressRoute`, `Route`, more info: [#123](https://github.com/zabbix-community/helm-zabbix/pull/123) 206 | - Removing support for [karpenter](https://karpenter.sh) due to the more generalistic approach: [#121](https://github.com/zabbix-community/helm-zabbix/pull/121) 207 | - Adding support to deploy any arbitrary manifests together with this Helm Chart by embedding them in the `.Values.extraManifests` list [#121](https://github.com/zabbix-community/helm-zabbix/pull/121) 208 | - From now on, the keys to use for a `unifiedSecret` to configure postgresql access globally for all relevant components that this Helm Chart deploys, can be configured in `values.yaml` file 209 | - It is now possible to use a different Schema other than `public` in Postgresql database, when using an external database 210 | 211 | ## Version 6.0.0 212 | 213 | - New implementation of native Zabbix Server High Availability (see [Support of native Zabbix Server High Availability](#support-of-native-zabbix-server-high-availability) section) 214 | - No breaking changes in values.yaml, but nevertheless you might want to review your values.yaml's `zabbixServer.zabbixServerHA` section 215 | 216 | ## Version 5.0.0 217 | 218 | - Will be using Postgresql 16.x and Zabbix 7.x. 219 | - Adjust in extraEnv to add support in environment variables from configmap and secret. More info: #93 220 | 221 | ## Version 4.0.0 222 | 223 | - Will be used Postgresql 15.x and Zabbix 6.x. 224 | - Allow install zabbix-agent2 as deployment and sidecar container. More info: https://github.com/zabbix-community/helm-zabbix/issues/20 225 | - This release changes parameter names in preparation for addressing these issues in the future and use [camelCase](https://en.wikipedia.org/wiki/Camel_case) pattern where is possible. More info: https://github.com/zabbix-community/helm-zabbix/issues/18 and https://github.com/zabbix-community/helm-zabbix/issues/21 226 | - ``db_access`` -> ``postgresAccess`` 227 | - ``db_access.use_unified_secret`` -> ``postgresAccess.useUnifiedSecret`` 228 | - ``db_access.unified_secret_name`` -> ``postgresAccess.unifiedSecretName`` 229 | - ``db_access.unified_secret_autocreate`` -> ``postgresAccess.unifiedSecretAutoCreate`` 230 | - ``db_access.db_server_host`` -> ``postgresAccess.host`` 231 | - ``db_access.db_server_port`` -> ``postgresAccess.port`` 232 | - ``db_access.postgres_user`` -> ``postgresAccess.user`` 233 | - ``db_access.postgres_password`` -> ``postgresAccess.password`` 234 | - ``db_access.postgres_db`` -> ``postgresAccess.database`` 235 | - ``db_access.postgres_password_secret`` -> ``postgresAccess.passwordSecret`` 236 | - ``db_access.postgres_password_secret_key`` -> ``postgresAccess.passwordSecretKey`` 237 | - ``ingressroute`` -> ``ingressRoute`` 238 | - ``postgresql.existing_claim_name`` -> ``postgresql.existingClaimName`` 239 | - ``postgresql.storage_size`` -> ``postgresql.storageSize`` 240 | - ``postgresql.storage_class`` -> ``postgresql.storageClass`` 241 | - ``zabbix_image_tag`` -> ``zabbixImageTag`` 242 | - ``zabbixagent`` -> ``zabbixAgent`` 243 | - ``zabbixproxy`` -> ``zabbixProxy`` 244 | - ``zabbixserver`` -> ``zabbixServer`` 245 | - ``zabbixserver.pod_anti_affinity`` -> ``zabbixServer.podAntiAffinity`` 246 | - ``zabbixserver.ha_nodes_autoclean`` -> ``zabbixServer.haNodesAutoClean`` 247 | - ``zabbixserver.ha_nodes_autoclean.delete_older_than_seconds`` -> ``zabbixServer.haNodesAutoClean.deleteOlderThanSeconds`` 248 | - ``zabbixweb`` -> ``zabbixWeb`` 249 | - ``zabbixweb.pod_anti_affinity`` -> ``zabbixWeb.podAntiAffinity`` 250 | - ``zabbixweb.saml_certs_secret_name`` -> ``zabbixWeb.samlCertsSecretName`` 251 | - ``zabbixwebservice`` -> ``zabbixWebService`` 252 | - ``zabbixwebservice.pod_anti_affinity`` -> ``zabbixWebService.podAntiAffinity`` 253 | - ``zabbixwebservice.ignore_url_cert_errors`` -> ``zabbixWebService.ignoreURLCertErrors`` 254 | 255 | ## Version 3.0.0 256 | 257 | - Will be used Postgresql 14.x and Zabbix 6.x. 258 | - This version removes the possibility to specify database username/password per 259 | subsection in favor of specifying all of them centrally at one place. 260 | - Also, the names of the values have changed from upper to lowercase. 261 | - It is now possible to start the Zabbix Server pods with replicas of more than 1. 262 | HA functionality of Zabbix will automatically be enabled and it is made sure that 263 | the database schema publication will only happen once, and not by all of the Zabbix 264 | Server pods at the same time. 265 | - More info: https://github.com/cetic/helm-zabbix/pull/54 266 | 267 | ## Version 2.0.0 268 | 269 | - Will be used Postgresql 14.x and Zabbix 6.x. 270 | - This version implements a central way of managing database access credentials 271 | using a secret, which then will be respected by all the components 272 | installed by this chart: zabbixServer, zabbixWeb and postgresql. 273 | - The secret must contain a number of keys indicating DB host, DB name, 274 | user and password and can direct towards a database installed within 275 | this chart, or an external database. 276 | - The benefit of this is that now the database can respect the values 277 | in the central DB access secret and initialize accordingly. 278 | - Last but not least, the credential secret can be chosen to be 279 | auto-generated (password will be set to a random string) at chart 280 | installation, if postgresql.enabled is set to true. With this, an easy 281 | to use "out-of-the-box" installation with as little customizations as 282 | possible is possible, while still obtaining a good level of security. 283 | - More info: https://github.com/cetic/helm-zabbix/pull/53 284 | 285 | ## Version 1.0.0 286 | 287 | - Will be used Postgresql 14.x and Zabbix 6.x. 288 | - The installation of any component of chart is optional for easy integration with the official 289 | chart: https://git.zabbix.com/projects/ZT/repos/kubernetes-helm/ 290 | - More info: https://github.com/cetic/helm-zabbix/issues/42 291 | 292 | # Zabbix components 293 | 294 | > [!NOTE] 295 | > About the Zabbix version supported 296 | 297 | - This helm chart is compatible with non-LTS version of Zabbix, that include important changes and functionalities. 298 | - But by default this helm chart will install the latest LTS version (example: 7.0.x). 299 | See more info in [Zabbix Life Cycle & Release Policy](https://www.zabbix.com/life_cycle_and_release_policy) page 300 | - When you want use a non-LTS version (example: 7.2.x), you have to set this in ``values.yaml`` yourself. This Helm Chart is actively being tested with the current non-LTS major releases, so it will be most probably working without any problem just setting `zabbixImageTag`, for example to the value of `ubuntu-7.2.1` or `alpine-7.2-latest`. 301 | 302 | ## Zabbix Server 303 | 304 | **Zabbix Server** is the central process of Zabbix software. 305 | 306 | The server performs the polling and trapping of data, it calculates triggers, sends notifications 307 | to users. It is the central component to which Zabbix agents and proxies report data on availability 308 | and integrity of systems. The server can itself remotely check networked services (such as web servers 309 | and mail servers) using simple service checks 310 | [Official documentation](https://www.zabbix.com/documentation/current/en/manual/concepts/server). 311 | 312 | Zabbix Server can be operated in a High Availability mode since version 6.0 which is automatically 313 | enabled by this Helm chart when setting the Zabbix Server component to run more than 1 replica. 314 | In this HA mode, all Zabbix Server instances periodically send a heartbeat to the Database server 315 | (just updating a timestamp in a table) as well as which of the nodes is the "active" one. In case 316 | the active node does not send a heartbeat within a certain time, any of the remaining ones 317 | automatically take over. It is every time possible to join new nodes to the HA cluster by just 318 | raising the amount of replicas of the Zabbix Server. 319 | 320 | 321 | ## Zabbix Agent 322 | 323 | > [!NOTE] 324 | > **zabbix-agent2** is supported in this helm chart and will be used by default. 325 | 326 | **Zabbix Agent** is deployed on a monitoring target to actively monitor local resources and 327 | applications (hard drives, memory, processor statistics etc) 328 | [Official documentation](https://www.zabbix.com/documentation/current/en/manual/concepts/agent). 329 | 330 | 331 | ## Zabbix Web (frontend) 332 | 333 | **Zabbix Web** interface is a part of Zabbix software. It is used to manage resources under 334 | monitoring and view monitoring statistics 335 | [Official documentation](https://www.zabbix.com/documentation/current/en/manual/web_interface). 336 | 337 | ## Zabbix Web Service 338 | 339 | **Zabbix Web Service** is a process that is used for communication with external web services 340 | [Official documentation](https://www.zabbix.com/documentation/current/en/manual/concepts/web_service). 341 | 342 | ## Zabbix Proxy 343 | 344 | > [!NOTE] 345 | > This helm chart installs Zabbix Proxy with SQLite3 support 346 | 347 | **Zabbix Proxy** is a process that may collect monitoring data from one or more monitored devices 348 | and send the information to the Zabbix Server, essentially working on behalf of the server. 349 | All collected data is buffered locally and then transferred to the **Zabbix Server** the 350 | proxy belongs to 351 | [Official documentation](https://www.zabbix.com/documentation/current/en/manual/concepts/proxy). 352 | 353 | ## PostgreSQL 354 | 355 | A database is required for zabbix to work, in this helm chart we're using Postgresql. 356 | 357 | > [!IMPORTANT] 358 | > We use plain postgresql database by default WITHOUT persistence. If you want persistence or 359 | would like to use TimescaleDB instead, check the comments in the ``values.yaml`` file. 360 | 361 | # Thanks 362 | 363 | > **About the new home of helm chart** 364 | - The new home of the Zabbix helm chart is: https://github.com/zabbix-community/helm-zabbix. 365 | It is a fork from the [cetic/helm-zabbix](https://github.com/cetic/helm-zabbix). 366 | - In this [issue](https://github.com/cetic/helm-zabbix/issues/68) it was agreed with [Sebastien Dupont](https://github.com/banzothat) that the repository would get a new home. 367 | - We are grateful to [Cetic](https://www.cetic.be/) for making the infrastructure available on CircleCI to host the helm chart from the start. Now, the new versions will be hosted on Github. 368 | - We are very grateful to [Alexandre Nuttinck](https://github.com/alexnuttinck) and [Amen Ayadi](https://github.com/AyadiAmen), who were the first developers of the helm chart and who worked at Cetic. Your dedication and effort made it possible to install Zabbix on a Kubernetes cluster. 369 | 370 | # License 371 | 372 | [Apache License 2.0](/LICENSE) 373 | 374 | # Configuration 375 | 376 | ## Helm Values 377 | 378 | The following tables lists the configurable parameters of the chart and their default values. 379 | 380 | {{ template "chart.valuesTable" . }} 381 | 382 | ## Database access settings 383 | 384 | All settings referring to how the different components that this Chart installs access the 385 | Zabbix PostgreSQL Database (either an external, already existing database or one deployed within 386 | this Helm chart) are being configured centrally under the ``postgresAccess`` section of the 387 | ``values.yaml`` file. 388 | 389 | By default, this Chart will deploy it's own very simple PostgreSQL database. All settings 390 | relevant to how to access this database will be held in one central *Secret* with the 391 | name of the *Helm Release*, suffixed with *-db-access* and values defined in ``values.yaml``. 392 | 393 | Instead of letting the Chart automatically generate such a secret, you can use an existing Secret. 394 | Use ``postgresAccess.externalSecretName`` in such a case and read the comments 395 | in ``values.yaml`` for how the keys inside the Secret holding the relevant values can be set. 396 | 397 | If you want to connect your Zabbix installation to a Postgres database deployed using the 398 | [CrunchyData PGO Operator](https://access.crunchydata.com/documentation/postgres-operator/latest/), 399 | you can use the secret that PGO/CNPG generates for your database directly to connect Zabbix to it, 400 | by just referring to its name with the ``postgresAccess.externalSecretName`` setting to it. 401 | 402 | ## Postgresql database 403 | 404 | While the default database configuration shipped with this Chart is fine for most (very small, 405 | for testing only) Zabbix installations, you will want to set some specific settings to better 406 | match your setup. First of all, you should consider enabling Postgresql database persistence 407 | (``postgresql.persistence.enabled``), as otherwise all your changes and historical data will 408 | be gone as soon as you remove the installation of Zabbix. Additionally, you might want to tune 409 | Postgresql by supplying extra postgresql runtime parameters using the 410 | ``postgresql.extraRuntimeParameters`` dictionary: 411 | 412 | ```yaml 413 | postgresql: 414 | enabled: true 415 | persistence: 416 | enabled: true 417 | storageSize: 50Gi 418 | extraRuntimeParameters: 419 | max_connections: 250 420 | dynamic_shared_memory_type: posix 421 | shared_buffers: 4GB 422 | temp_buffers: 16MB 423 | work_mem: 128MB 424 | maintenance_work_mem: 256MB 425 | effective_cache_size: 6GB 426 | min_wal_size: 80MB 427 | ``` 428 | 429 | Alternatively, you can add your own configuration file for postgresql (using a ConfigMap and 430 | the ``postgresql.extraVolumes`` setting) to mount it into the postgresql container and referring 431 | to this config file with the ``postgresql.extraRuntimeParameters`` set to: 432 | 433 | ```yaml 434 | postgresql: 435 | extraRuntimeParameters: 436 | config.file: /path/to/your/config.file 437 | ``` 438 | 439 | Much more than using the database deployment done by this Helm Chart, it is highly recommended, and for usage of the [Zabbix Server High Availability](#native-zabbix-server-high-availability) even necessary, is the usage of an external database employing proper Backup, Restore, and High Availability functionalities. A good, and probably the best, way to do this inside Kubernetes is using one of the Postgresql database operators [CrunchyData PGO Operator](https://access.crunchydata.com/documentation/postgres-operator/latest/) or [CNPG](https://cloudnative-pg.io) See [Examples](/docs/examples/). For CNPG, a simple database manifest could look as follows: 440 | 441 | ```yaml 442 | apiVersion: postgresql.cnpg.io/v1 443 | kind: Cluster 444 | metadata: 445 | name: zabbix-db 446 | spec: 447 | instances: 3 448 | imageName: ghcr.io/cloudnative-pg/postgresql:16 449 | storage: 450 | size: 5Gi 451 | ``` 452 | 453 | ## Native Zabbix Server High Availability 454 | 455 | Since version 6.0, Zabbix has its own implementation of [High Availability](https://www.zabbix.com/documentation/current/en/manual/concepts/server/ha), which is a simple approach to realize a Hot-Standby high availability setup with Zabbix Server. This feature applies only to the Zabbix Server component, not Zabbix Proxy, Webdriver, Web Frontend or such. In a Zabbix monitoring environment, by design, there can only be one central active Zabbix Server taking over the responsibility of storing data into database, calculating triggers, sending alerts, evt. The native High Availability concept does not change that, it just implements a way to have additional Zabbix Server processes being "standby" and "jumping in" as soon as the active one does not report it's availability (updating a table in the database), anymore. As such, the Zabbix Server High Availability works well together (and somewhat requires, to be an entirely high available setup), an also high available database setup. High availability of Postgres Database is not covered by this Helm Chart, but can rather easily be achieved by using one of the well-known Postgresql database operators [PGO](https://github.com/CrunchyData/postgres-operator) and [CNPG](https://cloudnative-pg.io), which are supported to be used with this Helm Chart. 456 | 457 | > [!IMPORTANT] 458 | > In order to deploy Zabbix Server in High Available mode using this Helm Chart, you need to bring your own (external) database. Recommended is to supply a highly available Postgresql setup using one of the well-known Postgresql operators [PGO](https://github.com/CrunchyData/postgres-operator) or [CNPG](https://cloudnative-pg.io) See [Examples](/docs/examples/). 459 | 460 | For the HA feature, which has not been designed for usage in Kubernetes by Zabbix SIA, to work in K8S, there have been some challenges to overcome, primarily the fact that Zabbix Server does not allow to upgrade or to initialize database schema when running in HA mode enabled. Intention by Zabbix is to turn HA mode off, issue Major Release Upgrade, turn HA mode back on. This doesn't conclude with Kubernetes concepts. Beside of that, some additional circumstances led us to an implementation as follows: 461 | 462 | - added a portion in values.yaml generally switching *Zabbix Server HA* on or off. If turned off, the Zabbix Server deployment will always be started with 1 replica and without the ZBX_HANODENAME env variable. This is an easy-to-use setup with no additional job pods, but it's not possible to just scale up zabbix server pods from here 463 | - when `.Values.zabbixServer.zabbixServerHA.enabled` is set to `true`, a Kubernetes Job, marked as Helm *pre-install,pre-upgrade* hook, is being deployed used to prepare the database and the database's schema version (by "schema", we refer to the tables, their structure, etc.) prior to any Zabbix Server pods trying to access the database. This job also handles major release upgrades. In case the job is being started in a `helm upgrade` situation, it scales down zabbix server deployment before upgrading database schema, manages entries in the DBs `ha_node` table, etc. Additionally, this job figures out whether a migration from a non-HA enabled setup to a HA-enabled one has been done, and handles necessary actions (scale down pods, delete entries in database) accordingly. The image bases off the zabbix_server image and its source code can be found [here](https://github.com/zabbix-community/helm-zabbix-image-db-init-upgrade-job). 464 | 465 | Due to the way Helm works (not offering a possibility to deploy manifests BEFORE a pre-install/pre-upgrade job) and the need to implement the database preparation as such (Helm never finishing an installation when using `--wait` flag when using post-install/post-upgrade job instead, and ArgoCD suffering the same issue), it is **not supported** to have this Helm Chart deploying the database Pod itself (`postgresql.enabled`) and enabling the Zabbix Server HA mode. `postgresql.enabled` is meant for non-production / test use cases, when for production an external database or one managed by an operator, set up in a high available manner, is strongly recommended anyway. 466 | 467 | In order to make it possible to use **Active checks** and **Active Zabbix Proxies** with a Zabbix Server setup having High Availability enabled, a **HA Labels sidecar** has been introduced, continuously monitoring the Zabbix server pod for amount of running Zabbix server processes to figure out whether the Pod is being "active" or "standby" Zabbix Server node, and updating HA-related labels on the pod, accordingly. The image for these sidecar containers is been contained [here within this Github organization](https://github.com/zabbix-community/helm-zabbix-image-ha-labels-sidecar). The reason to implement it this way and not by probing the port number, which was my initial approach, is that probing the port of Zabbix Server will make it generate a message in the log, stating that a connection without a proper payload has been initiated towards the Zabbix Server. More info: #115 468 | 469 | ## Expose Zabbix service 470 | 471 | - **Ingress**: The ingress controller must be installed in the Kubernetes cluster. 472 | - **ClusterIP**: Exposes the service on a cluster-internal IP. Choosing this value makes the 473 | service only reachable from within the cluster. 474 | - **NodePort**: Exposes the service on each Node's IP at a static port (the NodePort). 475 | You'll be able to contact the NodePort service, from outside the cluster, by requesting 476 | ``NodeIP:NodePort``. 477 | - **LoadBalancer**: Exposes the service externally using a cloud provider's load balancer. 478 | 479 | ## Multiple replicas for Zabbix Proxy statefulset 480 | 481 | In case you use proxy groups, it may be necessary to have several zabbix proxy replicas. 482 | you can then no longer set the ZBX_HOSTNAME value. 483 | This value will then take the name of each pod. 484 | Name that you can then give to your zabbix proxies on the zabbix server side. 485 | 486 | > [!IMPORTANT] 487 | > You will need to deploy proxy service per replica if you want the Active Agent checks to work. 488 | > **If not defined the pod name will be used.** 489 | -------------------------------------------------------------------------------- /charts/zabbix/artifacthub-pkg.yml: -------------------------------------------------------------------------------- 1 | # Artifact Hub package metadata file 2 | # References: 3 | # https://github.com/artifacthub/hub/blob/master/docs/metadata/artifacthub-pkg.yml 4 | # https://artifacthub.io/docs/topics/repositories/keda-scalers/ 5 | # https://github.com/kedacore/external-scalers/blob/main/artifacthub/azure-cosmos-db/0.1.0/artifacthub-pkg.yml 6 | # https://artifacthub.io/packages/keda-scaler/keda-official-external-scalers/external-scaler-azure-cosmos-db?modal=install 7 | 8 | version: 7.0.7 # helm chart version 9 | # LTS Zabbix version by default due to stability. See: https://www.zabbix.com/life_cycle_and_release_policy 10 | appVersion: 7.0.13 # zabbix version 11 | name: zabbix 12 | category: monitoring, networking, metrics 13 | displayName: Zabbix - The Enterprise-Class Open Source Network Monitoring Solution 14 | createdAt: 2025-05-30T06:23:55Z # Command Linux: date +%Y-%m-%dT%TZ 15 | description: Zabbix is a mature and effortless enterprise-class open source monitoring solution for network monitoring and application monitoring of millions of metrics. 16 | logoURL: https://assets.zabbix.com/img/logo/zabbix_logo_500x131.png 17 | license: Apache-2.0 18 | homeURL: https://www.zabbix.com 19 | keywords: 20 | - zabbix 21 | - monitoring 22 | - metrics 23 | - kubernetes 24 | - helm 25 | links: 26 | - name: Github project 27 | url: https://github.com/zabbix-community/helm-zabbix 28 | install: | 29 | # Installation 30 | 31 | > **Attention!!! Read the [Breaking changes of this helm chart](https://artifacthub.io/packages/helm/zabbix-community/zabbix#breaking-changes-of-this-helm-chart).** 32 | 33 | Access the Kubernetes cluster. 34 | 35 | Add Helm repository: 36 | 37 | ```bash 38 | helm repo add zabbix-community https://zabbix-community.github.io/helm-zabbix 39 | ``` 40 | 41 | Update the list helm charts available for installation. This is recommend prior to installation/upgrade: 42 | 43 | ```bash 44 | helm repo update 45 | ``` 46 | 47 | Get all versions of helm chart: 48 | 49 | ```bash 50 | helm search repo zabbix-community/zabbix -l 51 | ``` 52 | 53 | Set the helm chart version you want to use. Example: 54 | 55 | ```bash 56 | export ZABBIX_CHART_VERSION='7.0.7' 57 | ``` 58 | 59 | Export default values of ``zabbix`` chart to ``$HOME/zabbix_values.yaml`` file: 60 | 61 | ```bash 62 | helm show values zabbix-community/zabbix --version $ZABBIX_CHART_VERSION > $HOME/zabbix_values.yaml 63 | ``` 64 | 65 | Change the values according to the environment in the ``$HOME/zabbix_values.yaml`` file. Read the section [Configuration](https://artifacthub.io/packages/helm/zabbix-community/zabbix#configuration) section. 66 | 67 | Install/upgrade Zabbix with the command: 68 | 69 | ```bash 70 | helm upgrade --install zabbix zabbix-community/zabbix \ 71 | --dependency-update \ 72 | --create-namespace \ 73 | --version $ZABBIX_CHART_VERSION \ 74 | -f $HOME/zabbix_values.yaml -n monitoring --debug 75 | ``` 76 | 77 | # How to access Zabbix 78 | 79 | Create port-forward for Zabbix: 80 | 81 | ```bash 82 | kubectl port-forward service/zabbix-zabbix-web 8888:80 -n monitoring 83 | ``` 84 | 85 | Login to Zabbix: 86 | 87 | - URL: http://localhost:8888 88 | - Login: **Admin** 89 | - Password: **zabbix** 90 | 91 | # Uninstallation 92 | 93 | To uninstall/delete the ``zabbix`` deployment: 94 | 95 | ```bash 96 | helm uninstall zabbix -n monitoring 97 | ``` 98 | 99 | Please visit this [page](https://artifacthub.io/packages/helm/zabbix-community/zabbix) for more details. 100 | provider: 101 | name: zabbix-community 102 | maintainers: 103 | - name: Aecio Pires 104 | email: aeciopires@yahoo.com.br 105 | - name: Christian Anton 106 | email: christian.anton@inqbeo.de 107 | -------------------------------------------------------------------------------- /charts/zabbix/artifacthub-repo.yml: -------------------------------------------------------------------------------- 1 | # Artifact Hub repository metadata file 2 | # Reference: https://github.com/artifacthub/hub/blob/master/docs/metadata/artifacthub-repo.yml 3 | # 4 | repositoryID: 1d23ea5a-5611-40f1-b5c2-bb60fec224e4 5 | owners: 6 | - name: aeciopires 7 | email: https://blog.aeciopires.com/contato 8 | -------------------------------------------------------------------------------- /charts/zabbix/docs/README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | - [About](#about) 4 | - [Prerequisites to develop and test this helm chart](#prerequisites-to-develop-and-test-this-helm-chart) 5 | - [Example to install Zabbix in Kubernetes](#example-to-install-zabbix-in-kubernetes) 6 | - [More information](#more-information) 7 | 8 | 9 | 10 | # About 11 | 12 | Documentation of this repository. 13 | 14 | # Prerequisites to develop and test this helm chart 15 | 16 | Install the [requirements](requirements.md). 17 | 18 | # Example to install Zabbix in Kubernetes 19 | 20 | See the installation example in [kind](https://kind.sigs.k8s.io) cluster in this [tutorial](example/README.md). 21 | 22 | # More information 23 | 24 | See [README.md](../README.md). 25 | -------------------------------------------------------------------------------- /charts/zabbix/docs/example/README.md: -------------------------------------------------------------------------------- 1 | 2 | - [About](#about) 3 | - [Installation](#installation) 4 | - [How to access Zabbix](#how-to-access-zabbix) 5 | - [Troubleshooting](#troubleshooting) 6 | - [Uninstallation](#uninstallation) 7 | - [Install nginx-ingress for services internal Kubernetes cluster](#install-nginx-ingress-for-services-internal-kubernetes-cluster) 8 | 9 | 10 | # About 11 | 12 | An example to use the [Zabbix Helm Chart](https://github.com/zabbix-community/helm-zabbix) in [kind](https://kind.sigs.k8s.io) cluster. 13 | 14 | # Installation 15 | 16 | Install the [requirements](../requirements.md). 17 | 18 | Access the Kubernetes cluster. 19 | 20 | Clone this repository: 21 | 22 | ```bash 23 | mkdir $HOME/mygit 24 | cd $HOME/mygit 25 | git clone https://github.com/zabbix-community/helm-zabbix 26 | cd $HOME/mygit/helm-zabbix 27 | ``` 28 | 29 | Edit ``$HOME/mygit/helm-zabbix/charts/zabbix/docs/example/kind/values.yaml`` file. The items of section [Configuration](../../README.md#configuration) can be set via ``--set`` flag in installation command or change the values according to the need of the environment in ``$HOME/mygit/helm-zabbix/charts/zabbix/docs/example/kind/values.yaml`` file. 30 | 31 | Test the installation/upgrade with the command: 32 | 33 | ```bash 34 | helm upgrade --install zabbix \ 35 | --dependency-update \ 36 | --create-namespace \ 37 | -f $HOME/mygit/helm-zabbix/charts/zabbix/docs/example/kind/values.yaml \ 38 | $HOME/mygit/helm-zabbix/charts/zabbix -n monitoring --debug --dry-run 39 | ``` 40 | 41 | Install/upgrade Zabbix with the command: 42 | 43 | ```bash 44 | helm upgrade --install zabbix \ 45 | --dependency-update \ 46 | --create-namespace \ 47 | -f $HOME/mygit/helm-zabbix/charts/zabbix/docs/example/kind/values.yaml \ 48 | $HOME/mygit/helm-zabbix/charts/zabbix -n monitoring --debug 49 | ``` 50 | 51 | # How to access Zabbix 52 | 53 | See [README.md](../../README.md#how-to-access-zabbix). 54 | 55 | # Troubleshooting 56 | 57 | See [README.md](../../README.md#troubleshooting). 58 | 59 | # Uninstallation 60 | 61 | See [README.md](../../README.md#uninstallation). 62 | 63 | # Install nginx-ingress for services internal Kubernetes cluster 64 | 65 | In the **production** environment to allow external access to Zabbix installed on Kubernetes, you can configure ``nginx-ingress``, but there are other similar approaches that can be used. This was just a suggestion for users new to Kubernetes. 66 | 67 | More information about ``nginx-ingress`` can be found in the following tutorials. 68 | 69 | - https://github.com/helm/charts/tree/master/stable/nginx-ingress 70 | - https://github.com/kubernetes/ingress-nginx 71 | - https://kubernetes.github.io/ingress-nginx/ 72 | - https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-on-digitalocean-kubernetes-using-helm 73 | - https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes 74 | - https://asilearn.org/install-nginx-ingress-controller-on-kubernetes-9efb9765cc7a 75 | - https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/ 76 | - https://github.com/nginxinc/kubernetes-ingress 77 | - https://stackoverflow.com/questions/51597410/aws-eks-is-not-authorized-to-perform-iamcreateservicelinkedrole 78 | - https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md 79 | - https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/ 80 | - https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/ 81 | - https://docs.giantswarm.io/guides/advanced-ingress-configuration/ 82 | - https://stackoverflow.com/questions/51874503/kubernetes-ingress-network-deny-some-paths 83 | - https://www.edureka.co/community/19277/access-some-specific-paths-while-using-kubernetes-ingress 84 | - https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/ 85 | - https://imti.co/kubernetes-ingress-nginx-cors/ 86 | - https://stackoverflow.com/questions/54083179/how-can-i-correctly-setup-custom-headers-with-nginx-ingress 87 | -------------------------------------------------------------------------------- /charts/zabbix/docs/example/kind/values.yaml: -------------------------------------------------------------------------------- 1 | # Custom values for zabbix. 2 | zabbixImageTag: alpine-7.2.7 3 | 4 | zabbixServer: 5 | enabled: true 6 | replicaCount: 2 7 | zabbixServerHA: 8 | enabled: false 9 | haNodesAutoClean: 10 | enabled: false 11 | image: 12 | # Postgresql Docker image name: chose one of "postgres" or "timescale/timescaledb" 13 | repository: postgres 14 | #repository: timescale/timescaledb 15 | # -- Tag of Docker image of Postgresql server, choice "17" for postgres "2.17.2-pg16" for timescaledb 16 | # (Zabbix supports TimescaleDB. More info: https://www.zabbix.com/documentation/7.2/en/manual/installation/requirements) 17 | tag: 17 18 | #tag: 2.17.2-pg16 19 | service: 20 | type: NodePort 21 | port: 10051 22 | nodePort: 31051 23 | extraEnv: 24 | - name: "ZBX_EXAMPLE_MY_ENV_1" 25 | value: "true" 26 | - name: "ZBX_EXAMPLE_MY_ENV_2" 27 | value: "false" 28 | - name: "ZBX_EXAMPLE_MY_ENV_3" 29 | value: "100" 30 | # - name: MY_USERNAME 31 | # valueFrom: 32 | # secretKeyRef: 33 | # name: my-envs 34 | # key: user 35 | # - name: MY_PASSWORD 36 | # valueFrom: 37 | # secretKeyRef: 38 | # name: my-envs 39 | # key: password 40 | # Example of readinessProbe when zabbix-server has two or more replicas in HA mode 41 | # readinessProbe: 42 | # exec: 43 | # command: 44 | # - /bin/sh 45 | # - -c 46 | # - |- 47 | # test $(zabbix_server -R ha_status | awk /$ZBX_NODEADDRESS:10051/'{print $5}') = active 48 | # initialDelaySeconds: 60 49 | # periodSeconds: 10 50 | # timeoutSeconds: 5 51 | # successThreshold: 1 52 | # failureThreshold: 6 53 | 54 | postgresql: 55 | enabled: true 56 | image: 57 | # Postgresql Docker image name: chose one of "postgres" or "timescale/timescaledb" 58 | repository: postgres 59 | #repository: timescale/timescaledb 60 | # -- Tag of Docker image of Postgresql server, choice "17" for postgres "2.17.2-pg16" for timescaledb 61 | # (Zabbix supports TimescaleDB7. More info: https://www.zabbix.com/documentation/7.0/en/manual/installation/requirements) 62 | tag: 17 63 | #tag: 2.17.2-pg16 64 | max_connections: 100 65 | persistence: 66 | enabled: true 67 | existingClaimName: false 68 | storageSize: 5Gi # generate a PVC in default storage class with the given size for the DB 69 | 70 | zabbixProxy: 71 | enabled: true 72 | replicaCount: 1 73 | ZBX_PROXYMODE: 0 # The variable allows to switch Zabbix proxy mode. By default, value is 0 - active proxy. Allowed values are 0 - active proxy and 1 - passive proxy. 74 | ZBX_HOSTNAME: zabbix-proxy # Case sensitive hostname. If not defined the pod name will be used 75 | ZBX_SERVER_HOST: zabbix-zabbix-server 76 | ZBX_SERVER_PORT: 10051 77 | # ZBX_LOADMODULE: dummy1.so,dummy2.so # The variable is list of comma separated loadable Zabbix modules. It works with volume /var/lib/zabbix/modules. 78 | # ZBX_DEBUGLEVEL: 4 # The variable is used to specify debug level, from 0 to 5 79 | # ZBX_TIMEOUT: 4 # The variable is used to specify timeout for processing checks. By default, value is 4. 80 | # ZBX_JAVAGATEWAY_ENABLE: false # The variable enable communication with Zabbix Java Gateway to collect Java related checks. By default, value is false. 81 | ZBX_VMWARECACHESIZE: 128M 82 | service: 83 | type: NodePort 84 | port: 10051 85 | nodePort: 31053 86 | extraEnv: 87 | - name: "ZBX_EXAMPLE_MY_ENV_4" 88 | value: "true" 89 | - name: "ZBX_EXAMPLE_MY_ENV_5" 90 | value: "false" 91 | - name: "ZBX_EXAMPLE_MY_ENV_6" 92 | value: "100" 93 | # - name: MY_USERNAME 94 | # valueFrom: 95 | # secretKeyRef: 96 | # name: my-envs 97 | # key: user 98 | # - name: MY_PASSWORD 99 | # valueFrom: 100 | # secretKeyRef: 101 | # name: my-envs 102 | # key: password 103 | 104 | zabbixAgent: 105 | enabled: true 106 | runAsSidecar: true 107 | runAsDaemonSet: false 108 | ZBX_HOSTNAME: zabbix-agent 109 | ZBX_SERVER_HOST: 0.0.0.0/0 110 | ZBX_SERVER_PORT: 10051 111 | ZBX_PASSIVE_ALLOW: true # This variable is boolean (true or false) and enables or disables feature of passive checks. By default, value is true 112 | ZBX_ACTIVE_ALLOW: false # This variable is boolean (true or false) and enables or disables feature of active checks 113 | ZBX_DEBUGLEVEL: 3 # The variable is used to specify debug level, from 0 to 5 114 | ZBX_TIMEOUT: 4 # The variable is used to specify timeout for processing checks. By default, value is 4. 115 | ZBX_VMWARECACHESIZE: 128M 116 | service: 117 | type: ClusterIP 118 | port: 10050 119 | extraEnv: 120 | - name: "ZBX_EXAMPLE_MY_ENV_7" 121 | value: "true" 122 | - name: "ZBX_EXAMPLE_MY_ENV_8" 123 | value: "false" 124 | - name: "ZBX_EXAMPLE_MY_ENV_9" 125 | value: "100" 126 | # - name: MY_USERNAME 127 | # valueFrom: 128 | # secretKeyRef: 129 | # name: my-envs 130 | # key: user 131 | # - name: MY_PASSWORD 132 | # valueFrom: 133 | # secretKeyRef: 134 | # name: my-envs 135 | # key: password 136 | 137 | 138 | zabbixWeb: 139 | enabled: true 140 | ZBX_SERVER_HOST: zabbix-zabbix-server 141 | ZBX_SERVER_PORT: 10051 142 | service: 143 | type: ClusterIP 144 | port: 80 145 | extraEnv: 146 | - name: "ZBX_EXAMPLE_MY_ENV_10" 147 | value: "true" 148 | - name: "ZBX_EXAMPLE_MY_ENV_11" 149 | value: "false" 150 | - name: "ZBX_EXAMPLE_MY_ENV_12" 151 | value: "100" 152 | # - name: MY_USERNAME 153 | # valueFrom: 154 | # secretKeyRef: 155 | # name: my-envs 156 | # key: user 157 | # - name: MY_PASSWORD 158 | # valueFrom: 159 | # secretKeyRef: 160 | # name: my-envs 161 | # key: password 162 | 163 | #affinity: 164 | # nodeAffinity: 165 | # preferredDuringSchedulingIgnoredDuringExecution: 166 | # - weight: 1 167 | # preference: 168 | # matchExpressions: 169 | # - key: kubernetes.io/o 170 | # operator: In 171 | # values: 172 | # - linux 173 | 174 | #zabbixJavaGateway: 175 | # enabled: true 176 | -------------------------------------------------------------------------------- /charts/zabbix/docs/requirements.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | - [Prerequisites to develop and test Helm Charts](#prerequisites-to-develop-and-test-helm-charts) 4 | - [General Packages](#general-packages) 5 | - [Kubernetes cluster](#kubernetes-cluster) 6 | - [Docker](#docker) 7 | - [asdf](#asdf) 8 | - [Helm](#helm) 9 | - [Helm Docs](#helm-docs) 10 | - [Kubectl](#kubectl) 11 | 12 | 13 | 14 | # Prerequisites to develop and test Helm Charts 15 | 16 | # General Packages 17 | 18 | Install the follow packages in your operating system: 19 | 20 | - ``git`` 21 | - ``make`` 22 | 23 | # Kubernetes cluster 24 | 25 | You will need to create a Kubernetes cluster locally using [minikube](https://kubernetes.io/docs/tasks/tools/install-minikube), [microk8s](https://microk8s.io), [kind](https://kind.sigs.k8s.io), [k3s](https://k3s.io) or other tools. 26 | 27 | Or use Kubernetes cluster in [EKS](https://aws.amazon.com/eks), [GKE](https://cloud.google.com/kubernetes-engine), [AKS](https://docs.microsoft.com/en-us/azure/aks), [DOKS](https://www.digitalocean.com/products/kubernetes) or other cloud provider. 28 | 29 | # Docker 30 | 31 | Follow instructions of page for install Docker-CE. 32 | 33 | - Ubuntu: https://docs.docker.com/engine/install/ubuntu/ 34 | - Debian: https://docs.docker.com/engine/install/debian/ 35 | - CentOS: https://docs.docker.com/engine/install/centos/ 36 | - MacOS: https://docs.docker.com/desktop/mac/install/ 37 | 38 | Start the Docker service, configure Docker to boot up with the OS and add your user to the Docker group. 39 | 40 | ```bash 41 | # Start the Docker service 42 | sudo systemctl start docker 43 | 44 | # Configure Docker to boot up with the OS 45 | sudo systemctl enable docker 46 | 47 | # Add your user to the Docker group 48 | sudo usermod -aG docker $USER 49 | sudo setfacl -m user:$USER:rw /var/run/docker.sock 50 | ``` 51 | 52 | Source: https://docs.docker.com/engine/install/linux-postinstall/#configure-docker-to-start-on-boot 53 | 54 | # asdf 55 | 56 | > Attention!!! 57 | > To update ``asdf``, ONLY use the following command. If you try to reinstall or update by changing the version in the following commands, it will be necessary to reinstall all plugins/commands installed before, so it is very important to back up the ``$HOME/.asdf`` directory. 58 | 59 | ```bash 60 | asdf update 61 | ``` 62 | 63 | Run the following commands: 64 | 65 | ```bash 66 | ASDF_VERSION="v0.15.0" 67 | git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch $ASDF_VERSION 68 | 69 | echo ". \"\$HOME/.asdf/asdf.sh\"" >> ~/.bashrc 70 | echo ". \"\$HOME/.asdf/completions/asdf.bash\"" >> ~/.bashrc 71 | source ~/.bashrc 72 | ``` 73 | 74 | Reference: https://asdf-vm.com/guide/introduction.html 75 | 76 | # Helm 77 | 78 | Execute these commands to install helm. 79 | 80 | ```bash 81 | VERSION="3.18.1" 82 | 83 | asdf plugin list all | grep helm 84 | asdf plugin add helm https://github.com/Antiarchitect/asdf-helm.git 85 | asdf latest helm 86 | 87 | asdf install helm $VERSION 88 | asdf list helm 89 | 90 | asdf global helm $VERSION 91 | asdf list helm 92 | ``` 93 | 94 | # Helm Docs 95 | 96 | Run the following commands to install ``helm-docs``. 97 | 98 | ```bash 99 | VERSION="1.14.2" 100 | 101 | asdf plugin list all | grep helm-docs 102 | asdf plugin add helm-docs https://github.com/sudermanjr/asdf-helm-docs.git 103 | asdf latest helm-docs 104 | 105 | asdf install helm-docs $VERSION 106 | asdf list helm-docs 107 | 108 | asdf global helm-docs $VERSION 109 | asdf list helm-docs 110 | ``` 111 | 112 | Documentation: https://github.com/norwoodj/helm-docs 113 | 114 | The documentation generated by ``helm-docs`` is based on the contents of the ``values.yaml``, ``README.md.gotmpl`` and ``Chart.yaml`` file. It tries to overwrite the contents of the ``README.md`` file within the chart directory. 115 | 116 | # Kubectl 117 | 118 | Simple shell function for Kubectl installation in Linux 64 bits. Copy and paste this code: 119 | 120 | ```bash 121 | VERSION_OPTION_1="1.33.1" 122 | 123 | asdf plugin list all | grep kubectl 124 | asdf plugin add kubectl https://github.com/asdf-community/asdf-kubectl.git 125 | asdf latest kubectl 126 | 127 | asdf install kubectl $VERSION_OPTION_1 128 | asdf list kubectl 129 | 130 | asdf global kubectl $VERSION_OPTION_1 131 | asdf list kubectl 132 | ``` 133 | 134 | Kubectl documentation: 135 | 136 | https://kubernetes.io/docs/reference/kubectl/overview/ 137 | -------------------------------------------------------------------------------- /charts/zabbix/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled }} 2 | {{- range $host := .Values.ingress.hosts }} 3 | Your Zabbix installation should be reachable using this URL: 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.zabbixWeb.service.type }} 9 | You can access Zabbix UI via NodePort service. To find out the IP and port number, run these commands: 10 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "zabbix.fullname" . }}-zabbix-web) 11 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 12 | echo http://$NODE_IP:$NODE_PORT 13 | {{- else if contains "LoadBalancer" .Values.zabbixWeb.service.type }} 14 | You can access Zabbix UI via LoadBalancer service. To find out the IP and port number, run these commands: 15 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 16 | You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "zabbix.fullname" . }}-zabbix-web' 17 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "zabbix.fullname" . }}-zabbix-web --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 18 | echo http://$SERVICE_IP:{{ .Values.zabbixWeb.service.port }} 19 | {{- else if contains "ClusterIP" .Values.zabbixWeb.service.type }} 20 | You can access Zabbix UI by establishing a port-forward with these commands: 21 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "zabbix.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=web" -o jsonpath="{.items[0].metadata.name}") 22 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 23 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 24 | Visit http://127.0.0.1:8080 to use your application 25 | {{- end }} 26 | Default credentials => Login: Admin Password: zabbix (Change after first access!!!) 27 | -------------------------------------------------------------------------------- /charts/zabbix/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "zabbix.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "zabbix.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "zabbix.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "zabbix.labels" -}} 38 | helm.sh/chart: {{ include "zabbix.chart" . }} 39 | {{ include "zabbix.selectorLabels" . }} 40 | {{- if .Chart.AppVersion }} 41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 42 | {{- end }} 43 | app.kubernetes.io/managed-by: {{ .Release.Service }} 44 | {{- end }} 45 | 46 | {{/* 47 | Selector labels 48 | */}} 49 | {{- define "zabbix.selectorLabels" -}} 50 | app.kubernetes.io/name: {{ include "zabbix.name" . }} 51 | app.kubernetes.io/instance: {{ .Release.Name }} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "zabbix.serviceAccountName" -}} 58 | {{- if or .Values.serviceAccount.create (and .Values.zabbixServer.enabled .Values.zabbixServer.zabbixServerHA.enabled ) -}} 59 | {{ default (include "zabbix.fullname" .) .Values.serviceAccount.name }} 60 | {{- else -}} 61 | {{ default "default" .Values.serviceAccount.name }} 62 | {{- end -}} 63 | {{- end -}} 64 | 65 | {{/* 66 | Return the appropriate apiVersion for ingress. 67 | */}} 68 | {{- define "zabbix.ingress.apiVersion" -}} 69 | {{- if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1") -}} 70 | {{- print "networking.k8s.io/v1" -}} 71 | {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" -}} 72 | {{- print "networking.k8s.io/v1beta1" -}} 73 | {{- else -}} 74 | {{- print "extensions/v1beta1" -}} 75 | {{- end -}} 76 | {{- end -}} 77 | 78 | {{/* 79 | Return if ingress is stable. 80 | */}} 81 | {{- define "zabbix.ingress.isStable" -}} 82 | {{- eq (include "zabbix.ingress.apiVersion" .) "networking.k8s.io/v1" -}} 83 | {{- end -}} 84 | 85 | {{/* 86 | Return if ingress supports ingressClassName. 87 | */}} 88 | {{- define "zabbix.ingress.supportsIngressClassName" -}} 89 | {{- or (eq (include "zabbix.ingress.isStable" .) "true") (and (eq (include "zabbix.ingress.apiVersion" .) "networking.k8s.io/v1beta1")) -}} 90 | {{- end -}} 91 | 92 | {{/* 93 | Return if ingress supports pathType. 94 | */}} 95 | {{- define "zabbix.ingress.supportsPathType" -}} 96 | {{- or (eq (include "zabbix.ingress.isStable" .) "true") (and (eq (include "zabbix.ingress.apiVersion" .) "networking.k8s.io/v1beta1")) -}} 97 | {{- end -}} 98 | 99 | 100 | {{/* 101 | Return the entire logic of setting PostgreSQL access related env vars for the containers which need them 102 | */}} 103 | {{- define "zabbix.postgresAccess.variables" -}} 104 | {{- $ := index . 0 }} 105 | {{- $cntxt := index . 2 }} 106 | {{- with index . 1 }} 107 | {{- $hostvar := "DB_SERVER_HOST" }} 108 | {{- $portvar := "DB_SERVER_PORT" }} 109 | {{- $uservar := "POSTGRES_USER" }} 110 | {{- $passwordvar := "POSTGRES_PASSWORD" }} 111 | {{- $dbvar := "POSTGRES_DB" }} 112 | {{- $schemavar := "DB_SERVER_SCHEMA" }} 113 | {{/* special settings for the DB client (autoclean cron job) container, needs different env variable names */}} 114 | {{- if eq $cntxt "db_client" }} 115 | {{- $hostvar = "PGHOST" }} 116 | {{- $portvar = "PGPORT" }} 117 | {{- $uservar = "PGUSER" }} 118 | {{- $passwordvar = "PGPASSWORD" }} 119 | {{- $dbvar = "PGDATABASE" }} 120 | {{- end }} 121 | {{- $fullname := include "zabbix.fullname" . }} 122 | {{- $secretName := printf "%s-%s" $fullname "db-access" }} 123 | {{- if .Values.postgresAccess.existingSecretName }} 124 | {{- $secretName = .Values.postgresAccess.existingSecretName }} 125 | {{- end }} 126 | 127 | {{- if .Values.postgresql.enabled }} 128 | - name: {{ $hostvar }} 129 | value: {{ template "zabbix.fullname" . }}-postgresql 130 | - name: {{ $portvar }} 131 | value: {{ .Values.postgresql.service.port | quote }} 132 | {{- else if and (eq $cntxt "db_init_upgrade") (not .Values.postgresAccess.existingSecretName) }} 133 | - name: {{ $hostvar }} 134 | value: {{ .Values.postgresAccess.host | quote }} 135 | - name: {{ $portvar }} 136 | value: {{ .Values.postgresAccess.port | quote }} 137 | {{- else }} 138 | {{- if and .Values.postgresAccess.existingSecretName .Values.postgresAccess.secretHostKey }} 139 | - name: {{ $hostvar }} 140 | valueFrom: 141 | secretKeyRef: 142 | name: {{ $secretName }} 143 | key: {{ .Values.postgresAccess.secretHostKey }} 144 | {{- else }} 145 | - name: {{ $hostvar }} 146 | value: {{ .Values.postgresAccess.host | quote }} 147 | {{- end }} 148 | {{- if and .Values.postgresAccess.existingSecretName .Values.postgresAccess.secretPortKey }} 149 | - name: {{ $portvar }} 150 | valueFrom: 151 | secretKeyRef: 152 | name: {{ $secretName }} 153 | key: {{ .Values.postgresAccess.secretPortKey }} 154 | optional: true 155 | {{- else }} 156 | - name: {{ $portvar }} 157 | value: {{ .Values.postgresAccess.port | quote }} 158 | {{- end }} 159 | {{- end }} 160 | 161 | {{- if and (eq $cntxt "db_init_upgrade") (not .Values.postgresAccess.existingSecretName) }} 162 | - name: {{ $uservar }} 163 | value: {{ .Values.postgresAccess.user | quote }} 164 | - name: {{ $passwordvar }} 165 | value: {{ .Values.postgresAccess.password | quote }} 166 | - name: {{ $dbvar }} 167 | value: {{ .Values.postgresAccess.database | quote }} 168 | {{- if and (not .Values.postgresql.enabled) .Values.postgresAccess.schema }} 169 | - name: {{ $schemavar }} 170 | value: {{ .Values.postgresAccess.schema }} 171 | {{- end }} 172 | {{- else }} 173 | - name: {{ $uservar }} 174 | valueFrom: 175 | secretKeyRef: 176 | name: {{ $secretName }} 177 | key: {{ .Values.postgresAccess.secretUserKey }} 178 | optional: true 179 | - name: {{ $passwordvar }} 180 | valueFrom: 181 | secretKeyRef: 182 | name: {{ $secretName }} 183 | key: {{ .Values.postgresAccess.secretPasswordKey }} 184 | {{- if and .Values.postgresAccess.existingSecretName .Values.postgresAccess.secretDBKey }} 185 | - name: {{ $dbvar }} 186 | valueFrom: 187 | secretKeyRef: 188 | name: {{ $secretName }} 189 | key: {{ .Values.postgresAccess.secretDBKey }} 190 | optional: true 191 | {{- else }} 192 | - name: {{ $dbvar }} 193 | value: {{ .Values.postgresAccess.database | quote }} 194 | {{- end }} 195 | {{- if and (not .Values.postgresql.enabled) .Values.postgresAccess.secretSchemaKey }} 196 | - name: {{ $schemavar }} 197 | valueFrom: 198 | secretKeyRef: 199 | name: {{ $secretName }} 200 | key: {{ .Values.postgresAccess.secretSchemaKey }} 201 | {{- end }} 202 | {{- end }} 203 | {{- end }} 204 | {{- end -}} 205 | 206 | {{/* 207 | Render a piece of yaml that defines manifests 208 | Usage: 209 | {{ include "zabbix.tools.render" ( dict "value" .Values.path.to.value "context" $ ) }} 210 | */}} 211 | {{- define "zabbix.tools.render" -}} 212 | {{- $value := typeIs "string" .value | ternary .value (.value | toYaml) }} 213 | {{- if contains "{{" $value }} 214 | {{- tpl $value .context }} 215 | {{- else }} 216 | {{- $value }} 217 | {{- end }} 218 | {{- end -}} 219 | -------------------------------------------------------------------------------- /charts/zabbix/templates/clusterrole-binding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create -}} 2 | # Copied and adapted from: 3 | # https://git.zabbix.com/projects/ZT/repos/kubernetes-helm/browse/templates/clusterrole-binding.yaml 4 | apiVersion: rbac.authorization.k8s.io/v1 5 | kind: ClusterRoleBinding 6 | metadata: 7 | name: {{ include "zabbix.fullname" . }} 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: ClusterRole 11 | name: {{ include "zabbix.fullname" . }} 12 | subjects: 13 | - kind: ServiceAccount 14 | name: {{ template "zabbix.serviceAccountName" . }} 15 | namespace: {{ .Release.Namespace }} 16 | {{- end -}} -------------------------------------------------------------------------------- /charts/zabbix/templates/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create }} 2 | # Copied and adapted from: 3 | # https://git.zabbix.com/projects/ZT/repos/kubernetes-helm/browse/templates/cluster-role.yaml 4 | apiVersion: rbac.authorization.k8s.io/v1 5 | kind: ClusterRole 6 | metadata: 7 | name: {{ template "zabbix.fullname" . }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | rules: 11 | - nonResourceURLs: 12 | - "/metrics" 13 | - "/metrics/cadvisor" 14 | - "/version" 15 | - "/healthz" 16 | - "/readyz" 17 | verbs: ["get"] 18 | - apiGroups: [""] 19 | resources: 20 | - nodes/metrics 21 | - nodes/spec 22 | - nodes/proxy 23 | - nodes/stats 24 | verbs: ["get"] 25 | - apiGroups: [""] 26 | resources: 27 | - namespaces 28 | - pods 29 | - services 30 | - componentstatuses 31 | - nodes 32 | - endpoints 33 | - events 34 | verbs: ["get", "list"] 35 | - apiGroups: ["batch"] 36 | resources: 37 | - jobs 38 | - cronjobs 39 | verbs: ["get", "list"] 40 | - apiGroups: ["extensions"] 41 | resources: 42 | - deployments 43 | - daemonsets 44 | verbs: ["get", "list"] 45 | - apiGroups: ["apps"] 46 | resources: 47 | - statefulsets 48 | - deployments 49 | - daemonsets 50 | verbs: ["get", "list"] 51 | {{- if .Values.rbac.additionalRulesForClusterRole }} 52 | {{ toYaml .Values.rbac.additionalRulesForClusterRole | indent 2 }} 53 | {{- end }} 54 | {{- end }} 55 | -------------------------------------------------------------------------------- /charts/zabbix/templates/cronjob-hanodes-autoclean.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.zabbixServer.enabled .Values.zabbixServer.haNodesAutoClean.enabled }} 2 | apiVersion: batch/v1 3 | kind: CronJob 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-nodesclean 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{- include "zabbix.labels" . | nindent 4 }} 9 | {{- if .Values.zabbixServer.haNodesAutoClean.cronjobLabels }} 10 | {{- toYaml .Values.zabbixServer.haNodesAutoClean.cronjobLabels | nindent 4 }} 11 | {{- end }} 12 | spec: 13 | schedule: {{ .Values.zabbixServer.haNodesAutoClean.schedule | quote }} 14 | concurrencyPolicy: {{ .Values.zabbixServer.haNodesAutoClean.concurrencyPolicy }} 15 | jobTemplate: 16 | spec: 17 | ttlSecondsAfterFinished: 86400 18 | template: 19 | spec: 20 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 21 | {{- with .Values.zabbixServer.haNodesAutoClean.extraPodSpecs }} 22 | {{- toYaml . | nindent 10 }} 23 | {{- end }} 24 | {{- with .Values.zabbixServer.nodeSelector }} 25 | nodeSelector: 26 | {{- toYaml . | nindent 12 }} 27 | {{- end }} 28 | {{- with .Values.tolerations }} 29 | tolerations: 30 | {{- toYaml . | nindent 12 }} 31 | {{- end }} 32 | {{- with .Values.zabbixServer.haNodesAutoClean.extraInitContainers }} 33 | initContainers: 34 | {{- toYaml . | nindent 12 }} 35 | {{- end }} 36 | containers: 37 | - name: hanodes-autoclean 38 | image: "{{ .Values.zabbixServer.haNodesAutoClean.image.repository }}:{{ .Values.zabbixServer.haNodesAutoClean.image.tag }}" 39 | imagePullPolicy: {{ .Values.zabbixServer.haNodesAutoClean.image.pullPolicy }} 40 | resources: 41 | {{- toYaml .Values.zabbixServer.haNodesAutoClean.resources | nindent 14 }} 42 | securityContext: 43 | {{- toYaml .Values.zabbixServer.haNodesAutoClean.securityContext | nindent 14 }} 44 | command: 45 | - /bin/bash 46 | - -c 47 | - echo "deleting all stopped and unavailable HANodes older than {{ .Values.zabbixServer.haNodesAutoClean.deleteOlderThanSeconds }} seconds..." && psql -c "delete from ha_node where status in (1,2) and extract(epoch from now())-lastaccess>{{ .Values.zabbixServer.haNodesAutoClean.deleteOlderThanSeconds }}" 48 | env: 49 | {{- include "zabbix.postgresAccess.variables" (list $ . "db_client") | nindent 12 }} 50 | {{- with .Values.zabbixServer.haNodesAutoClean.extraEnv }} 51 | {{- toYaml . | nindent 14 }} 52 | {{- end }} 53 | {{- with .Values.zabbixServer.haNodesAutoClean.extraVolumeMounts }} 54 | volumeMounts: 55 | {{- toYaml . | nindent 14 }} 56 | {{- end }} 57 | {{- with .Values.zabbixServer.haNodesAutoClean.extraContainers }} 58 | {{- toYaml . | nindent 10 }} 59 | {{- end }} 60 | imagePullSecrets: 61 | {{- range .Values.zabbixServer.image.pullSecrets }} 62 | - name: {{ . | quote }} 63 | {{- end }} 64 | restartPolicy: OnFailure 65 | {{- with .Values.zabbixServer.haNodesAutoClean.extraVolumes }} 66 | volumes: 67 | {{- toYaml . | nindent 12 }} 68 | {{- end }} 69 | {{- end }} 70 | -------------------------------------------------------------------------------- /charts/zabbix/templates/daemonset-zabbix-agent.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsDaemonSet }} 2 | apiVersion: apps/v1 3 | kind: DaemonSet 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-zabbix-agent 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{- include "zabbix.labels" . | nindent 4 }} 9 | app.kubernetes.io/component: agent 10 | {{- if .Values.zabbixAgent.extraDaemonSetLabels }} 11 | {{- toYaml .Values.zabbixAgent.extraDaemonSetLabels | nindent 4 }} 12 | {{- end }} 13 | annotations: 14 | {{- range $key,$value := .Values.zabbixAgent.extraDaemonSetAnnotations }} 15 | {{ $key }}: {{ $value | quote }} 16 | {{- end }} 17 | spec: 18 | selector: 19 | matchLabels: 20 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 21 | app.kubernetes.io/component: agent 22 | template: 23 | metadata: 24 | annotations: 25 | {{- range $key,$value := .Values.zabbixAgent.extraPodAnnotations }} 26 | {{ $key }}: {{ $value | quote }} 27 | {{- end }} 28 | labels: 29 | {{- include "zabbix.labels" . | nindent 8 }} 30 | app.kubernetes.io/component: agent 31 | {{- if .Values.zabbixAgent.extraPodLabels }} 32 | {{- toYaml .Values.zabbixAgent.extraPodLabels | nindent 8 }} 33 | {{- end }} 34 | spec: 35 | {{- if .Values.zabbixAgent.hostNetwork }} 36 | hostNetwork: {{ .Values.zabbixAgent.hostNetwork }} 37 | dnsPolicy: ClusterFirstWithHostNet 38 | {{- end }} 39 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 40 | {{- with .Values.zabbixAgent.extraPodSpecs }} 41 | {{- toYaml . | nindent 6 }} 42 | {{- end }} 43 | {{- with .Values.zabbixAgent.nodeSelector }} 44 | nodeSelector: 45 | {{- toYaml . | nindent 8 }} 46 | {{- end }} 47 | {{- with .Values.tolerations }} 48 | tolerations: 49 | {{- toYaml . | nindent 8 }} 50 | {{- end }} 51 | {{- with .Values.zabbixAgent.extraInitContainers }} 52 | initContainers: 53 | {{- toYaml . | nindent 8 }} 54 | {{- end }} 55 | containers: 56 | - name: zabbix-agent 57 | {{- if .Values.zabbixAgent.resources }} 58 | resources: 59 | {{- toYaml .Values.zabbixAgent.resources | nindent 12 }} 60 | {{- end }} 61 | {{- if .Values.zabbixAgent.image.tag }} 62 | image: "{{ .Values.zabbixAgent.image.repository }}:{{ .Values.zabbixAgent.image.tag }}" 63 | {{- else }} 64 | image: "{{ .Values.zabbixAgent.image.repository }}:{{ .Values.zabbixImageTag }}" 65 | {{- end }} 66 | imagePullPolicy: {{ .Values.zabbixAgent.image.pullPolicy }} 67 | ports: 68 | - name: zabbix-agent 69 | containerPort: 10050 70 | protocol: TCP 71 | {{- with .Values.zabbixAgent.livenessProbe }} 72 | livenessProbe: 73 | {{- toYaml . | nindent 12 }} 74 | {{- end }} 75 | {{- with .Values.zabbixAgent.readinessProbe }} 76 | readinessProbe: 77 | {{- toYaml . | nindent 12 }} 78 | {{- end }} 79 | {{- with .Values.zabbixAgent.startupProbe }} 80 | startupProbe: 81 | {{- toYaml . | nindent 12 }} 82 | {{- end }} 83 | securityContext: 84 | {{- toYaml .Values.zabbixAgent.securityContext | nindent 12 }} 85 | env: 86 | - name: ZBX_HOSTNAME 87 | valueFrom: 88 | fieldRef: 89 | fieldPath: spec.nodeName 90 | - name: ZBX_SERVER_HOST 91 | value: {{ .Values.zabbixAgent.ZBX_SERVER_HOST | quote }} 92 | - name: ZBX_SERVER_PORT 93 | value: {{ .Values.zabbixAgent.ZBX_SERVER_PORT | quote }} 94 | - name: ZBX_PASSIVE_ALLOW 95 | value: {{ .Values.zabbixAgent.ZBX_PASSIVE_ALLOW | quote }} 96 | - name: ZBX_PASSIVESERVERS 97 | value: {{ .Values.zabbixAgent.ZBX_PASSIVESERVERS | quote }} 98 | - name: ZBX_ACTIVE_ALLOW 99 | value: {{ .Values.zabbixAgent.ZBX_ACTIVE_ALLOW | quote }} 100 | - name: ZBX_ACTIVESERVERS 101 | value: {{ .Values.zabbixAgent.ZBX_ACTIVESERVERS | quote }} 102 | - name: ZBX_DEBUGLEVEL 103 | value: {{ .Values.zabbixAgent.ZBX_DEBUGLEVEL | quote }} 104 | - name: ZBX_TIMEOUT 105 | value: {{ .Values.zabbixAgent.ZBX_TIMEOUT | quote }} 106 | - name: ZBX_LOADMODULE 107 | value: {{ .Values.zabbixAgent.ZBX_LOADMODULE }} 108 | {{- with .Values.zabbixAgent.extraEnv }} 109 | {{- toYaml . | nindent 12 }} 110 | {{- end }} 111 | volumeMounts: 112 | - name: proc 113 | mountPath: /hostfs/proc 114 | readOnly: true 115 | - name: sys 116 | mountPath: /hostfs/sys 117 | readOnly: true 118 | {{- if .Values.zabbixAgent.hostRootFsMount }} 119 | - name: root 120 | mountPath: /hostfs/root 121 | mountPropagation: HostToContainer 122 | readOnly: true 123 | {{- end }} 124 | {{- with .Values.zabbixAgent.extraVolumeMounts }} 125 | {{- toYaml . | nindent 12 }} 126 | {{- end }} 127 | {{- with .Values.zabbixAgent.extraContainers }} 128 | {{- toYaml . | nindent 8 }} 129 | {{- end }} 130 | {{- if .Values.affinity }} 131 | affinity: 132 | {{- toYaml .Values.affinity | nindent 8 }} 133 | {{- end }} 134 | imagePullSecrets: 135 | {{- range .Values.zabbixAgent.image.pullSecrets }} 136 | - name: {{ . | quote }} 137 | {{- end }} 138 | volumes: 139 | - name: proc 140 | hostPath: 141 | path: /proc 142 | - name: sys 143 | hostPath: 144 | path: /sys 145 | {{- if .Values.zabbixAgent.hostRootFsMount }} 146 | - name: root 147 | hostPath: 148 | path: / 149 | {{- end }} 150 | {{- with .Values.zabbixAgent.extraVolumes }} 151 | {{- toYaml . | nindent 8 }} 152 | {{- end }} 153 | {{- end }} 154 | -------------------------------------------------------------------------------- /charts/zabbix/templates/deployment-webdriver.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.zabbixBrowserMonitoring.enabled .Values.zabbixBrowserMonitoring.webdriver.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-{{ .Values.zabbixBrowserMonitoring.webdriver.name }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{- include "zabbix.labels" . | nindent 4 }} 9 | app.kubernetes.io/component: webdriver 10 | spec: 11 | replicas: 1 12 | selector: 13 | matchLabels: 14 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 15 | app.kubernetes.io/component: webdriver 16 | template: 17 | metadata: 18 | labels: 19 | {{- include "zabbix.labels" . | nindent 8 }} 20 | app.kubernetes.io/component: webdriver 21 | spec: 22 | {{- with .Values.zabbixBrowserMonitoring.nodeSelector }} 23 | nodeSelector: 24 | {{- toYaml . | nindent 8 }} 25 | {{- end }} 26 | containers: 27 | - name: {{ .Values.zabbixBrowserMonitoring.webdriver.name }} 28 | imagePullPolicy: {{ .Values.zabbixBrowserMonitoring.webdriver.image.pullPolicy }} 29 | image: {{ .Values.zabbixBrowserMonitoring.webdriver.image.repository }}:{{ .Values.zabbixBrowserMonitoring.webdriver.image.tag }} 30 | ports: 31 | - containerPort: {{ .Values.zabbixBrowserMonitoring.webdriver.port }} 32 | imagePullSecrets: 33 | {{- range .Values.zabbixBrowserMonitoring.webdriver.image.pullSecrets }} 34 | - name: {{ . | quote }} 35 | {{- end }} 36 | {{- end }} 37 | -------------------------------------------------------------------------------- /charts/zabbix/templates/deployment-zabbix-java-gateway.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.zabbixJavaGateway.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-{{ .Values.zabbixJavaGateway.ZBX_JAVAGATEWAY }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{- include "zabbix.labels" . | nindent 4 }} 9 | app.kubernetes.io/component: java-gateway 10 | {{- if .Values.zabbixJavaGateway.extraDeploymentLabels }} 11 | {{- toYaml .Values.zabbixJavaGateway.extraDeploymentLabels | nindent 4 }} 12 | {{- end }} 13 | annotations: 14 | {{- range $key,$value := .Values.zabbixJavaGateway.extraDeploymentAnnotations }} 15 | {{ $key }}: {{ $value | quote }} 16 | {{- end }} 17 | spec: 18 | replicas: {{ .Values.zabbixJavaGateway.replicaCount }} 19 | selector: 20 | matchLabels: 21 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 22 | app.kubernetes.io/component: java-gateway 23 | template: 24 | metadata: 25 | annotations: 26 | {{- range $key,$value := .Values.zabbixJavaGateway.extraPodAnnotations }} 27 | {{ $key }}: {{ $value | quote }} 28 | {{- end }} 29 | labels: 30 | {{- include "zabbix.labels" . | nindent 8 }} 31 | app.kubernetes.io/component: java-gateway 32 | {{- if .Values.zabbixJavaGateway.extraPodLabels }} 33 | {{- toYaml .Values.zabbixJavaGateway.extraPodLabels | nindent 8 }} 34 | {{- end }} 35 | spec: 36 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 37 | {{- with .Values.zabbixJavaGateway.extraPodSpecs }} 38 | {{- toYaml . | nindent 6 }} 39 | {{- end }} 40 | {{- with .Values.zabbixJavaGateway.nodeSelector }} 41 | nodeSelector: 42 | {{- toYaml . | nindent 8 }} 43 | {{- end }} 44 | {{- if gt (len .Values.affinity) 0 }} 45 | affinity: 46 | {{- toYaml .Values.affinity | nindent 8 }} 47 | {{- else if .Values.zabbixJavaGateway.podAntiAffinity }} 48 | affinity: 49 | podAntiAffinity: 50 | preferredDuringSchedulingIgnoredDuringExecution: 51 | - weight: 1 52 | podAffinityTerm: 53 | topologyKey: kubernetes.io/hostname 54 | labelSelector: 55 | matchLabels: 56 | app.kubernetes.io/instance: {{ .Release.Name }}-{{ .Values.zabbixJavaGateway.ZBX_JAVAGATEWAY }} 57 | {{- end }} 58 | {{- with .Values.tolerations }} 59 | tolerations: 60 | {{- toYaml . | nindent 8 }} 61 | {{- end }} 62 | {{- with .Values.zabbixJavaGateway.extraInitContainers }} 63 | initContainers: 64 | {{- toYaml . | nindent 8 }} 65 | {{- end }} 66 | containers: 67 | - name: {{ .Values.zabbixJavaGateway.ZBX_JAVAGATEWAY }} 68 | {{- if .Values.zabbixJavaGateway.resources }} 69 | resources: 70 | {{- toYaml .Values.zabbixJavaGateway.resources | nindent 12 }} 71 | {{- end }} 72 | {{- if .Values.zabbixJavaGateway.image.tag }} 73 | image: "{{ .Values.zabbixJavaGateway.image.repository }}:{{ .Values.zabbixJavaGateway.image.tag }}" 74 | {{- else }} 75 | image: "{{ .Values.zabbixJavaGateway.image.repository }}:{{ .Values.zabbixImageTag }}" 76 | {{- end }} 77 | imagePullPolicy: {{ .Values.zabbixJavaGateway.image.pullPolicy }} 78 | ports: 79 | - name: zabbix-java-gw 80 | containerPort: {{ .Values.zabbixJavaGateway.service.port }} 81 | protocol: TCP 82 | {{- with .Values.zabbixJavaGateway.livenessProbe }} 83 | livenessProbe: 84 | {{- toYaml . | nindent 12 }} 85 | {{- end }} 86 | {{- with .Values.zabbixJavaGateway.readinessProbe }} 87 | readinessProbe: 88 | {{- toYaml . | nindent 12 }} 89 | {{- end }} 90 | {{- with .Values.zabbixJavaGateway.startupProbe }} 91 | startupProbe: 92 | {{- toYaml . | nindent 12 }} 93 | {{- end }} 94 | securityContext: 95 | {{- toYaml .Values.zabbixJavaGateway.securityContext | nindent 12 }} 96 | env: 97 | - name: ZBX_START_POLLERS 98 | value: {{ .Values.zabbixJavaGateway.ZBX_START_POLLERS | quote }} 99 | - name: ZBX_DEBUGLEVEL 100 | value: {{ .Values.zabbixJavaGateway.ZBX_DEBUGLEVEL | quote }} 101 | - name: ZBX_TIMEOUT 102 | value: {{ .Values.zabbixJavaGateway.ZBX_TIMEOUT | quote }} 103 | - name: ZBX_PROPERTIES_FILE 104 | value: {{ .Values.zabbixJavaGateway.ZBX_PROPERTIES_FILE | quote }} 105 | - name: ZABBIX_OPTIONS 106 | value: {{ .Values.zabbixJavaGateway.ZABBIX_OPTIONS | quote }} 107 | {{- with .Values.zabbixJavaGateway.extraEnv }} 108 | {{- toYaml . | nindent 12 }} 109 | {{- end }} 110 | {{- with .Values.zabbixJavaGateway.extraVolumeMounts }} 111 | volumeMounts: 112 | {{- toYaml . | nindent 12 }} 113 | {{- end }} 114 | {{- with .Values.zabbixJavaGateway.extraContainers }} 115 | {{- toYaml . | nindent 8 }} 116 | {{- end }} 117 | imagePullSecrets: 118 | {{- range .Values.zabbixJavaGateway.image.pullSecrets }} 119 | - name: {{ . | quote }} 120 | {{- end }} 121 | volumes: 122 | {{- with .Values.zabbixJavaGateway.extraVolumes }} 123 | {{- toYaml . | nindent 8 }} 124 | {{- end }} 125 | {{- end }} 126 | -------------------------------------------------------------------------------- /charts/zabbix/templates/deployment-zabbix-server.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.zabbixServer.enabled }} 2 | --- 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: {{ template "zabbix.fullname" . }}-zabbix-server 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | app.kubernetes.io/component: server 11 | {{- if .Values.zabbixServer.extraDeploymentLabels }} 12 | {{- toYaml .Values.zabbixServer.extraDeploymentLabels | nindent 4 }} 13 | {{- end }} 14 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsSidecar }} 15 | {{- if .Values.zabbixAgent.extraDeploymentLabels }} 16 | {{- toYaml .Values.zabbixAgent.extraDeploymentLabels | nindent 4 }} 17 | {{- end }} 18 | {{- end }} 19 | annotations: 20 | {{- range $key,$value := .Values.zabbixServer.extraDeploymentAnnotations }} 21 | {{ $key }}: {{ $value | quote }} 22 | {{- end }} 23 | spec: 24 | {{- if .Values.zabbixServer.zabbixServerHA.enabled }} 25 | replicas: {{ .Values.zabbixServer.replicaCount }} 26 | strategy: 27 | type: RollingUpdate 28 | {{- else }} 29 | replicas: 1 30 | strategy: 31 | type: Recreate 32 | {{- end }} 33 | selector: 34 | matchLabels: 35 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 36 | app.kubernetes.io/component: server 37 | template: 38 | metadata: 39 | annotations: 40 | {{- range $key,$value := .Values.zabbixServer.extraPodAnnotations }} 41 | {{ $key }}: {{ $value | quote }} 42 | {{- end }} 43 | labels: 44 | {{- if .Values.zabbixServer.zabbixServerHA.enabled }} 45 | zabbix.com/server-ha-enabled: "true" 46 | {{- end }} 47 | {{- include "zabbix.labels" . | nindent 8 }} 48 | app.kubernetes.io/component: server 49 | {{- if .Values.zabbixServer.extraPodLabels }} 50 | {{- toYaml .Values.zabbixServer.extraPodLabels | nindent 8 }} 51 | {{- end }} 52 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsSidecar }} 53 | {{- if .Values.zabbixAgent.extraPodLabels }} 54 | {{- toYaml .Values.zabbixAgent.extraPodLabels | nindent 8 }} 55 | {{- end }} 56 | {{- end }} 57 | spec: 58 | {{- if .Values.zabbixServer.zabbixServerHA.enabled }} 59 | shareProcessNamespace: true 60 | {{- end }} 61 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 62 | {{- with .Values.zabbixServer.extraPodSpecs }} 63 | {{- toYaml . | nindent 6 }} 64 | {{- end }} 65 | {{- with .Values.zabbixServer.nodeSelector }} 66 | nodeSelector: 67 | {{- toYaml . | nindent 8 }} 68 | {{- end }} 69 | {{- if gt (len .Values.affinity) 0 }} 70 | affinity: 71 | {{- toYaml .Values.affinity | nindent 8 }} 72 | {{- else if .Values.zabbixServer.podAntiAffinity }} 73 | affinity: 74 | podAntiAffinity: 75 | preferredDuringSchedulingIgnoredDuringExecution: 76 | - weight: 1 77 | podAffinityTerm: 78 | topologyKey: kubernetes.io/hostname 79 | labelSelector: 80 | matchLabels: 81 | {{- include "zabbix.selectorLabels" . | nindent 18 }} 82 | app.kubernetes.io/component: server 83 | {{- end }} 84 | {{- with .Values.tolerations }} 85 | tolerations: 86 | {{- toYaml . | nindent 8 }} 87 | {{- end }} 88 | {{- with .Values.zabbixServer.extraInitContainers }} 89 | initContainers: 90 | {{- toYaml . | nindent 8 }} 91 | {{- end }} 92 | containers: 93 | - name: zabbix-server 94 | resources: 95 | {{- toYaml .Values.zabbixServer.resources | nindent 12 }} 96 | securityContext: 97 | {{- toYaml .Values.zabbixServer.securityContext | nindent 12 }} 98 | {{- if .Values.zabbixServer.image.tag }} 99 | image: "{{ .Values.zabbixServer.image.repository }}:{{ .Values.zabbixServer.image.tag }}" 100 | {{- else }} 101 | image: "{{ .Values.zabbixServer.image.repository }}:{{ .Values.zabbixImageTag }}" 102 | {{- end }} 103 | imagePullPolicy: {{ .Values.zabbixServer.image.pullPolicy }} 104 | ports: 105 | - containerPort: 10051 106 | name: zabbix-server 107 | {{- if (default false .Values.zabbixServer.hostPort) }} 108 | hostPort: 10051 109 | {{- end }} 110 | {{- if ne "0.0.0.0" .Values.zabbixServer.hostIP }} 111 | hostIP: {{ .Values.zabbixServer.hostIP }} 112 | {{- end}} 113 | - containerPort: 10052 114 | name: zabbix-jmx 115 | {{- if (default false .Values.zabbixServer.hostPort) }} 116 | hostPort: 10052 117 | {{- end }} 118 | {{- if ne "0.0.0.0" .Values.zabbixServer.hostIP }} 119 | hostIP: {{ .Values.zabbixServer.hostIP }} 120 | {{- end}} 121 | env: 122 | {{- include "zabbix.postgresAccess.variables" (list $ . "zabbix") | nindent 12 }} 123 | {{- with .Values.zabbixServer.extraEnv }} 124 | {{- toYaml . | nindent 12 }} 125 | {{- end }} 126 | {{- if .Values.zabbixServer.zabbixServerHA.enabled }} 127 | - name: ZBX_AUTOHANODENAME 128 | value: "hostname" 129 | {{- end }} 130 | - name: ZBX_NODEADDRESS 131 | valueFrom: 132 | fieldRef: 133 | fieldPath: status.podIP 134 | {{- if .Values.zabbixWebService.enabled }} 135 | - name: ZBX_WEBSERVICEURL 136 | value: "http://{{ template "zabbix.fullname" . }}-zabbix-webservice:{{ .Values.zabbixWebService.service.port }}/report" 137 | - name: ZBX_STARTREPORTWRITERS 138 | value: {{ .Values.zabbixWebService.replicaCount | quote }} 139 | {{- end }} 140 | - name: ZBX_JAVAGATEWAY_ENABLE 141 | value: {{ .Values.zabbixJavaGateway.enabled | quote }} 142 | {{- if .Values.zabbixJavaGateway.enabled }} 143 | - name: ZBX_JAVAGATEWAY 144 | value: {{ template "zabbix.fullname" . }}-{{ .Values.zabbixJavaGateway.ZBX_JAVAGATEWAY }} 145 | - name: ZBX_JAVAGATEWAYPORT 146 | value: {{ .Values.zabbixJavaGateway.service.port | quote }} 147 | - name: ZBX_STARTJAVAPOLLERS 148 | value: {{ .Values.zabbixJavaGateway.ZBX_STARTJAVAPOLLERS | quote }} 149 | {{- end }} 150 | {{- if .Values.zabbixBrowserMonitoring.enabled }} 151 | - name: ZBX_STARTBROWSERPOLLERS 152 | value: {{ .Values.zabbixBrowserMonitoring.pollers | quote }} 153 | {{- end }} 154 | {{- if .Values.zabbixBrowserMonitoring.customWebDriverURL }} 155 | - name: ZBX_WEBDRIVERURL 156 | value: {{ .Values.zabbixBrowserMonitoring.customWebDriverURL | quote }} 157 | {{- else }} 158 | - name: ZBX_WEBDRIVERURL 159 | value: http://{{ template "zabbix.fullname" . }}-{{ .Values.zabbixBrowserMonitoring.webdriver.name }}:{{ .Values.zabbixBrowserMonitoring.webdriver.port }} 160 | {{- end }} 161 | {{- with .Values.zabbixServer.extraVolumeMounts }} 162 | volumeMounts: 163 | {{- toYaml . | nindent 12 }} 164 | {{- end }} 165 | {{- with .Values.zabbixServer.livenessProbe }} 166 | livenessProbe: 167 | {{- toYaml . | nindent 12 }} 168 | {{- end }} 169 | {{- with .Values.zabbixServer.readinessProbe }} 170 | readinessProbe: 171 | {{- toYaml . | nindent 12 }} 172 | {{- end }} 173 | {{- with .Values.zabbixServer.startupProbe }} 174 | startupProbe: 175 | {{- toYaml . | nindent 12 }} 176 | {{- end }} 177 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsSidecar }} 178 | {{- if .Values.zabbixServer.zabbixServerHA.enabled }} 179 | - name: ha-labels-sidecar 180 | resources: 181 | {{- toYaml .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.resources | nindent 12 }} 182 | securityContext: 183 | {{- toYaml .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.securityContext | nindent 12 }} 184 | image: "{{ .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.image.repository }}:{{ .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.image.tag }}" 185 | imagePullPolicy: {{ .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.image.pullPolicy }} 186 | env: 187 | {{- with .Values.zabbixServer.extraEnv }} 188 | {{- toYaml . | nindent 12 }} 189 | {{- end }} 190 | - name: LABEL_NAME 191 | value: {{ .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.labelName }} 192 | {{- with .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.extraVolumeMounts }} 193 | volumeMounts: 194 | {{- toYaml . | nindent 12 }} 195 | {{- end }} 196 | {{- end }} 197 | - name: zabbix-agent 198 | resources: 199 | {{- toYaml .Values.zabbixAgent.resources | nindent 12 }} 200 | securityContext: 201 | {{- toYaml .Values.zabbixAgent.securityContext | nindent 12 }} 202 | {{- if .Values.zabbixAgent.image.tag }} 203 | image: "{{ .Values.zabbixAgent.image.repository }}:{{ .Values.zabbixAgent.image.tag }}" 204 | {{- else }} 205 | image: "{{ .Values.zabbixAgent.image.repository }}:{{ .Values.zabbixImageTag }}" 206 | {{- end }} 207 | imagePullPolicy: {{ .Values.zabbixAgent.image.pullPolicy }} 208 | env: 209 | - name: ZBX_HOSTNAME 210 | value: "Zabbix server" 211 | - name: ZBX_SERVER_HOST 212 | value: {{ .Values.zabbixAgent.ZBX_SERVER_HOST | quote }} 213 | - name: ZBX_SERVER_PORT 214 | value: {{ .Values.zabbixAgent.ZBX_SERVER_PORT | quote }} 215 | - name: ZBX_PASSIVE_ALLOW 216 | value: {{ .Values.zabbixAgent.ZBX_PASSIVE_ALLOW | quote }} 217 | - name: ZBX_PASSIVESERVERS 218 | value: {{ .Values.zabbixAgent.ZBX_PASSIVESERVERS | quote }} 219 | - name: ZBX_ACTIVE_ALLOW 220 | value: {{ .Values.zabbixAgent.ZBX_ACTIVE_ALLOW | quote }} 221 | - name: ZBX_ACTIVESERVERS 222 | value: {{ .Values.zabbixAgent.ZBX_ACTIVESERVERS | quote }} 223 | - name: ZBX_DEBUGLEVEL 224 | value: {{ .Values.zabbixAgent.ZBX_DEBUGLEVEL | quote }} 225 | - name: ZBX_TIMEOUT 226 | value: {{ .Values.zabbixAgent.ZBX_TIMEOUT | quote }} 227 | - name: ZBX_LOADMODULE 228 | value: {{ .Values.zabbixAgent.ZBX_LOADMODULE }} 229 | {{- with .Values.zabbixAgent.extraEnv }} 230 | {{- toYaml . | nindent 12 }} 231 | {{- end }} 232 | ports: 233 | - name: zabbix-agent 234 | containerPort: 10050 235 | protocol: TCP 236 | {{- with .Values.zabbixAgent.extraVolumeMounts }} 237 | volumeMounts: 238 | {{- toYaml . | nindent 12 }} 239 | {{- end }} 240 | {{- with .Values.zabbixAgent.livenessProbe }} 241 | livenessProbe: 242 | {{- toYaml . | nindent 12 }} 243 | {{- end }} 244 | {{- with .Values.zabbixAgent.readinessProbe }} 245 | readinessProbe: 246 | {{- toYaml . | nindent 12 }} 247 | {{- end }} 248 | {{- with .Values.zabbixAgent.startupProbe }} 249 | startupProbe: 250 | {{- toYaml . | nindent 12 }} 251 | {{- end }} 252 | {{- end }} 253 | {{- with .Values.zabbixServer.extraContainers }} 254 | {{- toYaml . | nindent 8 }} 255 | {{- end }} 256 | imagePullSecrets: 257 | {{- range .Values.zabbixServer.image.pullSecrets }} 258 | - name: {{ . | quote }} 259 | {{- end }} 260 | {{- range .Values.zabbixAgent.image.pullSecrets }} 261 | - name: {{ . | quote }} 262 | {{- end }} 263 | volumes: 264 | {{- if .Values.zabbixServer.zabbixServerHA.enabled }} 265 | - name: init-waitschema-script 266 | configMap: 267 | name: {{ template "zabbix.fullname" . }}-waitdbschema-script 268 | {{- end }} 269 | {{- with .Values.zabbixServer.extraVolumes }} 270 | {{- toYaml . | nindent 8 }} 271 | {{- end }} 272 | {{- with .Values.zabbixAgent.extraVolumes }} 273 | {{- toYaml . | nindent 8 }} 274 | {{- end }} 275 | {{- end }} 276 | -------------------------------------------------------------------------------- /charts/zabbix/templates/deployment-zabbix-web.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.zabbixWeb.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-zabbix-web 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{- include "zabbix.labels" . | nindent 4 }} 9 | app.kubernetes.io/component: web 10 | {{- if .Values.zabbixWeb.extraDeploymentLabels }} 11 | {{- toYaml .Values.zabbixWeb.extraDeploymentLabels | nindent 4 }} 12 | {{- end }} 13 | annotations: 14 | {{- range $key,$value := .Values.zabbixWeb.extraDeploymentAnnotations }} 15 | {{ $key }}: {{ $value | quote }} 16 | {{- end }} 17 | spec: 18 | replicas: {{ .Values.zabbixWeb.replicaCount }} 19 | selector: 20 | matchLabels: 21 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 22 | app.kubernetes.io/component: web 23 | template: 24 | metadata: 25 | annotations: 26 | {{- range $key,$value := .Values.zabbixWeb.extraPodAnnotations }} 27 | {{ $key }}: {{ $value | quote }} 28 | {{- end }} 29 | labels: 30 | {{- include "zabbix.labels" . | nindent 8 }} 31 | app.kubernetes.io/component: web 32 | {{- if .Values.zabbixWeb.extraPodLabels }} 33 | {{- toYaml .Values.zabbixWeb.extraPodLabels | nindent 8 }} 34 | {{- end }} 35 | spec: 36 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 37 | {{- with .Values.zabbixWeb.extraPodSpecs }} 38 | {{- toYaml . | nindent 6 }} 39 | {{- end }} 40 | {{- with .Values.zabbixWeb.extraInitContainers }} 41 | initContainers: 42 | {{- toYaml . | nindent 8 }} 43 | {{- end }} 44 | {{- with .Values.zabbixWeb.nodeSelector }} 45 | nodeSelector: 46 | {{- toYaml . | nindent 8 }} 47 | {{- end }} 48 | {{- if gt (len .Values.affinity) 0 }} 49 | affinity: 50 | {{- toYaml .Values.affinity | nindent 8 }} 51 | {{- else if .Values.zabbixWeb.podAntiAffinity }} 52 | affinity: 53 | podAntiAffinity: 54 | preferredDuringSchedulingIgnoredDuringExecution: 55 | - weight: 1 56 | podAffinityTerm: 57 | topologyKey: kubernetes.io/hostname 58 | labelSelector: 59 | matchLabels: 60 | app.kubernetes.io/instance: {{ .Release.Name }}-zabbix-web 61 | {{- end }} 62 | {{- with .Values.tolerations }} 63 | tolerations: 64 | {{- toYaml . | nindent 8 }} 65 | {{- end }} 66 | containers: 67 | - name: zabbix-web 68 | resources: 69 | {{- toYaml .Values.zabbixWeb.resources | nindent 10 }} 70 | securityContext: 71 | {{- toYaml .Values.zabbixWeb.securityContext | nindent 10 }} 72 | {{- if .Values.zabbixWeb.image.tag }} 73 | image: "{{ .Values.zabbixWeb.image.repository }}:{{ .Values.zabbixWeb.image.tag }}" 74 | {{- else }} 75 | image: "{{ .Values.zabbixWeb.image.repository }}:{{ .Values.zabbixImageTag }}" 76 | {{- end }} 77 | imagePullPolicy: {{ .Values.zabbixWeb.image.pullPolicy }} 78 | env: 79 | {{- include "zabbix.postgresAccess.variables" (list $ . "zabbix") | nindent 10 }} 80 | {{- with .Values.zabbixWeb.extraEnv }} 81 | {{- toYaml . | nindent 10 }} 82 | {{- end }} 83 | ports: 84 | - name: zabbix-web 85 | containerPort: 8080 86 | protocol: TCP 87 | volumeMounts: 88 | {{- if .Values.zabbixWeb.samlCertsSecretName }} 89 | - name: zabbix-web-samlcerts 90 | mountPath: /etc/zabbix/web/certs 91 | {{- end }} 92 | {{- with .Values.zabbixWeb.extraVolumeMounts }} 93 | {{- toYaml . | nindent 10 }} 94 | {{- end }} 95 | {{- with .Values.zabbixWeb.livenessProbe }} 96 | livenessProbe: 97 | {{- toYaml . | nindent 10 }} 98 | {{- end }} 99 | {{- with .Values.zabbixWeb.readinessProbe }} 100 | readinessProbe: 101 | {{- toYaml . | nindent 10 }} 102 | {{- end }} 103 | {{- with .Values.zabbixWeb.startupProbe }} 104 | startupProbe: 105 | {{- toYaml . | nindent 10 }} 106 | {{- end }} 107 | {{- with .Values.zabbixWeb.extraContainers }} 108 | {{- toYaml . | nindent 6 }} 109 | {{- end }} 110 | imagePullSecrets: 111 | {{- range .Values.zabbixWeb.image.pullSecrets }} 112 | - name: {{ . | quote }} 113 | {{- end }} 114 | volumes: 115 | {{- if .Values.zabbixWeb.samlCertsSecretName }} 116 | - name: zabbix-web-samlcerts 117 | secret: 118 | secretName: {{ .Values.zabbixWeb.samlCertsSecretName }} 119 | {{- end }} 120 | {{- with .Values.zabbixWeb.extraVolumes }} 121 | {{- toYaml . | nindent 8 }} 122 | {{- end }} 123 | {{- end }} 124 | -------------------------------------------------------------------------------- /charts/zabbix/templates/deployment-zabbix-webservice.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.zabbixWebService.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-zabbix-webservice 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{- include "zabbix.labels" . | nindent 4 }} 9 | app.kubernetes.io/component: webservice 10 | {{- if .Values.zabbixWebService.extraDeploymentLabels }} 11 | {{- toYaml .Values.zabbixWebService.extraDeploymentLabels | nindent 4 }} 12 | {{- end }} 13 | annotations: 14 | {{- range $key,$value := .Values.zabbixWebService.extraDeploymentAnnotations }} 15 | {{ $key }}: {{ $value | quote }} 16 | {{- end }} 17 | spec: 18 | replicas: {{ .Values.zabbixWebService.replicaCount }} 19 | selector: 20 | matchLabels: 21 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 22 | app.kubernetes.io/component: webservice 23 | template: 24 | metadata: 25 | annotations: 26 | {{- range $key,$value := .Values.zabbixWebService.extraPodAnnotations }} 27 | {{ $key }}: {{ $value | quote }} 28 | {{- end }} 29 | labels: 30 | {{- include "zabbix.labels" . | nindent 8 }} 31 | app.kubernetes.io/component: webservice 32 | {{- if .Values.zabbixWebService.extraPodLabels }} 33 | {{- toYaml .Values.zabbixWebService.extraPodLabels | nindent 8 }} 34 | {{- end }} 35 | spec: 36 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 37 | {{- with .Values.zabbixWebService.extraPodSpecs }} 38 | {{- toYaml . | nindent 6 }} 39 | {{- end }} 40 | {{- with .Values.zabbixWebService.nodeSelector }} 41 | nodeSelector: 42 | {{- toYaml . | nindent 8 }} 43 | {{- end }} 44 | {{- if gt (len .Values.affinity) 0 }} 45 | affinity: 46 | {{- toYaml .Values.affinity | nindent 8 }} 47 | {{- else if .Values.zabbixWebService.podAntiAffinity }} 48 | affinity: 49 | podAntiAffinity: 50 | preferredDuringSchedulingIgnoredDuringExecution: 51 | - weight: 1 52 | podAffinityTerm: 53 | topologyKey: kubernetes.io/hostname 54 | labelSelector: 55 | matchLabels: 56 | app.kubernetes.io/instance: {{ .Release.Name }}-zabbix-webservice 57 | {{- end }} 58 | {{- with .Values.tolerations }} 59 | tolerations: 60 | {{- toYaml . | nindent 8 }} 61 | {{- end }} 62 | {{- with .Values.zabbixWebService.extraInitContainers }} 63 | initContainers: 64 | {{- toYaml . | nindent 8 }} 65 | {{- end }} 66 | containers: 67 | - name: zabbix-webservice 68 | resources: 69 | {{- toYaml .Values.zabbixWebService.resources | nindent 10 }} 70 | securityContext: 71 | {{- toYaml .Values.zabbixWebService.securityContext | nindent 10 }} 72 | {{- if .Values.zabbixWebService.image.tag }} 73 | image: "{{ .Values.zabbixWebService.image.repository }}:{{ .Values.zabbixWebService.image.tag }}" 74 | {{- else }} 75 | image: "{{ .Values.zabbixWebService.image.repository }}:{{ .Values.zabbixImageTag }}" 76 | {{- end }} 77 | imagePullPolicy: {{ .Values.zabbixWebService.image.pullPolicy }} 78 | env: 79 | {{- if .Values.zabbixWebService.ignoreURLCertErrors }} 80 | - name: ZBX_IGNOREURLCERTERRORS 81 | value: {{ .Values.zabbixWebService.ignoreURLCertErrors }} 82 | {{- end }} 83 | {{- with .Values.zabbixWebService.extraEnv }} 84 | {{- toYaml . | nindent 10 }} 85 | {{- end }} 86 | - name: ZBX_ALLOWEDIP 87 | value: "::/0" 88 | ports: 89 | - name: webservice 90 | containerPort: 10053 91 | protocol: TCP 92 | {{- with .Values.zabbixWebService.extraVolumeMounts }} 93 | volumeMounts: 94 | {{ toYaml . | nindent 10 }} 95 | {{- end }} 96 | {{- with .Values.zabbixWebService.livenessProbe }} 97 | livenessProbe: 98 | {{- toYaml . | nindent 10 }} 99 | {{- end }} 100 | {{- with .Values.zabbixWebService.readinessProbe }} 101 | readinessProbe: 102 | {{- toYaml . | nindent 10 }} 103 | {{- end }} 104 | {{- with .Values.zabbixWebService.startupProbe }} 105 | startupProbe: 106 | {{- toYaml . | nindent 10 }} 107 | {{- end }} 108 | {{- with .Values.zabbixWebService.extraContainers }} 109 | {{- toYaml . | nindent 6 }} 110 | {{- end }} 111 | imagePullSecrets: 112 | {{- range .Values.zabbixWeb.image.pullSecrets }} 113 | - name: {{ . | quote }} 114 | {{- end }} 115 | {{- with .Values.zabbixWebService.extraVolumes }} 116 | volumes: 117 | {{- toYaml . | nindent 8 }} 118 | {{- end }} 119 | {{- end }} 120 | -------------------------------------------------------------------------------- /charts/zabbix/templates/extra-manifests.yaml: -------------------------------------------------------------------------------- 1 | {{ range .Values.extraManifests }} 2 | --- 3 | {{ include "zabbix.tools.render" (dict "value" . "context" $) }} 4 | {{ end }} -------------------------------------------------------------------------------- /charts/zabbix/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "zabbix.fullname" . -}} 3 | {{- $svcPort := .Values.zabbixWeb.service.port -}} 4 | {{- if and .Values.ingress.ingressClassName (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} 5 | {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} 6 | {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.ingressClassName}} 7 | {{- end }} 8 | {{- end }} 9 | apiVersion: networking.k8s.io/v1 10 | kind: Ingress 11 | metadata: 12 | name: {{ $fullName }} 13 | namespace: {{ .Release.Namespace }} 14 | labels: 15 | {{- include "zabbix.labels" . | nindent 4 }} 16 | app.kubernetes.io/component: web 17 | {{- with .Values.ingress.annotations }} 18 | annotations: 19 | {{- toYaml . | nindent 4 }} 20 | {{- end }} 21 | spec: 22 | ingressClassName: {{ .Values.ingress.ingressClassName }} 23 | {{- if .Values.ingress.tls }} 24 | tls: 25 | {{- range .Values.ingress.tls }} 26 | - hosts: 27 | {{- range .hosts }} 28 | - {{ . | quote }} 29 | {{- end }} 30 | secretName: {{ .secretName }} 31 | {{- end }} 32 | {{- end }} 33 | rules: 34 | {{- range .Values.ingress.hosts }} 35 | - host: {{ .host | quote }} 36 | http: 37 | paths: 38 | {{- range .paths }} 39 | - path: {{ .path }} 40 | pathType: {{ .pathType }} 41 | backend: 42 | service: 43 | name: {{ $fullName }}-zabbix-web 44 | port: 45 | number: {{ $svcPort }} 46 | {{- end }} 47 | {{- end }} 48 | {{- end }} 49 | -------------------------------------------------------------------------------- /charts/zabbix/templates/job-create-upgrade-db.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.zabbixServer.enabled .Values.zabbixServer.zabbixServerHA.enabled }} 2 | {{ if and .Values.zabbixServer.zabbixServerHA.enabled .Values.postgresql.enabled }} 3 | {{ fail "We do not support enabling Zabbix Server native High Availability combined with `postgresql.enabled=true`. Please bring your own database to use Zabbix Server HA!" }} 4 | {{ end }} 5 | apiVersion: batch/v1 6 | kind: Job 7 | metadata: 8 | name: {{ template "zabbix.fullname" . }}-create-upgrade-db 9 | namespace: {{ .Release.Namespace }} 10 | labels: 11 | {{- include "zabbix.labels" . | nindent 4 }} 12 | app.kubernetes.io/component: create-upgrade-db 13 | {{- if .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.jobLabels }} 14 | {{- toYaml .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.jobLabels | nindent 6 }} 15 | {{- end }} 16 | annotations: 17 | "helm.sh/hook": pre-install,pre-upgrade 18 | "helm.sh/hook-weight": "-5" 19 | "helm.sh/hook-delete-policy": hook-succeeded 20 | {{- range $key,$value := .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.jobAnnotations }} 21 | {{ $key }}: {{ $value | quote }} 22 | {{- end }} 23 | spec: 24 | backoffLimit: 0 25 | ttlSecondsAfterFinished: 120 26 | template: 27 | spec: 28 | {{- with .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.extraPodSpecs }} 29 | {{- toYaml . | nindent 6 }} 30 | {{- end }} 31 | {{- with .Values.zabbixServer.nodeSelector }} 32 | nodeSelector: 33 | {{- toYaml . | nindent 8 }} 34 | {{- end }} 35 | {{- with .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.extraInitContainers }} 36 | {{- toYaml . | nindent 8 }} 37 | {{- end }} 38 | {{- with .Values.tolerations }} 39 | tolerations: 40 | {{- toYaml . | nindent 8 }} 41 | {{- end }} 42 | {{- if .Release.IsUpgrade }} 43 | serviceAccountName: {{ template "zabbix.fullname" . }}-ha-helper 44 | {{- end }} 45 | containers: 46 | {{- with .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.extraContainers }} 47 | {{- toYaml . | nindent 8 }} 48 | {{- end }} 49 | - name: create-upgrade-db 50 | {{- $pattern := "[0-9]+\\.[0-9]+" -}} 51 | {{- $tag := "" -}} 52 | {{- if .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.image.tag }} 53 | {{- $tag = .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.image.tag }} 54 | {{- else if .Values.zabbixServer.image.tag }} 55 | {{- $zabbixTag := .Values.zabbixServer.image.tag -}} 56 | {{- $match := regexFind $pattern $zabbixTag -}} 57 | {{- if $match }} 58 | {{- $tag = printf "%s-%s" $match .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.image.tagSuffix -}} 59 | {{- end }} 60 | {{- else }} 61 | {{- $globalTag := .Values.zabbixImageTag -}} 62 | {{- $match := regexFind $pattern $globalTag -}} 63 | {{- if $match }} 64 | {{- $tag = printf "%s-%s" $match .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.image.tagSuffix -}} 65 | {{- end }} 66 | {{- end }} 67 | {{- if eq $tag "" }} 68 | {{- fail "Failed to generate tag: Ensure the input values match the expected pattern." -}} 69 | {{- else }} 70 | image: "{{ .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.image.repository }}:{{ $tag }}" 71 | {{- end }} 72 | {{- if .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.image.pullPolicy }} 73 | imagePullPolicy: {{ .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.image.pullPolicy }} 74 | {{- end }} 75 | securityContext: 76 | {{- toYaml .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.securityContext | nindent 10 }} 77 | resources: 78 | {{- toYaml .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.resources | nindent 10 }} 79 | env: 80 | - name: ZBX_SERVER_DEPLOYMENT_NAME 81 | value: {{ template "zabbix.fullname" . }}-zabbix-server 82 | - name: HELM_HOOK_TYPE 83 | {{- if .Release.IsUpgrade }} 84 | value: upgrade 85 | {{- else if .Release.IsInstall }} 86 | value: install 87 | {{- else }} 88 | value: unknown 89 | {{- end }} 90 | {{- include "zabbix.postgresAccess.variables" (list $ . "db_init_upgrade") | nindent 10 }} 91 | {{- with .Values.zabbixServer.extraEnv }} 92 | {{- toYaml . | nindent 10 }} 93 | {{- end }} 94 | {{- with .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.extraVolumeMounts }} 95 | volumeMounts: 96 | {{- toYaml . | nindent 10 }} 97 | {{- end }} 98 | args: 99 | - init_and_upgrade_db 100 | imagePullSecrets: 101 | {{- range .Values.zabbixServer.image.pullSecrets }} 102 | - name: {{ . | quote }} 103 | {{- end }} 104 | restartPolicy: Never 105 | {{- with .Values.zabbixServer.zabbixServerHA.dbCreateUpgradeJob.extraVolumes }} 106 | volumes: 107 | {{- toYaml . | nindent 8 }} 108 | {{- end }} 109 | {{ end }} 110 | -------------------------------------------------------------------------------- /charts/zabbix/templates/role-ha-helper.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.zabbixServer.enabled .Values.zabbixServer.zabbixServerHA.enabled }} 2 | --- 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: Role 5 | metadata: 6 | name: {{ template "zabbix.fullname" . }}-ha-helper 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | {{- if .Values.zabbixServer.zabbixServerHA.role.annotations }} 11 | annotations: 12 | {{- range $key,$value := .Values.zabbixServer.zabbixServerHA.role.annotations }} 13 | {{ $key }}: {{ $value | quote }} 14 | {{- end }} 15 | {{- end }} 16 | rules: 17 | - apiGroups: ["apps"] 18 | resources: ["deployments"] 19 | verbs: ["patch", "get", "list"] 20 | - apiGroups: ["apps"] 21 | resources: ["deployments/scale"] 22 | verbs: ["get", "update", "patch"] 23 | - apiGroups: [""] 24 | resources: ["pods"] 25 | verbs: ["patch", "get", "list"] 26 | {{ end }} 27 | -------------------------------------------------------------------------------- /charts/zabbix/templates/rolebinding-ha-helper.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.zabbixServer.enabled .Values.zabbixServer.zabbixServerHA.enabled }} 2 | --- 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: RoleBinding 5 | metadata: 6 | name: {{ template "zabbix.fullname" . }}-ha-helper 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | {{- if .Values.zabbixServer.zabbixServerHA.roleBinding.annotations }} 11 | annotations: 12 | {{- range $key,$value := .Values.zabbixServer.zabbixServerHA.roleBinding.annotations }} 13 | {{ $key }}: {{ $value | quote }} 14 | {{- end }} 15 | {{- end }} 16 | subjects: 17 | - kind: ServiceAccount 18 | name: {{ template "zabbix.serviceAccountName" . }} 19 | - kind: ServiceAccount 20 | name: {{ template "zabbix.fullname" . }}-ha-helper 21 | roleRef: 22 | kind: Role 23 | name: {{ template "zabbix.fullname" . }}-ha-helper 24 | apiGroup: rbac.authorization.k8s.io 25 | {{ end }} 26 | -------------------------------------------------------------------------------- /charts/zabbix/templates/secret-db-access.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.postgresAccess.existingSecretName }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-db-access 6 | namespace: {{ .Release.Namespace }} 7 | annotations: 8 | "helm.sh/resource-policy": keep 9 | labels: 10 | {{- include "zabbix.labels" . | nindent 4 }} 11 | type: Opaque 12 | data: 13 | {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace .Values.postgresAccess.existingSecretName) | default dict }} 14 | {{- $secretData := (get $secretObj "data") | default dict }} 15 | {{- $secretHost := (get $secretData .Values.postgresAccess.secretHostKey) | default (default (printf "%s-%s" (include "zabbix.fullname" .) "postgresql") .Values.postgresAccess.host | b64enc) }} 16 | {{- $secretPort := (get $secretData .Values.postgresAccess.secretPortKey) | default (.Values.postgresql.service.port | toString | b64enc) }} 17 | {{- $secretDbname := (get $secretData .Values.postgresAccess.secretDBKey) | default ( default "zabbix" .Values.postgresAccess.database | b64enc) }} 18 | {{- $secretUser := (get $secretData .Values.postgresAccess.secretUserKey) | default (default "zabbix" .Values.postgresAccess.user | b64enc) }} 19 | {{- $secretPassword := (get $secretData .Values.postgresAccess.secretPasswordKey) | default (default (randAlphaNum 16) .Values.postgresAccess.password | b64enc) }} 20 | {{- $secretSchema := "" }} 21 | {{- if and (not .Values.postgresql.enabled) .Values.postgresAccess.secretSchemaKey }} 22 | {{- $secretSchema = (get $secretData .Values.postgresAccess.secretSchemaKey) | default (default "public" .Values.postgresAccess.schema | b64enc )}} 23 | {{- end }} 24 | {{ .Values.postgresAccess.secretHostKey }}: {{ $secretHost | quote }} 25 | {{ .Values.postgresAccess.secretPortKey }}: {{ $secretPort | quote }} 26 | {{ .Values.postgresAccess.secretDBKey }}: {{ $secretDbname | quote }} 27 | {{ .Values.postgresAccess.secretUserKey }}: {{ $secretUser | quote }} 28 | {{ .Values.postgresAccess.secretPasswordKey }}: {{ $secretPassword | quote }} 29 | {{- if $secretSchema }} 30 | {{ .Values.postgresAccess.secretSchemaKey }}: {{ $secretSchema | quote }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/zabbix/templates/service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.zabbixServer.enabled }} 2 | --- 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: {{ template "zabbix.fullname" . }}-zabbix-server 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | app.kubernetes.io/component: server 11 | {{- if .Values.zabbixServer.service.annotations }} 12 | annotations: 13 | {{- range $key,$value := .Values.zabbixServer.service.annotations }} 14 | {{ $key }}: {{ $value | quote }} 15 | {{- end }} 16 | {{- end }} 17 | spec: 18 | type: {{ .Values.zabbixServer.service.type }} 19 | {{- if and .Values.zabbixServer.service.externalTrafficPolicy (or (eq .Values.zabbixServer.service.type "NodePort") (eq .Values.zabbixServer.service.type "LoadBalancer" )) }} 20 | externalTrafficPolicy: {{ .Values.zabbixServer.service.externalTrafficPolicy }} 21 | {{- end }} 22 | {{- if and .Values.zabbixServer.service.externalIPs (eq .Values.zabbixServer.service.type "LoadBalancer") }} 23 | externalIPs: {{ .Values.zabbixServer.service.externalIPs | toYaml | nindent 6 }} 24 | {{- end }} 25 | {{- if and .Values.zabbixServer.service.loadBalancerIP (eq .Values.zabbixServer.service.type "LoadBalancer") }} 26 | loadBalancerIP: {{ .Values.zabbixServer.service.loadBalancerIP }} 27 | {{- end }} 28 | {{- if and .Values.zabbixServer.service.clusterIP (eq .Values.zabbixServer.service.type "ClusterIP") }} 29 | clusterIP: {{ .Values.zabbixServer.service.clusterIP }} 30 | {{- end }} 31 | {{- if .Values.zabbixServer.service.sessionAffinity }} 32 | sessionAffinity: {{ .Values.zabbixServer.service.sessionAffinity }} 33 | {{- end }} 34 | {{- if and (eq .Values.zabbixServer.service.type "LoadBalancer") (not (empty .Values.zabbixServer.service.loadBalancerSourceRanges)) }} 35 | loadBalancerSourceRanges: {{- toYaml .Values.zabbixServer.service.loadBalancerSourceRanges | nindent 4 }} 36 | {{- end }} 37 | {{- if and (eq .Values.zabbixServer.service.type "LoadBalancer") .Values.zabbixServer.service.loadBalancerClass }} 38 | loadBalancerClass: {{ .Values.zabbixServer.service.loadBalancerClass }} 39 | {{- end }} 40 | ports: 41 | - port: {{ .Values.zabbixServer.service.port }} 42 | name: zabbix-server 43 | targetPort: 10051 44 | protocol: TCP 45 | {{- if and (or (eq .Values.zabbixServer.service.type "NodePort") (eq .Values.zabbixServer.service.type "LoadBalancer" )) (not (empty .Values.zabbixServer.service.nodePort)) }} 46 | nodePort: {{ .Values.zabbixServer.service.nodePort }} 47 | {{- end }} 48 | - port: 10052 49 | name: zabbix-jmx 50 | targetPort: 10052 51 | protocol: TCP 52 | selector: 53 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 54 | app.kubernetes.io/component: server 55 | {{- if .Values.zabbixServer.zabbixServerHA.enabled }} 56 | {{ .Values.zabbixServer.zabbixServerHA.haLabelsSidecar.labelName }}: "active" 57 | {{- end }} 58 | {{- end }} 59 | 60 | 61 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsDaemonSet }} 62 | --- 63 | apiVersion: v1 64 | kind: Service 65 | metadata: 66 | name: {{ template "zabbix.fullname" . }}-zabbix-agent 67 | namespace: {{ .Release.Namespace }} 68 | labels: 69 | {{- include "zabbix.labels" . | nindent 4 }} 70 | app.kubernetes.io/component: agent 71 | {{- if .Values.zabbixAgent.service.annotations }} 72 | annotations: 73 | {{- range $key,$value := .Values.zabbixAgent.service.annotations }} 74 | {{ $key }}: {{ $value | quote }} 75 | {{- end }} 76 | {{- end }} 77 | spec: 78 | type: {{ .Values.zabbixAgent.service.type }} 79 | {{- if and .Values.zabbixAgent.service.externalTrafficPolicy (or (eq .Values.zabbixAgent.service.type "NodePort") (eq .Values.zabbixAgent.service.type "LoadBalancer" )) }} 80 | externalTrafficPolicy: {{ .Values.zabbixAgent.service.externalTrafficPolicy }} 81 | {{- end }} 82 | {{- if and .Values.zabbixAgent.service.externalIPs (eq .Values.zabbixAgent.service.type "LoadBalancer") }} 83 | externalIPs: {{ .Values.zabbixAgent.service.externalIPs | toYaml | nindent 6 }} 84 | {{- end }} 85 | {{- if and .Values.zabbixAgent.service.loadBalancerIP (eq .Values.zabbixAgent.service.type "LoadBalancer") }} 86 | loadBalancerIP: {{ .Values.zabbixAgent.service.loadBalancerIP }} 87 | {{- end }} 88 | {{- if and .Values.zabbixAgent.service.clusterIP (eq .Values.zabbixAgent.service.type "ClusterIP") }} 89 | clusterIP: {{ .Values.zabbixAgent.service.clusterIP }} 90 | {{- end }} 91 | {{- if .Values.zabbixAgent.service.sessionAffinity }} 92 | sessionAffinity: {{ .Values.zabbixAgent.service.sessionAffinity }} 93 | {{- end }} 94 | {{- if and (eq .Values.zabbixAgent.service.type "LoadBalancer") (not (empty .Values.zabbixAgent.service.loadBalancerSourceRanges)) }} 95 | loadBalancerSourceRanges: {{- toYaml .Values.zabbixAgent.service.loadBalancerSourceRanges | nindent 4 }} 96 | {{- end }} 97 | {{- if and (eq .Values.zabbixAgent.service.type "LoadBalancer") .Values.zabbixAgent.service.loadBalancerClass }} 98 | loadBalancerClass: {{ .Values.zabbixAgent.service.loadBalancerClass }} 99 | {{- end }} 100 | ports: 101 | - port: {{ .Values.zabbixAgent.service.port }} 102 | name: zabbix-agent 103 | targetPort: 10050 104 | protocol: TCP 105 | {{- if and (or (eq .Values.zabbixAgent.service.type "NodePort") (eq .Values.zabbixAgent.service.type "LoadBalancer" )) (not (empty .Values.zabbixAgent.service.nodePort)) }} 106 | nodePort: {{ .Values.zabbixAgent.service.nodePort }} 107 | {{- end }} 108 | selector: 109 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 110 | app.kubernetes.io/component: agent 111 | {{- end }} 112 | 113 | 114 | {{- if .Values.zabbixWeb.enabled }} 115 | --- 116 | apiVersion: v1 117 | kind: Service 118 | metadata: 119 | name: {{ template "zabbix.fullname" . }}-zabbix-web 120 | namespace: {{ .Release.Namespace }} 121 | labels: 122 | {{- include "zabbix.labels" . | nindent 4 }} 123 | app.kubernetes.io/component: web 124 | {{- if .Values.zabbixWeb.service.annotations }} 125 | annotations: 126 | {{- range $key,$value := .Values.zabbixWeb.service.annotations }} 127 | {{ $key }}: {{ $value | quote }} 128 | {{- end }} 129 | {{- end }} 130 | spec: 131 | type: {{ .Values.zabbixWeb.service.type }} 132 | {{- if and .Values.zabbixWeb.service.externalTrafficPolicy (or (eq .Values.zabbixWeb.service.type "NodePort") (eq .Values.zabbixWeb.service.type "LoadBalancer" )) }} 133 | externalTrafficPolicy: {{ .Values.zabbixWeb.service.externalTrafficPolicy }} 134 | {{- end }} 135 | {{- if and .Values.zabbixWeb.service.externalIPs (eq .Values.zabbixWeb.service.type "LoadBalancer") }} 136 | externalIPs: {{ .Values.zabbixWeb.service.externalIPs | toYaml | nindent 6 }} 137 | {{- end }} 138 | {{- if and .Values.zabbixWeb.service.loadBalancerIP (eq .Values.zabbixWeb.service.type "LoadBalancer") }} 139 | loadBalancerIP: {{ .Values.zabbixWeb.service.loadBalancerIP }} 140 | {{- end }} 141 | {{- if and .Values.zabbixWeb.service.clusterIP (eq .Values.zabbixWeb.service.type "ClusterIP") }} 142 | clusterIP: {{ .Values.zabbixWeb.service.clusterIP }} 143 | {{- end }} 144 | {{- if .Values.zabbixWeb.service.sessionAffinity }} 145 | sessionAffinity: {{ .Values.zabbixWeb.service.sessionAffinity }} 146 | {{- end }} 147 | {{- if and (eq .Values.zabbixWeb.service.type "LoadBalancer") (not (empty .Values.zabbixWeb.service.loadBalancerSourceRanges)) }} 148 | loadBalancerSourceRanges: {{- toYaml .Values.zabbixWeb.service.loadBalancerSourceRanges | nindent 4 }} 149 | {{- end }} 150 | {{- if and (eq .Values.zabbixWeb.service.type "LoadBalancer") .Values.zabbixWeb.service.loadBalancerClass }} 151 | loadBalancerClass: {{ .Values.zabbixWeb.service.loadBalancerClass }} 152 | {{- end }} 153 | ports: 154 | - port: {{ .Values.zabbixWeb.service.port }} 155 | name: zabbix-web 156 | targetPort: 8080 157 | protocol: TCP 158 | {{- if and (or (eq .Values.zabbixWeb.service.type "NodePort") (eq .Values.zabbixWeb.service.type "LoadBalancer" )) (not (empty .Values.zabbixWeb.service.nodePort)) }} 159 | nodePort: {{ .Values.zabbixWeb.service.nodePort }} 160 | {{- end }} 161 | selector: 162 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 163 | app.kubernetes.io/component: web 164 | {{- end }} 165 | 166 | 167 | {{- if .Values.zabbixWebService.enabled }} 168 | --- 169 | apiVersion: v1 170 | kind: Service 171 | metadata: 172 | name: {{ template "zabbix.fullname" . }}-zabbix-webservice 173 | namespace: {{ .Release.Namespace }} 174 | labels: 175 | {{- include "zabbix.labels" . | nindent 4 }} 176 | app.kubernetes.io/component: webservice 177 | {{- if .Values.zabbixWebService.service.annotations }} 178 | annotations: 179 | {{- range $key,$value := .Values.zabbixWebService.service.annotations }} 180 | {{ $key }}: {{ $value | quote }} 181 | {{- end }} 182 | {{- end }} 183 | spec: 184 | type: {{ .Values.zabbixWebService.service.type }} 185 | {{- if and .Values.zabbixWebService.service.clusterIP (eq .Values.zabbixWebService.service.type "ClusterIP") }} 186 | clusterIP: {{ .Values.zabbixWebService.service.clusterIP }} 187 | {{- end }} 188 | ports: 189 | - port: {{ .Values.zabbixWebService.service.port }} 190 | name: webservice 191 | targetPort: 10053 192 | protocol: TCP 193 | selector: 194 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 195 | app.kubernetes.io/component: webservice 196 | {{- end }} 197 | 198 | 199 | {{- if .Values.zabbixProxy.enabled }} 200 | --- 201 | apiVersion: v1 202 | kind: Service 203 | metadata: 204 | name: {{ template "zabbix.fullname" . }}-zabbix-proxy 205 | namespace: {{ .Release.Namespace }} 206 | labels: 207 | {{- include "zabbix.labels" . | nindent 4 }} 208 | app.kubernetes.io/component: proxy 209 | {{- if .Values.zabbixProxy.service.annotations }} 210 | annotations: 211 | {{- range $key,$value := .Values.zabbixProxy.service.annotations }} 212 | {{ $key }}: {{ $value | quote }} 213 | {{- end }} 214 | {{- end }} 215 | spec: 216 | type: {{ .Values.zabbixProxy.service.type }} 217 | {{- if and .Values.zabbixProxy.service.externalTrafficPolicy (or (eq .Values.zabbixProxy.service.type "NodePort") (eq .Values.zabbixProxy.service.type "LoadBalancer" )) }} 218 | externalTrafficPolicy: {{ .Values.zabbixProxy.service.externalTrafficPolicy }} 219 | {{- end }} 220 | {{- if and .Values.zabbixProxy.service.externalIPs (eq .Values.zabbixProxy.service.type "LoadBalancer") }} 221 | externalIPs: {{ .Values.zabbixProxy.service.externalIPs | toYaml | nindent 6 }} 222 | {{- end }} 223 | {{- if and .Values.zabbixProxy.service.loadBalancerIP (eq .Values.zabbixProxy.service.type "LoadBalancer") }} 224 | loadBalancerIP: {{ .Values.zabbixProxy.service.loadBalancerIP }} 225 | {{- end }} 226 | {{- if and .Values.zabbixProxy.service.clusterIP (eq .Values.zabbixProxy.service.type "ClusterIP") }} 227 | clusterIP: {{ .Values.zabbixProxy.service.clusterIP }} 228 | {{- end }} 229 | {{- if .Values.zabbixProxy.service.sessionAffinity }} 230 | sessionAffinity: {{ .Values.zabbixProxy.service.sessionAffinity }} 231 | {{- end }} 232 | {{- if and (eq .Values.zabbixProxy.service.type "LoadBalancer") (not (empty .Values.zabbixProxy.service.loadBalancerSourceRanges)) }} 233 | loadBalancerSourceRanges: {{- toYaml .Values.zabbixProxy.service.loadBalancerSourceRanges | nindent 4 }} 234 | {{- end }} 235 | {{- if and (eq .Values.zabbixProxy.service.type "LoadBalancer") .Values.zabbixProxy.service.loadBalancerClass }} 236 | loadBalancerClass: {{ .Values.zabbixProxy.service.loadBalancerClass }} 237 | {{- end }} 238 | ports: 239 | - port: {{ .Values.zabbixProxy.service.port }} 240 | name: zabbix-proxy 241 | targetPort: 10051 242 | protocol: TCP 243 | {{- if and (or (eq .Values.zabbixProxy.service.type "NodePort") (eq .Values.zabbixProxy.service.type "LoadBalancer" )) (not (empty .Values.zabbixProxy.service.nodePort)) }} 244 | nodePort: {{ .Values.zabbixProxy.service.nodePort }} 245 | {{- end }} 246 | selector: 247 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 248 | app.kubernetes.io/component: proxy 249 | {{- end }} 250 | 251 | 252 | {{- if .Values.postgresql.enabled }} 253 | --- 254 | apiVersion: v1 255 | kind: Service 256 | metadata: 257 | name: {{ template "zabbix.fullname" . }}-postgresql 258 | namespace: {{ .Release.Namespace }} 259 | labels: 260 | {{- include "zabbix.labels" . | nindent 4 }} 261 | app.kubernetes.io/component: postgresql 262 | {{- if .Values.postgresql.service.annotations }} 263 | annotations: 264 | {{- range $key,$value := .Values.postgresql.service.annotations }} 265 | {{ $key }}: {{ $value | quote }} 266 | {{- end }} 267 | {{- end }} 268 | spec: 269 | type: {{ .Values.postgresql.service.type }} 270 | {{- if and .Values.postgresql.service.clusterIP (eq .Values.postgresql.service.type "ClusterIP") }} 271 | clusterIP: {{ .Values.postgresql.service.clusterIP }} 272 | {{- end }} 273 | ports: 274 | - port: {{ .Values.postgresql.service.port }} 275 | name: db 276 | targetPort: 5432 277 | protocol: TCP 278 | selector: 279 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 280 | app.kubernetes.io/component: postgresql 281 | {{- end }} 282 | 283 | 284 | {{- if .Values.zabbixJavaGateway.enabled }} 285 | --- 286 | apiVersion: v1 287 | kind: Service 288 | metadata: 289 | name: {{ template "zabbix.fullname" . }}-java-gateway 290 | namespace: {{ .Release.Namespace }} 291 | labels: 292 | {{- include "zabbix.labels" . | nindent 4 }} 293 | app.kubernetes.io/component: java-gateway 294 | {{- if .Values.zabbixJavaGateway.service.annotations }} 295 | annotations: 296 | {{- range $key,$value := .Values.zabbixJavaGateway.service.annotations }} 297 | {{ $key }}: {{ $value | quote }} 298 | {{- end }} 299 | {{- end }} 300 | spec: 301 | type: {{ .Values.zabbixJavaGateway.service.type }} 302 | {{- if and .Values.zabbixJavaGateway.service.externalTrafficPolicy (or (eq .Values.zabbixJavaGateway.service.type "NodePort") (eq .Values.zabbixJavaGateway.service.type "LoadBalancer" )) }} 303 | externalTrafficPolicy: {{ .Values.zabbixJavaGateway.service.externalTrafficPolicy }} 304 | {{- end }} 305 | {{- if and .Values.zabbixJavaGateway.service.externalIPs (eq .Values.zabbixJavaGateway.service.type "LoadBalancer") }} 306 | externalIPs: {{ .Values.zabbixJavaGateway.service.externalIPs | toYaml | nindent 6 }} 307 | {{- end }} 308 | {{- if and .Values.zabbixJavaGateway.service.loadBalancerIP (eq .Values.zabbixJavaGateway.service.type "LoadBalancer") }} 309 | loadBalancerIP: {{ .Values.zabbixJavaGateway.service.loadBalancerIP }} 310 | {{- end }} 311 | {{- if and .Values.zabbixJavaGateway.service.clusterIP (eq .Values.zabbixJavaGateway.service.type "ClusterIP") }} 312 | clusterIP: {{ .Values.zabbixJavaGateway.service.clusterIP }} 313 | {{- end }} 314 | {{- if .Values.zabbixJavaGateway.service.sessionAffinity }} 315 | sessionAffinity: {{ .Values.zabbixJavaGateway.service.sessionAffinity }} 316 | {{- end }} 317 | {{- if and (eq .Values.zabbixJavaGateway.service.type "LoadBalancer") (not (empty .Values.zabbixJavaGateway.service.loadBalancerSourceRanges)) }} 318 | loadBalancerSourceRanges: {{- toYaml .Values.zabbixJavaGateway.service.loadBalancerSourceRanges | nindent 4 }} 319 | {{- end }} 320 | {{- if and (eq .Values.zabbixJavaGateway.service.type "LoadBalancer") .Values.zabbixJavaGateway.service.loadBalancerClass }} 321 | loadBalancerClass: {{ .Values.zabbixJavaGateway.service.loadBalancerClass }} 322 | {{- end }} 323 | ports: 324 | - port: {{ .Values.zabbixJavaGateway.service.port }} 325 | name: zabbix-java-gw 326 | targetPort: 10052 327 | protocol: TCP 328 | {{- if ( and (eq .Values.zabbixJavaGateway.service.type "NodePort" ) (not (empty .Values.zabbixJavaGateway.service.nodePort)) ) }} 329 | nodePort: {{ .Values.zabbixJavaGateway.service.nodePort }} 330 | {{- end }} 331 | selector: 332 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 333 | app.kubernetes.io/component: java-gateway 334 | {{- end }} 335 | 336 | 337 | {{- if and .Values.zabbixBrowserMonitoring.enabled .Values.zabbixBrowserMonitoring.webdriver.enabled }} 338 | --- 339 | apiVersion: v1 340 | kind: Service 341 | metadata: 342 | name: {{ template "zabbix.fullname" . }}-{{ .Values.zabbixBrowserMonitoring.webdriver.name }} 343 | namespace: {{ .Release.Namespace }} 344 | labels: 345 | {{- include "zabbix.labels" . | nindent 4 }} 346 | app.kubernetes.io/component: webdriver 347 | spec: 348 | ports: 349 | - port: {{ .Values.zabbixBrowserMonitoring.webdriver.port }} 350 | targetPort: {{ .Values.zabbixBrowserMonitoring.webdriver.port }} 351 | protocol: TCP 352 | selector: 353 | {{- include "zabbix.selectorLabels" . | nindent 4 }} 354 | app.kubernetes.io/component: webdriver 355 | type: ClusterIP 356 | {{- end }} 357 | -------------------------------------------------------------------------------- /charts/zabbix/templates/serviceaccount-ha-helper.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.zabbixServer.enabled .Values.zabbixServer.zabbixServerHA.enabled }} 2 | --- 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | name: {{ template "zabbix.fullname" . }}-ha-helper 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | {{- if .Values.zabbixServer.zabbixServerHA.serviceAccount.annotations }} 11 | annotations: 12 | {{- range $key,$value := .Values.zabbixServer.zabbixServerHA.serviceAccount.annotations }} 13 | {{ $key }}: {{ $value | quote }} 14 | {{- end }} 15 | {{- end }} 16 | {{ end }} 17 | -------------------------------------------------------------------------------- /charts/zabbix/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if or .Values.serviceAccount.create ( and .Values.zabbixServer.enabled .Values.zabbixServer.zabbixServerHA.enabled ) }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | {{- with .Values.global.imagePullSecrets }} 5 | imagePullSecrets: 6 | {{- toYaml . | nindent 2 }} 7 | {{- end }} 8 | automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} 9 | metadata: 10 | name: {{ template "zabbix.serviceAccountName" . }} 11 | namespace: {{ .Release.Namespace }} 12 | {{- with .Values.serviceAccount.annotations }} 13 | annotations: 14 | {{- toYaml . | nindent 4 }} 15 | {{- end }} 16 | labels: 17 | {{- include "zabbix.labels" . | nindent 4 }} 18 | {{- with .Values.serviceAccount.labels }} 19 | {{- toYaml . | nindent 4 }} 20 | {{- end }} 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/zabbix/templates/statefulset-postgresql.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.postgresql.enabled }} 2 | --- 3 | apiVersion: apps/v1 4 | kind: StatefulSet 5 | metadata: 6 | name: {{ template "zabbix.fullname" . }}-postgresql 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | app.kubernetes.io/component: postgresql 11 | {{- if .Values.postgresql.extraStatefulSetLabels }} 12 | {{- toYaml .Values.postgresql.extraStatefulSetLabels | nindent 4 }} 13 | {{- end }} 14 | annotations: 15 | {{- range $key,$value := .Values.postgresql.extraStatefulSetAnnotations }} 16 | {{ $key }}: {{ $value | quote }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.postgresql.persistence.enabled }} 20 | {{- if not .Values.postgresql.persistence.existingClaimName }} 21 | volumeClaimTemplates: 22 | - metadata: 23 | name: postgresql-data 24 | spec: 25 | accessModes: 26 | {{- if .Values.postgresql.persistence.claim_access_mode }} 27 | - {{ .Values.postgresql.persistence.claim_access_mode }} 28 | {{- else }} 29 | - ReadWriteOnce 30 | {{- end }} 31 | resources: 32 | requests: 33 | storage: {{ .Values.postgresql.persistence.storageSize }} 34 | {{- if .Values.postgresql.persistence.storageClass }} 35 | storageClassName: {{ .Values.postgresql.persistence.storageClass }} 36 | {{- end }} 37 | {{- end }} 38 | {{- end }} 39 | replicas: 1 40 | serviceName: {{ template "zabbix.fullname" . }} 41 | selector: 42 | matchLabels: 43 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 44 | app.kubernetes.io/component: postgresql 45 | template: 46 | metadata: 47 | annotations: 48 | {{- range $key,$value := .Values.postgresql.extraPodAnnotations }} 49 | {{ $key }}: {{ $value | quote }} 50 | {{- end }} 51 | labels: 52 | {{- include "zabbix.labels" . | nindent 8 }} 53 | app.kubernetes.io/component: postgresql 54 | {{- if .Values.postgresql.extraPodLabels }} 55 | {{- toYaml .Values.postgresql.extraPodLabels | nindent 8 }} 56 | {{- end }} 57 | spec: 58 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 59 | {{- with .Values.postgresql.extraPodSpecs }} 60 | {{- toYaml . | nindent 6 }} 61 | {{- end }} 62 | {{- with .Values.postgresql.extraInitContainers }} 63 | initContainers: 64 | {{- toYaml . | nindent 8 }} 65 | {{- end }} 66 | {{- with .Values.postgresql.nodeSelector }} 67 | nodeSelector: 68 | {{- toYaml . | nindent 8 }} 69 | {{- end }} 70 | {{- with .Values.affinity }} 71 | affinity: 72 | {{- toYaml . | nindent 8 }} 73 | {{- end }} 74 | {{- with .Values.tolerations }} 75 | tolerations: 76 | {{- toYaml . | nindent 8 }} 77 | {{- end }} 78 | containers: 79 | - name: postgresql 80 | resources: 81 | {{- toYaml .Values.postgresql.resources | nindent 12 }} 82 | securityContext: 83 | {{- toYaml .Values.postgresql.securityContext | nindent 12 }} 84 | image: "{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}" 85 | imagePullPolicy: {{ .Values.postgresql.image.pullPolicy }} 86 | {{- with .Values.postgresql.extraRuntimeParameters }} 87 | args: 88 | {{- range $key, $value := . }} 89 | - "-c" 90 | - "{{ $key }}={{ $value }}" 91 | {{- end }} 92 | {{- end }} 93 | env: 94 | {{- include "zabbix.postgresAccess.variables" (list $ . "database") | nindent 12 }} 95 | - name: PGDATA 96 | value: /var/lib/postgresql/data/pgdata 97 | {{- with .Values.postgresql.extraEnv }} 98 | {{- toYaml . | nindent 12 }} 99 | {{- end }} 100 | volumeMounts: 101 | {{- if .Values.postgresql.persistence.enabled }} 102 | - name: postgresql-data 103 | mountPath: /var/lib/postgresql/data 104 | {{- end }} 105 | {{- with .Values.postgresql.extraVolumeMounts }} 106 | {{- toYaml . | nindent 12 }} 107 | {{- end }} 108 | ports: 109 | - name: db 110 | containerPort: 5432 111 | protocol: TCP 112 | {{- with .Values.postgresql.livenessProbe }} 113 | livenessProbe: 114 | {{- toYaml . | nindent 12 }} 115 | {{- end }} 116 | {{- with .Values.postgresql.readinessProbe }} 117 | readinessProbe: 118 | {{- toYaml . | nindent 12 }} 119 | {{- end }} 120 | {{- with .Values.postgresql.startupProbe }} 121 | startupProbe: 122 | {{- toYaml . | nindent 12 }} 123 | {{- end }} 124 | {{- with .Values.postgresql.extraContainers }} 125 | {{- toYaml . | nindent 8 }} 126 | {{- end }} 127 | volumes: 128 | {{- if .Values.postgresql.persistence.enabled }} 129 | {{- if .Values.postgresql.persistence.existingClaimName }} 130 | - name: postgresql-data 131 | persistentVolumeClaim: 132 | claimName: {{ .Values.postgresql.persistence.existingClaimName }} 133 | {{- end }} 134 | {{- end }} 135 | {{- with .Values.postgresql.extraVolumes }} 136 | {{- toYaml . | nindent 8 }} 137 | {{- end }} 138 | imagePullSecrets: 139 | {{- range .Values.postgresql.image.pullSecrets }} 140 | - name: {{ . | quote }} 141 | {{- end }} 142 | {{- end }} 143 | -------------------------------------------------------------------------------- /charts/zabbix/templates/statefulset-zabbix-proxy.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.zabbixProxy.enabled }} 2 | --- 3 | apiVersion: apps/v1 4 | kind: StatefulSet 5 | metadata: 6 | name: {{ template "zabbix.fullname" . }}-zabbix-proxy 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | {{- include "zabbix.labels" . | nindent 4 }} 10 | app.kubernetes.io/component: proxy 11 | {{- if .Values.zabbixProxy.extraStatefulSetLabels }} 12 | {{- toYaml .Values.zabbixProxy.extraStatefulSetLabels | nindent 4 }} 13 | {{- end }} 14 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsSidecar }} 15 | {{- if .Values.zabbixAgent.extraDeploymentLabels }} 16 | {{- toYaml .Values.zabbixAgent.extraDeploymentLabels | nindent 4 }} 17 | {{- end }} 18 | {{- end }} 19 | annotations: 20 | {{- range $key,$value := .Values.zabbixProxy.extraStatefulSetAnnotations }} 21 | {{ $key }}: {{ $value | quote }} 22 | {{- end }} 23 | spec: 24 | replicas: {{ .Values.zabbixProxy.replicaCount }} 25 | serviceName: {{ template "zabbix.fullname" . }} 26 | selector: 27 | matchLabels: 28 | {{- include "zabbix.selectorLabels" . | nindent 6 }} 29 | app.kubernetes.io/component: proxy 30 | template: 31 | metadata: 32 | annotations: 33 | {{- range $key,$value := .Values.zabbixProxy.extraPodAnnotations }} 34 | {{ $key }}: {{ $value | quote }} 35 | {{- end }} 36 | labels: 37 | {{- include "zabbix.labels" . | nindent 8 }} 38 | app.kubernetes.io/component: proxy 39 | {{- if .Values.zabbixProxy.extraPodLabels }} 40 | {{- toYaml .Values.zabbixProxy.extraPodLabels | nindent 8 }} 41 | {{- end }} 42 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsSidecar }} 43 | {{- if .Values.zabbixAgent.extraPodLabels }} 44 | {{- toYaml .Values.zabbixAgent.extraPodLabels | nindent 8 }} 45 | {{- end }} 46 | {{- end }} 47 | spec: 48 | serviceAccountName: {{ template "zabbix.serviceAccountName" . }} 49 | {{- with .Values.zabbixProxy.extraPodSpecs }} 50 | {{- toYaml . | nindent 6 }} 51 | {{- end }} 52 | {{- with .Values.zabbixProxy.extraInitContainers }} 53 | initContainers: 54 | {{- toYaml . | nindent 8 }} 55 | {{- end }} 56 | {{- with .Values.zabbixProxy.nodeSelector }} 57 | nodeSelector: 58 | {{- toYaml . | nindent 8 }} 59 | {{- end }} 60 | {{- with .Values.affinity }} 61 | affinity: 62 | {{- toYaml . | nindent 8 }} 63 | {{- end }} 64 | {{- with .Values.tolerations }} 65 | tolerations: 66 | {{- toYaml . | nindent 8 }} 67 | {{- end }} 68 | containers: 69 | {{- if and .Values.zabbixAgent.enabled .Values.zabbixAgent.runAsSidecar }} 70 | - name: zabbix-agent 71 | resources: 72 | {{- toYaml .Values.zabbixAgent.resources | nindent 12 }} 73 | securityContext: 74 | {{- toYaml .Values.zabbixAgent.securityContext | nindent 12 }} 75 | {{- if .Values.zabbixAgent.image.tag }} 76 | image: "{{ .Values.zabbixAgent.image.repository }}:{{ .Values.zabbixAgent.image.tag }}" 77 | {{- else }} 78 | image: "{{ .Values.zabbixAgent.image.repository }}:{{ .Values.zabbixImageTag }}" 79 | {{- end }} 80 | imagePullPolicy: {{ .Values.zabbixAgent.image.pullPolicy }} 81 | env: 82 | - name: ZBX_HOSTNAME 83 | valueFrom: 84 | fieldRef: 85 | fieldPath: metadata.name 86 | - name: ZBX_SERVER_HOST 87 | value: {{ .Values.zabbixAgent.ZBX_SERVER_HOST | quote }} 88 | - name: ZBX_SERVER_PORT 89 | value: {{ .Values.zabbixAgent.ZBX_SERVER_PORT | quote }} 90 | - name: ZBX_PASSIVE_ALLOW 91 | value: {{ .Values.zabbixAgent.ZBX_PASSIVE_ALLOW | quote }} 92 | - name: ZBX_PASSIVESERVERS 93 | value: {{ .Values.zabbixAgent.ZBX_PASSIVESERVERS | quote }} 94 | - name: ZBX_ACTIVE_ALLOW 95 | value: {{ .Values.zabbixAgent.ZBX_ACTIVE_ALLOW | quote }} 96 | - name: ZBX_ACTIVESERVERS 97 | value: {{ .Values.zabbixAgent.ZBX_ACTIVESERVERS | quote }} 98 | - name: ZBX_DEBUGLEVEL 99 | value: {{ .Values.zabbixAgent.ZBX_DEBUGLEVEL | quote }} 100 | - name: ZBX_TIMEOUT 101 | value: {{ .Values.zabbixAgent.ZBX_TIMEOUT | quote }} 102 | - name: ZBX_LOADMODULE 103 | value: {{ .Values.zabbixAgent.ZBX_LOADMODULE | quote }} 104 | {{- with .Values.zabbixAgent.extraEnv }} 105 | {{- toYaml . | nindent 12 }} 106 | {{- end }} 107 | ports: 108 | - name: zabbix-agent 109 | containerPort: 10050 110 | protocol: TCP 111 | {{- with .Values.zabbixAgent.extraVolumeMounts }} 112 | volumeMounts: 113 | {{- toYaml . | nindent 12 }} 114 | {{- end }} 115 | {{- with .Values.zabbixAgent.livenessProbe }} 116 | livenessProbe: 117 | {{- toYaml . | nindent 12 }} 118 | {{- end }} 119 | {{- with .Values.zabbixAgent.readinessProbe }} 120 | readinessProbe: 121 | {{- toYaml . | nindent 12 }} 122 | {{- end }} 123 | {{- with .Values.zabbixAgent.startupProbe }} 124 | startupProbe: 125 | {{- toYaml . | nindent 12 }} 126 | {{- end }} 127 | {{- end }} 128 | - name: zabbix-proxy 129 | resources: 130 | {{- toYaml .Values.zabbixProxy.resources | nindent 12 }} 131 | securityContext: 132 | {{- toYaml .Values.zabbixProxy.securityContext | nindent 12 }} 133 | {{- if .Values.zabbixProxy.image.tag }} 134 | image: "{{ .Values.zabbixProxy.image.repository }}:{{ .Values.zabbixProxy.image.tag }}" 135 | {{- else }} 136 | image: "{{ .Values.zabbixProxy.image.repository }}:{{ .Values.zabbixImageTag }}" 137 | {{- end }} 138 | imagePullPolicy: {{ .Values.zabbixProxy.image.pullPolicy }} 139 | env: 140 | - name: ZBX_PROXYMODE 141 | value: {{ .Values.zabbixProxy.ZBX_PROXYMODE | quote }} 142 | {{- if .Values.zabbixProxy.ZBX_HOSTNAME }} 143 | - name: ZBX_HOSTNAME 144 | value: {{ .Values.zabbixProxy.ZBX_HOSTNAME | quote }} 145 | {{- else }} 146 | - name: ZBX_HOSTNAME 147 | valueFrom: 148 | fieldRef: 149 | fieldPath: metadata.name 150 | {{- end }} 151 | - name: ZBX_SERVER_HOST 152 | value: {{ .Values.zabbixProxy.ZBX_SERVER_HOST | quote }} 153 | - name: ZBX_SERVER_PORT 154 | value: {{ .Values.zabbixProxy.ZBX_SERVER_PORT | quote }} 155 | - name: ZBX_LOADMODULE 156 | value: {{ .Values.zabbixProxy.ZBX_LOADMODULE | quote }} 157 | - name: ZBX_DEBUGLEVEL 158 | value: {{ .Values.zabbixProxy.ZBX_DEBUGLEVEL | quote }} 159 | - name: ZBX_TIMEOUT 160 | value: {{ .Values.zabbixProxy.ZBX_TIMEOUT | quote }} 161 | - name: ZBX_JAVAGATEWAY_ENABLE 162 | value: {{ .Values.zabbixProxy.ZBX_JAVAGATEWAY_ENABLE | quote }} 163 | - name: ZBX_VMWARECACHESIZE 164 | value: {{ .Values.zabbixProxy.ZBX_VMWARECACHESIZE | quote }} 165 | {{- with .Values.zabbixProxy.extraEnv }} 166 | {{- toYaml . | nindent 12 }} 167 | {{- end }} 168 | ports: 169 | - name: zabbix-proxy 170 | containerPort: 10051 171 | protocol: TCP 172 | {{- with .Values.zabbixProxy.extraVolumeMounts }} 173 | volumeMounts: 174 | {{- toYaml . | nindent 12 }} 175 | {{- end }} 176 | {{- with .Values.zabbixProxy.livenessProbe }} 177 | livenessProbe: 178 | {{- toYaml . | nindent 12 }} 179 | {{- end }} 180 | {{- with .Values.zabbixProxy.readinessProbe }} 181 | readinessProbe: 182 | {{- toYaml . | nindent 12 }} 183 | {{- end }} 184 | {{- with .Values.zabbixProxy.startupProbe }} 185 | startupProbe: 186 | {{- toYaml . | nindent 12 }} 187 | {{- end }} 188 | {{- with .Values.zabbixProxy.lifecycle }} 189 | lifecycle: 190 | {{- toYaml . | nindent 12 }} 191 | {{- end }} 192 | {{- with .Values.zabbixProxy.extraContainers }} 193 | {{- toYaml . | nindent 8 }} 194 | {{- end }} 195 | imagePullSecrets: 196 | {{- range .Values.zabbixAgent.image.pullSecrets }} 197 | - name: {{ . | quote }} 198 | {{- end }} 199 | {{- range .Values.zabbixProxy.image.pullSecrets }} 200 | - name: {{ . | quote }} 201 | {{- end }} 202 | volumes: 203 | {{- with .Values.zabbixProxy.extraVolumes }} 204 | {{- toYaml . | nindent 8 }} 205 | {{- end }} 206 | {{- with .Values.zabbixAgent.extraVolumes }} 207 | {{- toYaml . | nindent 8 }} 208 | {{- end }} 209 | {{- with .Values.zabbixProxy.extraVolumeClaimTemplate }} 210 | volumeClaimTemplates: 211 | {{- toYaml . | nindent 4 }} 212 | {{- end }} 213 | {{- end }} 214 | -------------------------------------------------------------------------------- /charts/zabbix/templates/tests/test-server-connection.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.zabbixServer.enabled }} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-test-server-connection 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app: {{ template "zabbix.fullname" . }}-test-server-connection 9 | app.kubernetes.io/name: test-server-connection 10 | helm.sh/chart: {{ include "zabbix.chart" . }} 11 | app.kubernetes.io/instance: {{ .Release.Name }}-test-server-connection 12 | app.kubernetes.io/managed-by: {{ .Release.Service }}-test-server-connection 13 | annotations: 14 | "helm.sh/hook": test 15 | "helm.sh/hook-delete-policy": "hook-succeeded,hook-failed" 16 | spec: 17 | template: 18 | spec: 19 | {{- with .Values.helmTestJobs.nodeSelector }} 20 | nodeSelector: 21 | {{- toYaml . | nindent 8 }} 22 | {{- end }} 23 | {{- with .Values.tolerations }} 24 | tolerations: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | containers: 28 | - name: test-web-connection 29 | image: {{ .Values.helmTestJobs.serverConnection.image.repository }}:{{ .Values.helmTestJobs.serverConnection.image.tag }} 30 | {{- if .Values.helmTestJobs.serverConnection.image.pullPolicy }} 31 | imagePullPolicy: {{ .Values.helmTestJobs.serverConnection.image.pullPolicy }} 32 | {{- end }} 33 | securityContext: 34 | {{- toYaml .Values.helmTestJobs.serverConnection.securityContext | nindent 10 }} 35 | resources: 36 | {{- toYaml .Values.helmTestJobs.serverConnection.resources | nindent 10 }} 37 | command: ['nc'] 38 | args: ['-v', '-z', '{{ template "zabbix.fullname" . }}-zabbix-server', '{{ .Values.zabbixServer.service.port }}'] 39 | imagePullSecrets: 40 | {{- range .Values.helmTestJobs.serverConnection.image.pullSecrets }} 41 | - name: {{ . | quote }} 42 | {{- end }} 43 | restartPolicy: Never 44 | {{ end }} 45 | -------------------------------------------------------------------------------- /charts/zabbix/templates/tests/test-web-connection.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.zabbixWeb.enabled }} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ template "zabbix.fullname" . }}-test-web-connection 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app: {{ template "zabbix.fullname" . }}-test-web-connection 9 | app.kubernetes.io/name: test-web-connection 10 | helm.sh/chart: {{ include "zabbix.chart" . }} 11 | app.kubernetes.io/instance: {{ .Release.Name }}-test-web-connection 12 | app.kubernetes.io/managed-by: {{ .Release.Service }}-test-web-connection 13 | annotations: 14 | "helm.sh/hook": test 15 | "helm.sh/hook-delete-policy": "hook-succeeded,hook-failed" 16 | spec: 17 | template: 18 | spec: 19 | {{- with .Values.helmTestJobs.nodeSelector }} 20 | nodeSelector: 21 | {{- toYaml . | nindent 8 }} 22 | {{- end }} 23 | {{- with .Values.tolerations }} 24 | tolerations: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | containers: 28 | - name: test-web-connection 29 | image: {{ .Values.helmTestJobs.webConnection.image.repository }}:{{ .Values.helmTestJobs.webConnection.image.tag }} 30 | {{- if .Values.helmTestJobs.webConnection.image.pullPolicy }} 31 | imagePullPolicy: {{ .Values.helmTestJobs.webConnection.image.pullPolicy }} 32 | {{- end }} 33 | securityContext: 34 | {{- toYaml .Values.helmTestJobs.webConnection.securityContext | nindent 10 }} 35 | resources: 36 | {{- toYaml .Values.helmTestJobs.webConnection.resources | nindent 10 }} 37 | command: ['wget'] 38 | args: ['http://{{ template "zabbix.fullname" . }}-zabbix-web:{{ .Values.zabbixWeb.service.port }}'] 39 | imagePullSecrets: 40 | {{- range .Values.helmTestJobs.webConnection.image.pullSecrets }} 41 | - name: {{ . | quote }} 42 | {{- end }} 43 | restartPolicy: Never 44 | {{ end }} 45 | --------------------------------------------------------------------------------